Insurance CROs Highlight Cybersecurity, AI, Climate Change as Key Risk Concerns

Insurance CROs are optimistic about their ability to shore up their operational defenses in 2024 despite global economic headwinds, and complex emerging risks, EY/IIF survey finds

Cybersecurity, artificial intelligence and climate change risks are among the top concerns of insurance company chief risk officers (CROs), according to a new survey by EY and the Institute of International Finance.

The inaugural edition of this joint report is based on survey data from 68 insurance carriers across 15 countries, and highlights the challenges and opportunities faced by insurance CROs in an increasingly volatile geopolitical environment, while wrestling with budget constraints and attracting technical talent.

“Insurance CROs continue to hunt for opportunities to drive growth and reduce the operational risk associated with that, including third-party cyber risk,” stated Isabelle Santenac, EY Global Insurance Leader. “With record-breaking natural catastrophes in 2023, the pressure on carriers to tackle the increasing multibillion-dollar protection gap is compounded by shrinking budgets and scarce talent to tackle some of the most pressing climate-related disasters our generation has faced.”

Cybersecurity Risks

Over the next 12 months, respondents expect cybersecurity to be the top risk on their agendas, and by a substantial margin: 53% cited cybersecurity risk as top risk. In second place was insurance risk—defined as underwriting risk, including lapses, catastrophic losses and longevity risk—at 35%. Business model change/transformation was third, at 32%.

The top risks that CROs believe will require the most attention from their board of directors was also cybersecurity risk, at 53%, followed by strategic risk, 37%, and business model change/transformation, 35%.

Asked to forecast which emerging risks would be a top priority for insurers in the next three years, cybersecurity remains in first place, cited by 68% of CROs. Geopolitical risk was cited by 56% and environmental risk, including the climate protection gap, was cited by 50%.

AI Risks

“Artificial intelligence (AI), including generative AI (GenAI), is among the hottest topics in C-suites and boardrooms across the insurance industry, as it is in other sectors,” the report noted. “CROs understand the need to adopt a governance model and risk management approach to address the unique and varied set of risks AI presents, including data security and privacy threats and regulatory concerns about ethics and bias, among others. The risk that insurers don’t do enough to embrace GenAI to drive innovation and business transformation should be on CROs’ radars, too.”

From a business perspective, insurers are at different stages in their AI journeys—from initial investments and pilots to more extensive deployments in data modeling and predictive analytics, the report stated. Preparations for AI and GenAI seem to be proceeding slowly and cautiously, though CROs recognize how much more activity will be necessary in the not-too-distant future.

Establishing enterprise AI governance structures is being investigated, or in progress at 60% of respondents, and fully implemented at 12, while 28% report no plans to implement such structures.

Half of respondents said their companies are investigating the establishment of controls to ensure responsible use of AI/ML in insurance decision making, such as for underwriting, claims processing or customer service. Nearly a quarter, 24% said this has been fully implemented, while 26% have no plans to do so.

Looking at the use of AI in the business, CROs have a range of concerns, the report noted. Asked where they see the most heightened risk from the use of ML, AI, GenAI or LLM in business, 61% said the model, including the risk of hallucination and “explainability,” was the top concern. Data privacy was second, at 49%, and consumer fairness and algorithmic bias was third, at 37%. Also, cybersecurity risk was cited by 32%.

ESG and Climate Change Risk

Environmental, social and governance (ESG) and climate risk are part of the risk management agenda.

Asked about the maturity of a company’s understanding of its exposure to physical and transition risks of climate change, only 3% felt they had a complete handle on these risks.

However, more than half—or 54%—felt they had a “complete complete” understanding of climate change risks, and 33% reported a preliminary understanding. Only 10% reported no understanding, or no intent to evaluate it.

Additional survey findings focus on the talent needs of risk management and the technical skills that CROs believe will be most needed.

Communication, interpersonal leadership and critical thinking skills was viewed as most important skill by 41% of respondents, followed by cybersecurity, 39%, and AI-based model risk management, 30%.

Learn more about the EY/IIF report on the IIS web site. &

The R&I Editorial Team can be reached at [email protected].

How a Carrier Partner Can Help Navigate a Challenging Management and Professional Liability Market

A combination of a choppy economy with increased claims frequency and severity could lead to rate increases in the Management & Professional Liability market.

By: Risk & Insurance | April 3, 2024

Rates in the management & professional liability (M&PL) markets were on the rise from 2020 to early 2023 and are now falling rapidly.

M&PL divisions manage a number of different insurance products including management liability (D&O), professional liability (E&O), employment practices liability (EPL), fiduciary liability policies, cyber, etc. In 2023 and into 2024, a big influence on the marketplace has been the extremely aggressive and softening public company D&O market.

Though these rates have been softening for management liability, that may change over the next few years as companies continue to adjust their business models motivated by economic uncertainty. Layoffs were up nearly 200% last year, Forbes reported, even as other recession indicators, like the inflation rate, improved. A recession could lead to an increased claim activity and force carriers to raise rates.

“Whenever there is a meaningful downturn in the economy, we tend to see claim frequency pop up,” said George Schalick, Jr., senior vice president of the Management and Professional Liability Division at Philadelphia Insurance Companies (PHLY).

With continued fiscal uncertainty, businesses potentially already burdened with pandemic-related claims should seek a carrier with a long history in M&PL products. They will provide much-needed risk management guidance and be better positioned to support their insureds during market fluctuations.

Why Insureds Might See an Uptick in M&PL Claims

George Schalick, Jr., Senior Vice President of the Management and Professional Liability Division, Philadelphia Insurance Companies

The current soft market might come as a bit of a surprise as it does not track with previous underwriting cycles and economic conditions. Afterall, many privately held and non-profit organizations struggled during the early days of the pandemic with shutdowns and rapidly declining revenues. But the Government assistance programs, like the Paycheck Protection Program loans, helped keep many afloat during the tough times.

“During COVID many organizations stopped doing business until they were able to sort out all of the health and safety challenges,” Schalick said. “They were forced to lock down, but then all the government assistance programs allowed them to keep people employed. The increased volume of claims we anticipated we would see coming from the lockdowns and restrictions that were imposed upon businesses in the U.S. didn’t manifest at first.”

“Just because there wasn’t an onslaught of reported claims at the beginning of the pandemic, doesn’t mean the circumstances that would give rise to a claim being reported didn’t occur. Courts and the judicial system were closed or slowed and now that they are back open, we’re starting to see the circumstances that occurred during the COVID lockdowns becoming claims today,” Schalick said. “Litigation is progressing.”

Added to the delayed pandemic litigation is a concern over newer claims that might be filed as the country inches toward an economic downturn. Though a recession was avoided in 2023, experts think a soft dip could occur in 2024, with 76% of economists saying there’s a 50% or less chance of an economic downturn this year — that almost always results in more management liability claims.

“During the Great Recession in 2008, we saw an almost immediate spike in claims because of the economic conditions and the pressure it placed on organizations. They were making personnel changes with significant belt tightening almost immediately.” Schalick said.

What’s in Store for M&PL Policy Rates in 2024?

Despite an uptick in claims and increased economic uncertainty, management liability rates haven’t increased, resulting in market-wide pricing levels that may not meet the increased pressure of rising settlements and jury verdicts.

“Rates are going the other direction and settlement values are not falling,” Schalick said.

The mismatch between rates, claim frequency and severity is, in part, because carriers experiencing the dramatic soft market in the public D&O market are seeking premium gain in the private and non-profit market.

“In the public company market, the rates have been decreasing significantly. The rates were increasing in the private, not-for-profit market, and rightfully so, but there’s a desire to supplement overall mid-size D&O for carriers who also write private not-for-profit, and they see that as an opportunity to aggregate premium,” Schalick said. “So the always competitive landscape in the private, not-for-profit market has dramatically increased in the last 18 to 24 months.”

Still, companies of all sizes and types should be concerned about management liability rates in the future. Legal system abuse is resulting in increases in both the amount of litigation and the size of verdicts plaintiffs are receiving.

Certain areas of the country are particularly vulnerable to this type of legal system abuse. As a result, insureds in these localities are likely to be vulnerable to rate increases.

“The environment is so positive for the plaintiff that forces premium increases so carriers are able to stay in that market long term,” Schalick said.

Why a Tenured Carrier Partner Can Help Insureds Navigate An Uncertain Market

It’s clear that insureds are facing an uncertain M&PL market over the next few years. Fortunately, carriers with a long history in the M&PL space will be there to offer stability.

Philadelphia Insurance Companies has been supporting this market for 35 years. PHLY is committed to offering long-term rate stability, even as economic and claims trends start to push premiums upwards. They have an appetite for all sorts of companies, large and small, for-profit and nonprofit alike.

“We’ve been at this game for a long time and are one of the most tenured underwriters in this space,” Schalick said. “We like to stay very consistent.”

PHLY has worked with both for-profit and non-profit on management liability policies. With dedicated M&PL teams throughout the company’s 13 regions, PHLY provides the support agents and brokers are looking for on behalf of their clients. The teams know their regions well and can respond to local trends. They’re also dedicated to making the renewal process as easy as possible for their partners and policyholders.

“We have real confidence in our results, so we focus a lot on making the renewal experience as painless as possible for all agents and insureds,” Schalick said.

The company is also investing in tools to help insureds avoid losses. Earlier this year, they launched a new online risk management platform, PHLYGateway, which offers resources for insureds on how to create an employee handbook and trainings on issues such as recognizing workplace sexual harassment and discrimination.

If insureds have questions, they can consult a Best Practices Help Line, provided via the platform. That way, they can get on the spot risk management guidance to help them prevent claims.

To learn more, visit: https://www.phly.com/mplDivision/managementLiability/default.aspx.

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Philadelphia Insurance Companies. The editorial staff of Risk & Insurance had no role in its preparation.