SESSION 15. Science, techniques and training on the Insurance Business

15. Science, techniques and training on the Insurance Business.

María Dolores Oliver-Alfonso (Universidad de Sevilla)
Filippo di Pietro (Universidad de Sevilla)


Paper 1

The Rise of Science for Modern Life Insurance Markets.

Dr. Ian Enright, academic
Greg Pynt, barrister

This contribution considers the role of science in Western Europe in its broadest scope, including philosophy, mathematics and medicine, in the origins and development of life insurance markets in the Anglo-Australian tradition.

We begin with a brief history of life insurance until the Enlightenment. This covers the Hammurabi Code, Phoenician bottomry loans, Roman Empire indemnities, the Lombard and Genoan polizzas and the Elizabethan accounts of insurance practice and legislation [1].

The early forms of life insurance were the early burial societies, the insurance of the life of a sea captain as a type of “keyman” insurance to cover the loss of the ship, cargo or voyage and then the insurance of a life of a debtor [2]. The Great Fire of London and then the emergence of Lloyd’s of London provided a major catalyst and then a market monopoly for insurance.
We then outline the major philosophic, political and commercial developments in the second half of the eighteenth century. We argue for a contextual dialectic [3] among these factors in their influence on the origins of modern life insurance.

Our argument then considers the introduction of probability theory and its influence on mortality assessment from 1650 and then funding predictive models for life insurance from 1760 [4]. The life mortality tables had their origins in the Church Bills of Mortality and then infused with statistical method by John Graunt, Dr Richard Price and Edmund Halley [5]. The emergence of probability theory through the work of de Mere, Pascal, Fermat, Huygens and Bernoulli developed a method for the prediction of fortuitous events [6]. The work of Robert Wallace and Andrew Webster gave life insurance a funding model to collect premiums. Scottish Widows was the first life mutual [7]. The gambling on lives led to the Life Assurance Act UK 1774 [8].

We trace these influences though the history of the mutual model for insurance corporations, the Industrial Revolution and friendly societies [9].
Finally, we consider some current issues in life insurance: accessibility and sustainability for mental health conditions. We propose a path towards some solutions for these issues.


  1. Pynt, Australian Insurance Law: A First Reference, 4th Edition, Chapter 3; Enright and Merkin, Sutton on Insurance Law, 4th Edition, Chapter 21.
  2. Enright and Merkin, Sutton on Insurance Law, 4th Edition, Chapter 21.
  3. The best example of what we mean is Max Weber: “The Protestant Ethic and the Spirit of Capitalism” which does not argue that one caused the other but that each created the conditions for the other to grow.
  4. Pynt, Australian Insurance Law: A First Reference, 4th Edition, Chapter 3; Enright and Merkin, Sutton on Insurance Law, 4th Edition, Chapter 21.
  5. Pynt, Australian Insurance Law: A First Reference, 4th Edition, Chapter 3; Enright and Merkin, Sutton on Insurance Law, 4th Edition, Chapter 21.
  6. Pynt, Australian Insurance Law: A First Reference, 4th Edition, Chapter 3.
  7. Enright and Merkin, Sutton on Insurance Law, 4th Edition, Chapter 21.
  8. Pynt, Australian Insurance Law: A First Reference, 4th Edition, Chapter 3.
  9. Enright and Merkin, Sutton on Insurance Law, 4th Edition, para 4.270 and Chapter 21.


Paper 2

Classification of risks for insurance.

Kondratenko D.V. PhD, assistant professor (Kharkov National University of Civil Engineering and Architecture, Ukraine)

Classification of risks as a method of research allows us to identify the risk factors – the prerequisites that affect the probability of adverse events and the expected size of the loss.
The need for risk classification in practice is caused by the fact that each homogeneous group of risk objects will contain the same particular characteristics. These characteristics are important factors in determining the degree of risk. The classification allows us to identify risk factors and establish the probability and level of possible losses based on available statistical data or expert risk assessments and develop the most common management measures, while not excluding the specific features of each risk.
Insurance companies in the risk assessment use different methods of grouping insurance objects with the assumed identical level of risk for setting tariff rates for insured events. The tariff rate reflects the level of risk within each homogeneous group. The classification performed serves to separate the risks according to their expected frequency of occurrence and the expected size of the loss.

The magnitude of the possible loss and the probability of a certain level of loss can be attributed to the parameters of the risk situation. The quantitative value of the probability and level of possible losses for each object of a homogeneous group will be approximately the same. Grouping of risk situations by areas and objects, and then allocation of risk factors for each situation seems more realistic for object management in practice.


Paper 3

Risk literacy - an analysis of the differences in risk perception of graduate business students before and after taking an Enterprise Risk Management module.

Dr Madhu Acharyya (Glasgow Caledonian University, London Campus)

Aim of the study

The study reports risk literacy in business education. In particular, the study analysed the differences in risk perception of business graduate students before and after taking an [enterprise] risk management course. We found that although individuals hold silo understanding of risk, a holistic curriculum of risk is likely to enhance faster and informed business decision making capability both at operational and strategic levels.


Risk is a common subject irrespective of disciplinary silos. However, risk is conceptualised and understood unevenly even in the same discipline. For example, the economics literature study risk within the scope of uncertainty. In finance and investment risk is conceptualise as variability of income output (upside and downside) and considered as opportunity. In corporate governance risk is considered as a compliance function within a control failure. In this understanding risk occurs only when control fails. In recent years’ enterprise risk management has been evolved as an approach of managing risk holistically (both upside and downside). The large corporations (banking and insurance, in particular) appointed chief risk officers to manage organisation-wide risk in a consolidated framework at the corporate level. This was partly due to several high profile corporate failures as well as enhancing compliance obligations from increasing risk-based regulations.
The recent global financial crisis endorsed the limitations of quantitative risk models practiced in several leading financial institutions in strategic decision making issues including their solvency. Consequently, there is greater interest on the behavioural and subjective understanding of risk including the causes of risk events. The leading financial institutions including their regulators are now focusing on the management of behaviours of global financial institutions (e.g., systemic risks) rather than so called silo type financial risks (e.g., market, credit, liquidity, etc.). However, despite the huge demand of individuals with holistic understand of risk it is observed that in learning and teaching risk knowledge is still delivered purely from a niche (or specialised) disciplinary perspectives. In fact, there is no established method of teaching risk from an interdisciplinary perspective. This article is an attempt to observe the effect key risk factors on students’ risk literacy. In this experimental study we aim to observe how do the students’ perceive risk when they learn risk without any formal academic knowledge and what affect does the delivery of a risk module contribute on students’ knowledge after learning risk.

This study is prompted by the hypothesis that risk students with different level of maturity will exhibit quite different attitudes towards risk when exposed to the same set of problems.


Paper 4

The Insurance Business in Transition to the Cyber-Physical Market: Communication, Coordination and Harmonization of Cyber Risk Coverages.

W. Jean Kwon (School of Risk Management, St. John’s University)

From a historical perspective, the business of insurance began to deal with a variety of causes of that we could observe. They include natural catastrophes and other calamities as long as the loss outcome would not compromise the sustainability of the industry, at least in principle. The industry then added coverages for intangible causes of loss – liability risks – of which loss outcome includes not only property damages and bodily injuries. It also include personal injuries. With the commercialization of information technology, we witness that human and business activities are increasingly intertwined and interconnected in the cyberspace. We witness the rise of non-physical, cyber causes of loss as well. Damages arising from the resulting loss events during the early stage of the information technology were limited in the scope and amount, and the industry found solutions by expanding business interruption provisions in the property insurance market. Advances in robotic process automation, cognitive automation (including artificial intelligence and machine learning), Internet of Things (IoT) and the blockchain keep the world more interconnected and the world of cyber risk expanding.

The regulatory measures in the cyberspace are thus far primarily about privacy protection and data management. Like in the physical world, government regulation in the cyber world is to manage risks at the societal or economic community level. Thus far, no countries are known to have a law that subjects the regulated firm to any specific tools to control or finance cyber risk.
This study analyzes the nature of cyber risk (cyberattacks) from a risk management perspective and then from an insurance business perspective. Specifically, it examines extensively the perception of it as a risk and the level of preparedness by the risk bearers as well as whether there is a commonality in the perception by the members in academic, risk management, insurance and policymaking communities. We find that cyber breach is perceived as “critical” due in part to its own nature and, importantly, in part to the weak understanding of its impact and our preparedness. Variations in cyberattack distributions and probabilities exist depending on who conducts the study (survey) and also on the composition of the study sample. Some variations are by industry or region, while others are about the weight of internal human errors vs. external attacks. Reasonable consistency in the sample throughout the study period is essential for generalization of the findings. Nonetheless, existing studies strongly suggest that an insight that employee vigilance and training of all employees remains critical in cyber risk management. A constant search for statistically useful data for every emerging risk a norm in risk management. Conversely, a lack of understanding of the risk can lead to non-collection of the data or ineffectiveness in the use of collected data. A weak coordination for standardization of the risk among different players reduces efficiency in data management. Studies about quantification of cyber risk are found but commonly are based on theory or simulated-based approaches, including but not limited to modified Bayesian model, information asymmetry theory, utility theory and unifying framework. The question of how to measure performance in cybersecurity is still largely unanswered. It seems there is a widespread tendency to treat all cyber loss exposures as “a single risk” rather than “risks” in the cyberspace. This study offers a logical reasoning why it is about the multiplicity of the risk – with respect to the causes and also to the resulting damages. Accordingly, we propose that the insurance industry develops a portfolio of coverages – rather than a coverage – for operations in the cyber world of risk along the side of their operations in the conventional physical world of risk. We support this proposal with the examination of how the insurance market has been dealing with cyber risk (as well as all other critical risks in the past). Two approaches are employed at this stage. One is an analysis of the existing studies along with the historical development of the insurance market. It seems that the industry employs a cycle of adjustment from an initial denial (or extension) of coverage to the modification of coverages (for example, exclusions and coverage limits) and finally to the market adjustment (for example, an introduction of a new policy or line of business). The industry’s response is somewhere between the modification and the final adjustment stages.

There remains a concern about whether there is an appropriate channel of communication between the experts in insurance and those in risk management, whether there is a reasonable coordination of efforts within the insurance industry in the attempt to reach the final stage of the above-noted cycle, and whether existing cyber insurance policies show some harmonization in the structure from the consumer’s viewpoint. We find a gap of communication between risk managers and insurance underwrites, as evidenced by wide differences in loss exposure classification. We find a wide gap in the list of definitions and the way insurance companies offer their definitions of the contractual terms relevant to cyber risk. In conclusion, it appears that the shapes of cyber insurance policies converge but the contents are so different. The presence of a gap between the cybersecurity community and the cyber insurance community often makes it difficult for the members to find a common basis for the development of reasonable standards of security and insurability. Standardization is critical not only to help the cyber insurance market further developed. It is equally to other stakeholders. Consumers need a guideline for comparison of policies and consumption of the coverages right in scope and limit. Standardization is critical for governments to properly promote cyber risk management and insurance within their domestic economies and cross border.

Finally, the insurance industry might be too eager to commoditize the risk, yet without fully understanding it. The market might be developing too fast to allow insurance companies to come up with properly designed coverages. The cyber world is expanding. It is adding artificial intelligence-based, machine learning elements and becomes more complex as existing and new elements are increasingly interconnected. This expansion will certainly add values to society. It will also change the nature of existing risks and add new risks, thus increasing the responsibility of the insurance industry for assisting individuals and organizations in the management of the risk. Accordingly, we need to build up an infrastructure to continue our operations in the physical-cyber world of risk.