Skip to content

Life Insurers: Navigating a Web of Interconnected Risks

Author

Alison Salka, Ph.D.
Principal Consultant
LIMRA and LOMA
asalka@limra.com

June 2024

The life insurance industry stands at a critical juncture, faced with unprecedented challenges and opportunities. Understanding and managing risk is critical to ensuring business continuity and success. The first step is to identify and prioritize risks. To this end, LIMRA asked industry professionals to rate the magnitude of several business risks and their level of preparation to address them.

LIMRA conducted the survey for the first time in 2023.1 Last year, technology, talent, regulation and the macroeconomy topped the list. This year’s, key findings, soon to be published on LIMRA.com, include:

  • Technology, such as platform modernization, digitization, the cloud and artificial intelligence (AI), remains the greatest perceived risk, followed by fraud/cybercrime (treated separately from technology), and interest rates. Cybercrime and fraud jumped up four spots in ranking from last year.
  • Talent, regulation and reputational risk are tied for the fourth biggest risk. Reputational risk was near the bottom of the list last year. The visibility and repercussions of cyber and fraud issues may make reputational risk seem greater.
  • Climate change had the lowest mean rating for the second year in a row. The level of concern is higher than last year, but still below other industry risks.
  • When asked about the biggest risk to the industry (without being provided a list), responses indicate that operational risks are gaining a lot of mindshare ─ cybercrime and fraud were most frequently mentioned. This may be because AI could lead to automation of fraud and greater risk.

Figure 1. Main Risks Facing the Industry Over the Next Few Years

(Mean rating on a 1-10 scale)


When asked how prepared insurers are to manage these risks on a scale of 1 to 10 (with zero being completely unprepared and 10 being completely prepared, respondents rated the industry at a 6.5.

Figure 2. How Prepared Is the Industry for the Challenges?

(10-point scale)

Lowest Readiness Rating
Average
Highest Readiness Rating
3
6.5
9

Technology

Technology is a broad category, including platform modernization, digitization, the cloud and AI. Technology risks pose significant financial consequences to insurers, and they consume a lot of time, attention and resources.

A recent LIMRA EY Survey looked at technology objectives and investments. Objectives are generally ambitious, and investments span the value chain. Overall, we found that digital transformation is the top objective of technology investment; however, two-thirds of carriers are still challenged by legacy systems and outdated infrastructure. They are currently replacing custom code systems, adding vendor packages and engaging in partnerships. All these activities carry risks.

What About AI?

On the positive side, generative artificial intelligence (GenAI) has the power to transform the insurance sector by increasing operational effectiveness, opening up innovation opportunities, increasing security and deepening customer relationships. It can improve the accuracy and efficiency of underwriting. Of course, AI can also do a lot of damage: hallucinations, bias and issues with data, copyrights and privacy. Almost all life insurance companies are exploring AI use cases. Many are limiting the use of AI to areas where they see lower risk, such as marketing, knowledge management and some customer interaction.

Insurers are adopting different approaches to manage and mitigate AI risks. Some recommended practices include:

  • Implementing a clearly defined policy or approach with high-level understanding of risk tolerance and buy-in.
  • Creating a well-defined risk assessment framework that is developed by stakeholders across the organization.
  • Developing an employee education program on AI with opportunities for training and engagement.
  • Forming clear governance policies that enable use of AI with appropriate oversight and focus on transparency and minimizing bias, hallucinations and other risks.
  • Keeping good records on AI use and data.
  • If working with a third-party service, carefully reviewing their policies and security to ensure they have mitigated risks associated with AI implementation.

It is critical to strike a good balance between innovation and security. Recent reports suggest that increased regulatory scrutiny and legal action can be expected soon.

Fraud and Cybersecurity

As technology evolves, so do the methods employed by cybercriminals to exploit vulnerabilities and compromise sensitive data. Understanding these risks and implementing robust strategies to address them is critical to safeguarding customer information, maintaining regulatory compliance and preserving the reputation and integrity of life insurance companies.

Risks associated with fraud and cybersecurity include data breaches, phishing attacks and ransomware. There is also risk associated with third-party services. IT infrastructure work, claims processing, customer support and other services are often outsourced. Strong security measures need to be enforced throughout the supply chain. In addition, the life insurance industry is subject to stringent regulatory compliance. Failure to comply with these regulations can result in hefty fines, legal liabilities and reputational damage.

How can risks be mitigated?

  • Implement vigorous security measures. Deploy comprehensive cybersecurity measures including firewalls, intrusion detection systems, encryption protocols and multifactor authentication mechanisms to safeguard sensitive data and prevent unauthorized access.
  • Train employees. Human error remains one of the leading causes of cybersecurity breaches. Ongoing training and awareness programs are essential to educate employees about cybersecurity best practices, such as recognizing phishing attempts, using strong passwords and securely handling sensitive information.
  • Conduct regular security assessments and audits. Assessments can identify vulnerabilities and weaknesses in IT systems and infrastructure. By proactively addressing these issues, life insurance companies can strengthen their defenses and mitigate the risk of cyberattacks.
  • Encrypt and back up data. Encrypting sensitive data both in transit and at rest provides an additional layer of protection against unauthorized access. Additionally, implementing regular data backups ensures that critical information can be restored in the event of a ransomware attack or data loss.
  • Review and assess third-party security practices. Ensure partners adhere to cybersecurity standards. Implementing contractual agreements that outline security requirements and conducting regular audits can mitigate third-party risks.
  • Stay current on regulatory updates. Conduct regular risk assessments and implement policies and procedures to address compliance requirements.

Interest Rates

Life insurance companies face risk associated with changes in interest rates. These fluctuations can have significant implications for various aspects of operations, including investment income, policyholder liabilities and overall profitability. By implementing effective risk management practices and adopting prudent financial strategies, insurers can navigate interest rate fluctuations successfully and position themselves for sustainable growth and profitability in dynamic market environments.

Conclusion

The industry faces many business challenges ─ from technological advancements and cybercrime threats to the complexities of interest rate fluctuations, talent acquisition, regulatory compliance and safeguarding reputation. Insurers must navigate a web of interconnected risks to thrive in the digital era. As we continue to innovate and adapt to evolving market dynamics, industry stakeholders must remain vigilant, proactive and resilient in addressing these challenges head-on.

1 Industry Executives Rate Potential Risks and Levels of Preparation (unpublished LIMRA research), 2023.

Did you accomplish the goal of your visit to our site?

Yes No