Professional Liability Challenges
Rates in the professional liability market are coming under increased pressure as a result of overcapacity and greater competition, with industry experts warning of dire consequences in the long term if it continues.
Among the areas hardest hit are directors’ and officers’ (D&O) and medical professional liability (MPL).
John Lopes, vice president of programs at Freedom Specialty Insurance, said overcapacity posed the biggest threat to insurers in the short and long term.
He said new entrants and smaller players would find it hard to build profitable scale without a competitive advantage other than price, and those who succeeded would likely do so at the expense of existing providers.
“Either way, the longer term issue is one of market saturation and fragmentation,” he said. “This will put pressure on pricing and profitability until market forces break the cycle.”
Christian Gravier, president of professional lines at Allied World North America, said that rates and terms and conditions for public D&O and side A difference in condition (DIC) were under the greatest pressure from increased competition and capacity.
“Sustained profitability of the product has made it extremely attractive and hence capacity is drawn to the line and rates have seen, in some areas, a precipitous drop,” he said.
Gravier said the increased use of capacity by competing insurers was causing disruption in some of the bigger markets, with larger limits of $25 million and $50 million becoming more prevalent.
Jeff Klenk, senior vice president of bond and financial products at Travelers, however, said that despite the surfeit of capacity, some more specialist areas had experienced rate increases.
“Capacity continues to be plentiful and the state of competition is very risk-specific,” he said.
“In those lines of business that have had more challenging results, or on accounts with more complex risks, we have seen rate increases.”
But it’s really cutting-edge sectors like cyber and privacy liability that are offering the most potential for growth as companies realize the extent of their exposure to data breaches and attacks, and brokers gain a better understanding of the product.
Chris Duca, senior vice president at RT ProExec and 2014 president of the Professional Liability Underwriting Society (PLUS) — which will be hosting its annual conference in November — said that alongside cyber, errors and omissions (E&O), and D&O lines in privately held as well as publicly traded and initial public offering (IPO) corporations offered the biggest growth potential.
He added that there was also increased demand for management, professional and health care liability, and MPL.
D&O is one of the biggest professional liability markets by premium volume. It’s estimated to be worth $6 billion in the U.S. alone, according to Allianz Global Corporate Specialty.
But despite the sector’s size and success, it has not been without its problems, stemming largely from the increase in claims after the 2009 financial crisis.
Damian Brew, national practice leader, FINPRO claims, at Marsh, said the biggest challenge facing D&O brokers is getting clients interested in new products.
A prime example, he said, was the level of cover D&O policies provide for entity investigation costs, in light of the Securities and Exchange Commission’s (SEC) renewed focus on company investigations.
“From that standpoint, many of those costs can be covered under a D&O policy,” he said, “but there are times when they fall outside of that coverage, and as a result we are now seeing more insurers offering specific cover for entity investigation costs.”
Medical Malpractice Risks
As a sector, medical professional liability accounted for $7.7 billion in premiums in 2013, according to A.M. Best, making it the No. 1 professional liability market by size.
Best’s August 2014 market report said that MPL underwriting and operating returns continued to outperform most of the property/casualty industry in 2013, despite the soft market.
It attributed that success to improvements in tort reform, better patient safety, a greater emphasis on loss mitigation and risk management, and more aggressive legal defense tactics.
SNL Financial, meanwhile, reported that despite MPL premiums continuing to fall in 2013, losses also declined to $4 billion in 2013 from $4.17 billion in 2012. The bulk of the drop in written premiums was in coverage for physicians, which fell to below $6 billion in 2013 from $7.18 billion in 2008.
“Medical professional liability is still the largest professional liability market by size.”
However, cover for other health care professionals grew to $1.2 billion in 2013 from under $1 billion in 2008.
Despite its relative success, the market remains highly sensitive to any price changes, one industry expert warned.
Robert Allen, president of Pro-Praxis Insurance, said, “All it takes is for one company to underprice the business and it has an effect on keeping pricing suppressed for the next year, raises the expectations of brokers looking for the best deal for their clients, and therefore makes it even harder for us to collectively move pricing to the right level.”
However, he added that there were areas of opportunity for growth, namely allied health facilities such as physical therapy and convenient care clinics, which have expanded at a phenomenal rate since the introduction of the Affordable Care Act (ACA).
“The growth in that space right now is just amazing,” he said.
Elke Kirsten-Brauer, executive vice president and chief underwriting officer of the medical liability division at MGIS Cos. Inc., said the MPL industry continues to face a multitude of challenges, including new patient populations entering the marketplace for insureds, and an increasing number of older patients with more complex illnesses.
Uncertainty surrounding tort reform in different states, a rise in vicarious liability claims and the heightened risk of cyber and privacy breaches add to those issues, she said.
As a result, she said, the industry needs to look at how it assesses and rates new liabilities and exposures.
“The insurance industry needs to look at data and tools from the past and make sure it revises and refines its approaches for the future,” she said.
Emergence of Cyber Liability
The hottest area in professional liability is undoubtedly cyber and privacy liability.
Philadelphia Insurance Cos.’ senior vice-president of underwriting, Ziad Kubursi, said that cyber liability was the main driver for demand in professional liability because it affected almost everyone.
Marsh’s Brew, meanwhile, believes the market will grow exponentially over the next five to 10 years as more insurers look to write the business and gain access to better loss history data.
“I think everyone is waiting for the next shoe to drop,” he said.
“It’s an exciting area where we have seen a lot of growth and I would expect to see more growth.”
Jim Whetstone, senior vice president and professions practice leader at Hiscox, said that companies were increasingly adding cyber and privacy data breach to their general professional liability policies to protect themselves against these new risks.
“We have seen increased demand for cyber and privacy cover as more brokers understand the product now and are able to explain it to their clients,” he said.
Impact of Legislation
Another big growth area is franchisors’ liability, which covers franchisers against lawsuits brought by franchisees.
Earlier this year, the National Labor Relations Board (NLRB) ruled that McDonald’s can now be considered a “joint employer” and held liable for the employment practices of its franchisees.
Peter Taffae, managing director at ExecutivePerils, said the ruling could have far-reaching implications for all company employment practices.
“The majority of franchisees don’t want to be told how to hire their employees or what to pay them because they are all independent businesses that operate on their own,” he said.
“What’s happened from an insurance E&O perspective is that some providers are now pulling back from offering this kind of cover and others are not offering it at all, meaning that prices are going up across the board,” Taffae said.
FDA Medical Device Guidance
The Food and Drug Administration has released “long-awaited” guidelines on the cyber security of medical devices.
Obviously, this is a concern for health and life insurers, but it is also relevant to other areas of coverage, such as automobile or any insurance that pays medical claims.
“There is no such thing as a threat-proof medical device,” said Suzanne Schwartz, director of emergency preparedness at the FDA’s Center for Devices and Radiological Health, in an article in “USA Today” on the release of the guidelines.
“…many device manufacturers and software vendors only learn of vulnerabilities in their products after said products have been hacked.”
“It is important for medical device manufacturers to remain vigilant about cyber-security and to appropriately protect patients from those risks.”
Important indeed. One would think that such statements would be followed by some specific safety requirements, or at least by substantive recommendations.
Instead, the article noted, “The agency is recommending that manufacturers consider cyber security risks as they design and develop medical devices.”
And which particular risks might those be? It seems there is again no specificity.
Once having “considered” those risks, however, the FDA says companies should give the FDA information about the potential risks they found, as well as what controls they put in place to mitigate them.
While this is a nice idea, it ignores certain realities in the world of technology development in general and cyber security in particular.
First, many device manufacturers and software vendors only learn of vulnerabilities in their products after said products have been hacked.
Yes, it would be fair to say that manufacturers and vendors should do a better job of testing in order to ferret out potential problems, but it is also fair to say that the number of ways to crack a product’s code are many and that not all of those ways are likely to be anticipated.
And at some point in the product development process, the testing phase must come to an end — unless the vendor is oblivious to the possibilities for profitably marketing a given product.
“Many devices are poorly secured and do not require a lot to hack. If there is sufficient incentive to do so, it will happen, causing harm to patients,” said Shel Sharma, director of product marketing for Cyphort, a threat-detection company, in the published piece.
But why would anyone want to hack into a medical device, implanted or otherwise? One obvious reason might indeed be to do harm to that individual. If an implant suddenly overheats and loses functionality, who is to say it wasn’t an accident, as opposed to attempted murder?
More ominous, however, is the idea that devices of various kinds must, by design, interface with broader medical systems that contain much more data — including confidential data on health and things like Social Security numbers. It might also be that a compromised device would provide a gateway to an entire enterprise, allowing for mischief and significant data loss, and the liability that would accompany same.
And liability is precisely the point for insurers of nearly any stripe. Of course, this whole risk scenario may represent a new area of insurance coverage to be marketed by our carriers.
Even in that case, however, insurers hardly want device makers to make things easy for criminals, because the carriers must then pay the claims. The FDA held a national workshop on medical devices and cyber security in October. Let’s hope the risks and the solutions that emerge from that gathering are more clearly defined.
3 + 3: Theory of Risk
Anthony Valsamakis doesn’t just practice risk management, he wrote a book about it. And he doesn’t just consult with quants, he is one.
“Risk management has been in my blood for so long that I have to stop myself, otherwise I could go into a two-hour monologue,” said Valsamakis, whose career in the discipline goes back almost 35 years, to his first job with the Standard General Insurance Company.
In 1990, the London-based chairman of the Eikos Group received a doctorate in Business Economics. In 1992, “The Theory & Principles of Risk Management” was published, with Valsamakis the principal author, and is now in its 4th edition.
Valsamakis worked first with a carrier, then as a commodities broker, before taking up an academic post. The company he started in 1999, the Eikos Group, has a risk consulting arm, with clients in most industrial sectors, including the food, mining, forestry, industrial paper and packaging and banking industries. The group also includes a transportation risk brokerage and a Bermuda-based carrier.
“I think the idea of having a secure data base that everyone can access and can update at any moment is by far the best innovation that I can see happening in the information game.”
– Anthony Valsamakis, Chairman, Risk Financing Strategy, Eikos Group
For as long as he can remember, Valsamakis sought ways to get better information on the risks he underwrites, brokers or consults on.
“Over many years we’ve tried hard to increase the quality and timeliness of the information that enables us to do just that,” Valsamakis said.
Finally, it looks like Valsamakis has found a risk management information systems platform that enables him to do just that.
For the past year and a half, Valsamakis has been using a system developed by Riskonnect.
“What’s useful for me is that the platform basically resides within the client’s systems,” he said.
The information he needs to prioritize, depends on which client he is working with.
“By definition, depending on where I am working and what I am doing, risk management priorities are very different,” Valsamakis said.
The Riskonnect platform provides the necessary flexibility.
A mine, for example, could be in a location in Africa or South America with a high degree of political risk. A key risk for a furniture maker might be around trade secrets, the possibility that a disgruntled employee would leak a pricing catalogue to competitors. For a packaging manufacturer, their material supply chain is of the utmost importance, and so on.
For each client, Valsamakis can use Riskonnect platform and work with the client to compile the information that is most relevant to that client and its industry and enter that into a secure system.
“All of these are template facts that you can easily put into the Riskonnect system,” Valsamakis said.
The Riskonnect platform is housed within the client’s information technology system, and it is transparent enough, to give Valsamakis and his client access to the same sets of data.
“I think the idea of having a secure data base that everyone can access and can update at any moment is by far the best innovation that I can see happening in the information game,” he said.
Whose System Is It?
Valsamakis has been around long enough to know a few things about data and risk transfer. He’s seen a number of risk information management systems put out by brokers, for example, that he thinks are set up more for the broker’s business model than for the sharing of information.
Generally speaking, information about an insured’s risks come from the broker and the insured. The Riskonnect system works, according to Valsamakis, because it is designed to be adapted to the client, not the broker.
“I have seen efforts by brokers, for example, over the years to produce a type of risk information platform that becomes theirs,” Valsamakis said.
“It’s been a perennial problem in the industry, where depending on which broker you end up with, you’ll end up with system A, B or C,” he said.
The Underwriter Needs to Know
Using Riskonnect, Valsamakis encourages clients to be as transparent as possible, in order to give the most complete information to underwriters.
“For me the question is, ‘What is the volatility around the asset and can there be an impact on the balance sheet of our clients?’” he said.
“We need to describe this exposure in various contexts so that the underwriters know what they are covering,” he said.
It’s basic human psychology. If an underwriter doesn’t feel they are getting enough information about a particular risk, they will take a negative view of that risk.
The more accurate the information Valsamakis has about a client’s exposures, the better the pricing he gets from underwriters.
“If you were an underwriter putting your capital and risk and I gave you little information, you would actually be less inclined to look at the risk in favorable terms. There will be a natural inclination to downgrade it,” he said.
Where Valsamakis sees enormous value is in the Riskonnect system ability to tag which can be revisited at a later stage.
“It’s amazing how clients forget, in the passage of time, that there are profiles that have changed for better or worse.”
A Long-Term Investment
The Eikos Group invested significantly in the Riskonnect product and are taking it to a number of clients. The transparency of the system and the advantage it gives the Eikos Group and its clients with underwriters is in itself a business advantage over the competition.
“We made a decision as a small company, relatively speaking, to invest a lot of money in Riskonnect and be very proactive about it,” Valsamakis said.
“When I talk to executives I say we invested in it because it’s going to save our clients money. Better information will lead to a lower cost of risk,” he said.
“If I’m talking to someone at a high level, that’s fairly easily understood.”
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Riskonnect. The editorial staff of Risk & Insurance had no role in its preparation.