Log In
Access all customer product support, event response, and training in one place
LifeRisks PortalFind modeling tools based on best practice actuarial techniques and medical science
Miu PortalExplore analytics and risk insights for the alternative capital market
Insurance Solutions
Formerly Moody’s RMS
It was 8:46 a.m. local time on September 11, 2001, when a hijacked American Airlines Boeing 767 was flown directly into the North Tower of the World Trade Center in New York City. By 10:03 a.m., hijacked planes had crashed into the World Trade Center South Tower and the Pentagon, Washington D.C. Hijackers on a fourth plane were overpowered by brave passengers, and it crashed in a field in Pennsylvania. Within days, the identities of the terrorists belonging to the al-Qaeda terrorist organization, were revealed. They had executed a meticulously planned and coordinated terrorist event masterminded by al-Qaeda leader, Osama bin Laden.
The images of the planes crashing into the World Trade Center towers remain etched in people’s minds. The memory of the nearly 3,000 people killed, with around 25,000 with immediate physical injuries or long-term effects, and the stories of bravery, heroism, and compassion, are still fresh 20 years on. Damage to the world’s financial center and the U.S. military headquarters was unprecedented during peacetime.
Unlike a major earthquake, flood, or windstorm, the attack footprint of the World Trade Center was very small – yet the insurance losses were massive. For the industry, the record US$47 billion insured losses from the 9/11 catastrophe created chaos. Twenty years later, it is worth looking back at the insurance industry’s response to 9/11, along with the terrorism risk management and modeling that emerged. It was certainly a pivotal moment for the industry and catalyzed the pioneering development of RMS® Terrorism Risk Models.
Wider questions now need to be asked. What has changed with regard to evolving terrorism risk over this time, and what has remained the same? The COVID-19 pandemic and widespread emergence of cyber risk raise questions about how capabilities and motivations have shifted to leverage such new forms of attack. And the digital world’s interconnectedness highlights the systemic risk of terrorism, given that terrorists can cause even larger impacts than the physical consequences of their actions. For a deeper review, I invite you to download our white paper on the 20-year retrospective of 9/11.
The Chaos of 9/11
Before 9/11, terrorism risk was largely unmodeled and inadequately priced. After 9/11’s catastrophic losses, the reaction from the insurance industry was to actively exclude terrorism coverage, and questions had already been raised about the actual likelihood and severity of terrorism risk. The 9/11 attacks opened the door on a world of possible risks that insurers hadn’t considered before, along with future risk that had to be managed.
To facilitate and stabilize insurance coverage, the Terrorism Risk Insurance Act (TRIA) was introduced by the U.S. government as a backstop for terrorism-related losses. The impact of 9/11 was so huge, several other countries established or significantly revised their terrorism risk sharing mechanisms. While this offered some guarantees and stability, it was not a remedy for quantifying and actively managing terrorism risk.
Terrorism Risk Modeling
Modeling was required to assess the nature of terrorism risk. This began with techniques to manage exposures. RMS built a list of high-profile locations that could be targeted by terrorists to cause catastrophic losses. This database has been frequently updated over the years to reflect the latest risk landscape. Moreover, RMS created tools to capture exposure hot spots, so insurers would not be blindsided by unexpected exposure accumulations, whether within an ever-changing portfolio or a large high-profile building. This approach is now standard industry practice.
RMS created a scenario model to assess what-if scenarios that can model catastrophic terrorist attacks ranging from conventional bombs to chemical, biological, radiological and/or nuclear (CBRN) attacks, across the world. RMS pioneered the use of a state-of-the-art 3D computational fluid dynamics (CFD) model for conventional bomb blasts and dispersion modeling for CBRN events. These modeling techniques are vital to help with regulatory scenarios, such as the U.S. Terrorism Risk Insurance Program (TRIP), and rating agency questionnaires, such as A.M. Best’s Supplemental Rating Questionnaire (SRQ).
Probabilistic Modeling
One of the main reservations about terrorism risk modeling has been the perception that it is a function of human behavior and defies quantification. All quantitative modeling of rare events should be based on explicitly stated, well-defined principles, which can be translated into mathematical formulas that underlie quantitative terrorism risk modeling and minimize the degree of subjectivity. Twenty years ago, RMS developed principles of terrorism modeling when building our probabilistic terrorism model. And 20 years later, these principles are still relevant.
Within the bounds defined by the Western counterterrorism environment, terrorists have maximized their operational utility by abiding by classic principles of terrorist modus operandi. They substituted hardened targets for softer ones, prioritized reliability in weapon selection, and leveraged their scarce resources to achieve the greatest impact for a given cost outlay.
Understanding terrorist motivation leads to another important risk modeling principle. Terrorism is the language of being noticed. In the context of this new twenty-first century terrorism, attacks would have to be sufficiently large, symbolic, and/or destructive to garner the level of attention demanded.
Changing Risk Landscape
In terms of the global threat landscape, there have also been numerous upheavals. The invasion of Afghanistan after 9/11 was followed by war and insurgency in Iraq from 2003 to 2011. Preemptive attacks have taken their toll on other al-Qaeda leaders, as well as leaders of the Pakistani Taliban. Political instability created space for the formation of the Islamic State (IS), and the subsequent pressure of counterterrorism, leading to declining capability for IS.
Notwithstanding the recent rise of neofascism, the foreign threat remains substantial and subject to sporadic adverse geopolitical change. Resurgence of the Taliban following the withdrawal of military troops from Afghanistan has raised the threat level of foreign terrorism once again. Terrorism tends to come in waves, and these changes have illustrated how dynamic the terrorism threat landscape can be.
Systemic Threat
The 20th anniversary of 9/11 will see the insurance communities further their efforts to understand how the terror threat is ever-present, shifting and changing. Terrorism has systemic risk potential, as seen during 9/11 which was ultimately a clash event with many coverages triggered. Among direct physical damages, terrorism can affect critical infrastructure and disrupt supply chains that, in turn, disrupt businesses which can result in business interruption (BI) claims. The desire and ability of terrorists to inflict maximum impact from a disproportionally small investment means terrorism will continue to be a potential risk the insurance industry must understand.
The terrorist threat landscape has evolved considerably since 9/11 but remains a formidable risk in 2021 – and for the foreseeable future. Insurance best practices that emerged post-9/11 are still relevant today, and the fundamentals of terrorism risk modeling have remained intact. There is also a substantial amount of observational data validating the principles of terrorism modeling that have guided RMS in our threat model development.
For further reflection on the 20th anniversary of the 9/11 terrorist attacks, which profoundly impacted the insurance industry, please download our white paper: The Lasting Impacts of 9/11 on the Insurance Industry. You will learn how terrorism modeling and the risk landscape have evolved since the events of September 11, 2001, and much more.
At this year’s RMS Terrorism Risk Summit, we focused attention on the U.S. landscape. The main issue these days in terrorism insurance discussions relates to the Terrorism Risk Insurance Protection and Reauthorization Act (TRIPRA), which will expire at the end of December 2020 if not reauthorized. This important legislation is also known by other acronyms including TRIA (Terrorism Risk Insurance Act) and TRIP (Terrorism Risk Insurance Program). In discussing the U.S. federal backstop for certified acts of terrorism, all these names are synonymous. To help make sense of the speculation and various policy options, RMS was proud to host Scott Williamson, Vice President and Director of Financial Analytics at the Reinsurance Association of America (RAA). Mr. Williamson has developed legislative models to assist the RAA in its advocacy on issues such as TRIA. At the RMS event, Mr. Williamson provided an overview of the current TRIA structure and explored some alternative modifications to the program that were considered to make a legislative recommendation. This included an evaluation of multiple ‘what-if’ scenarios, using a range of attack modes and targets, and various assumptions regarding the compounded average growth rate of the U.S. economy. For this study, RMS partnered with RAA to estimate economic losses due to a range of scenario terrorism events for property and workers’ compensation lines of businesses, using its latest Terrorism Model and Economic Exposure Data. Understanding TRIA Per the TRIA legislation, each insurer has a deductible equivalent to 20 percent of its Direct Earned Premium of the previous year. Any loss above the deductible is co-shared between the insurer and the government (part of the government’s portion could be recouped under certain conditions). The percentage share varies by calendar year. The Insurance Marketplace Aggregate Retention Amount or IMARA is used as a threshold for the government to establish whether any government payments are liable for mandatory recoupment. For losses below the IMARA, the government initially pays losses above the insurers’ aggregate deductibles (less the insurers’ copays). These government payments are later recouped from all TRIA covered lines policy holders at 140 percent. This process is called mandatory recoupment. For government loss payments that are above the IMARA, the government has the discretion to recoup all federal expenditures, but the assessment to policyholders in this layer are capped at a three percent policy surcharge per year. This process is called discretionary recoupment. In his presentation, Mr. Williamson focused on cases causing mandatory recoupment. He explored a repeat of the 9/11/2001 terror attacks adjusted for inflation which equates to a total program loss of US$42 billion for calendar year 2019. In this scenario, the affected insurers retain about US$14 billion as deductible. Losses above the deductible are co-shared between the insurer (19 percent) and the government (81 percent). However, the government recoups a major share of the amount it initially pays out, as part of the mandatory recoupment process (US$19 billion), i.e. 81 percent of the losses above the insurers’ deductible amount (US$14 billion) and below the IMARA (US$37.5 billion). Additionally, the government applies a surcharge that increases the recoupment amount to 140 percent of the government’s outlay below the IMARA, or about US$27 billon. Thus, the net amount retained by the government after consideration of the recoupment surcharge is actually less than zero. This scenario is illustrated below: Though IMARA is US$37.5 billion in 2019, it is revised for 2020 (and beyond) as the average annual deductible from all insurers in the past three years. This average annual deductible will continue to increase in an economy with steady growth. It was observed that even if the program structure remains unchanged, the market retains a significant amount of the risk – either in the form of the amount to be paid back to the government as part of recoupment process or the increasing deductible amount which is a function of the direct earned premium. Consequently, the share of losses retained by the government will decline, shifting more of the burden to insurers and policyholders. Mr. Williamson concluded that RAA supports the as-is reauthorization of the TRIA program to avoid economic instability post a catastrophic terrorist event. In the absence of a stable private market, insuring economy and people against terrorism is a government responsibility which is co-shared by private market through the current partnership. Mr. Williamson did not imply that there was no room for improvements to TRIA, but that the reality is likely to be that any changes to the program will be difficult to pass during a Presidential election year. RMS anticipates TRIA to continue in some form with possible changes to the current structure, in line with past reauthorizations. These changes could include updates to the loss trigger, shifts in the co-share percentages from government to insurers, changes in coverage to focus on more extreme Chemical, Biological, Radiological and Nuclear (CBRN) events and possible revision to the program limit. Without this support there would be significant gaps between terrorism insurance that is needed for a resilient economy versus what will be offered by the private market. RMS strives to address the market’s quantification of terrorism risk. Our current model focuses on catastrophic or large-scale terrorism that could impact the solvency of an insurance firm and is well-suited for the type and magnitude of attack losses that might be covered by TRIA. In an ongoing effort to support some sort of reauthorization of TRIA, we welcome feedback on the federal program as well as RMS’ terrorism solution that can help to analyze its impact on insurance portfolios. Please reach out to RMS (support.rms.com) with any comments or questions.
Shruti is responsible for RMS Global Terrorism and Human Casualty models and is involved in all aspects of these solutions, including the occasional consulting engagement. Prior to joining the RMS Product Management team, Shruti worked for four years in the RMS Global Analytical Services team.
