"Terrorism Modeling & Risk Management" - Presented at the RAA's Cat Modeling Conference 2014
description
Transcript of "Terrorism Modeling & Risk Management" - Presented at the RAA's Cat Modeling Conference 2014
TERRORISM MODELING AND RISK MANAGEMENT
February 11, 2014
Chris Folkman Director, Model Product Management
• Terrorism Modeling Overview • Event frequency in probabilistic terrorism
modeling
• Modeling Framework § Exposure § Hazard § Vulnerability § Probabilistic Framework
• TRIA implications in terrorism risk
management
OUTLINE
TERRORISM MODEL BACKGROUND
• September 11th, 2001 attacks: $40 billion insured loss. WTC attack footprint: 16 acres.
• Models created in 2002-2003 in response to market demand for terrorism solutions.
• Terrorism modeling data has improved over the past decade.
Ø More data on plot frequency Ø More data on attack suppression / success rates Ø More insight into countersecurity Ø Better calibration of hazard and vulnerability
EXPOSURE MANAGEMENT
§ Monitor exposure concentrations around high risk targets. § Identify building level accumulations. § Identify exposure “Hot Spots” within given radius.
TERRORISM RISK MANAGEMENT – A “THREE PRONGED” APPROACH
SCENARIO LOSS MODELING
§ Quantify loss for one attack scenario. § Manage losses of benchmark scenarios to acceptable levels. § Submitted to rating agencies (i.e. Best SRQ).
PROBABILISTIC LOSS MODELING
§ Identify most critical attack scenarios for a portfolio
§ Determine relative likelihood of attack scenarios § Calculate impact of multiple attacks as part of a single event (multiplicity).
Probabilistic terrorism modeling delivers deep insight into key drivers of loss on a portfolio
Ø Analysis of comprehensive event catalog (90,000+ attacks).
Ø Key losses by account, location, target type, city, and line of business
Ø Assist underwriters in risk selection
Ø Design and implement underwriting guidelines
Ø Capacity allocation
Ø Evaluate reinsurance needs and options
PROBABILISTIC MODELING OF TERRORISM
“There’s not enough data to create meaningful rates”
• RMS rates are based on empirical data, not judgment.
• RMS frequency is calibrated against hundreds of plots from open source intelligence - known, intercepted, and/or resulting in court convictions – to set the baseline threat level for each country.
• Event rates are scaled with data based on: • Attack mode • Target category • City
• As the threat landscape changes, so does frequency.
TERRORISM FREQUENCY: COMMON MISPERCEPTIONS
“You can’t model human behavior” • RMS does not model human behavior. • Terrorism modeled as a control process: terrorists’ actions are
constrained by countersecurity measures.
• Terrorists are rational actors. Targeting strategy is based on maximizing “attack leverage”.
• Suppression and interdiction rates based on data from open source intelligence, court convictions, DHS disbursements.
• Range of outcomes from conventional terrorism is narrow: Ø Multiple successive terrorist events: not plausible due to
suppressive law enforcement action following the first event.
Ø Multiple hurricanes making landfall (i.e. 2004, Florida): plausible.
TERRORISM FREQUENCY: COMMON MISPERCEPTIONS
All carriers writing terrorism cover are making assumptions about frequency. • These assumptions should be informed by data, not guesswork.
• RMS model incorporates dozens of data sources in frequency calibration:
PROBABILISTIC TERRORISM MODELING
Terrorism Plots
Strength of Countersecurity Environment
Target Selection
ü Terrorism court convictions ü Intercepted plots ü Open source intelligence
ü DHS disbursements ü Municipal anti-terror resources
ü Gross municipal product of city ü City name recognition in middle east ü Symbolic value of target ü Building level security perimeters
EXPOSURE AT RISK
FRAMEWORK FOR TERRORISM MODELING
QUANTIFY HAZARD ASSESS VULNERABILITY PROBABILISTIC ANALYSIS
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
Concentrated nature of terrorism risk demands accurate and high resolution exposure data • All addresses geocoded to lat-long before modeling • Post code centroid is insufficient • Large variations of risk exist within a single post code • Hazard and vulnerability not averaged across a larger area • Data quality is paramount
IMPORTANCE OF ADDRESS RESOLUTION
ZIP Code Centroid 10017
United Nations
ATTACK MODES MODELED
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
600 lb Car Bomb
1 ton Minivan Bomb
5 ton Truck Bomb
10 ton Trailer Bomb
2 ton Box Van Bomb
Aircraft Impact Attack
Tanker Conflagration Attack Nuclear Weapon
Biological Agent Attack
Radiological Attack
Chemical Agent Attack
Sabotage Attacks
Various wind speeds, isotopes, and indoor/outdoor options apply
HAZARD BY ATTACK TYPE
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
ATTACK MODES HAZARD DESCRIPTION
Conventional Bomb Attacks Blast pressure (PSI)
Hazardous Transportation Sabotage, Industrial Sabotage - Toxic Release
Particulate contamination
Aircraft Impact Distance from target
Biological / Chemical Attack (Outdoor) Dosage / deposition of contaminant
Conflagration Fire ignitions
Dirty Bomb, Nuclear Plant Sabotage Radiation level
SIMPLE DAMAGE FOOTPRINT
Bomb blast in downtown Manhattan
0 250 500125Meters
Exposure
Highest
Lowest
Accum. Center
NY Accumulation Centroid
Hazard rings represent blast pressure dissipating as it
moves away from the centroid
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
HIGH RESOLUTION FOOTPRINT
Large Anthrax release in downtown
Chicago
Better reflects local environment and
orientation of footprint Downtown Chicago
AnthraxContamination
Highest
Lowest 0 5 10 15 202.5Miles
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
Represent the relationship between level of hazard and damage
§ Effects on property, disruption of services, injury, and loss of life
§ Expressed as mean damage ratio (MDR) or mean casualty rate (MCR)
§ Vulnerability functions by building construction and height.
VULNERABILITY OF TERRORIST ATTACKS
MEAN DAMAGE RATIO BY DISTANCE TO TARGET
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
Vulnerability varies by building characteristics.
75 100 150 250 400
Mean Da
mage Ra
*o (%
)
Distance to A4ack Centroid (meters)
Unknown Construc3on / Height
Reinforced Masonry -‐ High (8-‐14)
Steel Structure -‐ V Tall
Unknown Construc3on -‐ Tall
2 Ton Bomb Scenario
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
Standard Fire Policy (SFP): In U.S., many states require that fire following terrorism be included in property coverage. Explicit quantification of fire-related damages is critical for selected attack modes:
§ Bombs § Aircraft Impact § Conflagration § Industrial Sabotage § Nuclear
FIRE LOSSES
Mitsubishi Steel and Armament Works ~ 700 meters from hypocenter, Nagasaki From: www.hiroshima-remembered.com
Terrorist target selection based on maximizing attack leverage. Criteria for targets based on:
§ Economic Impact § Symbolic Value / Publicity Value § Casualties § Debriefings of Operatives § Historical Attack Patterns § Known Planned Attacks § Intelligence Reports and Expert Opinions
TERRORIST TARGET DEVELOPMENT
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
Exposure at Risk
Quantify Hazard
Assess Vulnerability
Probabilistic Analysis
• Attack Frequency Ø Country Specific Ø Plots à Attacks Ø Recalibrated frequently
• Conditional Probability. Given that an attack
occurs, what is its likelihood by: Ø Type of attack Ø Type of target Ø City
• Attack Multiplicity Ø Multiple attacks = One Event
COMPONENTS OF TERRORISM RATES
TRIA STRUCTURE
From the Congressional Research Service, April 2013:
TRIA RENEWAL EFFORTS
Political Challenges • House financial committee
has 46% new membership since last TRIA renewal.
• Aversion to perceived “bail out” legislation persists.
• TRIA backstop provided without charge, premium collected without incident.
Key Support • Strong, united lobby from
banking, insurance, and construction industries to promote TRIA renewal.
• Renewal proposed 3 times in congress in 2013, by members of both parties.
Non-renewal impacts • Moody’s downgrades in
2002. • Sunset clauses in 2005:
delayed / halted lending and construction.
• Capacity shortage, large rate increases.
• RMS top five cities for terrorism risk: New York, Washington, Chicago, San Francisco, Los Angeles.
The terrorism threat gradient is steep: 75% of AAL is in five metro areas.
TRIA CONSIDERATIONS
Los Angeles
San Francisco
Washington DC
Chicago
New York
Rest of U.S.
Propor*on of Average Annual Terrorism Loss by Metropolitan area
0
100,000
200,000
300,000
400,000
500,000
600,000
Winterstorm Terrorism Earthquake + Fire
Hurricane Convective Storm
$ M
illio
ns 250 Year
1,000 Year
5,000 Year
Terrorism risk is comparable with nat cat risk.
TRIA CONSIDERATIONS
RMS U.S. Industry Loss Curves by Peril
TRIA CONSIDERATIONS
Event Descrip*on Total Loss ($Billions)
Property Damage Loss ($Billions)
Workers' Comp Loss ($Billions) Fatali*es
Nuclear Detona*on, 5 kiloton yield, Chicago
$530 $323 $207 300,000
Nuclear Detona*on , 1 kiloton yield, Los Angeles
$230 $163 $67 110,000
Anthrax a4ack, 75 kg anthrax slurry, Philadephia
$216 $125 $91 60,000
Nuclear Power Plant Sabotage, Illinois
$148 $146 $2 Few
Dirty Bomb, 15,000 curies cesium-‐137, New York
$127 $127 $0.1 Few
Anthrax a4ack, 1 kg anthrax slurry, Philadephia
$44 $26 $18 10,000
Sarin Gas A4ack, 1,000 kg release, New York
$17 $12 $5 2,000
NBCR severity makes it difficult to insure
• Market Capacity Ø Evan Greenberg, CEO ACE Ltd: “I wouldn’t make
[terrorism cover] available, nor would any other company that I know of.”
• Workers’ Compensation Ø Terrorism cannot be excluded Ø Residual markets can be >50% more expensive than
private carriers
• Commercial Development Ø Loan Covenants require terrorism cover Ø Moody’s: $4.5 billion in mortgage securities downgraded
(2002) due to lack of terrorism insurance.
TRIA RENEWAL: WHAT’S AT STAKE
• All terrorism writers make assumptions on event frequency. • Assumptions should be based on data. • Probabilistic terrorism modeling allows most comprehensive
view of risk.
• Terrorists are rational actors whose targeting selections align with principals maximizing “attack leverage”
• Best practice: Use multiple approaches to best triangulate terrorism risk • Exposure management • Deterministic scenarios • Probabilistic modeling
• Location-level data quality is important due to small event footprints
• Terrorism risk is comparable with nat cat risk.
• Terrorism risk can be successfully modeled. Insuring it remains difficult.
TAKE AWAYS