Tag Archives: premiums

Premiums Climb as Ransomware Bites

Ransomware is on the rise and posing significant challenges for the insurance industry. Ransomware attacks soared by 485% last year compared with 2019, according to Bitdefender. Cybercriminals and state-sponsored hackers alike are employing ransomware to line their pockets and cause mayhem. The Colonial Pipeline, the Harris Federation, CNA Financial and Acer are just a few of the high-profile victims so far this year. 

Without proper planning and protection, a ransomware attack can sink a company. The average ransom cost is now $154,108, according to Coveware, and the average downtime caused is 21 days. 

As more and more victims pay up, cybersecurity insurance carriers are changing their products, increasing premiums, and limiting coverage. 

Attackers Targeting Insurance Providers

While cybersecurity policies covering ransomware used to be relatively easy to find and offer generous potential payouts, that’s no longer the case. Ransomware gangs have been doing their homework. They gain access to insurance company client lists and hack into networks to study individual policies for the purpose of uncovering maximum policy limits of targeted companies.

An anonymous spokesperson for the REvil ransomware gang was recently asked about targeting insurers in an interview for The Record, and said, “Yes, this is one of the tastiest morsels. Especially to hack the insurers first—to get their customer base and work in a targeted way from there. And after you go through the list, then hit the insurer themselves.”

Any insurer that responds to this onslaught with a blanket policy of not paying ransoms is soon under siege. Cybercriminals unleash coordinated attacks designed to make examples of these carriers and warn off other insurers that may be considering a similar no-pay policy. Inevitably this has impacted the coverage carriers offer. 

Insurers Building Experience

The silver lining here is that the cyber insurance industry has a vested interest in keeping costs, risk and recovery time down. To that end, insurers engage the very best incident responders with a proven track record. For a victim seeking a ransomware recovery specialist, a cybersecurity carrier might be the fastest and easiest route to the top talent. 

As insurers build a knowledge base and deal with the aftermath of more and more ransomware incidents, they are also gaining a deeper understanding of how to guard against such attacks. 

Organizations seeking consultation on what they might do to prevent ransomware infiltrating their networks, how to cope during an attack, and the fastest path to recovery can get solid advice from carriers. But all this experience comes at a price.

See also: 6 Cybersecurity Threats for Insurers

More Stringent Requirements and Fewer Options 

Any organization shopping for cyber insurance will find the market very different than it was just a few years ago. Many carriers are now refusing to insure for ransomware and those that do require solid proof that strong security controls are in place before they will issue any policy. Coverage scope and optional add-ons have been drastically reduced across the board, but particularly in industries with high exposure and susceptibility.

Even with every box ticked, the amounts that insurers are offering now are relatively limited. Premiums in general are higher, but for organizations considered to be high-risk with large limit requirements, policies may be prohibitively expensive. It’s important to remember that even with the climbing costs, cybersecurity insurance will still be cheaper than a breach for most organizations. A third-party assessment and strict requirement for strong controls can also prove invaluable in strengthening your security posture.

No Substitute for Proper Cybersecurity Planning

Ultimately, cybersecurity insurance is a complementary product that can help reduce business risk. It’s crucial to take appropriate steps to guard against ransomware and to fully plan and practice how to deal with an incident. Consider that the most likely way for ransomware to break in is through social engineering. Train your staff to spot phishing attacks and build response plans to investigate and deal with them.

Other smart protective actions include a regular patching procedure to ensure software is kept up to date, a comprehensive asset list that gives you a complete picture of company hardware, and properly protected off-site backups from a variety of points in time. Craft incident response and recovery plans to clearly delineate correct procedures and responsibilities and then test them in a mock attack to ensure you’re ready for the real thing.

If you are operating without coverage or your policy is coming up for renewal soon, make sure you dig into the details and fully assess your options. You may find that the budget you have allocated based on previous policies is no longer suitable. Just remember, the stronger your defenses are, the easier and cheaper it will be to secure a cybersecurity insurance policy that gives you the cover you need.

7 Reasons Why Health Premiums Are So High

As he blazed/thrashed/insulted his way to the White House, Donald Trump constantly claimed Obamacare was not working. According to Trump, it was a “disaster” that only he could fix. His criticisms have certainly been creative, such as this tweet about one of the perpetrators of the Boston Marathon bombing.

Whether Trump  can actually fix Obamacare remains to be seen, but he was right about one thing: Insurance premiums are on the rise. It’s estimated that in 2017 premiums will go up by approximately 24%.

Insurance companies like Aetna and UnitedHealthcare are pulling out of some markets after reporting significant losses, and other companies are significantly reducing the plans they offer.

But why exactly is this happening? What are the root causes?

While the issue is certainly complex, we do know some of the reasons costs keep rising. Here are seven primary reasons why Obamacare isn’t quite what everyone hoped.

Two Things You Need To Know

Before we depress you and make you worry about the future, let us give you two semi-good pieces of news. It’s not all gloom and doom.

The Increases Primarily Affect Those Who Purchase Their Own Insurance

First, it’s important to note that the rise in premiums primarily affects those who are purchasing their own insurance, like those who are self-employed. If you live in cubicle land or work for the man, you probably won’t feel the brunt of the increase in premiums.

Also, if you get your insurance through Medicaid, Veterans Affairs or Medicare, you probably won’t see much increase in your premiums.

However, those who shop in the insurance marketplace will find themselves staring at steeply increasing premiums. For now, you may be able to work from a beach while sipping a mojito, but soon you may need to start drinking Bud Light. Let’s hope that doesn’t happen. You may not be working for the man, but you’ll giving more money to the man.

Those Who Are Willing to Shop Around Will Probably Be Relatively Safe

If you get a government subsidy to offset the cost of your insurance premiums and are willing to shop around for a new plan, you may not be hurt by the increase in premiums. There are various plans available in the insurance marketplace, some more expensive than others. If you’re willing to switch to a new plan, you can probably find one that doesn’t gouge you so deeply.

But this is one of the problems with Obamacare. It usually covers a narrow selection of doctors and hospitals, and if you switch plans you may need to find a new doctor. If you’ve got challenging or complex health issues, this can be a big deal, especially if a particular doctor has been treating you for years. Unfortunately, this means that those who are in the worst health may get hit the hardest by the rate increases.

If you don’t want to switch plans, you always have the option of becoming independently wealthy. Of course, this can be a bit more difficult than switching plans unless you happen to have a rich relative.

See also: How to Push Back on Healthcare Premiums  

Now let’s talk about why premiums are going up.

Reason #1: Predictions Weren’t Very Good

Wait, you mean when the insurance companies and the government teamed up, they actually made some mistakes? But they both have such sterling reputations for efficiency!

It turns out that the health insurance companies underestimated how much it would cost them to insure those who weren’t already covered. A 2015 report found that insurance companies lost $2.7 billion in the individual market, in part because they had to cover more claims than expected. Insurance companies aren’t really in the business of losing money, and now they’re scrambling to make up for what they lost.

On top of this, those patients who are the sickest generate about 49% of the healthcare expenditures. This unequal distribution of costs complicates the estimates and means some companies are losing money.

Now that insurance companies actually understand the pools of patients, they’re adjusting premiums to account for the actual costs, which are way higher than they estimated.

Reason #2: Insurance Companies Are Bailing Out

Leading the way in the “Things That Aren’t Surprising” category is that many insurance companies are discontinuing plans that lose money. Additionally, some companies such as United Healthcare and Aetna are completely exiting some markets, leaving very little competition. In some states, there is a single insurance provider, allowing it to raise rates without consequence.

In 2017, it’s expected that the number of healthcare providers will drop by 3.9% in each state. As we all learned in introductory economics, less competition equals higher prices.

Reason #3: Healthcare Costs a Lot

Remember last year when the price of EpiPens started skyrocketing and people were saying, “We’ll die without them!” and the producer said, essentially, “Well, it stinks to be you!”? People got rightfully upset because that was a pretty low move to pull.

Unfortunately, rising medical costs aren’t just happening to EpiPens. Generally speaking, medical costs have been rising at about 5% each year, but some think they’re going to go up even more. Unfortunately, Obamacare is at least partially to blame for this.

Newer treatments tend to be very expensive, and now even the sickest people have access to health coverage. This, in turn, means that they have access to the pricey treatments they never had access to before. As their expenses are covered, overall costs for all people are increased.

As Sean Williams wrote:

The reason insurers are coping with substantially higher costs for Obamacare enrollees is actually pretty easy to understand. Prior to Obamacare’s implementation, insurers had the ability to handpick who they’d insure. This meant people with pre-existing conditions, who were potentially costly for insurers to treat, could be legally denied coverage. However, under Obamacare insurers aren’t allowed to deny coverage based on pre-existing conditions.

Now could be the time to begin experimenting with those homeopathic cures we’ve been hearing about all these years, like rubbing cucumbers on our feet or bathing in olive oil. Purchasing hundreds of gallons of olive oil is probably cheaper than premiums will be.

See also: More Transparency Needed on Premiums  

Reason #4: Some Government Subsidies for Insurers Are Ending

Since 2014, the government has provided some subsidies to marketplace insurers that cover higher-cost patients. These subsidies significantly reduced the cost to insurance companies and made them more inclined to work through the problems.

But this program is ending in 2017, and it’s expected that premiums will go up 4% to 7% as a result.

Reason #5: It’s Not Easy to Fix a Giant Market

Unfortunately, fixing a giant market like health insurance isn’t simple. This should surprise absolutely no one. First, the government is involved. Fixing anything government is always a nightmare, taking years of meetings, proposals and backroom deals. Second, the healthcare industry is involved, which is only slightly less unwieldy than the government.

Getting both of these entities to actually make progress is like trying to convince an elderly person that rock ‘n roll doesn’t sound like pots and pans banging together.

Lots of solutions have been proposed, but a single, straightforward solution has not been adopted.

Reason #6: The Market Is Smaller Than Expected

Chalk this one up to yet another miscalculation by the government. It turns out that significantly fewer people are enrolled in the insurance marketplace than expected. Like, 50% less.

Young adults in particular aren’t signing up, probably due to the fact that the penalty for not signing up has only been around $150.

A smaller market means that insurance companies can’t absorb the cost of particularly ill patients as easily. In larger cities, enough people may enroll to spread out the risks, but in smaller areas insurance companies are hit hard.

This, of course, causes insurance companies to pull out, increasing the problem even more.

Reason #7: The Rules Aren’t Helping Things

One of Obama’s big selling points for his healthcare plan was that insurance companies wouldn’t be able to deny coverage to those with preexisting conditions. This sounds great in the public square but doesn’t always work well in reality.

Currently, the government forces insurance companies to cover people but doesn’t offer the companies assistance when their costs exceed their revenues. If an insurance company doesn’t think it will make money, it will pull out faster than Donald Trump says something ill-advised.

See also: A New Way To Pay Long Term Care Insurance Premiums – Tax Free!  

Conclusion

It’s easy to be critical of Obamacare, but we should also recognize the great things it has achieved. Many people who would never have received medical coverage have been able to get the treatments they desperately wanted.

Will the problems be fixed? Let’s hope. But as we’ve seen, creating a solution that works for both consumers and insurance companies isn’t easy.

This article originally appeared at Life Insurance Post and has been republished with the permission of lifeinsurancepost.com.

Why Insurers Caught the Blockchain Bug

In April 2015, Lloyd’s of London launched the Target Operating Model (TOM) project. TOM is a central body responsible for delivering modernization to the still heavily paper-based wholesale insurance transactions in the London insurance markets.

You can state, “I Support TOM,” on a registration site or you can “like” TOM on social media. The project has had several “innovation” events. It has an orange logo reminiscent of the 1990s, when orange was the new black. The project has even tried to coin yet another tech mashup term for the London insurance markets surrounding Lloyd’s: InsTech.

This is not the first time the London insurance markets have tried to modernize. They are serial reformers, and their attempts have had varying degrees of success (from total failure to middling impact).

Limnet (London Insurance Market Network) made progress with electronic data interchange in the 1980s and early 1990s. Electronic Placement Support (EPS) worked in the late 1990s, but few used it. Kinnect, at a cost conservatively quoted as £70 million, was abandoned in 2006. Project Darwin, which operated from 2011 to 2013, achieved little. The Message Exchange Limited (TMEL) is a messaging hub for ACORD messages that has had modest success, but most people still use email.

Numerous private exchanges or electronic messaging ventures have gained only partial market shares. Xchanging Ins-Sure Services (XIS), a claims and premiums processing joint venture, was formed in 2000 and runs adequately but still has a lot of paper involved.

A swift walk round Lloyd’s, perhaps passing by the famous Lamb Tavern in Leadenhall Market, reveals a lot of heavy bundles of paper, lengthening the arms of long-term insurers.

Does ontogeny recapitulate phylogeny?

Ernst Haeckel (1834–1919) was a German biologist and philosopher who proposed a (now largely discredited) biological hypothesis, the “theory of recapitulation.” He proposed that, in developing from embryo to adult, animals go through stages resembling or representing successive stages in the evolution of their remote ancestors. His catchphrase was “ontogeny recapitulates phylogeny.”

In a similar way, TOM seems to be going through all the previous stages of former wholesale insurance modernization projects, databases, networks and messaging centers, but it may come out at the end to realize the potential of mutual distributed ledgers (aka blockchain technology).

Information technology systems may have now evolved to meet the demanding requirements of wholesale insurance. And wholesale insurance differs from capital market finance in some important ways.

First, insurance is a “promise to pay in future,” not an asset transfer today. Second, while capital markets trade on information asymmetry, insurance is theoretically a market of perfect information and symmetry—you have to reveal everything of possible relevance to your insurer, but each of you has different exposure positions and interpretations of risk. Third, wholesale insurance is “bespoke.” You can’t give your insurance cover to someone else.

These three points lead to a complex set of interactions among numerous parties. Clients, brokers, underwriters, claims assessors, valuation experts, legal firms, actuaries and accountants all have a part in writing a policy, not to mention in handling subsequent claims.

People from the capital markets who believe insurance should become a traded market miss some key points. Let’s examine two: one about market structure, and one about technology.

TIn terms of market structure: People use trusted third parties in many roles—in finance, for settlement, as custodians, as payment providers and as poolers of risk. Trusted third parties perform three roles, to:

  • Validate — confirming the existence of something to be traded and the membership of the trading community
  • Safeguard — preventing duplicate transactions, i.e. someone selling the same thing twice or “double-spending”
  • Preserve — holding the history of transactions to help analysis and oversight and in the event of disputes.

Concerns over centralization

The hundreds of firms in the London markets are rightly concerned about a central third party that might hold their information to ransom. The firms want to avoid natural monopolies, particularly as agreed information is crucial over multi-year contracts. They are also concerned about a central third party that must be used for messaging because, without choice, the natural monopoly rents might become excessive.

Many historic reforms failed to propose technology that recognized this market structure. Mutual distributed ledgers (MDLs), however, provide pervasive, persistent and permanent records. MDL technology securely stores transaction records in multiple locations with no central ownership. MDLs allow groups of people to validate, record and track transactions across a network of decentralized computer systems with varying degrees of control of the ledger. In such a system, everyone shares the ledger. The ledger itself is a distributed data structure, held in part or in its entirety by each participating computer system. Trust in safeguarding and preservation moves from a central third-party to the technology.

Emerging techniques, such as smart contracts and decentralized autonomous organizations, might, in the future, also permit MDLs to act as automated agents.

Beat the TOM-TOM

Because MDLs enable organizations to work together on common data, they exhibit a paradox. MDLs are logically central but are technically distributed. They act as if they are central databases, where everyone shares the same information.

However, the information is distributed across multiple (or multitudinous) sites so that no one person can gain control over the value of the information. Everyone has a copy. Everyone can recreate the entire market from someone else’s copy. However, everyone can only “see” what their cryptographic keys permit.

How do we know this works? We at Z/Yen, a commercial think tank, have built several insurance application prototypes for clients who seek examples, such as motor, small business and insurance deal-rooms. The technical success of blockchain technologies in cryptocurrencies—such as Bitcoin, Ethereum and Ripple—have shown that complex multi-party transactions are possible using MDLs. And, we have built a system that handles ACORD messages with no need for “messaging.”

Z/Yen’s work in this space dates to 1995. Until recently, though, most in financial services dismissed MDLs as too complex and insecure. The recent mania around cryptocurrencies has led to a reappraisal of their potential, as blockchains are just one form of MDL. That said, MDLs are “mutual,” and a number of people need to move ahead together. Further, traditional commercial models of controlling and licensing intellectual property are less likely to be successful at the core of the market. The intellectual property needs to be shared.

A message is getting out on the jungle drums that MDLs, while not easy, do work at a time when people are rethinking the future of wholesale insurance.

If TOM helps push people to work together, perhaps, this time, market reform will embrace a generation of technology that will finally meet the demands of a difficult, yet essential and successful, centuries-old market.

Perhaps TOM should be beating the MDL drums more loudly.

Reimagining Insurance in 2016

After more than 20 years in the insurance industry, working on three continents in various product lines and capacities, I have seen many changes occur alongside a notable constant: Insurance consumers want to pay less, and insurance company returns don’t satisfy shareholders.

Therein lies the rub. The conventional way to increase returns has been for insurers to increase premiums (based on what is presumed to be a fixed risk level), but that approach is contrary to the client’s desire. Yes, insurers also look to improve operational efficiency and claims handling, but those efforts are yielding diminishing returns.

Why not take a different tack and really focus our efforts on reducing the cost of risk? We’d then diminish the tension between insurers and their clients. Client premiums would drop, and insurers’ profitability would rise.

Like many, I believe that insurance is on the cusp of dramatic change. Insurers that thrive will put risk reduction at the forefront of their value proposition. That risk reduction will translate into lower premiums for diminished risk. Clients, and society at large, will be the ultimate winners.

The increasing availability and variety of data, more sophisticated tools to extract insights from that data and technology to cost-effectively support risk reduction will fuel this evolution. Insurers will need to rebalance their resource deployment away from the evaluation of risk for the purpose of assuming liability (underwriting) to the evaluation of risk for the purpose of reducing risk (risk consulting). Clients will come to expect insurers to provide advice on actions they can realistically employ AND the savings they will be guaranteed if they take those actions.

Whether change displaces current insurers or they evolve remains to be seen. Some insurance executives see a future of insurance that delivers a different value proposition to clients. We see a value proposition that primarily focuses on reducing the cost of risk. Insurers will increasingly supplement expertise with data, analysis and technology focused on reducing the cost of risk. They see a future where the industry unlocks the insights in insurers’ own data, integrates external sources as they become available and closes information gaps that exist. They see a future where clients are empowered with clear, objective risk measures that allow them to control their risk level … and their premiums.

In this future, insurers become tech companies where the insurance policy covers the limited remaining risks and in essence serves as a warranty of the risk services provided.

My discussions leave me optimistic that there are like-minded executives who see a different value proposition for insurers. But most I have spoken with draw the conclusion that neither their company nor any they know has the critical mass of support necessary to drive change.

To adapt and stay viable, insurance companies need to think about how evolutions in technology and data science can benefit clients and reshape business models. My goal is to encourage that debate.

I’ll be introducing a topic and perspective every other week that will focus generally on evolutions in the industry and the power of technology to transform the way risk is quantified, along with associated pitfalls. Each piece will conclude with a polling question and, depending on the volume of response, these results will be published.

Coming topics will include:

New Data and New Tools: When we think of data, most think of text and numbers that has been organized. By expanding our thinking, we can add satellite imagery, sensor-derived data, the Internet of Things (IoT), traffic cameras, customer service phone call recordings, pictures and many other potentially valuable sources. Imagine being able to analyze traffic light cameras to understand real-time risk at intersections. Imagine crowdsourcing the analysis of satellite and aircraft imagery to identify properties affected by natural disasters. Imagine being able to review a snapshot of a damaged automobile and adjust many claims without human intervention. Research, and in some case practical applications, exist in these and many other areas. We need to identify the information we need to know to understand risk and then either find the data that will help us or create our own. How do we ensure that the insurance industry is at the forefront of collecting, generating, integrating and analyzing all forms of data to drive deeper insights?

Data, Data Everywhere but Not a Drop for (Clients) to Drink: Every insurance company collects and generates a tremendous amount of data. Some of that data is structured; a much larger volume is memorialized in pdf files, pictures and customer service call recordings. While potentially useful for clients, the data is rarely made available at all and even more rarely in a format that provides insights. Insurers are investing in using that information to drive better claims outcomes, better risk segmentation and better internal processes. Clients expect to benefit from insurers’ resources but generally don’t get the insight they need to effect change. What would it mean if we insurers transformed our business model so that data-driven insights and risk mitigation strategies replace risk transfer as the core of value proposition?

Risk Mitigation Strategies and New Technologies: Imagine being able to identify the moment a risky behavior is occurring and having the ability to automatically intervene or alert the appropriate person. In some realms, that possibility already exists. Applications exist to alert drivers to their own risky behavior. Active technology exists to automatically apply the brakes to prevent collisions. Yet even where appropriate data exists, insurers are hesitant to make definitive recommendations based on specific technologies. Insurers are unique in that they price risk and ensure the realization of financial benefits from investments in risk reduction. Should we as an industry more actively become creators or advocates of risk technology? Can we have enough faith in our recommendations to integrate benefits immediately in prices? Does the traditional insurance policy become a form of warranty that our risk advisory services are effective?

Transparent Risk Indices: We are about to enter an information age where it is possible to quantify risk objectively in real-time. Creating risk indices, making them transparent and using them as the basis for establishing price would give clients confidence in the objectivity of the process and confidence that if they invest in changing those indices they will immediately get the benefit. The indices will also give non-insurance risk capital providers the opportunity to deploy capital against and trade risks that previously lacked the transparency. What can we learn from other financial services that have developed transparent risk indices that allowed capital to be deployed against those risks from a wider variety of sources?

Top 10 InsurTech Predictions for 2016

2015 was the year that InsurTech emerged from the shadow of Fintech. This story has been told through my last 40 research notes published on DailyFintech.com over the past eight months. Including 28 interviews with the CEOs and founders of InsurTechs, this story spans the globe from the U.S. to China, from South Africa to Estonia, and a few stops in between.

So, what does this tell us about the next chapter of this story? Here, I give you my Top 10 InsurTech predictions for 2016.

slide1

In no particular order…

Prediction #1

Insurers will create lifestyle apps that provide additional consumer value on a continuing basis. Continuous consumer engagement will start to replace price as the key buying criterion. The result will be sticky insurance with strong brand loyalty.

Prediction #2

The person-to-person (P2P) insurance business model will struggle to reach scale in its current form. This will drive the P2P insurers to find new ways to replace the traditional carrier model, and we will see signs of a completely new business model for insurance. That will scale.

Prediction #3

Much greater levels of personalized rating will become widely available using new sources of data from technology such as wearables, the Internet of Things and smartphone apps. This will lead to variable premiums over the policy term to encourage better behavior (although insurers will hold back and not introduce corresponding punishments in 2016).

Prediction #4

“All in one policy” cover (aka, all-risks insurance) will emerge for consumer protection. Policyholders will be able to insure their lifestyle (their home, motor, dog, holidays, iPhone, treasures, travel) in a single policy based on highly personalized risk assessment through a digital platform.

Prediction #5

“All in one place” platforms (aka a concierge service) will replace traditional intermediaries with a digital broker. These services will consolidate multiple policies, converge with financial planning tools and provide robo-advice on gaps and duplication in cover.

Prediction #6

New entrants will come into the market with highly sophisticated data modeling and predictive analytics solutions. They will exploit mass-scale technologies, high-performance computing and techniques developed in high-frequency trading.

Prediction #7

Convenience and the ability to digitally turn insurance cover on and off as needed will be steadily accepted and adopted. As will microinsurance, sharing insurance and pay-per-mile. Unit premiums will be higher, but this will be outweighed by Millennial attitudes toward insurance cover and paying a price for convenience.

Prediction #8

The poorest in our world are the ones who need insurance the most. In 2016, the insurance industry will (finally) start to better serve the massively underinsured populations in developing countries. This will be driven by a combination of the massive market opportunity that exists for insurance, global economic forces and a socio-political agenda.

Prediction #9

There will be widespread deployment by traditional insurers of new digital solutions to reduce cost of claims and loss handling. Serving both ends of the insurance workflow, these tech solutions will enable better collection of data and evidence to improve risk rating at the front end and the claims handling processes, especially at first notice of loss (FNOL), at the back.

Prediction #10

2017 will be the year of block chain and insurance. No list of predictions would be complete without reference to block chain, but IMHO it is going to take all of 2016 for the insurance industry to get to grips with what block chain is, what it can really do for insurance and (most important) why we should use block chain as opposed to any other database or enabling technology.

Don’t get me wrong, for I am squarely in the camp that believes “block chain is the next Internet.” And we will continue to see a lot of block chain insurance activity throughout the year. But adoption in insurance won’t take hold until we’ve seen 2016 out.