In the United States, there hasn’t been a
successful high-profile terror attack with
an aim to cause physical damage since September 11, 2001. Active assailant incidents,
however, have been more common. Shootings in San Bernardino, California, and Orlando, Florida, demonstrate that the evolution of terror has finally reached U.S. soil.
While the terror threat has evolved, the
insurance industry’s approach to it has
lagged. At every link in the global risk and
capital supply chain, the discussion has
centered largely on physical damage and
workers’ compensation. Of course, the
insurance industry needs to be prepared
to handle large events. But there remains
a clear need for a broader collection of
solutions that protect businesses from the
full array of attacks that could occur.
Financially significant terror attacks
don’t happen often. Since 1990, Property
Claim Services (PCS), a Verisk Analytics
business, has identified 20 events worldwide with approximately $50 million in
insured losses (not indexed for inflation).
Only five reached $500 million — and two
of them involved the attacks on the World
Trade Center in New York (1993 and 2001).
In fact, PCS has only three terror events on
record since 1990 that reach the catastrophe designation threshold, the third being
the 1995 bombing of a federal government
building in Oklahoma City, Okla.
The challenge with terror — unlike with
natural catastrophes, for example — is that
they’re more difficult to predict, may be clustered in location and time based on geopolitical conditions, and can fade as an existing
threat is addressed. Forecasting and preparation can also be problematic. A catastrophe
plan for handling claims from a large-scale
terror attack can gather dust for decades before being tested. And if not updated regularly, the plan may not be relevant if an event
affecting insureds ultimately occurs.
Even smaller-scale events don’t occur
with frequency in the United States. Only
64 terror events have occurred in the
United States since 2004 — with five each
in 2015 and 2016, according to Verisk
Maplecroft. Overall, those incidents resulted in 464 casualties and 107 fatalities over the past 13 years. As to physical
damage, nothing that occurred was sufficient to qualify as terror under the Terrorism Risk Insurance Act (TRIA).
U.S. terror event frequency and
For smaller events (at least as measured
in property damage or workers’ compensation claims), the problem isn’t claims
handling. Such events rarely affect the
insurance industry. The fact that smaller
attacks — which appear to be occurring
with increasing frequency — don’t trigger
insurance coverage suggests there’s a protection gap that the industry should be
able to fill. Right now, companies are carrying terror risk on their balance sheets,
and it’s only a matter of time before risk
managers and boards of directors begin
asking tough questions about terror exposure, especially for businesses that provide “soft targets,” such as hotels, major
retailers, malls and schools.
Determining terror losses
The purpose of insurance is to provide
protection to the insured. In theory, at
least, that means providing compensation to a claimant based on the damages
sustained and the policy limits in place.
For personal, and even most commercial
claims, that’s a straightforward proposition. Insurers generally do an excellent
job of meeting their obligations. For complex commercial claims, however, the adjusting process can be much more difficult, and such is the case with terrorism.
Everything from determining whether
an event was covered through ascertaining
the extent of loss is rife with nuance. A major loss in a crowded metropolitan area —
both World Trade Center attacks come to
mind — simply takes longer to adjust. The
final PCS industry loss estimate on the terror attacks of September 11, 2001, required
about 30 months, making it the longest development period in PCS history.
Across the globe, the shape of terrorism seems to be changing. Although historically focused on “trophy targets” with events that cause significant physical damage, the latest attacks tend toward
the active assailant model. These events can cause plenty of
terror but without the investment and operational risk needed
to cause extensive physical damage. In the end, this approach
to terror is often far more effective — particularly for dollars
spent by the perpetrating group — than the traditional large-scale attacks that cause physical destruction.