Global warming, the coronavirus pandemic, cyberattacks, the war in Ukraine... we live in a complex and unpredictable world, in which events occur at great speed and in which it is increasingly difficult to anticipate the future. Companies today operate in an uncertain environment plagued by threats and the insurance sector, whose business is based precisely on risk control and predictability, is having to undertake a profound transformation to adapt to the instability of current times. Among the many challenges on the horizon, insurers are following with special concern the intensification of the frequency and virulence of extreme weather episodes caused by the climate emergency, which are already impacting their accounts, as well as the rise of cyberattacks
due to the greater automation of processes.
Insurers are aware of the need to adapt their offer to the demands of society, as well as the importance of properly assessing the new scenarios that natural catastrophes or technological disruption bring with them. The sources consulted emphasize the strength of the sector to face unexpected situations. "When they come badly, he is able to resist, as he demonstrated during the health crisis or in situations like Filomena," highlights Ana Baranda, Insurance Consulting partner at EY. In 2021, in addition, it recovered the growth path, since the income from premiums of Spanish insurers increased by 5% year-on-year.
"It is a resilient and solvent sector, but it has numerous challenges ahead," adds the expert. One of them, the creation of cyber risk insurance, especially as a result of Covid. Overnight, organizations were forced to move their business online, implement digital solutions and adopt remote work, dynamics that triggered the activity of hackers. According to Deloitte, 94% of companies in our country suffered at least one serious cybersecurity incident in 2021 and the annual average of incidents rose 26% compared to the previous year.
This scenario has made them pay more attention than ever to their cybersecurity and, consequently, insurers try to take advantage of it: "The first assessment made by the sector is in terms of opportunity because a totally new insurance appears that affects all types of entities and individuals”, explains the expert. Insurers, she says, are offering more prevention services and helping clients manage moments of crisis stemming from cyberattacks, which is not a problem for them. The drawback is that projections of future behavior are usually based on past experience and, in this area, there is hardly any history. "On the other hand, cyberattacks are becoming very sophisticated, so they are very different from before," adds Baranda, who thinks that, as a result of all this, one of the challenges for insurers in this field is to calculate the price.
The companies in the sector themselves confirm that it is a major difficulty. "As there is still not much experience, not enough progress has been made in modeling," says Carolina González Martín del Río, technical director of Civil Liability at Mapfre Spain, who also expects greater intervention from the regulatory bodies of the countries. “It is necessary to be able to assess the global exposure to cyber risk and we will have to work hand in hand in standardizing the data that we insurers collect so that we can have widely accessible reports that allow us to model in the future and know what we are facing” , he comments, while showing concern about the cluster: "A cyberattack can massively affect all portfolios, it is necessary to work a lot on modeling."
In June, the company launched CIBER On, a cyber risk insurance for SMEs and the self-employed that protects against damage to computer systems, business interruption, cyber extortion threat, civil liability and technological support coverage, among others. The client, yes, must meet a series of preventive requirements, such as that the programs are not pirated, have antivirus or a 'firewall'.
The insurer specializing in security Hiscox is another of those that has had cyber insurance, in its case for almost twenty years. “When cyber risk products were thought of, it was known that they would have a lot of movement to adapt as quickly as possible to realities, but in the last two years everything has been little,” says Nerea de la Fuente, Hiscox Iberia Underwriting Director. To get an idea, the cost of cyberattacks has doubled in the last year for Spanish companies, going from 54,388 euros in 2020 to 105,655 in 2021 on average for each of them, according to the 2022 Cyberpreparedness Report of Hiscox.
De La Fuente points out that in cyber insurance the current prediction models are not robust enough and, therefore, it is crucial that insurers are up to date with everything related to technology. "It helps us a lot to prevent incidents and to solve them earlier when they have already occurred," he deepens.
From Mutua Madrileña they stress that controlling risks and anticipating them is part of the intrinsic activity of insurers and the use of technology "is today an essential lever to face the future with guarantees". For this reason, they will invest 150 million euros in digitization until 2023. «Part of this investment is dedicated to Data Transformation and Advanced Analytics with the double objective of extracting more and more knowledge from data and making better and better automatic decisions based on in said data. Mutua is one of the leading insurers in the use of 'machine learning' techniques and our clients are already seeing the benefits almost without realizing it because we are able to predict their needs and based on this personalize their experience", they say.
Marsh, the world's leading insurance broker and risk advisor, sees technology playing a key role in helping companies create predictive models. "At Marsh we already have technological tools that we make available to our clients and that help them quantify the risk and their exposure to possible cyber attacks, as well as their tolerance to them," says Gonzalo Guzmán, commercial director of financial risks. and specialties from Marsh Spain. This expert affirms that the contracting of policies to cover cyber risks is growing considerably, although the insurance market continues to experience an increase in premiums and reductions in capacity and, therefore, is being more selective when it comes to signing new policies and renewing of the existing ones.
His forecast is that the insurance market is going to require a significant volume of information from companies in order to underwrite their cyber risks and improve their appetite for them. According to data handled by Marsh, 80% of cyber events are malicious and settlements on cyber claims are closed for 284% more than the claim initially made right after the incident.
Along with cyber attacks, the increase in extreme natural events, largely due to climate change, is leaving its mark on the insurance business. "These phenomena are becoming more frequent and are having a negative impact on the income statement of insurers," says Víctor Pizarro, head of the Insurance practice at Capgemini Spain. These claims, which, as the expert warns, are very large, go to the expense item and cause the combined ratio, an indicator that measures the health of companies, to be frankly affected. As stated in the World Report on Non-Life Insurance 2022 by Capgemini and Efma, natural catastrophes have multiplied insured losses by 3.6 in the last thirty years worldwide.
From Generali Seguros they admit their concern about the issue: «The intensity and frequency with which these phenomena occur, more violent every day, shows that we are facing an extremely complex scenario». The firm comments that the upward trend in climatic episodes has led it to adapt its processes to respond to the special needs that these events require (concentration of claims in a short period of time and in a specific geographical area), as well as to customize their rates to make them sustainable in the face of these new risk realities.
It should be remembered that in Spain there is the Insurance Compensation Consortium, attached to the Ministry of Economic Affairs, which is financed with the income from the surcharges that are applied to most policies. "It has provided enormous stability to the sector and is a system considered exemplary," they value from Generali. The public entity covers extraordinary risks that occur in our country and, in the case of those linked to climate change, is responsible for damage caused by floods, winds of more than 120km/h or tornadoes of any force for those affected who have valid insurance. According to the Consortium's statistics, from 2005 to 2020 the number of files that were managed related to floods increased by 191%, while those related to atypical cyclonic storms increased by 193%.
However, insurers assume compensation for rain, winds between the threshold set by the insurance and up to 120km/h, hail, snow and lightning. Pizarro explains that Capgemini has carried out pilot projects with insurers in which they have created prevention models, especially for the auto industry, in which they incorporate meteorological data sources. "We have segmented population centers or routes, for example, in which there is a higher level of rainfall, probability of frost on the roads... information that allows insurers to better quantify the risks," he comments. This gives rise to reformulate their traditional linear model of interaction with customers. "If they influence an insured person not to drive on a certain road because they know it will be icy, they can mitigate the risk of an accident, which has effects on improving the combined ratios apart from the fact that there are social benefits," says Pizarro, who Like other experts consulted, he believes that insurers will raise the prices of policies. "The incorporation of new variables and the use of technologies will force firms to undertake a series of expenses that they will transfer to the client, although it will depend on the price sensitivity of each branch." The insurance industry navigates in a sea of uncertainty.
