Hosted by the Cambridge Centre for Risk Studies, risk professionals from insurance, academia and industry came together at the university’s Judge Business School to examine the potential effect of certain unlikely but realistic scenarios, from all-out war between China and Japan to a ‘flu pandemic that affects 43% of the world’s population. Panellists drawn from the insurance industry further discussed how businesses can prepare for and manage emerging risks on such a scale.
The Centre for Risk Studies' aim is to identify and assess global vulnerabilities. It develops hypothetical scenarios to help decision makers improve business resilience to shocks. "People like to call us Cassandras," said Dr Andrew Coburn, director of the centre's external advisory board, referring to the mythical prophet of disaster. "But we're not trying to predict what will happen. We're going to look at the difference between hoping for the best and planning for the worst."
Dr Coburn said that the current economic outlook is actually positive, citing global GDP forecasts of 145% growth over the next decade. But history has shown that unexpected events have a habit of getting in the way of economic forecasts, he added.
Cyber-attacks are a real and well documented modern threat, often identified with targeted hacking and data loss for example. But there’s also potential for something called a logic bomb, possibly released by a single disgruntled employee at one of the software giants, that could cause widespread disruption to core IT systems culminating in a 1 in 100 year systemic risk, the seminar heard.
Simon Ruffle, the Centre’s director of technology research, described how malware inserted into a widely used data platform could target algorithm applications. “By creating random errors that affect algorithms rather than transactions, such an exploit would be hard to detect quickly,” Ruffle explained. “Unexplained IT errors would start to happen in trading and manufacturing systems for example, eventually leading to potentially significant losses.”
As well as potentially ruining individual businesses, clusters of industries dependent on relational databases – such as the auto, retail and pharmaceutical sectors – could suffer simultaneous failures, according to Ruffle. The potential impact of a logic bomb on the global GDP could be between $3-11trn, the centre has estimated.
Lloyd’s emerging risks resources
The Lloyd’s Corporation has a strong reputation for catastrophe risk management and as well as providing the Lloyd’s market with tools such as realistic disaster scenarios for extreme weather events, it also produces research into emerging risks. “We’ve had an emerging risks team since 2007 and we take a broad societal view, as well as a class of business perspective,” said Trevor Maynard, Lloyd’s head of exposure management and reinsurance, who chaired a panel discussion at the Cambridge seminar. “In our recent reports we have looked at climate change, nanotechnology, pandemics and hormone replacement therapy, for example. We share that information because we believe it makes the industry stronger.”
A lot is already known about the science of health pandemics after historic outbreaks of cholera, smallpox, Spanish ‘flu and the bubonic plague. But as Mary Chang of cat modelling firm RMS pointed out in her presentation, new diseases keep emerging and the risks are magnifying in modern society. “Not only do pathogens mutate, but germs travel fast in a globalised world,” she said. “Plus, there’s the human behaviour risk of bio-terror or accidental release from labs, closer human contact with wildlife and the effects of climate change.”
In a hypothetical 1 in 100 scenario involving an outbreak of H8N8 bird ‘flu starting in Brazil, Chang described overwhelmed healthcare facilities where three times the number of available hospital beds are needed, businesses closing because of 20% plus absenteeism, and supply chains breaking down. With 19 million people dead worldwide, the global GDP impact of a ‘flu pandemic could be as high as $23trn today.
Dr Andrew Coburn warned that the nightmare scenarios outlined in the different presentations could be a lot worse. “Also, we have been looking at them independently: imagine a situation where a geopolitical conflict led to one side engineering a cyber catastrophe or bio-terrorism attack?” he warned. “These risks could correlate. So again, hope for the best – and plan for the worst.”
Addressing the vexed question of how to prepare for emerging risks, Hiscox syndicate exposure manager Matt Harrison stressed the importance of scenario testing for insurers. A war for example won’t simply destroy every property in the war zone, he explained, it could affect aviation and marine risks or confiscation and also contingent risks. “Without scenario testing it would be difficult to define the level of risk you are prepared to take and the level of risk that [insured] companies are running,” Harrison said.
Kay Haggis, group head of operational risk at Catlin, said that part of her contribution to enterprise risk management at Catlin is to look for hidden risks that could make the more obvious insured risks even worse. “I look for possible reserving errors or rogue underwriters, for example, that could be complementary risks,” she said. “We are very aware of emerging risk and the importance of bringing future threats that are hard to quantify into the realms of reality.”