The privacy bomb and cost of personal data debt

I often hear architects talk about technical debt but it strikes me that a different debt is waiting for insurers.

Imagine a world where the regulator says that a customer owns data about the customer, regardless of where it is stored. The key observation here is the decoupling of ownership and control with storage. Most regulators have gone nearly this far and made statements about consumer ownership of consumer data, so perhaps it's not out of step with reality. This is discussion so far but perhaps the technology hasn't caught up with the intent. If we ignore the limits of technology …

There are perhaps 3 models emerging:

  • A. The data remains where it is and is controlled from there. Requires APIs…
  • B. The data moves as customer moves. Requires data standards…
  • C. Customer data is held in a shared environment. Requires APIs and data standards

Let's take a moment to really think that through for an insurer. If you hold data about a customer in your systems, that data is owned by another party. Ownership here is a complex word – it implies but is not limited to controlling access to the data, determining appropriate use of the data, revoking access to the data, determining how long that data is kept.

Scenario A
What if the storers are obliged to provide these controls to the owner of the data and actually – what if that obligation exists regardless of whether that owner is a customer?

Such a scenario may make it prohibitive for insurers to capture and store data directly. What would the world look like in such a scenario? Insurers would request access to customers data and have to disclose why they want the data, what they will do with it and perhaps the algorithms used  in order to offer products. Such a world might favour insurers with simpler pricing algorithms that are more expensive but customers understand what is being done with the data.

If we take it a step further, in theory there would be intermediaries emerge who help manage consumer data and help consumers simply share their data with trusted partners. I would suggest most people would not dig into the detail of who is sharing what so a service that says, "we've found these 15 services that only use the data in these ways and we've packaged that up for you" would be most welcome.

If however, we take existing businesses into this world then suddenly enterprises will be faced with the issue of how do they offer appropriate controls and management around the data already in place.

The standard already exists for sharing information in this way leveraging OAUTH as is used by Twitter, LinkedIn, Google and Facebook.

Scenario B
The cost for doing migration and conversion will lie with the party holding the data. A different type of debt.

This is the model the insurance industry is assuming will come to pass but it requires shared data standards which are harder to implement than API standards. There is also the issue of potentially lossy data migrations – I.e. The quality of the data is reduced in the migration – will this be 'OK' from a regulatory point of view?

Further this is more confusing for a consumer since the mechanism and means to manage access to the data will change each time there is a move. An approach intended to increase portability and movement could become an inhibitor as consumers grow concerned about retraining.

In theory though, this would allow insurers to differentiate on trust and service – a place where they already play.

Scenario C
The greatest challenge with a shared environment is who is the trusted party? Google, Twitter, Facebook and LinkedIn among others have made moves into authentication but they don't hold all the data and regulators in multiple countries are seeking to grasp control and this is a topic for Insurtech startups as well.

Some see Blockchain as a possible solution – the data in a shared open place, but secured and encrypted.

At this point this seems like the least likely solution, requiring the greatest cooperation and investment from the industry and governments. Regulators at this point seem to be supporting the other two.

Which will come to pass
There is a clear trend with private data becoming more valuable, but the cost of storing it is becoming more onerous. Regardless of which of the scenarios comes to pass or if some other scheme emerges – insurers must balance the cost of storing the data and the value it may bring now and in the future.

What does Brexit mean… ?

This is the question on everyone's lips. I had delayed writing this in the event that some clarity emerged but in day 5 of Brexit that clarity and certainty is proving elusive – indeed uncertainty seems to characterise the whole affair. This has been a discussion within the European team (thanks to Jamie and Nicolas) for some time and this post will briefly concentrate on the impact of the events so far on insurers with operations and interests in Europe. This will not discuss the UK governments response thus far.

The only certain thing about Brexit as it stands is uncertainty. Will Brexit really happen? When will the process start? Who is negotiating? What is the opening position? What we can say with some confidence there will be little regulatory and legal change in the short term and some unknown quantity of regulatory and legal change in the medium term.

The key unknown is the continuing participation in the single market and the other institutions in Europe, particularly the passporting. This more than Brexit itself, will define how strongly businesses with operations in the UK will respond.  Those with headquarters and staff in the UK to be present in the EU will need to reconsider this position if Britain leaves the single market as well as the EU – or indeed if any of the agreements reached put this position in jeopardy.

Uncertainty breeds volatility in the markets, a depressed investment environment and bond rates will hit the market further, particularly life insurers. This could well impact sales of investment products across the EU and UK until some certainty is restored. Existing products would not be safe either, with some investors looking to cash out.

The outlook for technology investment is trickier. If anything the pressures for reducing costs, agility and flexibility will be exacerbated. In the short term it is reasonable to assume reduced investment with alternate investments and clarity increases. It is plausible that this will affect the InsureTech market as well – particularly in London.

For UK insurers, It is likely that the FCA will engage with insurers and the ABI as the UK seeks to set out how it differentiate itself from the EU which will require agility and flexibility from the insurers to adapt to the new opportunities. A similar process may occur within the EU.

As is probably clear above, the one thing needed is clarity.

Do follow our Brexit posts from the wealth management team as well

The UK’s First Personal Insurance Policy for ‘driverless cars’: Too early or just in time?

Yesterday, we received a press release announcing the launch of a new insurance proposition targeted at personal use for ‘driverless cars’ from Adrian Flux in the UK. This news arrives hot-on-the-heels of the Queen’s Speech last month that announced the UK Government’s intention to go beyond its current ‘driverless’ trials in selected cities and legislate for compulsory inclusion of liability coverage for cars operating in either fully or semi-autonomous mode.

As the press release suggests, this may be the world’s first policy making personal use of driverless cars explicit in its coverage (we haven’t been able to validate this yet). Certainly, up until now, I suspect that most trials have been insured either as part of a commercial scheme or, as Volvo indicated last year, by the auto manufacturer itself or trial owner. 

What I find particularly interesting about this announcement is that they have laid the foundation for coverage in their policy wording and, in doing so, been the first to set expectations paving the way for competition.

Key aspects of the coverage (straight from their site) include:

  • Loss or damage to your car caused by hacking or attempted hacking of its operating system or other software
  • Updates and patches to your car’s operating system, firewall, and mapping and navigation systems that have not been successfully installed within 24 hours of you being notified by the manufacturer
  • Satellite failure or outages that affect your car’s navigation systems
  • Failure of the manufacturer’s software or failure of any other authorised in-car software
  • Loss or damage caused by failing when able to use manual override to avoid an accident in the event of a software or mechanical failure

Reflecting on this list, it would appear that coverage is geared more towards the coming of the connected car rather than purely being a product for autonomous driving. Given recent breaches in security of connected car features (the most recent being the Mitsubishi Outlander where the vehicle alarm could be turned off remotely), loss or damage resulting from cyber-crime is increasingly of concern to the public and the industry at large – clearly an important area of coverage.

Given the time taken to legislate, uncertainty over exactly what the new legislation will demand, and then for the general public to become comfortable with autonomous vehicles, I suspect that it may be quite a few years before a sizeable book of business grows.  Often, the insurance product innovation is the easy part – driving adoption up to a position where it becomes interesting and the economics work is much harder.

Maybe this launch is a little too early?  Or maybe it's just-in-time?  Regardless of which one it is, in my opinion, this is still a  significant step forward towards acceptance. I also suspect that some of these features will start to creep their way into our regular personal auto policies in the very near future. I wonder who will be next to move?

If you’re interested in learning more about the potential impact of autonomous vehicles on the insurance industry, why not register here for Donald Light’s webinar on the topic tomorrow.

 

The Solvency II preparation finish line is close

Solvency II – the European Union prudential capital regulation – will come in to effect in January 2016 after more than a decade of preparation. For many European insurers it means they are reaching the end of the long road of deep preparation but others have already turned their preoccupations in other directions. For instance the Solvency II regulation came in to effect already this year in Denmark and their level of preparation allowed Danish insurers to adapt to the new regulation. But let’s recall what Solvency II is and why it is an important regulation for the European insurance industry. Solvency II is the set of regulatory requirements for insurance firms that operate in the European Union. The rationale is to facilitate the development of a single insurance market in Europe while securing an adequate level of consumer protection. It is based on three pillars:
  • The first pillar defines capital requirements. It quantifies the minimum capital requirement (MCR) and the solvency capital requirement (SCR).
  • The second pillar provides qualitative requirements in terms of supervision and review. Indeed, the European Commission wants to emphasize the need for insurance companies to implement efficient risk management systems.
  • The third pillar introduces the market discipline concept. Insurance companies have to promote transparency and support risk-based supervision through market mechanisms.
What makes Solvency II a comprehensive regulation is the fact it includes all types of risks and is not restricted to purely insurance risk. With this it better captures the reality of what an insurer’s risk profile is. Key elements of this approach is of course the diversification effect and this is why we see consolidation among small insurance players who lack diversification in their business (notably small mutuals in France for instance). Going forward we expect other geographies to follow the same principles and we think it is important that multinational companies learn from their European preparation. Of course Celent and Oliver Wyman have been working on Solvency II in the recent past. We have also published research providing our views and opinions on this topic. A recent report has been published by Oliver Wyman in collaboration with Morgan Stanley looking more particularly at various consequences and notably on cash for insurers. If you are interested to know more here is an abstract: European Insurance: Generating Cash in a Volatile Solvency II World. For the insurance companies that are interested to better understand the vendor landscape we have published a report profiling vendors with a Solvency II offering a few years ago: Solvency II IT Vendor Spectrum: 2012 Edition.  

On the cusp: regional integration in Asia

It’s 2015, the mid-point of the decade and a good time to start looking at major trends in Asian financial services over the next five to ten years. One of the major themes will be regional integration, which is another way of saying the development of cross-border markets. There are at least two important threads here: the ongoing internationalization of China’s currency, and the development of the ASEAN Economic Community (AEC) in Southeast Asia. RMB internalization is really about the loosening of China’s capital controls and its full-fledged integration into the world economy. And everyone seems to want a piece of this action, including near neighbors such as Singapore who are vying with Hong Kong to be the world’s financial gateway to China. The AEC is well on its way to becoming a reality in 2015, with far-reaching trade agreements designed to facilitate cross-border expansion of dozens of services industries, including financial sectors. While AEC is not grabbing global headlines the way China does, we see increasing interest in Southeast Asia among our FSI and technology vendor clients. From Celent’s point of view, both trends will open significant opportunities across financial services. In banking, common payments platforms and cross-border clearing. In capital markets, cross-border trading platforms for listed and even OTC products. In insurance, the continued development of regional markets. Financial institutions will be challenged to create new business models and technology strategies to extract the opportunities offered by regional integration. It’s the mid-point of the decade, and the beginning of something very big.

Engaging the NAIC on Emerging Insurance Technologies

“If the regulators aren’t with you, expect insurance innovation to take longer and cost more.” This comment surfaces repeatedly in Celent’s research. We believe this is true and have seen this occur in the past (credit scoring, predictive analytics, telematics). In order to address this issue, we at Celent have begun to proactively engage regulators around emerging technology topics. Last week, I presented at the fall annual meeting of the National Association of Insurance Commissioners. Addressing the Property & Casualty Committee, the topic was “Emerging Technologies and Their Potential to Impact the Insurance Industry”. I observed that regulators are eager to receive information about this topic. This is understandable, as budget constraints make it very difficult to divert resources from the day-to-day crush of filing and approvals to concentrate on the future. However, mentioned in the session, it does the industry absolutely no good if the first time a regulator learns about a new technology is in a new filing! Celent is tracking several technologies with the promise to change insurance proposition in important, fundamental ways. For example, digital capabilities allow customer engagement to shift from periodic (only at time of renewal or a claim) to continuous (daily lifestyle suggestions). Another trend we see is a movement from “pay as you rate” to “pay how you use”. The introduction of telematics in the Auto line is the best example of this. Several case studies from around the world were used to illustrate how, in other regulatory environments, technology is being applied to insurance. The digital customer experience platform built by Tokio Marine was shown as an example of continuous customer engagement. AXA’s use of public and private data sources to change the FNOL reporting process was offered as a case of a transition from reactive to proactive claims management. Celent will continue to be involved in briefing regulators on these issues. We encourage insurance technology providers to do the same. We are all on this journey together and will get their faster and more effectively if we communicate actively.

Capital Opportunities

AM Best came out today with a revision for the reinsurance sector from stable to negative as the reinsurance market continues to soften. When it comes to reinsurance, it’s been a buyers’ market. Competition in the global reinsurance industry is fierce as there is significant excess capacity. Reinsurers have experienced lower than anticipated cat losses despite some well publicized events earlier in the year. There’s also been robust use of alternative capital as cat bonds continue to increase.   What this means for carriers is that they have opportunities to take advantage of falling prices and get improved coverage across all lines of business. In addition to low prices, terms and conditions are improving. Carriers are able to purchase increased coverage because of the low prices and lock in multi-year deals for portions of their reinsurance coverage. They’re negotiating more customized reinsurance programs – lasering out specific exposures. And even property cat renewals are getting improved prices and terms. With pressures on growth, carriers who retreated from catastrophe exposed coastal areas in earlier years are reassessing the potential opportunities and looking for tools to help them re-enter a potential growth market.   The question is how long can reinsurers keep this up? Is the bottom of the soft market emerging? Private reinsurance capital is now competing at a level comparable to current government roles in some areas. AM Best isn’t the only rating agency that is posting negative outlooks on the reinsurance market. Primary carriers are starting to look more aggressively to determine if they should consider locking in lower rates and favorable terms for longer periods. Especially as reinsurance becomes even more of a strategic decision since regulators are increasing their use of economic capital modelling. Many carriers find rating agency capital requirements are driving a higher capital constraint and therefore are becoming a leading factor in strategic decisions about how insurers manage capital and make reinsurance decisions.   But reinsurance is a unique area in an insurance carrier typically managed by a small unit with one or two gurus who have the knowledge of the programs preserved in their heads. Although reinsurance programs are becoming increasingly complex, large numbers of carriers rely on excel spreadsheets to manage these programs which are rife for error.     As carriers structure more complex programs because prices and terms are favorable, we’re seeing increased interest in reinsurance software to help manage these complex programs. Modeling potential programs, automating premium and commission calculations, processing complex inurements and improving claims recoveries are helping many find huge returns when investing in these types of systems.

2014 Latin America Outlook

The following text was published today in Inter-American Dialogue’s Financial Services Advisor under the title: “What is driving the insurance market in Latin America?” I provided my view to FSA in advance, and now that it is out there I thought it made sense to share it with you through our blog. Growth continues to be a common theme throughout the region, though not at the same pace that before and not equally in all countries. The Pacific Alliance countries have been growing faster than Mercosur countries, for example. Insurance in Latin America has its own dynamics and has been growing year over year, even beyond GDP increase, and is expected to continue this trend through 2014. A growing middle class is driving insurance buoyance in the region, with Brazil much setting the tone. Estimates indicate that 40M people have gone from living in poverty to the middle class in the past decade in Brazil. Nevertheless, there is a large number of people in the base of the pyramid (BoP) which is also of interest of insurers. Infrastructure investments, trade, and group life and benefits to attract employees are key drivers for commercial insurance growth. We are seeing moves towards consolidation in certain countries which are imposing stronger capital requirements and also acquisitions and new entrants into high growth potential markets, such as Brazil, Colombia and Peru. Competition is increasing and new segments are being targeted with more focus. All this is driving higher investments from insurers as well as competition for qualified talent in the marketplace. Some countries are moving towards a stricter risk-based capital measurement, and the rest should move in the same direction as part of a global and regional trend. In many countries sales practices are far from innovative and what customers expect to be. There is a need to evolve in the use of distribution channels and provide a better customer experience. Most insurers are still tied to legacy systems that impose a burden to become more competitive, efficient and smart. Rising inflation, weakening of financial market due to lower quality of loans (as they compete for the raising middle class); lower demand of products from China (mostly commodities), Europe and USA, and risk aversion from foreign investors are some of the concerns shadowing the region’s potential.

FIO Report – Confirmation of the Hybrid Model

The Treasury’s Federal Insurance Office released its report on federal insurance regulation (http://www.treasury.gov/press-center/press-releases/Pages/jl2245.aspx). As predicted in the Celent Boardroom Series Report issued on August 10, 2009, the report calls for a “hybrid model” of regulation, or as Celent described it, a coordinated effort between the states and the federal government.  (Celent subscribers can access the report here: http://www.celent.com/reports/boardroom-series-us-federal-regulation-insurance-are-we-ready). Over the next few days, insurers, interest groups, legislators and industry analysts (including Celent) will be examining the report to determine short, medium and long term impacts on companies.  At this point, we have seen nothing to invalidate our other previous prediction – that greater federal involvement will require greater (and new) reporting requirements to which insurers will have to respond.  Organizations wishing to get a jump on future compliance will invest in data management processes and tools.    

SEC Busts Broker Dealer Offering Securities on LinkedIn

The Securities and Exchange Commission (SEC) announced yesterday that they have brought charges against a broker dealer for offering fictitious securities for sale on social sites. There are several good messages involved with this announcement. First, the person charged was caught before completing a sale. There is no more proactive protection than that. Second, this demonstrates that the people responsible for overseeing financial transactions are active on social media and that they are “listening”. I continue to be concerned that budget constraints will negatively affect social media monitoring and enforcement. Finally, it is a chance to reinforce the regulations that FINRA already has in place for the use of social media for legitimate purposes.

The announcement is located at http://sec.gov/news/press/2012/2012-3.htm The posting also includes a useful summary of compliance issues for companies to consider regarding social media (a National Examination Risk Alert titled “Investment Adviser Use of Social Media”).

I wish the authorities all the best in continuing to be successful in these endeavors. If there is a next Bernie Madoff, let him do his damage outside the realm of social sites.