Property Risk

Beyond Protected

Research-based engineering and predictive analytics help underwriters take on bigger risks.
By: | December 14, 2016 • 8 min read

Properties designated as Highly Protected Risks (HPRs) can get significantly greater policy limits with a much lower rating structure for their P&C exposures if they continue to keep pace with technology.


Highly Protected Risk properties often are subject to a much lower than normal probability of loss by virtue of low hazard occupancy or property type, superior construction, special fire protection equipment and procedures and management commitment to loss prevention.

It used to be a property could attain HPR status with just state-of-the-art fire sprinkler systems. Risk managers now need to think HPR 2.0, experts say, and expand the concept beyond sprinklers to the risk exposures that develop in tandem with new upgrades.

“The idea that the majority of loss is preventable has been the center of our business model for 180 years,” said Brion Callori, senior vice president of engineering and research at FM Global, one of the first and largest HPR insurers.

“The amazing thing is how well it still works,” he said. “I think this is why it’s gotten more industry interest in last five to 10 years.”

Brion Callori, senior vice president of engineering and research, FM Global

Brion Callori, senior vice president of engineering and research, FM Global

Underwriters are quantifying and underwriting the exposures that face a single building, a campus, a system, or even a supply chain by using modern tools such as computer models, heat maps and predictive analysis.

Solar panels, clean rooms, data storage and mega warehouses are all examples of property uses adding new hazards. As HPR engineers study those additions, they are also able to design ways to tackle the hazards they create.

Take for example, automatic storage and retrieval systems used in warehouses built larger today with narrower aisles and higher stacking. The ability to store more inventory becomes more important as space grows increasingly expensive. Research on the most advanced sprinkler technologies available aims to protect products, help reduce losses and minimize business interruptions.

“As we move to a just-in-time, more global economy, that’s where the clients’ exposures have changed in the past 30 years; they are all over the world.” — Mike Martin, EVP, general manager of national insurance property, Liberty Mutual

More carriers, armed with research and statistics, have a new perspective on HPRs and are willing to invest in the market. The more “protected” a risk is against specific exposures, the more capacity an underwriter will commit, with broader terms and at a better price.

“As it expands in different industry groups, the HPR engineering and underwriting has been able to expand to follow that and meet the exposure of these different facilities,” said Greg DiPrato, senior vice president of the global property practice at Lockton.

The modern HPR method is based on a system FM Global created nearly two centuries ago to identify ways to reduce losses from fire, explosions or natural disasters at mills. To this day, FM Global engineers continually research how to improve on safety measures such as using more efficient fire suppression, finding the strongest roofing materials or identifying less risky locations.

Liberty Mutual Insurance is another leading HPR insurer with a long history of finding solutions to risk exposures with help from a dedicated team of engineers.

“The definition of highly protected risk has really not changed, not one bit,” said Mike Martin, EVP and general manager of national insurance property at Liberty Mutual. “As we move to a just-in-time, more global economy, that’s where the clients’ exposures have changed in the past 30 years; they are all over the world.”

Research-Based Engineering

The traditional insurance model is an actuarial model, where you look at the losses that happen in an occupancy or an industry class, project forward and say those are the losses you expect in the future, Callori said.

HPR designation for FM Global goes along with what’s called research-based engineering aimed at preventing loss. It’s tough to justify the return on investment for becoming HPR based only on reduced pricing or increased capacity in today’s marketplace.


“We want to learn from the losses that happened in the past and figure out how to prevent them from happening in the future,” said Callori. “Our clients can take control of their own destiny going forward, and the way we do that is through the engineering.”

“The buyers look for someone that can really add the value to the partnership and help them manage their total cost of risk, not only just the physical loss but also the business continuity,” Martin said.

While most new construction in the U.S. today is built to fire code, which usually confers HPR status, it’s what you put into it and what you do with it once it’s finished that can take away an HPR designation. Conversely, the exposures in almost any building can be adapted to attain HPR status, as long as you are willing to invest in the requirements, Lockton’s DiPrato said.

When a warehouse built to store steel is then converted to plastic products containing lithium ion batteries, it may lose its HPR status because the existing shelves and sprinkler system can’t adequately contain a lithium ion or plastic fire.

Adding solar panels atop a building creates a load factor, wind exposure and voltage exposure to firefighters that must be addressed. The HPR engineers will find ways to protect the buildings, DiPrato said.

“Everybody is worried about cyber hackers from another country, yet still the easiest way to get to your servers is for someone to just walk into your building if they are not questioned.”— Brion Callori, senior vice president of engineering and research, FM Global

After engineers identify a building’s hazards and make their recommendations on how to reduce losses, the client often must prioritize the budget to incorporate everything that’s recommended at every location, Callori said.

To help with that, engineers, such as those at FM Global and Liberty Mutual, have developed predictive analytics tools to help clients focus their limited capital for the most effective route to attaining highly protected risk status.

To help clients determine where best to invest, FM Global offers clients four predictive analytics tools: Risk Mark; Locations Predisposed; Relative Likelihood and Equipment Factors. These tools look at a structure, its location, its use and the machinery inside and make recommendation about likely losses and best value for investing in loss mitigation.

A quick review of losses at properties that follow recommended safety improvements compared with those that didn’t shows the HPR buildings had less loss, Callori said.  For example, 86 percent of the dollar value for 126 large losses at FM Global locations last year happened at non-HPR facilities.

What’s Next? Cyber and Energy HPR

“As a client develops a facility for their needs, the carrier engineers are brought into the process,” DiPrato said. “Lockton has broker engineers that work as consultants to the client and help in those discussions with the insurance carrier. There’s a lot that goes on to keep everything on an HPR status as technology keeps developing.”

Engineers are beginning to take the HPR approach to new directions, such as confronting alternative energy storage and cyber hazards. Field engineers look at physical security exposures and develop ways to protect against cyber hazards using HPR techniques in new ways.

“Everybody is worried about cyber hackers from another country, yet still the easiest way to get to your servers is for someone to just walk into your building if they are not questioned,” Callori said. “The HPR definition can evolve to hopefully protect [against] cyber hazards.

“We’re working on developing a tool that we think is going to be very valuable for the risk managers to actually understand what their exposures are,” Callori said. “That will be straight from HPR.”

Underwriters are going to start to think about HPR cyber protection in the same way they do about fire, said Michael Korn, a managing principal and leader of the national property practice at Integro Insurance Brokers. What are the data controls that are in place? Do you have really robust encryption? Do you have firewalls? How do you back up your information? What employee controls do you have over information?

Playing in the Primary

The most common HPR programs are structured as single carrier; quota share; and shared and layered, said Korn.

Each insurance company “has a particular appetite for where they like to play in a program,” he said.

Michael Korn, managing principal; leader of the national property practice, Integro Insurance Brokers

Michael Korn, managing principal; leader of the national property practice, Integro Insurance Brokers

“You have to put it together as part of a jigsaw puzzle,” said DiPrato. The way the market is today, with a lot of capacity and a lot of players out there, you can put together a lot of options, he said.

“The better the risk — the more HPR it is — the more underwriters are interested in being on it because the chances of having a loss are so much less,” Korn said. Some insurers have very large amounts of capacity and will do a single carrier deal.

Some larger risks might have 15 carriers, and each one is doing a different piece of the puzzle, Korn said.  For example, if a client needs $2 billion worth of capacity, a broker might set up a quota share, where one carrier assumes 30 percent of the program. The broker then builds a tower that goes all the way up to full value with additional quota share players, Korn said.

In a shared and layered program of the same size, a broker can set up a primary layer of $500 million, for example, and add additional layers to reach the needed $2 billion capacity.


The lower in the tower, the more premium the insurer gets because the chance of impact from a loss is much greater. Those insurers that write excess of the primary get less premium because they take on less risk.

“You approach certain insurers with the idea they want to play in the primary,” Korn said.

Other insurers are more capacity players and typically don’t offer engineering services. They “like to play in the excess,” Korn said. They put up capacity rather than engineering services and receive less premium, Korn said.

The value proposition for Liberty, “is not just the pure insurance product, but things that aren’t covered such as protecting a client’s market share, helping with revenue streams and also reputational risk,” Martin said. “Our loss prevention solutions support a good risk management team, helping them avoid some of those things.” &

Juliann Walsh is a staff writer at Risk & Insurance. She can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

Risk Report: Marine

Crewless Ships Raise Questions

Is a remote operator legally a master? New technology confounds old terms.
By: | March 5, 2018 • 6 min read

For many developers, the accelerating development of remote-controlled and autonomous ships represents what could be the dawn of a new era. For underwriters and brokers, however, such vessels could represent the end of thousands of years of maritime law and risk management.

Rod Johnson, director of marine risk management, RSA Global Risk

While crewless vessels have yet to breach commercial service, there are active testing programs. Most brokers and underwriters expect small-scale commercial operations to be feasible in a few years, but that outlook only considers technical feasibility. How such operations will be insured remains unclear.

“I have been giving this a great deal of thought, this sits on my desk every day,” said Rod Johnson, director of marine risk management, RSA Global Risk, a major UK underwriter. Johnson sits on the loss-prevention committee of the International Union of Maritime Insurers.

“The agreed uncertainty that underpins marine insurance is falling away, but we are pretending that it isn’t. The contractual framework is being made less relevant all the time.”

Defining Autonomous Vessels

Two types of crewless vessels are being contemplated. First up is a drone with no one on board but actively controlled by a human at a remote command post on land or even on another vessel.

While some debate whether the controllers of drone aircrafts are pilots or operators, the very real question yet to be addressed is if a vessel controller is legally a “master” under maritime law.


The other type of crewless vessel would be completely autonomous, with the onboard systems making decisions about navigation, weather and operations.

Advocates tout the benefits of larger cargo capacity without crew spaces, including radically different hull designs without decks people can walk on. Doubters note a crew can fix things at sea while a ship cannot.

Rolls-Royce is one of the major proponents and designers. The company tested a remote-controlled tug in Copenhagen in June 2017.

“We think the initial early adopters will be vessels operating on fixed routes within coastal waters under the jurisdiction of flag states,” the company said.

“We expect to see the first autonomous vessel in commercial operation by the end of the decade. Further out, around 2025, we expect autonomous vessels to operate further from shore — perhaps coastal cargo ships. For ocean-going vessels to be autonomous, it will require a change in international regulations, so this will take longer.”

Once autonomous ships are a reality, “the entire current legal framework for maritime law and insurance is done,” said Johnson. “The master has not been replaced; he is just gone. Commodity ships (bulk carriers) would be most amenable to that technology. I’m not overly bothered by fully automated ships, but I am extremely bothered by heavily automated ones.”

He cited two risks specifically: hacking and fire.

“We expect to see the first autonomous vessel in commercial operation by the end of the decade. Further out, around 2025, we expect autonomous vessels to operate further from shore — perhaps coastal cargo ships. For ocean-going vessels to be autonomous, it will require a change in international regulations, so this will take longer.” — Rolls-Royce Holdings study

Andrew Kinsey, senior marine risk consultant, Allianz Global Corporate & Specialty, asked an even more existential question: “From an insurance standpoint, are we even still talking about a vessel as it is under law? Starting with the legal framework, the duty of a flag state is ‘manning of ships.’ What about the duty to render assistance? There cannot be insurance coverage of an illegal contract.”

Several sources noted that the technological development of crewless ships, while impressive, seems to be a solution in search of a problem. There is no known need in the market; no shippers, operators, owners or mariners advocate that crewless ships will solve their problems.

Kinsey takes umbrage at the suggestion that promotional material on crewless vessels cherry picks his company’s data, which found 75 percent to 90 percent of marine losses are caused by human error.


“Removing the humans from the vessels does not eliminate the human error. It just moves the human error from the helm to the coder. The reports on development by the companies with a vested interest [in crewless vessels] tend to read a lot like advertisements. The pressure for this is not coming from the end users.”

To be sure, Kinsey is a proponent of automation and technology when applied prudently, believing automation can make strides in areas of the supply chains. Much of the talk about automation is trying to bury the serious shortage of qualified crews. It also overshadows the very real potential for blockchain technology to overhaul the backend of marine insurance.

As a marine surveyor, Kinsey said he can go down to the wharf, inspect cranes, vessels and securements, and supervise loading and unloading — but he can’t inspect computer code or cyber security.

New Times, New Risks

In all fairness, insurance language has changed since the 17th century, especially as technology races ahead in the 21st.

“If you read any hull form, it’s practically Shakespearean,” said Stephen J. Harris, senior vice president of marine protection UK, Marsh. “The language is no longer fit for purpose. Our concern specifically to this topic is that the antiquated language talks about crew being on board. If they are not on board, do they still legally count as crew?”

Harris further questioned, “Under hull insurance, and provided that the ship owner has acted diligently, cover is extended to negligence of the master or crew. Does that still apply if the captain is not on board but sitting at a desk in an office?”

Andrew Kinsey, senior marine risk consultant, Allianz Global Corporate & Specialty

Several sources noted that a few international organizations, notably the Comite Maritime International and the International Maritime Organization, “have been very active in asking the legal profession around the world about their thoughts. The interpretations vary greatly. The legal complications of crewless vessels are actually more complicated than the technology.”

For example, if the operational, insurance and regulatory entities in two countries agree on the voyage of a crewless vessel across the ocean, a mishap or storm could drive the vessel into port or on shore of a third country that does not recognize those agreements.

“What worries insurers is legal uncertainty,” said Harris.

“If an operator did everything fine but a system went down, then most likely the designer would be responsible. But even if a designer explicitly accepted responsibility, what matters would be the flag state’s law in international waters and the local state’s law in territorial waters.


“We see the way ahead for this technology as local and short-sea operations. The law has to catch up with the technology, and it is showing no signs of doing so.”

Thomas M. Boudreau, head of specialty insurance, The Hartford, suggested that remote ferry operations could be the most appropriate use: “They travel fixed routes, all within one country’s waters.”

There could also be environmental and operational benefits from using battery power rather than conventional fuels.

“In terms of underwriting, the burden would shift to the manufacturer and designer of the operating systems,” Boudreau added.

It may just be, he suggested, that crewless ships are merely replacing old risks with new ones. Crews can deal with small repairs, fires or leaks at sea, but small conditions such as those can go unchecked and endanger the whole ship and cargo.

“The cyber risk is also concerning. The vessel may be safe from physical piracy, but what about hacking?” &

Gregory DL Morris is an independent business journalist based in New York with 25 years’ experience in industry, energy, finance and transportation. He can be reached at [email protected]