Whether the reasons are economic, psychological, or social—or some combination thereof—terrorism has been an entrenched part of human activity since ancient times. Homicidal zealotry did not begin with the first-century Jewish Zealots, who violently sought to overthrow the Roman rule they thought was such an affront to God. Deadly assassinations did not originate with the Assassins, a Muslim faction in the Middle Ages who were known for the fearless dagger attacks they perpetrated on their enemies. Murderous terrorism did not begin in the French Revolution's Reign of Terror, when radicals resorted to a liberal use of the guillotine in supposed service of “liberty, equality, and fraternity.”

Although well-rooted in the past, modern terrorism is clearly distinctive because of its international presence and catastrophic potential. Of course, it is this destructive character that has had such a marked influence on recent trends in risk management. The regular occurrence of major international events since September 11, 2001—including the New Delhi Parliament attacks (2001); the Madrid train bombings (2004); the London subway bombings (2005); and the attacks in Mumbai (2008)—demonstrate why it is safe to assume that this new breed of terrorism will be a central part of the risk management process for some years to come.

Challenges to Assessing Exposure Levels

Thankfully, there have been no major terrorist events on American soil since the tragic events of September 11th nine years ago. However, it is difficult to determine how indicative this experience will be of future events. As we are reminded every time we go to an airport, Homeland Security still regards the risks on domestic and international flights to be high. Conservative watch groups like the Heritage Foundation claim that at least 30 terrorist plots have been foiled since September 11th—and that only the highest degree of vigilance will continue to keep terrorism at bay. The difficult job of terrorism risk management can sometimes appear to be mired in subjectivity, often without benefit of the solid actuarial data or predictable loss histories that are so much a part of the assessment of other areas of risk.

TRIA and Its Problems

After the devastating multi-billion losses of September 11th, insurers acted quickly to exclude terrorism coverage in their policies. Far from being surprising, this was a matter of principle—as a rule, insurers always prefer to avoid unpredictable, catastrophic losses. It was largely the federal government's Terrorism Risk Insurance Act (TRIA) of 2002 that made insurers willing to write terrorism coverage again.

Of course, TRIA's “safety net” did little to clarify the real extent of terrorism risk in the United States. Despite the security it provides, TRIA has its limitations. Most notably, the $100 billion program cap could mean that an insured could only receive a partial recovery in the event of a catastrophic terrorist event. TRIA also does not provide coverage for nuclear, biochemical, or chemical attacks. Furthermore, in part because terrorism coverage is optional on the part of insureds, it appears that insufficient premium dollars are being collected to cover major losses. Critics fear that a major terrorist event could therefore have serious detrimental effects not only on insurers but also the economy in general, causing an erosion of the very stability TRIA sought to provide.

Searching for a Solution

The best solution for risk managers, according to both Wells Fargo and Aon, is a comprehensive counterterrorism risk management program. It is crucial that every risk management team understand the nature of its business and the potential terrorism risks that confront it. Every facet of the organization must be considered—operations, supply chains, revenue, reputation, and business interruption. Both property and liability exposures must be considered, and liability concerns associated with security are an especially important consideration. Models and incident management planning are necessary so that all foreseeable problems can be considered before the advent of a terrorist attack. Of course, it is always important to remember that insurance is just one component in the risk management process.

It is also helpful to know that the Insurance Services Office (ISO) has done some pioneering work with terrorism modeling and risk metrics. ISO provides guidance based on geographic location and a definition of “primary target types.” Apart from certain “trophy targets,” which are recognized as having symbolic value, high-risk classifications are focused on factors pertaining to the importance in the general infrastructure in addition to the overall value as an asset. Although ISO's statistical data may have its limitations, it could prove to be a valuable resource for helping to gauge terrorism risk for particular organizations.

The Future of Terrorism and 2014

Although devotees of the Mayan calendar might suggest that terrorism will cease to be a concern in 2012, the year 2014 is a cause of anxiety for many insurance company executives. TRIA was extended in 2005 and again in 2007 but is currently set to expire in 2014. The federal government had originally thought that the private insurance market would assume the terrorism exposure. Although the Obama administration has been pushing for the reduction of federal involvement, insurers appear to be denouncing these proposals with a unified voice. The National Association of Insurance Commissioners, the National Association of Mutual Insurance Companies, the Risk & Insurance Management Society, and the American Insurance Association have all stressed the necessity of an ongoing “federal backstop” for terrorism coverage, expressing serious doubts that the private sector will be able to sustain a viable market for terrorism insurance anytime in the near future.

Based on the course of human history in general and events since September 11th in particular, the continuation of terrorist activities appears to be a practical certainty. Some of the U.S. government's future response may have to do with the future of the political landscape. Budgetary constraints, calls for fiscal responsibility, and the perceived threat (or actual occurrence) of terrorist attacks before 2014 will certainly all play a vital role in the availability of terrorism insurance in the years to come. Regardless, risk managers should seek to understand their own companies thoroughly and be posed to adapt their strategies to the changing environment.

Barrett A. Evans, CPCU, AIC, is a regional claim manager with Insurance House in Winston-Salem, NC. He may be reached at 866-268-8383; [email protected].