Anthony Smith and Dennis Cox
Introduction
Insurance and risk management are always inextricably linked. Recent innovations in the regulatory field, however, have brought this into even sharper focus. In general, the idea of insurance is for the losses of the few to be picked up by the many—as such, it is to cover what might be best described as unexpected losses.
One of the key issues that needs to be considered from the beginning is whether insurance really mitigates risk. The Basel Accord allows for insurance to be a mitigator, but only under narrow regulations. These include that:
- Coverage must be certain; and
- Payment must be guaranteed.
The concern from the regulators’ point of view is simple. They want to ensure that the insurance payments are available to the financial services firm to compensate immediately for the loss of capital. If there is a significant delay in processing a significant claim, then the financial institution will have failed prior to funds being received from the insurer—clearly an unacceptable state of affairs. Therefore, whether insurance can ever work effectively as a risk mitigator must be open to significant doubt.
This leads to the first question—is the line the regulators are taking actually too firm? Clearly, the purpose of insurance is to cover the high-value, low-frequency losses that really concern us. That is why the market evolved in the first place. Within any risk management framework, it is clear that insurance plays a significant part and will therefore also need to be specifically included. Therefore, we would expect that the regulators would at least take some notice of the existence of the insurance and provide a mitigational benefit to the firm in the Pillar 2 capital charge, if not in the Pillar 1 charge. If the regulators do not provide this benefit, what is the true value of insurance—does it add value to a financial services firm? Do firms tend to insure the losses they cannot afford to incur or those that are regularly incurred—effectively some form of rather clumsy departmental interchange fee? Is there anything coming into the market that would change this?
These are the challenges that we see for the industry and one that the industry is being slow to grasp.
Insurance Risk
The nature of insurance is, and always has been, a form of risk-transfer mechanism. The premium payments of the many protect the significant losses incurred by the unfortunate few. From a personal point of view, we all know that this is true, as is seen with typical personal lines of insurance cover, motor and travel insurance. Yet we are still left with the thought that, when we have not had a claim for a year, was the insurance really worth the premium?
In some way, we almost expect to make a return on our insurance premium, something that is clearly not possible. The same approach also applies to companies, where the debate can often be whether the level of insurance is right and also whether the premium is justified. Yet this debate is not normally taken using a full risk management viewpoint.
Then we have to deal with the issue of coverage. Firms are continually concerned that the type of event that actually occurs will not be covered by their insurance policies. Even with personal life, critical illness, property, travel, or car insurance, there are still a series of detailed exceptions and exclusions. Common to all policies is the often-quoted “Acts of God” exclusion. This can mean that major external events, such as earthquakes and flooding, may actually not be covered by the standard policy and additional cover will need to be taken out. Provided, however, that you have a valid claim under the right policy for the right period and the right amount, have notified the insurer in accordance with the requirements of the policy and are actually entitled to some recompense by not falling within stated exclusions, then generally there is a payout. In fact, we do see cases where the insurance company actually makes payment even though the event is outside the true coverage of the policy, either for reasons of goodwill or due to concerns about the application of an exemption or exclusion.
Therefore, most of the time insurance is a valuable risk mitigator for the average person in the street and also for the average company operating in the financial services sector.
Insurance Risk and the World Trade Center
In the complex world of commercial insurance, the tangled web of policy wordings can become even more involved and result in policies that do not meet the needs of the large multinational company. One of the most famous and recent examples of this was with the 9/11 tragedy and its impact upon the insurance industry in the case of the claims on the World Trade Center.
The World Trade Center consisted of two towers, surrounded by a range of other buildings. From inception, we understand that each of the towers had been insured separately, but this changed a short while prior to 9/11 when the ownership of the World Trade Center changed. From a risk management viewpoint, the World Trade Center was a high-profile site and therefore suffered a higher level of risk premium than other comparable buildings.
There had been occasions when either terrorist events had occurred or there had been damage caused by planes. Some of the terrorist events had been significant and caused major damage to one or other of the towers; however, it had always been only one tower affected, not two. There had never been two events at the same time that would both bring down a tower, so the new company changed the insurance contract.
We understand that the new cover was such that the cover floated between the two towers. If there were two separate terrorist events, then each would separately access the insurance policy. If there was only one terrorist event, however, then the total loss of both towers would be trying to access the same policy and effectively one of the towers would not be insured. The insurance policies of the World Trade Center represent an interesting case and one that could spend many a happy year in litigation. What this demonstrates quite clearly is how risk management impacts upon insurance—the decision to change the insurance cover was taken based on the following:
- internal loss data of the impact of previous events on the World Trade Center;
- external loss data showing the impact on other buildings of catastrophic failure through either accident or terrorism;
- management’s judgment on the level of risk arising on the buildings;
- the cost of the premium;
- the coverage that was available at the point in time; and
- management’s own view about the importance of insurance and the level of residuary risk that it would be willing to take.
What is unusual is for the insurance manager to see the calculations that they have made being shown to be incorrect so soon after the insurance was negotiated. So what had they got wrong?
The World Trade Center event was actually two different types of event occurring at the same time—a terrorist strike and an aeroplane hitting a building. An aeroplane strike is always possible for a large building—they are large and in the air, so planes hit them. Often this is through accident (we got lost) or deliberate action (I want to commit suicide and really want to go out with a bang). What had not happened before was a terrorist strike using an aeroplane as the bomb. This made the event less likely, but it does not eliminate it from the calculation—and if a terrorist can go for one building, why not both? They might just want to increase the chance of getting one right.
To make matters worse, it later transpired that the final policy wordings were still being finalized and often it takes years for underwriters to agree what is covered and by whom.
Insurance Policy Wording
For that matter, what of the other buildings in the areas that were also affected by the same catastrophic terrorist incidents, even though they were not directly struck by either of the two planes involved? Companies close to the site suffered significant disruption through loss of communications and the ability to travel. Many lost the use of their buildings due to contamination from the collapse of the World Trade Center—asbestos dust blew everywhere and made areas unusable. Would these losses for companies not directly affected be covered?
This will always go down to the specific terms of the wording within an individual insurance policy. In the London market, there are currently in excess of 20 different bankers’ blanket bond policies available and each has different, detailed wording requirements. Clearly, what is required are simpler and more consistent policy wordings such that everyone knows what a particular policy will cover—and what it will not.
Many of the problems of insurance policy wordings in the UK are being tackled by an initiative launched by John Tiner (the then CEO of the FSA) known as “contract certainty” to produce greater clarity in contract terms and to avoid the kind of misinterpretation that can leave many widows and orphans without financial security when disaster strikes. The concept of “deal now, detail later” was a common practice in the UK in 2004 and the industry was given two years to clean up its act or face regulatory intervention. The FSA has certainly pushed insurance companies toward greater clarity of wording and according to the FSA, 88 percent of insurance companies in the non-subscription market are now achieving contract certainty.
The Profit Paradigm
In order for insurance companies to make money, they must take risks but they cannot afford for one particular risk to cause the downfall of the firm. The greater the risk that is to be covered by the insurance company, the greater the premium that the insured will have to pay; this has always been the way that the market operates. The cost of insurance and the insurance market continues to operate on that basis. Terrorist insurance is seen by many firms as being too high and therefore they do not take coverage for this type of event. The consequence of this is that when the terrorist event strikes the firm, they are not covered. It may well be an unlikely event, but the impact can be catastrophic for a company. We hope that more firms will properly assess their risks when purchasing insurance to make sure they acquire sufficient insurance to cover the totality of the major risks that the company is suffering.
As we have said, the Basel Accord allows for insurance to be a risk mitigator but only within narrow limits. Certainty of coverage and prompt payment are essential to meet these criteria. With so much uncertainty around policy wordings and what is meant by unfair contract terms, these objectives may not be fully met by the average insurance policy.
Taken to extremes, it may be argued that insurance is of no use to a typical financial services firm, which may be better off simply self-insuring and setting aside sufficient capital to meet potential risks. Insurance could be seen as a final back-up for those catastrophic losses firms cannot afford, while leaving regular losses to a more sophisticated form of risk management strategy and self-insurance. On the other hand, many firms actually take out insurance to cover what are, in effect, routine losses, leaving “Acts of God” as uninsured losses.
Compulsory insurance can play its part in covering the more routine insurance risks such as employer’s liability cover. In the UK, for example, potential routine losses are to be covered by an insurance policy as a legal requirement. Other risks can be assessed by probability versus impact using a range of risk mitigation techniques, including insurance, to manage the most probable or that with the biggest impact accordingly.
For a large group within financial services, it is likely the parent company will actually own an insurance company—the Allfinanz principle. These firms will use reinsurance to manage their risks, with liability passing through many different hands to meet some of the biggest claims. These reinsurance arrangements present their own challenges in deciding how much to offset to another insurer and what limits to impose to meet their own capital adequacy requirements. Captive insurers like this, it may be argued, do not provide quite the same level of risk mitigation as going elsewhere, given the group is effectively insuring its own risks.
Another problem with many insurance policies is the fact that underwriters may class some incidents as uninsurable or impose terms that are so restrictive as to make them of no particular use. This kind of behavior leads many firms to consider whether it is worth insuring at all, especially the difficult risks where restrictive terms make risk transfer mitigation impossible.
Another consideration with insurance is the effective deployment of capital. For most banking organizations, the more money they have on the street in the form of loans the more money they can make. Effective insurance enables more economic capital to be released as it will not be required to cover losses that are now the subject of insurance, thus affecting the profitability of the bank. A balance then has to be struck between retaining capital as a form of self-insurance and trying to release as much of that capital as possible to achieve a profitable return. This is where insurance as a risk mitigator can come into its own, allowing more of the bank’s capital to be deployed.
The experience of Lloyds with asbestosis and major losses demonstrates how the variety of risk is challenging the way insurance is used to mitigate risk and a desire to look for alternative forms of cover emerges. There are many ways to manage risks and the whole range of risk mitigation processes and procedures needs to be brought together, with insurance being only part of the overall picture. These changing risks challenge insurance as being at the center of a risk mitigation process, with many competitors to its pre-eminence in the risk mitigation process. This means that when the risk manager is deciding which risks to cover and the level of coverage that is appropriate, then the general risk management department modeling techniques will also be used. What we do not want is for the insurance department to undertake separate, additional, and inconsistent modeling with that conducted by the risk management department.
Certainly, insurance cannot always deal with the unexpected or catastrophic loss that can affect many organizations. There is no policy that will cover an event regardless of its value, there is always a cap and there is always a limited amount of capital available in the markets. With the continuing focus on capital adequacy and senior management responsibility, many firms have been forced to close their doors due to poor management, resulting in regulatory censure without the ability to secure sufficient capital to deal with the problems and continue to trade. Regulatory censures, rogue traders, and diverse international operations make the business of risk management extremely difficult to pin down and almost impossible to target a particular risk through traditional insurance products.
It is one concern that the capital markets are so much greater than the insurance markets in terms of capital values. The consequence of this is that the insurance market cannot provide the level of coverage that the financial institutions may actually want, with firms instead taking what they can get. Again, we are looking for a growth in the capital available in the insurance market to enable greater coverage to be provided. This could arise through additional linkage between the insurance markets and the capital markets and the development of additional and innovative instruments.
Conclusion
If insurance is faced with so many challenges, it is easy to ask whether it has any real value at all. Perhaps firms simply insure the losses they cannot afford to bear or that occur regularly in a clumsy, departmental interchange fee. There are many factors affecting the use of insurance but it still remains a key factor in any risk transfer mechanism if appropriately managed. We are looking for the market to introduce greater product standardization in clear English, to enable coverage to be clearly understood. We also expect there to be a move to increase the capital available to the insurance industry through the development of innovative financial instruments that breach the gap between the insurance markets and the much larger capital markets.
Finally, we expect the insurance managers to be based within the risk manager function, recognizing that insurance is just one of the tools in the risk manager’s toolbox.