Interconnectivity of risk is growing day-by-day, as technology, globalization and social change create a complex web of relationships and interdependencies.
This trend can be seen in longer, more complex supply chains, the global impact of major natural catastrophes and financial crises, as well as in cyber space, with the rise of social networking and the “Internet of Things”.
Today, individual companies and whole industries are now interconnected, reliant on their suppliers for key components or ingredients, services and utilities. For example, this year saw some 34 million airbag units recalled in the US due to a fault associated with just one supplier.
Integration and connectivity have many benefits such as driving innovation, efficiencies and better service. But they also come with risks, particularly if interconnectivity continues unabated, without consideration for the riskrelated consequences.
“There needs to be more awareness and understanding of the risks linked to increased levels of interconnectivity and interdependency, and more consideration given as to how we manage them,” explains Michael Bruch, Emerging Risks Specialist, AGCS.
Over the past five to 10 years, insurers have witnessed the effect of interconnectivity on claims, with increased business interruption (BI) and contingent business interruption (CBI) losses.
BI now typically accounts for a much higher proportion of the overall claim than was the case 10 years ago. It is estimated that a significant percentage of large commercial losses associated with the 2011 Tohoku earthquake and tsunami in Japan and floods in Thailand, were for business interruption for example, according to Volker Muench, Property Underwriting Specialist AGCS.
“The severity and frequency of BI claims appears to be increasing,” says Muench.
“BI and CBI are significant drivers behind the increasing severity of very large property losses. We increasingly see losses that are dominated by BI or CBI, and with the growth of cyber and other potential ‘non damage BI’ causes of claims, 100% BI property claims are possible,” he adds.
In addition, as complexity increases, so does the potential exposure for these types of non-damage BI losses – a risk for which the insurance industry has recently developed a variety of bespoke solutions.
While not an identifiable emerging risk in itself, the effects of interconnectivity are of growing concern, and play an important role in many risks now appearing on the horizon. For example, interconnectivity is a key component of cyber risk, major power blackouts, climate change, solar storms and pandemics, to name just a few perils.
Interconnectivity is also driven by a growing reliance on technology and increasingly integrated infrastructure. For example, in 2014 a steel mill in Germany was damaged in a cyber-attack.
Power infrastructure, for example, was once localized and isolated, but today, energy supply and distribution are far more integrated and span entire continents. As a result of increased interconnectivity, a solar storm or a cyber-attack on a power grid could result in countrywide blackouts lasting days, or potentially weeks, with a multitude of knock-on effects, explains Bruch.
Whereas a large fire or explosion may once have only impacted one or two companies, today, property losses increasingly impact multiples of companies. This was clearly seen in 2013, when a fire at the Chinese SK Hynix semiconductor plant stopped delivery to many electronic equipment manufacturers in North America. Also, large natural catastrophes cause significant interruptions as well. This has been evidenced in the 2011 Japanese earthquake and Thai floods, where hundreds of AGCS clients filed claims, the majority of which were located far away in the US and Europe.
The growing incidence of large losses in Asia are of particular concern, as manufacturing and outsourced services have migrated to China, India and other high growth markets in South East Asia, where assets are exposed.
A recent study by AGCS marking the 10th anniversary of Hurricane Katrina: predicted that natural catastrophe losses across Asia are expected to rise exponentially in future. Eight of the 10 most exposed locations for storm surge and wind damage are expected to be in Asia within the next 50 years.
The recent explosion at the port city of Tianjin in China is another case in point. The loss has been predicted by many commentators to become the largest man-made loss suffered by Asia.
Establishing accumulations of BI risk are difficult because accurate information on suppliers, such as location and values, are often not available, or easily accessible, explains Muench.
“With the complexity of production and supply chains, huge amounts of data are required to analyze the risk, and even then there are high degrees of uncertainty over potential losses,” he says.
“As an industry we need to pick up on claims trends and become more meaningful. At present, insurers are suppliers of short-term liquidity to companies, but we need to find new solutions and meet clients’ BI needs,” Muench continues.
BI exposures are greatest for sectors with high levels of interconnectivity, values, complexity and concentrations of risk in single locations and technical processes, such as automotive, semi-conductors, pharmaceutical, power and petrochemical plants.
Supply chains and interdependencies are now so complex they are almost impossible to manage – a major car manufacturer may have to manage some 50,000 to 70,000 different suppliers. Yet a major loss at a critical supplier’s plant could potentially generate losses as high as $1-2bn in the automotive sector alone.
Pharmaceutical claims can also involve high values, and are very complex – for example a fire at a research and development facility could set back the release of a product, although calculating lost profits is challenging given uncertainties in the product approval process.
However, since the severe supply chain disruption in the aftermath of the Tohoku earthquake and Thai floods in 2011, companies with complex supply chains have taken steps to reduce supply chain risks.
Over the past five years, some large companies have shifted from a predominantly procurement-driven view of supply chain risk to one that brings together management disciplines to overcome the risks. Companies are also using a much broader array of “early indicators” to pick up on potential problems with suppliers. For example, companies monitor not just the financial rating of a supplier, but look at inconsistencies in product quality as an early warning signal for financial problems. Another example is that companies monitor competitors of their suppliers to see development or problems within the industry environment of their suppliers.
However, as the world becomes more interconnected, there is a strong argument that the potential risks need to be met with more coordinated risk management, explains Muench.
“While we can learn from past experience and large losses, there needs to be pro-active steering of risk management policy. This is as much a political task as a business task,” says Muench.
“Without more proactive and joined-up risk management, the BI and CBI loss components will continue to increase for large impact losses,” he predicts.
One of the most challenging aspects of interconnectivity is technology, and the increasing trend to connect systems and devices via networks.
“The ‘Internet of Things’ is likely to be revolutionary, bringing the physical world together with the digital world,” predicts Michael Bruch, Emerging Risks Specialist at AGCS.
The integration of digital and physical technology (already seen in driverless cars, drones, smart cities and factories, 3D printing etc.) brings many potential benefits, such as increased efficiency, greener technology, reduced maintenance, increased service levels and a lower risk of human error.
For example, 3D printing can make customized products more efficiently, explains Bruch. This could reduce dependencies on key suppliers as well as potentially reduce business interruption times – bespoke replacement parts could be made quickly onsite, he says.
However, the “Internet of Things” also brings potential risks.
“The merger of the physical and digital worlds – of manufacturing with IT hardware and software – raises potential security risks, and could further increase complexity and intensify the reliance on technology,” says Bruch.
New technologies are also being introduced more frequently and faster. “What once took decades now happens in just years,” says Bruch, who notes that smart phones and tablet computers have become universal in a matter of years, while the telephone took almost 100 years to reach saturation point.
As a result, insurers are increasingly taking on more complex risks, such as prototype or entrepreneurial risks.
For example, insurers have helped absorb some of the risks of evolving green technologies, such as wind turbines. Business has looked to insurers to help with the uncertainties inherent in operating in new territories, including natural catastrophe and political risks in high growth markets.
Cyber incidents have almost become part of the daily news over the past 12 months. However, many cyber-attacks are not communicated for reputational reasons meaning this risk is still underestimated. Business interruption exposures are becoming ever more significant, with a number of recent incidents impacting sectors such as telecoms, manufacturing, transport, media and logistics.
For example, hackers took French broadcaster TV5 off air in April 2015, affecting 11 TV stations, social media, websites and email. In June 2015, hackers grounded 10 planes belonging to a Polish airline (LOT) after a denial-of-access attack blocked the sending of flight plans.
Of course business interruption can also be caused by technical failure or human error as well, as demonstrated by two high-profile recent examples. Stocks worth $28trn in total were suspended for three and a half hours during July 20151 on the New York Stock Exchange, with authorities reporting that the glitch was not due to cyber terrorism or criminal activity.
During the same month 4,9002 United Airlines flights were impacted due to a “network connectivity” issue.
The impact of cyber business interruption, triggered by technical failure, is something which is frequently underestimated by businesses relative to cyber-attacks.
Any interruption of the process chain – even for a minute – can cause a severe business interruption, impacting the balance sheet of a company.