Get ready for super powerful quantum computing, a disruptive technology that holds the potential of cracking as-yet unsolvable problems but also can be the source of danger for privacy, security and human rights, speakers told a recent KPMG insurance conference in Toronto.
“The entire [insurance] industry will be disrupted by quantum computing,” said Seamus Blackmore, Partner, Product Lead, GTA Lighthouse, KPMG in Canada. “But those who are prepared are the ones who will come out on top.”
Quantum computing may well be available in about five year’s time, said Blackmore. “If and when it gets to the point where it’s ubiquitous…like smartphones, it will completely change the world. There’s no question about it.”
A long-tail risk
But he said the insurance industry needs to begin preparing for quantum computing now because it’s considered a long-tail risk in which claims may not be settled until a relatively long time after a policy period expires.
“Those who are prepared are the ones who will come out on top,” said Blackmore.
Having this technology in our lives is for the greater good, said Sylvia Kingsmill, Global Cyber Privacy Leader, Partner, Risk Consulting, KPMG in Canada.
But at the same time, Kingsmill said the high-speed, code-breaking technology deals with massive amounts of data that may also harm years of work spent on security in highly sensitive areas like the military, defence and even health care.
“This is really about human rights and the harm that could take place,” said Kingsmill. “It’s about bias, it’s about discrimination, it’s about preventing unfair outcomes…. I think the focus needs to be about good AI governance.”
She said that Canada has proposed legislation, called the Artificial Intelligence Data Act, that will make AI companies conduct high-impact assessments on the use of data. Kingsmill said both industry and government need to get on side to move this legislation forward.
But Harkaran Singh, Customer Digital Transformation Leader for Financial Services at Microsoft, said the real challenge the industry faces is that it contains mounds of old or obsolete information, data that no other industry holds, such as the life and health insurance industry.
“So we have all of this [new] great data. Now how to use that data and technology – that is going to be the challenge.”
Cyber threats and financial crimes
In the meantime, the industry has other issues to contend with, particularly in the areas of cyber threats and financial crimes.
Hoda Nasseri, Senior Manager, Cyber Defense, KPMG in Canada, said ransomware has become a prevalent – and profitable – form of crime for cyber terrorists, reaping $8 trillion in 2021 – the third largest economy after the United States and China.
Nasseri said it takes about 90 days for a company to recover from a major ransomware attack. In addition to the payment these cyber thieves demand, there is also a loss of revenue caused by business disruption that can cost five to 10 times more than the ransomware attack itself, plus the reputational harm.
As a result of all these successful ransomware attacks, premiums have gone up for insurance against ransom attacks by as much as 500 per cent more for some clients, said Jack Bottomley, Senior Consultant, KPMG in Canada.
“We should see this as a correction, something that needs to happen to ensure the market remains sustainable,” he said. But in the meantime, some firms have co-insurance for ransomware, putting them on the hook for half of the issues.
Bottomley said the insurance market has reacted to exclude certain industries such as health care companies, public sector and any clients with large operational technology. But he said: “Is that the right approach? Can we do better?”
Clients can’t avoid cyber risk, so to bring cyber risk down to a financial level that they are willing to accept firms have two options: transfer the impact to a third party, or mitigate, i.e. decrease the probability or impact of cyber risk.
Premiums going up
With the difficult market and premiums going up, Bottomley said an increasing number of clients are considering self insurance and doing away with the big premium increases. The industry, he said, should be developing additional value to clients and maintain a good risk posture. One of those ways is to continue to show clients the risks that they could continue to face. “Even with the best controls in place cyber incidents will happen.”
But he said the insurance industry needs to start rewarding good behaviour for doing the right things, adding it doesn’t make sense to exclude a good client in a bad industry.
“Walking away from clients might be painful in the short term, but in the long term it’s going to drive better behaviour, help the client haver better conversations about prioritizing cyber risk and preserve the sustainability of the cyber insurance market as well.”
Also facing the insurance industry is fraud in both life and health and property and casualty (P&C), said Kas Rehman, Partner, KPMG in Canada.
Everything from theft of premiums, churning, falsified information, fake death claims and corruption, including bribery, kickbacks and collusion are rampant in many industries, especially insurance, said Rehman. Add to that higher inflation, higher interest rates and loss of jobs and “we’re in this perfect storm where the motivations of individuals have gone way up,” he said.
“We’re coming out of COVID so there’s a lot of strain and pressure in the system and the economy is going downhill at least for the next little while…so life is much more unaffordable.”
In addition to individuals, organized crime is hard at work in areas such as the P&C industry, life and health insurance and the ministries of health, said former police officer Bryan Gast, now a Vice President, Investigative Services Division at Équité Association.
Gast noted that while organized crime targets specific communities, it’s hard to get evidence unless there’s a whistleblower.
He did say though that the P&C industry is working together to help fight organized crime and fraud in general.