Category Archives: Business Risk

Roundup: How the federal government shutdown is affecting its agencies

By Jennifer Ha,  Head of Editorial and Publications, Insurance Information Institute

According to the New York Times, the current shutdown is one of the longest ever. While there have been 21 gaps in government funding since 1976, the level of shutdown has varied. Before 1981 most agencies could continue operations by cutting non-essential functions. In the media, various reports have emerged how different agencies have been affected.

While some agencies also receive funding from elsewhere, and have limited operations, others have mandated employee furloughs. On January 9 Dr. Scott Gottlieb, commissioner of the Food and Drug Administration, announced that the agency had ceased routine food safety inspections of seafood, fruits, vegetables and many other foods at high risk of contamination, such as clams, mussels, oysters and other bivalves. The seafood inspection program is run by the National Oceanic and Atmospheric Administration, whose inspectors are working without pay, as are meat and poultry inspectors. 

The National Transportation Safety Board has been unable to investigate 10 new crashes in which 22 people died, and the circumstances of seven plane crashes in which 13 people were killed, two fatal railroad crashes, a highway crash in which seven people died and an incident in which a school bus collided with a tractor-trailer, injuring 15. According to the Transportation Security Administration, there has been “no degradation in security effectiveness” and staffing is adequate, amid warnings from U.S. airport security workers and air traffic controllers that security and safety could be compromised and employee call-outs.

On Dec. 28 the Federal Emergency Management Agency (FEMA) reversed its decision to halt the issuing and renewal of federal flood insurance plans, which could have disrupted up to 40,000 new home sales each month, according to the National Association of Realtors (NAR). However, rural and suburban homebuyers who depend on mortgage loans from the U.S. Department of Agriculture through private lenders have been stymied by the shutdown. The post-Hurricane Maria recovery will be unaffected, according to a FEMA spokesperson.

The newly created Cybersecurity and Infrastructure Security Agency will be unable to protect against cyber and physical threats to infrastructure, according to a report. Another report from NBC News provides an overview of how other agencies are being affected.

 

Step into the shoes of a cybercriminal with WhatTheHack

Munich Re has designed a fun and educational game that lets the user play the part of a hacker, pick a target, and guess the damage caused. Designed in a nostalgic 80’s 8 bit style, WhatTheHack uses real-life case studies. You can choose from targets including a cookie factory, a hospital or a dating website. You also get your choice of attack strategies. Try it out and see if you can get your name on the leader board by correctly answering questions about the impact of each attack.

Cyber incidents hit one of every 10 U.S. small businesses last year yet only 31 percent of them have cyber insurance. Ten percent of the small businesses surveyed had one or more cyber incidents in 2017, resulting in a typical loss of $188,400, an increase of $73,000 from the year before. Read more about it here.

University of Illinois at Urbana-Champaign Has Insured Itself Against Enrollment Drops

If it has a price, it can be insured. Apparently, that also includes insuring against drops in college enrollment.

The Chronicle of Higher Education recently reported that the University of Illinois at Urbana-Champaign has had an insurance policy in-force since 2015 that would pay for lost revenue if Chinese student enrollment declines.

According to the article, the policy works roughly as follows:

  • The university pays over $400,000 in premium per year for a coverage limit of $60 million.
  • The policy triggers if revenues decline at least 20 percent in a single year following a drop in Chinese student enrollment in its business and engineering schools.
  • Covered triggering events include things like visa restrictions, pandemics, and trade wars.

This policy may seem strange, but it’s basically a type of business interruption insurance, which covers a business’s lost revenue and some expenses following a covered event, like a fire or hurricane. What makes the University of Illinois policy interesting is that it appears to be insuring against some American political events as well.

A brief history of ransom insurance

Did you know that ransom insurance is one of the oldest insurance coverages out there?

People needed insurance because of pirates

Beginning in the early 16th and continuing into the 19th century, state-supported pirates and privateers operating out of North African coastal cities (the “Barbary States”) preyed upon European and colonial commercial shipping.

One lucrative practice was to capture a ship and sell everyone on board into slavery. We don’t know exactly how many people were captured over the centuries, but they probably numbered in the hundreds of thousands. You may have even heard of one particularly famous captive: Miguel de Cervantes, author of Don Quixote.

(Fun fact: some of the first military conflicts for a young United States were the “Barbary Wars” from 1801 – 1805 and again in 1815 – 1816, which were attempts to stop pirate depredations on American shipping. One researcher estimated that the annual costs of Barbary piracy to the U.S., including insurance costs, were equivalent to $10 billion to $20 billion in terms of today’s economy.)

How did ransom insurance work?

Slaves could generally regain their freedom in two ways (if you don’t count mounting a daring escape). One was to convert to Islam – the Barbary States were Muslim and most of their captives were Christian.

A second way was to pay a ransom.

In the early days, churches and families would set up collections to help pay for the release of enslaved captives. That’s how Cervantes was freed in 1580. But starting in the 17th century, cities and states also began to set up ransom insurance pools.

One of the first pools, called the “Sklavenkasse” (literally: “slave insurance”), was established in the German port city Hamburg in the 1620s. That’s over 60 years before Lloyd’s coffeehouse was first mentioned as a proto-insurance shop.

Other places soon followed suit with insurance pools of their own. Individual sailors, churches, and shipping organizations would typically contribute to these pools, which paid out when a participant was captured by Barbary pirates and held for ransom. There were even established rates for how much a ransom should cost: a steersman could fetch 700 Reichstaler (the currency used in Germany at the time), while a common sailor cost a mere 60 Reichstaler.

(For the German speakers out there, you can read more about how the pools worked here.)

Ransom insurance today

Although Barbary piracy faded away in the 19th century, ransom insurance is still available today, usually for important individuals who travel to dangerous regions. Called “kidnap and ransom insurance”, it generally reimburses for ransom payments and other damages, including some medical payments.

And because criminals are creative, we also now have “ransomware” insurance, which covers costs from a ransomware attack. That’s when a hacker freezes a computer system – and will only unfreeze it in exchange for a ransom payment, usually in bitcoin. How the times have changed.

Halloween is less scary with insurance

As we put the finishing touches on our costumes, here is a short roundup of interesting and spooky Halloween-related news from around the web.

  • Inc. magazine published some good tips for business owners on how to prevent getting burned by liability claims stemming from Halloween-related events at work.
  • I.I.I.’s own Michael Barry provided CNBC with advice for consumers on how to review their insurance policies for potential gaps to help avoid any financial shock from holiday mischief and mishaps.
  • Franz Kafka’s career in insurance is illuminated in this Contingencies article. The writer, famous for his surreal and arguably scary worldview, worked as an insurance agent at the Workers’ Accident Insurances Institute of the Kingdom of Bohemia in Prague from 1908 to 1917. He is described as a successful and valued employee who cared deeply about his work.
  • And speaking of writers, Edgar Allen Poe’s poem “The Bells” was once used in an ad for fire insurance.

The I.I.I. has tips for safeguarding your home against Halloween mishaps.

Blue Marble and Nespresso launch parametric weather insurance pilot for smallholder coffee farmers in Colombia

Blue Marble Microinsurance and Nespresso have developed  a pilot program to bring weather index insurance to coffee farmers in Colombia, according to a recent Artemis blog.

Coffee crops are exposed to great risk from weather conditions, and farmers in developing countries often lack insurance options. The program provides coverage for excess rainfall and drought during the developmental stages in which coffee is most vulnerable.

Satellite technology is used to obtain the data required to create the weather indices against which the parametric policies can be triggered. If excess rainfall or drought occurs in a covered area, payments can be made automatically and quickly without the need for time-consuming claims assessment.

“This pilot initiative helps to establish a support mechanism for smallholder coffee farmers in Colombia so that they can continue to thrive in the face of climate change,” said Guillaume Le Cunff, President and CEO of Nespresso USA.

The program is a good example of the growth of microinsurance, which provides affordable insurance coverage to low income populations in developing counties.

To learn more about microinsurance, click here.

 

Malware infections drop on World Cup match days

It’s a well-known fact that worker productivity dips during the World Cup. But there is a surprising upside to workers switching off their computers and dashing off to their local pub to watch the game. According to this Yahoo Sports article, malware infections dropped by 20 percent during World Cup match days in countries whose teams are playing in the World Cup.

“A day to day drop that dramatic can only happen when people get offline in massive amounts,” explains Ryan Gerding, a spokesperson for EnigmaSoft, maker of anti-malware software. In every country that experienced a drop, infections jumped back up the next day.

Interestingly, Russia is the only country not to experience a decrease in malware when its team is playing. On match days when the national team was playing, Russia experienced a 5.98 percent increase in malware infections.

Business identity theft: An emerging threat

Individuals are not the only ones at risk of identity theft. Increasingly, businesses are contending with criminal use of their identity for tax fraud, credit card and other financial fraud, as well as having their websites and business name trademarks held for ransom.

A recently released report by the National Cybersecurity Society states that criminals are combining stolen data from data breaches with business intelligence to create large tax returns; wire transfers and ransoms which are fueling an underground economy of organized crime.

The IRS reported 4,000 instances of business identity theft cases in 2016. In 2017 that figure soared to 10,000, the largest year-over-year increase on record. Damages were estimated at $268 million in 2016, but curiously declined to $137 million in 2017.

The Insurance Information Institute has facts and statistics on identity theft here.

 

The Kilauea volcano eruption – a primer on insurance coverage

Over two dozen homes have been destroyed so far when the Kilauea volcano on the island of Hawaii began erupting last week. Lava flowed into residential neighborhoods on the eastern side, as this Wall Street Journal video shows, and the island  has been shaken by hundreds of earthquakes, the largest one with a magnitude of 6.9 occurred on Friday.

The I.I.I. has a primer on volcanic eruption insurance coverage. Below are some highlights:

What’s covered

  • Most home, renters and business insurance policies provide coverage for property loss caused by volcanic eruption when it is the result of a volcanic blast, airborne shockwaves, ash, dust or lava flow. Fire or explosion resulting from volcanic eruption also is covered.
  • Homeowners and business owners’ policies also provide coverage for property damage, vandalism or theft due to looting if the occupants are displaced.
  • There is typically a 72-hour waiting period before business interruption coverage kicks in.
  • Damage to vehicles caused by lava flow is covered under your auto insurance policy if you have comprehensive coverage, which is optional. Direct, sudden damage to engines from volcanic ash or dust is also covered under most policies.

What isn’t covered

  • Most home, renters and business insurance policies do not cover damage from earthquake, land tremors, landslide, mudflow or other earth movement regardless of whether the quake is caused by or causes a volcanic eruption. Earthquake insurance is available from private insurers as an endorsement to a homeowners policy.
  • Damage to land, trees, shrubs, lawns, property in the open or open sheds (or the contents of those sheds) is typically not covered.
  • The cost to remove ash from personal property is generally not covered unless the ash first causes direct physical loss to personal property. There is also no coverage to remove ash from the surrounding land.
  • Damage that occurs to homes, businesses or vehicles over time due to volcanic dust is not covered under most policies.
  • Volcanic Effusion (i.e. volcanic water and mud) is not covered under a typical homeowners, renters or business insurance policy. However, it is covered by flood insurance, available through the National Flood Insurance Program.

 

 

Cybersecurity insurance growth continues

Cyber insurance remained a fast-growing line in 2017, with package policy premium almost tripling, while standalone premium grew 7 percent*, NAIC data indicate.

Packaged cybersecurity policies as measured in quantified and estimated direct premiums written grew from $416.8 million in 2016 to $1.1 billion in 2017. The number of packaged claims made and occurrence policies in-force increased by 71 percent.

Standalone cybersecurity policies did not fare as well, with a 7 percent increase in direct premiums written from $920.7 million in 2016 to $985.6 million in 2017. The number of standalone occurrence policies in force fell by 12 percent, and the number of standalone cybersecurity claims-made policies fell by 33.3 percent. The loss ratio for 2017 standalone cybersecurity insurance was just 30 percent.

Over the past year, headline grabbing cyber incident such as the Equifax breach ensured that companies remained aware of the enormous potential losses cybersecurity threats pose to their businesses. Cyber incidents ranked second on Allianz’s 2018 list of top business risks (five years ago, it ranked 15th.).

A recent PwC report cautioned that given the increasingly frequent and severe nature of cyberattacks, it’s still unclear whether cyberrisks are adequately priced.

“The inevitable market-turning event will separate carriers that have sufficient risk management, underwriting processes and capital in place from ones that do not,” said the report.

Click to enlarge

*NAIC data sourced from S&P Market Intelligence on April 27, 2018.