2015 p&c industry year in review

Year in Review: Insurance trends of 2015

December 2015    |    By Indrani Nadarajah

Cyber-attacks, natural disasters, drones, and Uber – 2015 was a newsworthy year as Canada and the world at large were faced with new risks and new opportunities for advancing technology and convenience. In this Trends paper, we review the insurance trends of 2015, providing insight for recommendations, and a hint of what the insurance industry can expect in 2016. 

CYBER SECURITY

The well-publicized hacking and exposing of customer data from Canadian company Ashley Madison may have won little sympathy from its opponents, but it highlighted a weakness in Canadian regulation concerning the reporting of security breaches, say experts.

Although the government must report stolen or leaked data, private sector companies in Canada are not required to do so, which is a stark contrast to the US. The only reason the Ashley Madison leak became public was because the hackers announced it.

There is little information about the security of corporate Canada’s data because there is a lack of breach notification laws. For example, if a customer’s bank account has been compromised, the bank will investigate, reimburse the funds if warranted, and the matter is closed. There is no external reporting.

Private security company, Tenables, graded Canada’s cyber security readiness with a C+. A CBC news report quoted the Canadian Advanced Technology Alliance, which stated that the country was falling behind in its fight against cyber criminals and hackers. Experts say that the lack of analyzable data is causing insurance companies to focus on managing limits, rather than truly being able to assess risks within companies. However, some of Canada's largest industries are creating a new network to help businesses and the public stay informed of emerging cyber threats from malware, hackers and online criminals.

The Canadian Cyber Threat Exchange (CCTX), set to launch early next year, is an independent, not-for-profit organization open to all businesses and institutions. Its founding members include Air Canada, Bell Canada, CN Rail, Hydro One, Royal Bank, and TD. The CCTX won't require members to publicly admit to being targets of cyberattacks, but will provide a forum to report new threats and share strategies to defend against them.

Digital Privacy Act

Canada’s Digital Privacy Act, passed by Parliament in June this year, will require private companies to report breaches once regulations are enacted. At the time of writing, the regulations had not been released. However, commentators are seeing it as toothless because it contains few financial penalties -- the Act introduces fines of up to $100,000 for deliberately not reporting a breach. Also, the question of when consumers have to be notified of the breach – when the company suspects a breach has occurred, or when it confirms a breach has occurred, has not yet been made clear.

Insurance Opportunity

Allianz’s Guide to Cyber Risks warns that over the next decade, insured cyber risks are expected to include intellectual property theft, cyber extortion and business interruption after a breach. BI losses could exceed the cost of the breach. Cybercrime already costs the U.S. US$108 billion and China US$60 billion each year (the world’s largest and second largest economies). In Allianz’s ranking of the top 10 economies’ vulnerabilities to cybercrime, the German economy proved the most vulnerable, with cybercrime costing the country 1.6% of its GDP, or US$59 billion.

The Ponemon Institute’s 2015 Cost of Data Breach Study, released in May, showed the average cost paid for each lost or stolen record rose 6%, from US$145 in 2014 to US$154 in 2015. For Canada, the average cost of a data breach was C$250 per lost or stolen record. “The number of breached records per incident this year ranged from 5,199 to 74,550, and the average number of breached records was 20,456.” The total average cost of data breach for the 21 companies represented in this research was C$5.32 million.

However, the Institute also found that Canadian organizations that had trained employees, an incident response plan in place, and employed encryption extensively, suffered lower data breach costs. Other important mitigating factors included the appointment of a Chief Information Security Officer with enterprise-wide responsibility, board level involvement and insurance protection.

The global demand for cyber insurance presents a huge commercial opportunity for insurers and reinsurers. PricewaterhouseCoopers’ report, Insurance 2020 & Beyond: Reaping the dividends of cyber resilience, estimates the largely untapped cyber insurance market could increase from about US$2.5 billion in premium written in 2014 to US$5 billion in annual premiums by 2018, and at least US$7.5 billion by 2020.

PricewaterhoueCoopers’ annual survey of security, IT and business executives (cited in the report) showed that there were nearly 43 million global security incidents detected in 2014. That’s equivalent to over a staggering 100,000 attacks a day.
Some insurers in the PwC report have wondered whether governments would step in as an insurer or reinsurer of last resort. “However, our own discussions with a number of governments indicate that their preferred solution would be commercial insurance, which would be structured and governed by defined government-set standards.” PwC also observes that even where the cyberattacks are state-sponsored, there would be a reluctance to declare them as acts of war, thereby triggering certain exclusion clauses.

Underwriters would like to expand in cyber insurance writings, as the cost of cyber insurance relative to the limit purchased is typically triple the cost to cover for more established liability risks. This is partly due to the few insurers offering such coverage, though a bigger reason is the uncertainty of how much to reserve for potential losses. PwC also reported that many insurers are setting limits below what their clients are seeking. The maximum is usually US$500 million, though most large corporates have difficulty securing more than US$300 million. The high cost of coverage for relatively low limits, coupled with tight terms and conditions, may cause many policyholders to question the value of their cyber insurance policies. Such misgivings by potential customers could stunt growth in the short-term, PwC reported.

MANAGING THE RISK OF RISING SEA-LEVELS

The 2013 floods in southern Alberta were the costliest natural disaster in Canadian history, causing $6 billion in damage. Across the country, 28,000 buildings could be submerged by 2050, temporarily or permanently, either due to sea-level rise or storm surges.

Budget 2014 earmarked $200 million over five years to establish the National Disaster Mitigation Program (NDMP), which will address rising flood risks and costs. The NDMP was established in April 2015 to reduce the impacts of natural disasters by:

  • Targeting investments on significant, recurring flood risk and costs
  • Advancing work to facilitate private residential insurance for overland flooding

This year, the Alberta government announced it will invest nearly $300 million to protect Calgary and communities along the Elbow River from major flooding. Specific projects include building the Springbank off-stream reservoir in the Elbow River basin and local mitigation projects in Bragg Creek and Redwood Meadows. An additional $150 million will be committed over the next 10 years for local projects to prevent flooding in Calgary. Aviva Canada, The Co-operators and RSA have also introduced overland flood coverage.

INSURERS “UNPREPARED” FOR CLIMATE CHANGE

Insurers are unprepared for the costs of climate change, said UN Framework Convention on Climate Change Executive Secretary Christiana Figueres, adding that “the insurance sector is perhaps ready for some natural disasters, but it’s not ready for climate change, which is a systemic threat.”

The industry’s capital positions could also be affected by lower investment income and higher capital requirements, as well as by an anticipated increase in weather-related claims due to climate change, Standard & Poor’s said. S&P said insurers do not typically view climate change as a major threat to their day-to-day activities as they anticipate that their ability to reprice and renew non-life policies annually offers them protection against increases in weather-related claims attributed to climate change. However, the insurers may not be factoring in the loss of investment income. S&P calculated that for the P&C insurer and the reinsurer, the investment impact is bigger than weather-related claims, representing 70% of the total impact and 60%, respectively.

Still, there is reason for some cautious optimism -- nearly 200 countries signed a historic agreement to agree to combat climate change by reducing emissions in Paris on December 12, 2015. Countries have committed to publish greenhouse gas reduction targets and revise them upward every five years. The final text of the agreement commits countries to keeping global warming "to well below 2 degrees Celsius, with the aim of limiting it to 1.5 degrees Celsius. The goal is to create a carbon-neutral world sometime after 2050. India and China are supporting for the proposals, the BBC reported.

PHASING OUT COAL-GENERATED ELECTRICITY

Canadian provinces are also phasing out coal-generated electricity. Ontario has passed legislation to permanently ban coal-fired electricity generation. Ontario’s new act prevents new and existing facilities from burning coal for the sole purpose of generating electricity. The Ontario ban follows the province’s decision to close its last coal-fired power plant, the Thunder Bay Generating Station, in 2014. That station will be converted to burn advanced biomass, a renewable fuel source.

Alberta will phase out coal burning and move to more renewable energy by 2030, reports the province’s Climate Leadership Plan. Two-thirds of coal-generated electricity will be replaced primarily by wind power while natural gas generation will continue to provide “firm base load reliability.” By 2030, renewable energy sources will comprise up to 30% of Alberta’s electricity production.

On December 11, 2015, the Nova Scotia Legislature passed Bill 110, the Marine Renewable Energy Act, to ensure that marine renewable energy has the appropriate licensing and environmental protections in place. Nova Scotia is looking to tidal energy to cut fossil fuel consumption and create jobs.

UBER DRIVERS AND INSURANCE

UberX continues to be a thorn in the side of the City of Toronto, with taxi drivers in the city staging rolling protests.
Last July, the City of Toronto failed to persuade the Ontario Superior Court of Justice to issue a declaratory order that Uber "operates a taxi cab brokerage and limousine service” contrary to the Municipal Code.

Justice Sean Dunphy disagreed with the City’s argument that Uber "accepts" calls to arrange limousine transportation. Uber had argued that its app only offers "lead generation." “Purely automatic, algorithm-driven process of an automatic server directing packets of data containing electronic requests; over the Internet from the rider’s smartphone to drivers who may wish to accept them cannot be characterized as a ‘call’”, Justice Dunphy wrote.

The City of Calgary obtained an injunction prohibiting the operation of Uber in that city. Justice G. H. Poelman of the Court of Queen’s Bench of Alberta issued the temporary injunction against drivers offering rides for a fee in Calgary using the Uber app. The injunction runs until a full hearing on Dec. 17, 2015.

Meanwhile, Intact Financial Corp. intends to offer "tailored insurance products" for Uber. "The intention is to offer and market these products under IFC's two largest brands - Intact Insurance and belairdirect," Intact stated, adding the firm is "working closely with insurance regulators and different levels of government in provinces where the ridesharing service currently exists."

The Insurance Bureau of Canada is reportedly pushing some provinces for rule changes that would allow drivers working with Uber to obtain coverage. The Globe and Mail reports quoted IBC spokesperson Steve Kee saying that property and casualty insurers had submitted a three-page legislative proposal to finance departments in Ontario and Alberta and to Ontario MPPs.

AUTONOMOUS VEHICLES AND AUTO INSURANCE

Ontario is launching a new pilot program to allow for the testing of automated vehicles on roads in the province, beginning January 1, 2016. The Institute of Electrical and Electronics Engineers predicts that, by 2040, autonomous vehicles will account for 75% of all vehicles on the road. 

KPMG’s Insurance practice estimates an 80% potential reduction in accident frequency by 2040, though the practice estimates that accident expense could skyrocket from almost US$14,000 currently to roughly US$35,000. More worrying for insurers, a drop in accident frequency due to safer vehicles and the adoption of autonomous vehicles could slash the personal auto insurance sector in the U.S. by 60% within 25 years. Insurers will also have to grapple with data security and individual privacy.

KPMG reports that vehicle manufacturers, insurers and technology firms will have to band together to self-regulate to protect data and privacy, or risk onerous regulation. However, KPMG found that, in the U.S. at least, auto insurers were sceptical about the threat posed by autonomous vehicles. Most carriers appeared to believe that change was still distant, a view incongruent with the pace of technological change.

DRONES AND INSURANCE RISK

As drone use becomes more common, companies need to recognize safety and security issues, advises Lloyd’s in its latest report, Drones Take Flight. The study highlights five risks that could harm the sector’s future growth:

1. Negligent or reckless pilots
2. Patchy regulatory regimes
3. Poor enforcement – tracking technology could help operators avoid breaking laws by ensuring drones do not stray into controlled airspace
4. Vulnerability to cyberattack – some reports suggest a “thriving community of ‘drone hackers’ is already established”
5. Privacy infringement

Effective airspace control and collision avoidance technology will be key requirements for the insurance of drones operating in busy airspace, Lloyds notes. Insurers are also likely to seek greater risk mitigation measures from drone operators like proper training and accreditation, stronger cyber security measures and completing privacy impact assessments.

COURSE OF CONSTRUCTION POLICIES SHAKE-UP THE SYSTEM

Course of construction (COC) insurance is designed to indemnify builders for repair or replacement costs while a project is under construction or for a specified period after construction is complete. If damage is to be covered, it must have been caused by a “fortuitous” event, or an accident. 

The first case to interpret a course of construction insurance policy design/workmanship exclusion called the LEG2/96 clause (the Defects Exclusion) was on August 5, 2015, the British Columbia Court of Appeal ruling in favour of Acciona. The contractors sought indemnity from its insurers, Allianz Global Risks US Insurance Company, Zurich Insurance Company, Temple Insurance Company and GCAN Insurance Company, for $14.95 million for losses and costs incurred to repair damage to concrete slabs forming part of the new Patient Care Centre of the Royal Jubilee Hospital in the City of Victoria. The trial judge held that approximately half of the claim, $8.5 million, was covered by the relevant insurance policy and awarded that amount to the plaintiffs. 

The insurers appealed on the grounds that the trial judge had erred in finding that the damage to the concrete slabs constituted “direct physical loss of or damage to the property insured” within the meaning of the policy. The insurers submitted that the damage should have been excluded by a Defects Exclusion clause in the policy. The Contractor cross appealed, submitting the judge erred in holding the portion of the claim for additional subcontractor costs was not covered by the policy.

The Court of Appeal dismissed the appeal and cross appeal, and upheld the trial judge’s order. The court agreed with the trial judge that the slabs were not “defective”. While the slabs were properly designed, the trial judge found instead that defects “in the framing and shoring workmanship resulted in damage to the slabs” and this finding was not challenged on appeal. The defect that resulted in damage to the slabs was in the supporting structures and workmanship and was therefore, fortuitous. The Defects Exclusion did not exclude the cost of rectifying “defective slabs” as they were not defective. The exclusion excluded the cost of rectifying defective workmanship. The Court of Appeal agreed with the trial judge that over-deflection was fortuitous because it was unanticipated and was not built into the design in the first place.

In Ledcor Construction vs. Northbridge Indemnity, Ledcor had sought cover for the replacement of windows that had been damaged during the post-construction cleanup process. The cleaning company’s methods were found to be defective. The Alberta Court of Appeal referred to the policy exclusion, which states that it does not insure “the cost of making good faulty workmanship, construction materials or design unless physical damage not otherwise excluded by this policy results, in which event this policy shall insure such resulting damage.” Ledcor submitted that the cleaning work done by Bristol Cleaning was not “workmanship”. They argued that “workmanship” only covers efforts that result in the creation of some physical product. Therefore, any trade contractor that was merely providing labour or services would not be engaged in “workmanship”.

The appeal court disagreed, noting that the word “workmanship” generally covers any application of skill or effort to a task. Bristol Cleaning’s work was therefore workmanship. “The final “construction clean” of the exterior of the EPCOR Tower was as much a part of its construction as the designing of the foundations, the hammering of the nails, and the pouring of the concrete,” the court ruled.

“Since COC policies are placed throughout the country, this divergence between the Courts of Appeal in B.C. and Alberta creates uncertainty in how the same commercial insurance contracts will be adjudicated in different parts of the country. As a result, an appeal to the Supreme Court of Canada is likely. Until a Supreme Court of Canada case is heard and decided, insurers looking to place COC policies in B.C. should consider the prospect of a significant increase in exposure to claims arising from damage caused by defects in material workmanship or design, and to use particular care in the use of the LEG 2 wording.” 

WHAT TO EXPECT IN 2016

Kicking off the new year, the CIP Society is working with Phil Cook, Chairman and CEO of Focus Group Inc., to bring you insurance projections of 2016. This ADVANTAGE Monthly Trends paper will be the first in a series of monthly papers that provide a detailed analysis of emerging trends and issues in the insurance industry in 2016.
 

ADVANTAGE Monthly trends papers

This paper is part of an open online library of ADVANTAGE Monthly trends papers, published by the CIP Society for the benefit of its members and of the p&c insurance industry. The trends papers provide a detailed analysis of emerging trends and issues, include context and impact, and commentary from experts in the field.

The CIP Society represents more than 18,000 graduates of the Insurance Institute’s Fellowship (FCIP) and Chartered Insurance Professional (CIP) programs. As the professionals’ division of the Insurance Institute of Canada, the Society’s mission is to advance the education, experience, ethics and excellence of our members. The Society provides a number of programs that promote the CIP and FCIP designations, continuous professional development, professional ethics, mentoring, national leaderships awards, and research on the issues impacting the p&c insurance industry in Canada.