Introduction
Good evening ladies and gentlemen, and thank you for inviting me to speak at this distinguished forum. Of all places in the States, I can think of no better place to be than San Francisco - the relationship between the Lloyd's market and your fine City is one of the strongest that we enjoy anywhere in the world.
It was almost a hundred years ago, in the aftermath of the 1906 earthquake, that Lloyd's reputation in the United States was truly sealed as a market to be trusted. Faced with thousands of claims following the disaster, Lloyd's famously paid out while other insurers quibbled. That reputation continues today. When he visited Lloyd's last summer, John Snow, US Secretary to the Treasury, praised Lloyd's for how it 'stepped up to the plate' and honoured its obligations in paying up after 9/11 - we have now paid out some $4.7 billion .
I am delighted to say that the relationship with this City and its environs also continues stronger than ever. Since its launch in 1997, Lloyd's has provided reinsurance support for the California Earthquake Authority. Lloyd's provides property coverage for the Napa Valley wine industry, and has become the premier insurer of the Californian wind power industry. And after 9/11, Lloyd's was one of only two insurers to quote for the Golden Gate Bridge without excluding the high terrorism risk it faced .
Today, Lloyd's is rightly known as an international insurer and the global powerhouse for specialist risk. We are reminded by news headlines every day that our world is a dangerous one, and that's exactly where Lloyd's comes in. The Lloyd's market is founded on providing a shelter against world wide risks and our global reputation is based on just that.
But although we operate in over 190 countries and territories around the world , the United States remains our largest market, accounting for over a third of our worldwide business . The security of Lloyd's runs like a thread through the American economy; some 93% of companies listed on the Dow Jones are Lloyd's policyholders .
In the 18 months since I joined Lloyd's, I have learnt a lot about the global insurance industry. But like you, I remain essentially a businessman rather than an insurance technician, and it is from that perspective that I would like us to look at the subject of risk today. Things have changed dramatically since Lloyd's began offering fire insurance to San Francisco businesses in the 1900s. We now know more than we ever wanted to about the full horror of the 21st century terrorism risk. We live and work in the excessive 21st century liability environment, where American customers can sue McDonald's because their coffee is too hot and British postmen can claim against residents for posting too many letters in one postbox. And to this list we must now add one more challenge.
Let me illustrate it with a story. It concerns the American company executive, who after much soul searching, decided that he needed to have the conversation with his family that he had been avoiding for months. Sooner or later, he thought, the kids would hear about it, and maybe from a complete stranger. It was all over the place anyway. The television, the newspapers. They couldn't avoid it. They might be safe from it now, but one day they would come into contact with it for themselves. Somehow he knew the time had come to tell the children. He sat them down after dinner one night: "Robin, Julia, there's something I have to tell you about." They gathered round nervously, hugging their teddy bears for dear life, apprehension hanging heavy in the air. "Children, you need to know about Sarbanes-Oxley".
Enron, Tyco, Parmalat - the names trip off the tongue now, where there were seemingly none a few years ago. The impact of these corporate meltdowns has been immense and the risks associated with corporate governance have been catapulted into the consciousness of business leaders everywhere.
As the wheels of commerce spin ever faster, and as we get to grips with the challenges which progress brings, I want to look ahead ten years and share my vision of what we must do to tame the beast and manage future business risk. How prepared is your business for disaster? How will the risk environment continue to evolve? And will the insurance industry be fit enough to respond?
From where I'm looking, there are three clear challenges to which we need to turn our attention right now if we are to meet the challenge. I have called these "the three Rs":
- Business leaders must raise risk to board level
- Together, we must respond to a changing risk environment
- The insurance market must return to strength and stability
Raise risk to board level
First then, a challenge to all business leaders - we must raise risk to board level.
Contingency planning has been around at least since the Egyptian pharaohs stored grain for the great famine. But it seems that today's corporate boards may not be taking risk quite as seriously as their predecessors. Recent studies of US businesses bring out some worrying trends:
- 40% of companies hit by a disaster will go belly up within 5 years.
- But more than half of US corporations have no crisis-management plans in place.
- The smaller the business, the less likely it is to be prepared, with only 10 per cent of small-sized businesses having crisis management plans in place .
Many entrepreneurs believe that contingency planning is too expensive or too time-consuming, but in fact the most important steps for surviving a crisis often cost little or nothing. Being unprepared can be the most expensive strategy of all.
Today, risks don't fit into easy categories or emerge from pre-determined places, they assault from all sides. When you ask almost anyone to describe the sort of crisis they worry about, many still talk of the traditional risks such as fires, explosions, earthquakes. But of all recent corporate crises in the US, only around 4% were the result of natural catastrophes and many insurance experts are forecasting a huge rise in the impact of man-made catastrophes over the next decade .
In this environment, the success or failure of a company's disaster planning cannot be made dependent upon the role held by one company officer called 'risk manager' or 'security officer' acting in isolation. Successful risk management requires implementation from the top down. And that means: greater attention to risk at board level.
There are many competing pressures for executive time, especially here in the States, where compliance with new corporate governance regulations have become so rigorous. Maybe that's why US corporations are behind their global peers when it comes to practising enterprise risk management - that is, the holistic management of risk across the entire organisation. Only 42% of US CEOs have a formal process for identifying risk across the company, compared to 65% in Asia Pacific and 80% in Europe. Likewise, only 48% have a formal process for responding to risk across the enterprise .
And there's another strong reason for raising risk to board level. Remember those corporate scandals we mentioned earlier? Almost all the recent scandals were the result of behaviour by top executives and upper-level managers . In 2003, Lloyd's alone added almost a billion dollars to its reserves, much of it to cover past losses emerging from exactly this type of disaster . And speaking more generally, it may surprise you to know that at least half of all corporate crises are caused by senior management action - rather than external forces . As we have seen, the damage goes far beyond the reputations and careers of those executives - it destroys pension plans, devastates whole corporations, and shakes the very foundations on which the American economy is built.
It is more important than ever that the entire executive team has a holistic understanding of business risk, and that it sets the strategy for dealing with disaster when it strikes. Looking ten years ahead, I firmly believe that the most successful, least crisis-prone businesses will be those whose boards who have shown firm resolve and taken decisive action. Effective, integrated strategies for dealing with tomorrow's risks require a change in culture at board level now.
Respond to the changing risk environment
But it's time to move on to the second of the three Rs - we must respond to the changing risk environment.
At Lloyd's, I believe we are ahead of the game. For a number of years we have carefully modelled our exposure to major risks around the world, but we have just completed an overhaul of our modelling process, which now includes seven US-specific disaster scenarios. Of the "big seven US risks" that we model, four are natural catastrophes, including a 7.7 Richter earthquake here in San Francisco. But given the changing profile of risk, we have now added three man-made disasters to the equation - and any of these could take place here on the West Coast. A major marine collision; a terrorist attack involving a two-tonne city centre bomb blast; and a liability 'laddering' scenario; these are the "big three" man-made disasters which we model and which could impact businesses here in San Francisco .
But the risk environment is constantly evolving and we cannot be complacent. Over the next ten years, as the economy goes ever more global, and as ways of doing business change, we must be ready to anticipate and respond. Allow me to share with you briefly two key ways in which I believe we will need to think and behave differently about risk.
Business interruption
The first relates to business interruption. It's estimated that 90% of medium to large companies which can't resume near-normal operations within 5 days of an emergency are out of business within a year . And in today's so-called global village, the impact of an emergency in one place can be felt, like a tidal wave, across the world.
Take 9/11 - where over a quarter of the $40 billion losses are estimated to relate to business interruption - and swathes of businesses were affected - some directly like banks on Wall street; others indirectly, like hotels and airlines around the world.
Or consider the risk of economic disruption due to SARS - the latest in a series of diseases which are estimated to have cost the global economy $100 billion in the last decade .
Closer to home, what about the recent power blackouts, or Anheuser-Busch, whose brewery sat on the epicentre of the 1994 Northridge Quake. Shortly before the disaster, the company spent just $10 million on building strengthening to reduce earthquake damage. As a result the company saved more than $1 billion, in direct damage and business interruption which could have brought it to its knees .
Tomorrow's successful businesses will be those who have thought very carefully about how an interruption to their business could impact them - and have prepared accordingly.
Intangible assets
Businesses will also need to respond differently to risk because of the changing corporate asset base. It's no longer just a company's physical assets that need protection. Today, intangibles account for a major - and increasing -
proportion of corporate assets - with the intellectual property for the world's 500 largest corporations valued at over $3 trillion alone!
It is very difficult for businesses to bounce back from reputation risks such as product contamination, and it can take years to regain market position and public confidence.
Coca-Cola ranks as the world's most valuable brand at 70 billion dollars , but last month's launch of its new brand of so-called "pure" Dasani, bottled water in the UK, didn't quite go according to plan. Amusingly, Dasani was revealed by newspaper headlines to be nothing more than London tap water taken from the mains. Then it emerged that what the firm described as its "highly sophisticated purification process", based on Nasa spacecraft technology, was in fact a process used in many modest domestic water purifiers. Finally, just when executives in charge of the 13 million dollar product launch must have felt it could get no worse, it did precisely that - the entire UK supply of Dasani was pulled off the shelves because a cancer-causing chemical was reportedly found in samples .
But it's not all about reputation and branding. Concern over intellectual property rights and violations have increased sharply as patent licensing revenues soar to $500 billion by 2005 - that's up an amazing five-fold since 1998 . In the States, it's estimated that a staggering $59 billion of intellectual property is stolen each year . And, because of recent lawsuits resulting in large awards, disputes are increasingly expensive to fight. The average litigation is $2.5 million per case, and costs are exploding by 10 to 15% annually - with some settlements now creeping over the billion dollar mark .
The hi-tech age is also bringing the problem into sharp focus. So called "cyber risks" are emerging which did not exist even a few years ago. In February last year, eight million credit card numbers were stolen by hackers from a credit card firm. Recently, a class action lawsuit was brought against a healthcare alliance for failing to adequately protect personal information. And in a frightening combination of cyber and terrorism risks, over half of companies anticipate a major cyber attack by a terrorist organisation within the next twelve months . Demand for cyber insurance was accordingly up 75% in 2003 , and the market is forecast to reach $2 to $3 billion over the next few years .
The impact of factors like business interruption and the rising importance of intangible assets means that we need to respond to risk in a new way. It also means that traditional risk management processes aren't always possible or desirable, let alone adequate. Business interruption often isn't covered by the traditional insurance policy. And few standard policies protect businesses from loss or damage to their intellectual property. But a growing range of insurance solutions are available. Take product recall insurance, where cover has been designed not just to cover the cost of the recall, but also to provide the policyholder with access to risk management advice and services - and business interruption costs including marketing and publicity needed to restore the company's image.
Tomorrow's successful businesses will be those who wake up now and respond to the new era of risk. And the successful insurers will be those who invest more time in listening to businesses, to understand more about their agenda and the issues they face. Together, we must go beyond the development of products and think outside the box. Of course, it's in this arena of new and complex risk that the Lloyd's market has always thrived.
Return to stability
All this brings me neatly to the third R: if the insurance industry is to meet your businesses' future needs and expectations, it needs to act now to return to stability.
In the last few years, the insurance markets have seen severe losses, great price rises, and now record profits, all in swift succession. You might be excused for asking, just what on earth is going on?
What we have witnessed in recent years is a highly volatile insurance market, which is a bad thing for businesses. The volatility means that insurance buyers can't plan financially for their insurance needs - or even be guaranteed that coverage will be available.
In real terms, insurance prices are at the same level as they were a decade ago . But given the swings in pricing and availability of coverage over the last few years, it's not surprising that some customers feel hard done by.
Financially, things are currently looking good. In 2003, Lloyd's outperformed its international competition by a healthy margin and posted record profits of almost 3.4 billion for 2003 . But put that into the wider context and things look rather less convincing. The US property casualty industry has collectively lost almost 500 billion - yes 500 billion US dollars - on its underwriting since 1980 .
Let me be honest: pricing must remain firm if the insurance industry is to remain healthy and able to meet its future obligations. But it is also a time of opportunity to bring back some sanity, and break free from turbulence and volatility.
2004 is therefore a year of choice for the insurance industry. At Lloyd's, we aren't taking any chances, and we have changed the way we operate. Through a new governance structure and with new business processes in place, we are working hard to bring consistent performance and stability back to the market.
Of course, the next decade will prove how successful we are - and whether the rest of the insurance market will follow us into a stable, strong future.
Conclusion
In the world of risk, time never stands still, and the threats and challenges which assault our businesses continue to emerge and evolve - from the faults in the earth to the faults in ourselves.
The insurance industry still has a critical role to play, just as it did after the San Francisco earthquake a century ago. When he visited the Lloyd's market recently, Joe Plumeri, an American and the Chairman of the world's third largest insurance broker Willis, said that "Insurance is the DNA of capitalism". And he's right. Without insurance, businesses cannot take the commercial risks they need to in order to grow and thrive.
Ten years from now the world will likely be a riskier place. Some risks we can control better than others. But we need to work together, and we must act now. Frank Tyger said, "Your future depends on many things, but mostly on you," and therein is a lesson for us as we get to grips with a new era of risk. To recap, we must:
- Raise risk to board level - only by doing so can we change the culture of risk management throughout our business;
- Respond to the changing risk environment - and think about risks such as business interruption and intangible assets in a new way;
- Return to a stable insurance market - we must bring some sanity back into the market - and Lloyd's is leading the way
Of course, whatever tomorrow brings, one thing remains certain - and that is Lloyd's commitment to the US, and to the West Coast where we are pleased to do so much business. Thank you for listening, and I am happy to take any questions.
X-Changing Claims Services, April 2004
San Francisco Chronicle, 2002
Lloyd's Worldwide Markets, April 2004
Lloyd's Market Reporting, April 2004
Lloyd's customer statistics provided by Xchanging and Dow Jones, Feb 2004
All stats this para, "In case of emergency", by Daniel Tynan, Entrepreneur Magazine, April 2003
Institute for Crisis Management, 2003
Best Review, Sep 2001
Stats this para: PWC 6th Global CEO Survey "Managing Risk", 2004
Institute of Crisis Management, 2003 - measured by volume of negative public news coverage
Lloyd's Global Results, April 2004
Institute of Crisis Management, 2003 - measured by volume of negative public news coverage
All details this para: Lloyd's Risk Management, April 2004
Neal Rawls, security columnist and author writing about "Avoiding Disaster" by John Laye, 2002
Insurance Information Institute, "Catastrophes", Feb 2004, based on info from Morgan Stanley and others
Bio Economic Research Associates, May 2003
Forward to "Avoiding Disaster " by John Laye, written by Peter Yanev, 2002
http://www.i-km.com/assurances.htm
Please note: Lloyd's accepts no responsibility for the content of external sities.
Interbrand, quoted by CNN, 25 July, 2003
The Guardian, 20 March, 2004
Aon website, "Intellectual property trends" viewed April 2004
CIO Information Network, "Information theft reaches $59 billion" by Jim Wagner, October 2002
Previous two sentences, all stats Aon website, "Intellectual property trends" viewed April 2004
CSO Magazine, December 2002
Willis, Marketplace Realities, 2003
Insurance Information Institute, 2003
Guy Carpenter "Rate on Line Index", and Insurance Information Institute estimates, March 2004
Lloyd's Global Results, April 2004. $1.79=£1 at year end 2003.
Insurance Information Institute, March 2004
