"terrorism modeling & risk management" - presented at the raa's cat modeling...

TERRORISM MODELING AND RISK MANAGEMENT

February 11, 2014

Chris Folkman Director, Model Product Management

•  Terrorism Modeling Overview •  Event frequency in probabilistic terrorism

modeling

•  Modeling Framework §  Exposure §  Hazard §  Vulnerability §  Probabilistic Framework

•  TRIA implications in terrorism risk

management

OUTLINE

TERRORISM MODEL BACKGROUND

•  September 11th, 2001 attacks: $40 billion insured loss. WTC attack footprint: 16 acres.

•  Models created in 2002-2003 in response to market demand for terrorism solutions.

•  Terrorism modeling data has improved over the past decade.

Ø  More data on plot frequency Ø  More data on attack suppression / success rates Ø  More insight into countersecurity Ø  Better calibration of hazard and vulnerability

EXPOSURE MANAGEMENT

§  Monitor exposure concentrations around high risk targets. §  Identify building level accumulations. §  Identify exposure “Hot Spots” within given radius.

TERRORISM RISK MANAGEMENT – A “THREE PRONGED” APPROACH

SCENARIO LOSS MODELING

§  Quantify loss for one attack scenario. §  Manage losses of benchmark scenarios to acceptable levels. §  Submitted to rating agencies (i.e. Best SRQ).

PROBABILISTIC LOSS MODELING

§  Identify most critical attack scenarios for a portfolio

§  Determine relative likelihood of attack scenarios §  Calculate impact of multiple attacks as part of a single event (multiplicity).

Probabilistic terrorism modeling delivers deep insight into key drivers of loss on a portfolio

Ø  Analysis of comprehensive event catalog (90,000+ attacks).

Ø  Key losses by account, location, target type, city, and line of business

Ø  Assist underwriters in risk selection

Ø  Design and implement underwriting guidelines

Ø  Capacity allocation

Ø  Evaluate reinsurance needs and options

PROBABILISTIC MODELING OF TERRORISM

“There’s not enough data to create meaningful rates”

•  RMS rates are based on empirical data, not judgment.

•  RMS frequency is calibrated against hundreds of plots from open source intelligence - known, intercepted, and/or resulting in court convictions – to set the baseline threat level for each country.

•  Event rates are scaled with data based on: •  Attack mode •  Target category •  City

•  As the threat landscape changes, so does frequency.

TERRORISM FREQUENCY: COMMON MISPERCEPTIONS

“You can’t model human behavior” •  RMS does not model human behavior. •  Terrorism modeled as a control process: terrorists’ actions are

constrained by countersecurity measures.

•  Terrorists are rational actors. Targeting strategy is based on maximizing “attack leverage”.

•  Suppression and interdiction rates based on data from open source intelligence, court convictions, DHS disbursements.

•  Range of outcomes from conventional terrorism is narrow: Ø  Multiple successive terrorist events: not plausible due to

suppressive law enforcement action following the first event.

Ø  Multiple hurricanes making landfall (i.e. 2004, Florida): plausible.

TERRORISM FREQUENCY: COMMON MISPERCEPTIONS

All carriers writing terrorism cover are making assumptions about frequency. •  These assumptions should be informed by data, not guesswork.

•  RMS model incorporates dozens of data sources in frequency calibration:

PROBABILISTIC TERRORISM MODELING

Terrorism Plots

Strength of Countersecurity Environment

Target Selection

ü  Terrorism court convictions ü  Intercepted plots ü  Open source intelligence

ü  DHS disbursements ü  Municipal anti-terror resources

ü  Gross municipal product of city ü  City name recognition in middle east ü  Symbolic value of target ü  Building level security perimeters

EXPOSURE AT RISK

FRAMEWORK FOR TERRORISM MODELING

QUANTIFY HAZARD ASSESS VULNERABILITY PROBABILISTIC ANALYSIS

Exposure at Risk

Quantify Hazard

Assess Vulnerability

Probabilistic Analysis

Concentrated nature of terrorism risk demands accurate and high resolution exposure data •  All addresses geocoded to lat-long before modeling •  Post code centroid is insufficient •  Large variations of risk exist within a single post code •  Hazard and vulnerability not averaged across a larger area •  Data quality is paramount

IMPORTANCE OF ADDRESS RESOLUTION

ZIP Code Centroid 10017

United Nations

ATTACK MODES MODELED

Exposure at Risk

Quantify Hazard



600 lb Car Bomb

1 ton Minivan Bomb

5 ton Truck Bomb

10 ton Trailer Bomb

2 ton Box Van Bomb

Aircraft Impact Attack

Tanker Conflagration Attack Nuclear Weapon

Biological Agent Attack

Radiological Attack

Chemical Agent Attack

Sabotage Attacks

Various wind speeds, isotopes, and indoor/outdoor options apply

HAZARD BY ATTACK TYPE

Exposure at Risk

Quantify Hazard



ATTACK MODES HAZARD DESCRIPTION

Conventional Bomb Attacks Blast pressure (PSI)

Hazardous Transportation Sabotage, Industrial Sabotage - Toxic Release

Particulate contamination

Aircraft Impact Distance from target

Biological / Chemical Attack (Outdoor) Dosage / deposition of contaminant

Conflagration Fire ignitions

Dirty Bomb, Nuclear Plant Sabotage Radiation level

SIMPLE DAMAGE FOOTPRINT

Bomb blast in downtown Manhattan

0 250 500125Meters

Exposure

Highest

Lowest

Accum. Center

NY Accumulation Centroid

Hazard rings represent blast pressure dissipating as it

moves away from the centroid

Exposure at Risk

Quantify Hazard



HIGH RESOLUTION FOOTPRINT

Large Anthrax release in downtown

Chicago

Better reflects local environment and

orientation of footprint Downtown Chicago

AnthraxContamination

Highest

Lowest 0 5 10 15 202.5Miles

Exposure at Risk

Quantify Hazard



Exposure at Risk

Quantify Hazard



Represent the relationship between level of hazard and damage

§  Effects on property, disruption of services, injury, and loss of life

§  Expressed as mean damage ratio (MDR) or mean casualty rate (MCR)

§  Vulnerability functions by building construction and height.

VULNERABILITY OF TERRORIST ATTACKS

MEAN DAMAGE RATIO BY DISTANCE TO TARGET

Exposure at Risk

Quantify Hazard



Vulnerability varies by building characteristics.

75 100 150 250 400

Mean Da

mage Ra

*o (%

)

Distance to A4ack Centroid (meters)

Unknown Construc3on / Height

Reinforced Masonry -‐ High (8-‐14)

Steel Structure -‐ V Tall

Unknown Construc3on -‐ Tall

2 Ton Bomb Scenario

Exposure at Risk

Quantify Hazard



Standard Fire Policy (SFP): In U.S., many states require that fire following terrorism be included in property coverage. Explicit quantification of fire-related damages is critical for selected attack modes:

§  Bombs §  Aircraft Impact §  Conflagration §  Industrial Sabotage §  Nuclear

FIRE LOSSES

Mitsubishi Steel and Armament Works ~ 700 meters from hypocenter, Nagasaki From: www.hiroshima-remembered.com

Terrorist target selection based on maximizing attack leverage. Criteria for targets based on:

§  Economic Impact §  Symbolic Value / Publicity Value §  Casualties §  Debriefings of Operatives §  Historical Attack Patterns §  Known Planned Attacks §  Intelligence Reports and Expert Opinions

TERRORIST TARGET DEVELOPMENT

Exposure at Risk

Quantify Hazard



Exposure at Risk

Quantify Hazard



•  Attack Frequency Ø  Country Specific Ø  Plots à Attacks Ø  Recalibrated frequently

•  Conditional Probability. Given that an attack

occurs, what is its likelihood by: Ø  Type of attack Ø  Type of target Ø  City

•  Attack Multiplicity Ø  Multiple attacks = One Event

COMPONENTS OF TERRORISM RATES

TRIA STRUCTURE

From the Congressional Research Service, April 2013:

TRIA RENEWAL EFFORTS

Political Challenges •  House financial committee

has 46% new membership since last TRIA renewal.

•  Aversion to perceived “bail out” legislation persists.

•  TRIA backstop provided without charge, premium collected without incident.

Key Support •  Strong, united lobby from

banking, insurance, and construction industries to promote TRIA renewal.

•  Renewal proposed 3 times in congress in 2013, by members of both parties.

Non-renewal impacts •  Moody’s downgrades in

2002. •  Sunset clauses in 2005:

delayed / halted lending and construction.

•  Capacity shortage, large rate increases.

•  RMS top five cities for terrorism risk: New York, Washington, Chicago, San Francisco, Los Angeles.

The terrorism threat gradient is steep: 75% of AAL is in five metro areas.

TRIA CONSIDERATIONS

Los Angeles

San Francisco

Washington DC

Chicago

New York

Rest of U.S.

Propor*on of Average Annual Terrorism Loss by Metropolitan area

0

100,000

200,000

300,000

400,000

500,000

600,000

Winterstorm Terrorism Earthquake + Fire

Hurricane Convective Storm

$ M

illio

ns 250 Year

1,000 Year

5,000 Year

Terrorism risk is comparable with nat cat risk.

TRIA CONSIDERATIONS

RMS U.S. Industry Loss Curves by Peril

TRIA CONSIDERATIONS

Event Descrip*on Total Loss ($Billions)

Property Damage Loss ($Billions)

Workers' Comp Loss ($Billions) Fatali*es

Nuclear Detona*on, 5 kiloton yield, Chicago

$530 $323 $207 300,000

Nuclear Detona*on , 1 kiloton yield, Los Angeles

$230 $163 $67 110,000

Anthrax a4ack, 75 kg anthrax slurry, Philadephia

$216 $125 $91 60,000

Nuclear Power Plant Sabotage, Illinois

$148 $146 $2 Few

Dirty Bomb, 15,000 curies cesium-‐137, New York

$127 $127 $0.1 Few

Anthrax a4ack, 1 kg anthrax slurry, Philadephia

$44 $26 $18 10,000

Sarin Gas A4ack, 1,000 kg release, New York

$17 $12 $5 2,000

NBCR severity makes it difficult to insure

•  Market Capacity Ø  Evan Greenberg, CEO ACE Ltd: “I wouldn’t make

[terrorism cover] available, nor would any other company that I know of.”

•  Workers’ Compensation Ø  Terrorism cannot be excluded Ø  Residual markets can be >50% more expensive than

private carriers

•  Commercial Development Ø  Loan Covenants require terrorism cover Ø  Moody’s: $4.5 billion in mortgage securities downgraded

(2002) due to lack of terrorism insurance.

TRIA RENEWAL: WHAT’S AT STAKE

•  All terrorism writers make assumptions on event frequency. •  Assumptions should be based on data. •  Probabilistic terrorism modeling allows most comprehensive

view of risk.

•  Terrorists are rational actors whose targeting selections align with principals maximizing “attack leverage”

•  Best practice: Use multiple approaches to best triangulate terrorism risk •  Exposure management •  Deterministic scenarios •  Probabilistic modeling

•  Location-level data quality is important due to small event footprints

•  Terrorism risk is comparable with nat cat risk.

•  Terrorism risk can be successfully modeled. Insuring it remains difficult.

TAKE AWAYS

"terrorism modeling & risk management" - presented at the raa's cat modeling...

Education