What a difference a week makes. A week before the tragic events in Manchester, RMS was in New York, and the previous week in London as we hosted over 400 risk professionals from across the (re)insurance industry at two half day terrorism seminars. The seminars featured several of the world’s leading experts on counterterrorism, modeling, and terrorism risk management and highlighted the fluid threat environment, its insurance implications, and the impact of technology on terrorism risk. Continue reading
Some fifteen years after terrorism risk modeling began after 9/11, it is still suggested that the vagaries of human behavior render terrorism risk modeling an impossible challenge, but still the core principles underlying terrorism risk modeling are not widely appreciated. Terrorism risk modeling, as it has developed and evolved from an RMS perspective is unique in being based on solid principles, which are as crucial as the laws of physics are to natural hazard modeling. The recent high-profile terrorist attacks in London, Stockholm, and Paris adhere to many of these principles.
It is likely that very few of the 60 million U.S. citizens who voted for Donald Trump would have done so because of his stance on terrorism insurance. Only because terrorism insurance is too arcane an issue to have come up in the presidential debates. However, many of the nation’s wavering voters may have been swayed by his pledge to make America safer from the scourge of terrorism. Under his presidency, border security will surely be tightened – even if no frontier wall is ever built and changes made to entry decisions for Syrian Muslim refugees into the United States.
Reauthorization of TRIA – Talks Start in 2018
On January 12, 2015, the Terrorism Risk Insurance Program Reauthorization Act of 2015 was signed into law by President Obama. This third extension of the original 2002 Terrorism Risk Insurance Act (TRIA) will sunset at the end of 2020, coinciding with the end of the first term of the Trump presidency. In the drafting of the 2015 reauthorization bill, detailed consideration was given by the House Financial Services Committee to alternative wordings that would have reduced the coverage provided by the U.S. government insurance backstop. One such alternative would have focused U.S. government involvement in the terrorism insurance market on covering terrorism losses from extreme attacks using weapons of mass destruction. When the future of terrorism risk insurance is raised once more on Capitol Hill in 2018, the Republican White House and Congress are likely to seek to further extend the private terrorism insurance market. Though I consider this to be contingent on President Trump keeping his pledge to keep America safe until then.
Balancing Civil Liberties in the Face of Reducing Terrorism Risk
In the democracies of the western alliance, the balance of keeping people safe from terrorism and preserving civil liberty is much debated issue. After the July 2005 London Transport bombings, the head of the British security service, MI5, warned that ‘there needs to be a debate on whether some erosion of civil liberties may be necessary to improve the chances of our citizens not being blown apart as they go about their daily lives’. On a national scale across America, a similar debate was prevalent during the 2016 U.S. presidential election. It may seem that in this instance, the champion of civil liberties, minority rights, and political correctness lost to the conservative advocate of oppressive counter-terrorism action and profiling of terrorist suspects.
Regardless of who occupies the White House, however, terrorist plots against the U.S. will persist and terrorists must be stopped before they move to their attack targets. Success in interdicting these plots depends crucially on intelligence gathered from electronic surveillance. It is well-documented that more intrusive surveillance can successfully increase the chances of lone wolf plots being stopped. And President-elect Trump has already affirmed his readiness to authorize more surveillance. He can claim a public mandate for this: for America to be great again, it has to be safe again – even from lone wolf terrorist plots. After the Orlando nightclub attack on June 12, 2016, perpetrated by the radicalized son of an Afghan immigrant, Donald Trump said that ‘we cannot afford to be politically correct anymore’. And in fighting global Islamist extremism vigorously, he may be able to count on President Putin’s support. While the two world leaders differ on geopolitics, their mutual respect as a President may be maintained through abrasive counter-terrorism action.
When Michael Chertoff was appointed Secretary of Homeland Security, President George W. Bush told him not to let 9/11 happen again – and he didn’t. President-elect Trump will expect a similarly impressive clean sheet. On a more personal level he also has a special interest in increased security against terrorist attacks. His own real estate empire includes some notable potential terrorist targets, including high-profile landmark buildings bearing his name. While the New York Stock Exchange has too tight security to be attacked, in contrast, the Trump Building on Wall Street has easy public access. There are numerous opportunities for terrorist target substitution.
In the 15 years since the terrorist attacks of September 11, 2001, partnerships between the public sector and private industries have yielded more effective security and better public awareness about the threat of terrorism. We may never come to terms with the sheer volume of human loss from that day and among the hundreds of attacks that continue every year. But we have achieved greater resilience in the face of the ongoing realities of terrorism – except for when it comes to looking ahead at recovering from the catastrophic costs for rebuilding in its aftermath.
Terrorism insurance is facing a structural crisis: hundreds of terrorist attacks occur annually, but actual insurance payouts have been negligible. The economic costs of terrorism have skyrocketed, but demand for terrorism coverage has remained relatively flat. And despite a proliferation of catastrophe bonds and other forms of alternative capital flooding into the property insurance market, relatively little terrorism risk has been transferred to the capital markets. If terrorism insurance – and the insurers who provide it – are to remain relevant, they must embrace the new tools and data available to them to create more relevant products, more innovative coverages, and new risk transfer mechanisms that address today’s threat landscape.
The September 11th, 2001 attacks rank among the largest insurance losses in history at $44 billion, putting it among catastrophes with severe losses such as Hurricane Katrina ($70 billion), the Tohoku earthquake and tsunami ($38 billion), and Hurricane Andrew ($25 billion).
But unlike natural catastrophes, whose damages span hundreds of kilometers, most of the 9/11 damages in New York were concentrated in an area of just 16 acres. Such extreme concentration of loss caused a crisis in the insurance marketplace and highlighted the difficulty of insuring against such a peril.
Following the events of the September 11 attacks, most insurers subsequently excluded terrorism from their policies, forcing the U.S. government to step in and provide a backstop through the Terrorism Risk and Insurance Act (2002). Terrorism insurance has become cost effective as insurer capacity for terrorism risk increased. Today there are an estimated 40 insurers providing it on a stand-alone basis, and it is bundled with standard property insurance contracts by many others.
But despite better data on threat groups, more sophisticated terrorism modeling tools, and increased transparency into the counter-terrorism environment, terrorism insurance hasn’t changed all that much in the past 15 years. The contractual coverage is the same – usually distinguishing between conventional and CBRN (chemical, biological, radiological, and nuclear) attacks. And terrorism insurance take-up remains minimal where attacks occur most frequently, in the middle east and Africa, highlighting what policymakers refer to as an increasing “protection gap.”
Closing this gap – through new products, coverages, and risk transfer schemes – will enable greater resilience following an attack and promote a more comprehensive understanding of the global terrorism risk landscape.
Natural hazard science is commonly studied at college, and to some level in the insurance industry’s further education and training courses. But this is not the case with terrorism risk. Even if insurance professionals learn about terrorism in the course of their daily business, as they move into other positions, their successors may begin with hardly any technical familiarity with terrorism risk. It is not surprising therefore that, even fifteen years after 9/11, knowledge and understanding of terrorism insurance risk modeling across the industry is still relatively low.
There is no shortage of literature on terrorism, but much has a qualitative geopolitical and international relations focus, and little is directly relevant to terrorism insurance underwriting or risk management.
As a step towards redressing the imbalance in available terrorism literature, a new online journal, The Journal of Terrorism and Cyber Insurance, has been established; its launch is to coincide with the fifteenth anniversary of 9/11. The journal has been welcomed and supported by global terrorism insurance pools, and its launch will be publicized at the annual terrorism pools congress in Canberra, Australia, on October 7, 2016.
Originally conceived as a journal of terrorism insurance, coverage has been extended to include cyber risk, recognizing the increasing insurance industry concerns over cyber terrorism and the burgeoning insurance market in cyber risk. The aim of the open access journal is to raise the industry’s level of knowledge and understanding of terrorism risk. By increasing information transparency for this subject the editorial board hopes to facilitate the growth of the terrorism insurance market, which serves the risk management requirements of the wider international community. The first issue is a solid step in this direction, and will include articles on the ISIS attacks in Paris in November 2015; terrorism insurance in France and Australia; parametric terrorism insurance triggers; non-conventional threats; the clean-up costs of anthrax, and the terrorist use of drones.
The four founding editors of the journal have extensive knowledge of the field. The managing editor is Rachel Anne Carter, who has terrorism insurance administrative experience with both OECD and U.K. Pool Re. Dr. Raveem Ismail, specialty terrorism underwriter at Ariel Re, brings to the editorial board detailed direct terrorism and political risk underwriting knowledge. Padraig Belton is a writer with extensive political risk expertise, having served as a correspondent in the Middle East and Pakistan. As chief architect of the RMS terrorism model, I will bring terrorism risk modeling expertise to the team and have the responsibility and pleasure to review all article submissions. I look forward to sharing insights from the journal with subscribers to this blog.
This month saw what the President of the United States described as “the most deadly shooting in American history” with the killing of 49 innocent people at an Orlando nightclub, carried out by a man suspected of having leanings towards radical Islamist ideology.
Although information is still emerging, there are some clear threads and patterns, which link this attack to the increasing activity surrounding so-called Islamic State (IS).
1. Assaults Using an Automatic Rifle Becoming More Common
For somebody committed to terrorizing the population, there appears to be a growing tendency to use automatic weapons. Off-the-shelf military weapons are inherently more reliable than improvised explosive devices. In contrast to the atrocity in Orlando, a 2007 plot against the Tiger Tiger nightclub in London failed because the IED (improvised explosive device) failed to detonate.
2. The Increase in “Lone Wolf” Attacks as a Response to Surveillance
A “lone wolf” attack has been defined as a single individual or a group of two to three people driven to hateful actions based on a particular set of beliefs without a larger group’s knowledge or support. The FBI believes that most U.S. domestic attacks are carried out by lone actors to promote their own grievances and agendas.
Militants involved in such attacks are home-grown “self-starters” that are inspired by the jihadi movement, but may have little or no actual connection to these groups. Instead, many use the internet and social networking tools to find propaganda and research attack methods.
Mass interception of communications (as revealed by Edward Snowden’s leaks of National Security Agency files), particularly in North America, has raised the chances of terrorist conspiracies being detected. This has led to a move away from plots involving multiple attackers. There has been a corresponding rise in the United States in the risk of lone-actor attacks, which have a comparatively small chance of being found out and stopped.
3. Attacks Inspired by Islamic State
The Orlando terrorist contacted police via cellphone around the time of the attack to announce his allegiance to IS. There are strong indications that he has been deeply influenced by the group even if he had no contact with it. As IS concedes territory it controls in Iraq and Syria it is looking to organize or inspire atrocities overseas. There are two likely reasons for this. Firstly, striking on foreign soil helps to divert attention from its losses in the Middle East in order to retain credibility and an aura of potency. Second, the jihadi operations overseas are designed to deter further attacks by Western forces in IS strongholds in Iraq and Syria.
4. Targeting of Venues Which Extremists Claim Symbolize Values They Decry
Bars and nightclubs may feature in the attack plans of terrorist organizations because there are high concentrations of people in a public, accessible venue. Such locations are also targets for such extremists who may view them as representing Western lifestyles of which they disapprove.
5. Increased Attacks over Ramadan
The murders in Orlando happened a week after the start of the holy month of Ramadan. Radical Islamic militants tend to increase their operations during this period. A recording released online from IS spokesman Abu Mohammed al-Adnani has claimed any martyrdom operation during the festival of Ramadan will bring more “rewards.” An increase in the tempo of Islamist terrorist activity would thus not be unexpected.
The increasing proliferation of extremism and global attacks is concerning. Our modeling team closely monitors the evolving risk landscape. By examining all attacks to capture greater insight into the workings and thinking of the terrorist groups, including targeting preferences and weapon selection, we can continue to offer terrorism models that enable our clients to deepen their understanding of terrorism risk and strengthen their terrorism risk management.
This post was co-authored by Weimeng Yeo and Gordon Woo.
If you are a risk professional that always wants to discover what’s new in our industry, then I’m sure you’d be interested in learning about our new developments: the first RMS high-definition (HD) models, managing novel perils such as cyber, and a total re-examination of more established perils, such as marine cargo.
You can satisfy this craving for the latest thinking, products, and solutions by joining us at Exceedance in Miami this May. With more than sixty sessions plus our general sessions and keynotes, here’s just a selection of the new developments we’ll be covering:
Explore high-definition (HD) modeling
There is a lot of excitement around HD models, representing our next generation of RMS probabilistic modeling, with full-simulation models incorporating the latest technology across all modeling components. You will be among the first to discover our new HD models at Exceedance, with HD modeling powered by RMS(one) for Europe Flood, Japan Typhoon, and New Zealand Earthquake.
It’s not just the models themselves that we will examine; we’ll also look at business-use cases for all RMS HD model components and analytics, from data to maps, and our Model Evaluation Environment, through to portfolio management with RMS(one).
New opportunities from new perils and new models
New perils are always fascinating as they offer growth for those who can harness their potential. To give us all a head start and increase understanding, we have called in leading experts in cyber and terrorism for Exceedance to discuss the latest insights for both these high-profile perils.
While cyber continues to be a serious business threat, (re)insurers’ cautiousness around the systemic nature of the risk sees cyber insurance demand outstripping supply. Matt Olsen, president of IronNet, will give context on the cyber crime environment, with the RMS Cyber Risk team explaining how to assess cyber threat and manage risk accumulations with our new Cyber Accumulation Management System.
Respected terrorism expert Bruce Hoffman will offer his view of a world where extremism is on the rise, as we also show the similarities and differences between modeling a human-made peril compared to traditional natural catastrophe modeling concepts and practices.
Finally, with the sheer scale of global trade seeing accumulations of billions of dollars of cargo at global ports, a new approach to modeling marine cargo insurance is needed. We’ll show examples of sample modeled losses using our new RMS Cargo and Specie Model, explain how to manage a global cargo portfolio, and tackle accumulations in prime risk areas such as ports.
I hope you can join us at Exceedance.
If you were allowing yourself to feel a little optimism that the world might be becoming a more peaceful place, with the ceasefire in Syria seeming to hold longer than most analysts ever expected, this week’s harrowing events in Belgium may have dimmed those hopeful glimmers.
The bombings in Brussels underlined once again that the jihadist violence that emanates from this war-torn region is as menacing as ever.
Three bombs went off in the Belgian capital on Tuesday. Two were set off by suicide bombers at the international airport and one explosion ripped through a subway train downtown, close to the heart of the European Union’s headquarters. At the time of writing more than 30 people are dead and more than 300 are injured.
The extremist group which calls itself Islamic State (IS) claims that its followers were behind the attacks. It is waging war in Iraq and Syria and holds significant amounts of territory. It has attracted some Muslims born in the West to join the fight there. It’s when they return home to the West, battle-hardened and with military know-how, that counter-terrorist agencies start to worry. And as events in Brussels this week and Paris in November have shown—with good reason.
The attacks were extremely simple but highly effective. The bombs were detonated in small confined areas, a perfect place for a mass-casualty event when leveraging a small improvised explosive device (IED). The bombs were also reinforced with pellets and nails to further inflict human injury.
Since declaring a Caliphate in June 2014 (a religious term which harks back to the era of the Prophet Mohammed and expresses a desire to unify the global Muslim community under a central leadership), IS has already conducted or inspired nearly 70 terrorist attacks in 20 countries other than Iraq and Syria. This is a harrowing trend that is unlikely to reverse in the short term. Belgium, with the largest number of foreign jihadi fighters in Iraq and Syria in absolute and relative terms, is therefore at considerable risk when these fighters return home.
The bombs blasts in Brussels are a sombre reminder of the difficulty of preventing attacks against transportation infrastructure such as airports and metro or bus stations. As security at military bases, embassies, and other government facilities increases there has been a trend among terrorists to attack softer targets. These locations are vulnerable as by their very nature they must remain open—and with so many such transport hubs it is not easy to detect and exclude those with hostile intentions.
Terrorism inspired by a narrow, extremist interpretation of Islam (particularly the Salafi-jihadi type) continues to pose a major security threat to Western European countries. IS and other such groups view these nations as attractive targets: in particular Belgium, Denmark, France, Germany, Italy, Netherlands, and the United Kingdom. This may be because of their foreign policies, especially those involved in Muslim countries, or because specific events that have caused a strong visceral response among more hard-line elements of the Muslim community.
While it is still early to speculate about the motives behind these attacks, the bombings were likely in response to the capture of Salah Abdeslam in the Brussels suburb of Molenbeek, who’s being held on suspicion of involvement in the November 2015 Paris attacks. There have been several news reports that Abdeslam was plotting additional terrorism attacks in Europe and Belgian authorities were seeking two of his associates. It’s unclear whether those associates were involved in these attacks or if the bombings in Brussels were committed by other extremists. So further attacks in Belgium or regional European countries cannot be ruled out.
The suicide armed and bomb attacks in Paris on November 13, 2015 were unprecedented in size and scale. The attacks that killed more than 125 people and left 350 injured have exposed France’s vulnerability to political armed violence and alerted the rest of Europe to the threat of salafi-jihadist within their domain.
Here are seven points we found noteworthy about these attacks:
1. Tragic but not surprising
Though tragic, the Paris attacks do not come as a complete surprise to the counter terrorism risk community. The terrorism threat in France is higher compared to several other Western European countries. Apart from this recent attack, there have also been several terrorist attacks in France in the last 18 months. These include the attack on December 20, 2014 in Tours, the armed assault at the ‘Charlie Hebdo’ offices in Paris on January 7, 2015, the shootings in Montrouge on January 8, 2015, the hostage siege at a Jewish supermarket in Paris on January 9, 2015 and an attack against three French soldiers in the city of Nice on February 3, 2015. On August 21, 2015, there was also a terrorist attack on the Amsterdam to Paris high speed Thalys (TGV) train service.
What is surprising is the magnitude and scale of these six assaults. These attacks were very ambitious. Divided into three distinct groups, the militants were able to execute simultaneous strikes on six locations. Simultaneous attacks are very effective as they cause significant number of casualties before the security services have the time and ability to respond. The attacks were also very well coordinated and involved myriad attack devices reflecting a sophistication that can only come from having some level of military training and expertise as well as centralize control.
2. A well-coordinated attack with unprecedented magnitudes and scale
In the first series of attacks, three bombs were detonated at locations near the Stade de France, where a soccer match between France and Germany was taking place. These bombings killed five people. The three explosions at the Stade de France outside Paris were all suicide bombings. One of the attackers had a ticket to the game and attempted to enter the stadium when he was discovered wearing a suicide bomb vest. He blew himself up upon detection. The second suicide bomber killed himself outside the stadium few minutes later while a third suicide attacker detonated explosives at a nearby McDonalds.
Meanwhile at the same time, gunmen reportedly with AK-47 assault rifles opened fire on a tightly packed Southeast Asian restaurant in a drive-by shooting, killing more than 10 people. Later in the evening there were two other drive by shootings in the different parts of the city that resulted in the deaths of 23 people. Another suicide bomb blast also occurred along the Boulevard Voltaire at a cafe, killing himself but also injuring 15 customers.
The worst violence occurred at the Bataclan Theater, where four militants took hostages during a concert performance by an American rock music group. Witnesses reported that the attackers launched grenades at people trapped in the theater. All the assailants were reported dead after the French police raided the building. Three of the assailants blew themselves up with suicide belts instead of getting arrested, as the police got close while the remaining one was shot and killed by the French authorities. More than 80 people were believed to be killed at the theatre suicide siege.
3. Chosen strategy offers greatest impact
The suicide armed attacks or sieges witnessed at the Bataclan Theater involved a group opening fire on a gathering of people in order to kill as many as possible. Similar to the Mumbai attacks in 2008, the ability to roam around and sustain the attack, while being willing to kill themselves in the onslaught, makes such terrorist attacks more difficult to combat. From the terrorist’s perspective, these assaults offer a number of advantages, such as greater target discrimination, flexibility during the operation, and the opportunity to cause large numbers of casualties and generate extensive worldwide media exposure.
It is possible that following the success of Friday’s Paris attacks, suicide-armed assaults and bomb attacks will become an even more attractive tactic for terrorist groups to replicate. Such attacks will typically target people in crowded areas that lay outside any security perimeter checks such as those of an airport or at a national stadium. Probable targets for such attacks are landmark buildings where there is a large civilian presence.
4. Use of TATP explosives indicates high levels of experience
Also of interest is the terrorist’s use of triacetone triperoxide (TATP) explosives for the suicide bomb vests used in the attacks at the Stadium as well as the Bataclan Theater. TATP is basically a mixture of hydrogen peroxide and acetone with sulfuric, nitric, or hydrochloric acids. These are chemicals relatively available in neighborhood stores. However, TATP is highly unstable and is very sensitive to heat as well as shock. More often than not TATP will detonate prior to the desired time. Given the high level of precision and coordination needed to orchestrate these attacks, an experienced bomb maker had to be involved in creating the suicide bomb vest stable enough to be used in these operations.
5. Longstanding ethnic tensions fueled
The Islamic State (IS) has claimed responsibility for the catastrophic attacks in the French capital. While these claims have not been officially authenticated, the suicide operations and the synchronous nature of these attacks are consistent with the modus operandi of salafi-jihadi militant groups such as the IS and al-Qaida.
France’s military incursion in the Middle East such as the country’s recent bombing campaigns against IS positions in Syria and Iraq, justifies its targeting in the eyes of the Salafi-jihadi community. Both IS and al-Qaida linked groups have in the past have threaten reprisal attacks against France for their military intervention in the region. On the domestic side, the fact the one of the suicide bombers was a Syrian refugee will also further fuel longstanding ethnic tensions in the country. France continues to struggle to deal with the problems of poor integration and perceived marginalization of its large Muslim population. Domestic policies such as the deeply unpopular headscarf ban have contributed to the feelings of victimization claimed by some sections of the French Muslim community.
6. Homegrown terrorists pose a threat
Compounding the threat landscape are indications that many French individuals have traveled to countries such as Syria and Libya to receive paramilitary training. The experience of other Western European countries, which face their own home-grown terrorist threat, has shown that individuals benefiting from foreign training and combat experience can act as lightning rods for local radicalized individuals and provide an addition impetus to orchestrate attacks in their homeland. So far, according to the French authorities it is believe that there is around 400 French citizens in Syria fighting with extremists, making the French among the largest western contingents of foreign fighters in Syria.
7. Potential for subsequent attacks
The November 13, 2015 attacks in Paris, France are the deadliest attacks in Europe since the 2004 train bombings in Madrid, Spain, where 191 people were killed and over 1,800 people were injured.
In regards to the terrorism risk landscape in France, while the suicide bombers have been all killed, the drive-by shooters remain at large. Moreover, despite several arrests in Belgium of individuals allegedly link to the attacks in Paris, it is still unclear whether these detentions have broken up the terrorist network that supported these attacks. Thus, in the short term, subsequent attacks in France or even neighboring countries cannot be discounted.
In my invited presentation on October 22, 2015 at the UK Institute and Faculty of Actuaries GIRO conference in Liverpool, I discussed how modeling of extreme events can be smarter, from a counterfactual perspective.
A counterfactual perspective enables you to consider what has not yet happened, but could, would, or might have under differing circumstances. By adopting this approach, the risk community can reassess historical catastrophe events to glean insights into previously unanticipated future catastrophes, and so reduce catastrophe “surprises.”
The statistical foundation of typical disaster risk analysis is actual loss experience. The past cannot be changed and is therefore traditionally treated by insurers as fixed. The general consensus is why consider varying what happened in the past? From a scientific perspective, however, actual history is just one realization of what might have happened, given the randomness and chaotic dynamics of nature. The stochastic analysis of the past, used by catastrophe models, is an exploratory exercise in counterfactual history, considering alternative possible scenarios.
Using a stochastic approach to modeling can reveal major surprises that may be lurking in alternative realizations of historical experience. To quote Philip Roth, the eminent American writer: “History, harmless history, where everything unexpected in its own time is chronicled on the page as inevitable. The terror of the unforeseen is what the science of history hides.” All manner of unforeseen surprising catastrophes have been close to occurring, but ultimately did not materialize, and hence are completely absent from the historical record.
Examples can be drawn from all natural and man-made hazards, covering insurance risks on land, sea, and air. A new domain of application is cyber risk: new surprise cyber attack scenarios can be envisaged with previous accidental causes of instrumentation failure being substituted by control system hacking.
The past cannot be changed—but I firmly believe that counterfactual disaster analysis can change the future and be a very useful analytical tool for underwriting management. I’d be interested to hear your thoughts on the subject.