Think Tank says "US lacks adequate financial protection from Terror Acts", but its the UK too!

The terrorism insurance system in the United States is failing to provide businesses with adequate financial protection, leaving the nation vulnerable to economic disruption if there is a major terrorist attack, according to a RAND Corporation study issued earlier this week.

The report by the RAND Center for Terrorist Risk Management Policy (CTRMP) says that the terrorism insurance system is not robust enough to respond to a rapidly evolving terrorist threat against US businesses.

“America's economy does not have adequate financial protection from terrorist attacks,” said Peter Chalk, a RAND terrorism expert and lead author of the report. “Protecting businesses against the economic impact of a terrorist attack should be part of a robust homeland security effort.” Other authors of the study are Bruce Hoffman, Robert Reville and Anna-Britt Kasupski of RAND.

The study points out that terrorism insurance does not cover losses caused by attacks from domestic terrorist groups. In addition, it says most insurance polices now exclude coverage for attacks involving chemical, biological, radiological and nuclear (CBRN) weapons.

On top of this, many of the nation's businesses are not buying terrorism insurance that became available after the Sept. 11, 2001 terrorists attacks, increasing the economic damage that would be caused by a new terrorist strike on the United States, the study finds.

The report recommends that the US Congress consider proposals to increase the number of businesses buying terrorism insurance by lowering its price. It says this could be done without increasing costs to taxpayers by changing the terms of federal reinsurance.

The report also says Congress should consider:

* Expanding and improving the financial protections offered by Terrorism Risk Insurance Act (TRIA), instead of allowing the law to expire as scheduled in December.

* Requiring that terrorism insurance cover acts by domestic groups and attacks involving CBRN. Researchers acknowledged that the latter poses a challenge that may be most appropriately covered through a direct government insurance program.

* Creating a national board of governors that can assess the performance of TRIA or its successor.

The Sept. 11 terrorist attacks caused substantial losses for the insurance industry, with current estimates topping $32 billion in payments. As a result, insurance companies began excluding terrorism coverage from policies shortly after the attacks.

In response, Congress enacted TRIA in 2002, which requires insurers to offer commercial terrorism policies and provides federal aid as a backstop to cover losses on the scale of Sept. 11. The move was seen as a step to give insurance companies time to assess their exposure to terrorism losses, and to consider how to price and underwrite terrorism insurance policies.

Comparing the continuing threat of terrorist attacks to the insurance coverage provided under TRIA, researchers conclude that more needs to be done to extend financial safeguards against terrorist attacks. Because TRIA expires at the end of December, the current terrorism insurance system will be dissolved unless Congress extends or revises provisions of the law.

The RAND study notes that a number of trends in terrorism have increased the risk to the private sector since Sept. 11. These include an increased focus on “soft” business and commercial targets, both as a result of heightened security at government and military facilities and due to the degradation of al Qaeda's operational capacity to execute long-range strategic strikes.

In addition, the report points out that al Qaeda has shown increased interest in launching attacks designed to cause mass disruption and economic harm, magnifying the importance of private sector targets. One scenario with the potential for devastating uninsured losses that was highlighted in the report was an attack with a so-called ‘dirty-bomb’ – an explosive device that disburses radioactive material.

The RAND report warns that the United States still faces a potent threat from al Qaeda, despite significant efforts that have been made since the 2001 terrorist attacks to disrupt and weaken the group. In addition, some US extremist groups continue to pose threats.

Forum Comment

This issue has been raised many times by the Continuity forum over the past three years following our report into the ‘Economic Consequences of Terrorism’. The situation outlined by RAND in the US applies equally to the UK even though we have had far longer to address the issues as a result of our experience with the terror groups connected with Northern Ireland.

In the UK the same terms and conditions are applied to policies, and understandably so, without these terms the companies underwriting the risk would have to escalate insurance costs to Business dramatically. An event far smaller than those seen on September 11th could easily run into many Billions of pounds and this is proven by experience in the UK from the PIRA attacks on Docklands and the City.

The response to this situation was to create a special organisation in the UK called Pool Re to provide underwriting capacity for policies that could be the basis of terrorism cover. However, while this has in part worked, the dramatic escalation of costs and the severity of attacks, means that the total fund available for terrorism cover is tiny compared to the costs generated by any successful attack. For the whole of the UK the capacity for Terrorism insurance ‘pool’ is estimated to be a little over £500 million for ALL organisations. What that really means is that very few have any form of effective terrorism cover and if they suffer the effects of an attack it will only be the measures the individual company or organisation has had the sense to put in place in place that will enable them to continue operations that can be relied on. The Continuity Forum has been at the forefront of this issue, urging government and organisations to invest and adopt BCM measures to provide a viable alternative, responsible approach that will go a considerable way in mitigating both the immediate and long term effects of such a disruption.

The Continuity Forum has been working with diverse groups to raise these issues and supports directly the work of others such as the National Counter Terrorism Security Office, in building both the awareness and the processes that can help. Organisations of all types are ‘at risk’ and can work with both specialist Counter Terrorism Security Advisers and the Continuity Forum to better understand what they can do to minimise the effects on their organisations, but this is still not enough!

A large scale attack, of the kind predicted by experts from both Government and the private sector, could literally cost a City like London Tens of Billions in direct costs and many more in indirect costs, such as loss of revenue. For 9/11 there was some considerable amount of cover in place, enabling some financial mechanisms to come to the aid of organisations affected, by since then the terms have changed and now this ‘safety net’ has been removed leaving nearly all unprotected from the impact, yet many still fail to address this topic in the wider context through their BCM programmes, preferring to take the chance.

Changes in Government legislation, particularly through the Civil Contingencies Act have improved some aspects of the response and given greater powers, but the responsibility for organisational Resilience still rest with the board.

We have seen from the US the actions taken through the courts following 9/11 and predict that their would be far far more legal activity following an attack now as the warnings have been clear for many years. Government Legal Counsel has stated that any organisation failing to act properly on the warnings given so explicitly over the past few years would likely face very significant legal action up to and including imprisonment of Directors.

We, and our Legal Counsel, believe that the best method to manage this issue is for all organisations to actively adopt Business Continuity Management within all parts of their operations, which would show the courts clearly, if appropriately managed and maintained, that the Board had acted ‘reasonably and in good faith’ on the available evidence.

Finally, as the risk of Terrorism is now global and affects the interests of many of the worlds leading nations we would urge the UN and World Bank to careful consider the benefits of an international version of the UK’s Pool Re, which if it were properly financed, would go some considerable way to further boost the international resilience of the worlds key finance and trading centres and support the worlds ‘markets’ confidence in times of great uncertainty.

END