Terrorism shock losses for the reinsurance industry

03 October 2017

Changes in terrorism risk mean insurers should prepare for the unexpected

By Stuart Collins

The last time the (re)insurance industry was rocked by a ‘market turning’ terrorism loss was 2001, following the 9/11 attacks in the US.

But the emergence of cyber terrorism and concerns about a potential chemical or biological attack are making risk carriers rethink what the next shock loss might look like.

Terrorism has changed

Terrorism risk in the 1990s was characterised by largely domestic terror groups targeting high- value properties with large explosive devices.

The rise of Islamic terrorism in the 2000s also saw a number of high-profile attacks, where property damage was the primary loss driver.

The 9/11 attacks remain the most expensive terrorist-related event after (re)insurers paid out losses of more than $40 billion across several lines of business.

But in the past five years, terror risk has evolved significantly, both in terms of frequency and potential severity. During this time, there has been a marked increase in global terrorist activity, as well as a stark spike in economic costs.

According to the Institute for Economics and Peace, 2014 was the worst year for terrorism in 16 years, after more than 16,000 terrorist attacks were carried out.

This compared with around 4,800 in 2010. Over the same five-year period, the economic cost of terrorism increased from $12 billion in 2010 to $52.9 billion.

In addition to this dramatic rise in attacks and costs, terrorists have changed tactics and adapted their methods. Where they once targeted buildings with large explosive devices, they are now targeting people.

A recent threat analysis by Pool Re concluded that the most likely scenario today for the UK and Europe is relatively unsophisticated terrorist attacks where terrorists use guns, suicide bombs and vehicles to cause mass casualties.

Even more concerning, according to Pool Re, is a growing risk of cyber terrorism and chemical or biological attacks.

Julian Alovisi, Head of research at JLT Re, says Al Qaeda and Islamic State (IS) are thought to be aspiring to launch cyber-attacks on critical national infrastructures in the West whilst there are also concerns over IS’s potential access to chemical and biological materials.

Broader insurance cover for terrorism risk

As the nature of terrorism and political violence has evolved, demand for broader forms of insurance has grown.

“Gaps in coverage are a real issue today for clients and the sector needs to come up with innovative solutions that offer comprehensive protection against all relevant threats, including risks to people, damage to brand and reputation and malicious cyber-attacks or cyber terrorism,” explains Alovisi.

The terrorism insurance market is now more willing to extend cover to include chemical and biological risks, as well as cyber terrorism and forms of non-damage business interruption.

Political violence policies will also pick up property damage and business interruption losses from a wider range of events, including strikes, riots and civil commotion.

“Exposures are growing with changes in the geopolitical landscape,” says David Flandro, Global Head of Analytics at JLT Re. “But they are also increasing with growing terrorism insurance penetration and as people come to better appreciate the potential costs of business interruption and emerging risks like cyber.”

Loss implications of terror attacks

Large property damage losses from conventional terror attacks remain a risk, but changes to the nature of terrorism brings new and emerging scenarios that could also generate large or catastrophic losses.

“Terrorism losses have so far proved manageable with only 2001 producing a catastrophic loss for (re)insurers. However, we could start to see large business interruption losses, particularly for cyber terrorism,” says Flandro.

The largest modelled loss for a conventional terrorist attack is in the region of $40 billion – based on a ten-ton truck bomb in New York City. However, for certain nuclear, chemical, biological, radiological (NCBR) attacks, the total would likely be significantly more, according to Alovisi.

Modelled losses for a nuclear detonation in the same location, for example, would be in the hundreds of billions, he says.

And with increased penetration and broader cover, insurers are beginning to see the potential for attritional and large claims, as well as catastrophic losses, explain James Stephens and Dennis King, both partners at JLT Re.

For example, the market is expected to pay $75 million to $200 million for claims related to recent civil unrest in Mexico. And if large scale riots – such as those seen in Los Angeles in 1992 – were to occur across multiple US cities, it could generate losses in the many billions of dollars, they say.

Dynamic modelling of terrorism

However, the evolution of terrorism and political violence makes it even more challenging for carriers to pin down their potential losses.

Compared with other lines of business, it is harder to quantify potential losses from a cyber- attack, a NCBR event or a series of major riots, says Flandro.

Unlike most catastrophe models – which focus on relatively fixed peak risks such as tropical cyclones, floods and storms – modelling of terrorism needs to constantly evolve, adding new perils and scenarios.

War games

Cyber terrorism, in particular, has the potential to cause a very large loss, but is a very complex risk to model.

This was highlighted by a recent Lloyd’s report that showed the potential for major disruption from a cyber-attack against critical infrastructure.

According to Alovisi, the cyber scenario used in the ‘London Market Looks Ahead’ paper highlighted how interconnectivity increases the prospects of more complex losses compared with more traditional catastrophes.

Catastrophic cyber-attacks can cause disruption across national and legal borders, as well as affecting many different classes of business, he explains.

The report also highlighted issues around coverage clarity, with uncertainty over how some policies would respond in the event of a catastrophic cyber loss.

“Ultimately such unmodelled events will inevitably lead to market shocks. Until a catastrophic cyber loss happens, an element of the unknown will remain.

But the market can enhance its ability to identify and manage future risks by conducting stress test exercises similar to those carried out by the London market,” concludes Alovisi.

Please contact Julian Alovisi on +44 (0)20 7558 3376 or julian.alovisi@jltre.com

Download Risk Perspective