Policies under review
As the risk profile of the leisure and hospitality sector evolves, is the insurance industry evolving in tandem?
The risk horizon of the leisure and hospitality sector has expanded further and done so more rapidly than many other sectors. Simultaneously, at the group-end of the spectrum the risk profile of large scale operations has altered significantly, not only due to the emergence of new exposures or the evolution of long-standing risks, but also reflecting the increasingly franchised base that underpins it.
In such a fast-evolving environment, firms have responded by ramping up incident response activities, bolstering security defenses and strengthening mitigation practices in a concerted effort to reduce exposure and enhance resilience. Insurance continues to form a central tenet of such measures, but as the risk focus shifts from tangible to more intangible risks, are insurers keeping pace?
The evolving nature of risk
Given the 24/7 service nature of the leisure and hospitality industry, business interruption has long formed a mainstay of the sector’s insurance strategy. However, the rapidly changing risk environment is exposing deficiencies in property-centered policies as intangible, non-damage related risks become more prevalent.
“Intangible assets range from brand names and trademarks, through to operational assets such as customer lists, proprietary software and franchise agreements,” explains Frederique Hardy, director, Forensic Services, Crawford. “One of the challenges faced by the insurance sector is understanding how to adapt to the emergence of damage to these intangible assets.”
Scenario planning across the sector is now increasingly targeting these intangible assets, according to Robert Lewis, claims leader, UK risk management practice, Marsh. “Many of the scenarios we look at with our clients now focus on nondamage triggers rather than flood or fire. This requires a new way of thinking which is both exciting and healthy for the insurance sector.”
“We are certainly seeing increased interest in securing non-damage business interruption, and there are ongoing conversations across the leisure and hospitality sector,” says Douglas Barnett, head of customer risk management, AXA UK. “Some brokers are seeking wider covers to encompass these risks, but these are extremely complex discussions given the challenges of defining what the impact is that will trigger the policy.”
Loss of attraction is one such policy extension which is very difficult to craft a precise trigger for. “We have recently added loss of attraction cover or a similar type of product for a client in the sector,” explains Joe Addison, executive vice president, Head of Entertainment & Hospitality Practice, JLT Specialty USA, “which states that the policy will recoup some of the financial losses from a decline in occupancy rates resulting from specific perils occurring within a ten-mile radius of their particular venues.”
He continues: “The big challenge is establishing what the potential source of the decline in occupancy rates might be. For example, is one of the biggest threats an attack on a major airport? Will rates drop across the region due to people refusing to travel to that particular airport, or have a broader impact on travel across the country due to an increased fear factor?”
Iain Hovell, director of insurance, InterContinental Hotels Group (IHG), believes that the wordings of loss attraction policies need to be reviewed. “I am not convinced that given the risks that we have today such policies are as clearly articulated as they could be. The more work we as clients can do with underwriters and brokers to better understand these intangible risks the better.”
A further complexity added to the intangible insurance conundrum is quantifying the loss itself. By their very nature, such losses resist precise quantification.
“With loss of attraction, for example, it is always going to be a challenge to prove the loss,” believes David Tate, UK retail and consumer brands practice leader, Marsh. “This is where you need to apply a forensic accounting approach in order to accurately compare the period pre- and post-event.”
Hardy from Crawford points out that unlike when dealing with physical assets, businesses may not consistently track the link between intangible assets and the business income they generate. “That makes it difficult to quantify the loss arising from damage to the asset,” she adds. “While a hotel may consistently track occupancy rates, it may not track the attraction rate of sponsored social media influencers. As a result, a business may not have the necessary metrics to demonstrate the financial loss.”
As the leisure and hospitality sector becomes increasingly reliant on intangible assets, it is imperative firms start generating these metrics. “Businesses would benefit from engaging more with business interruption professionals and forensic accountants,” she states, “to gain a better understanding of the financial risk attached to damage to their intangible assets.”
The cyber challenge
The increasingly franchised nature of the sector is driving a significant shift in the operational focus of the larger leisure and hospitality groups. “We are an asset light organisation,” explains IHG’s Howell, “focused on our brands and on providing strong and stable revenues to our owners. Our focus is on mitigating risk to those brands and delivering value to our hotel owners, whether managers or franchises.”
The amount of data stored and payments transacted across the sector has increased exponentially, particularly with the advent of travel apps. Hilton, for example, boasts that in 2016 its app enabled more than one million digital check-ins per month and was downloaded every eight seconds.
Unsurprisingly, cyber-security measures are a high priority, with protection technologies such as payment card tokenization, endpoint detection, point-topoint encryption and network segmentation now integral system components; and incident management measures have been greatly enhanced to ensure forensic-level rapid response capabilities.
However, while cyber-related cover is becoming a more prominent program provision, spanning company-controlled systems and data, the scope and viability of such policies is still under scrutiny. Most hospitality groups include lengthy caveats addressing potential cyber coverage limitations.
“Facility owners are certainly much more conscious of their cyber exposures,” believes AXA’s Barnett. “The question, however, remains whether the cyber policies currently available adequately address the exposures the sector faces.”
The industry has had a number of cyber attacks in recent years. Add to this increasingly weighty fines stemming from bolstered cyber regulation, and the looming implementation of the EU’s General Data Protection Regulation (GDPR) which introduces fines of up to four percent of annual global turnover, and policy limitations could quickly be exposed.
According to IHG’s Hovell, it is important that insurers provide cover that reflects this new cyber environment. While recognizing that recent legislation is designed to ensure cyber best practice, he adds: “The insurance market must be looking at how they can help us meet the demands of ever more stringent cyber regulation.”
Making a ﬁnancial guarantee
For JLT’s Joe Addison, it is imperative that insurers take a step back to look at these exposures from an overall fi nancial perspective. “The issue is trying to work out how these emerging and evolving risks might impact your balance sheet and affect your shareholders,” he says. “What we need to look at is whether we can use insurance as a means of protecting your balance sheet or even your dividend.”
He continues: “Occupancy rates are central to the hospitality sector, so the challenge is to look at products which can help protect their balance sheets in the event of a decline in those rates. We need to be developing products that are geared more towards financial guarantees.”
The potential for insurance to operate more as a direct financial protection mechanism is something which Hovell says has been mooted for a number of years. However, he questions whether there is sufficient demand for such a policy type. “As far as I am aware, there is currently relatively limited interest from the industry for a financial protection-type product.”
The industry’s financial resilience was recently demonstrated by MGM Resorts following the tragic shooting incident at its Mandalay Bay Hotel on the Las Vegas Strip. Delivering the fi rm’s third quarter 2017 results, Chairman and CEO Jim Murren said: “As a result of the October 1st incident, our business in Las Vegas will be impacted in the near term primarily due to a short-lived uptick in cancellations and a temporary suspension of marketing efforts. Since restarting such efforts, our booking pace has largely rebounded to normal levels. We remain confident in the stability of our business and the enduring power of the Las Vegas brand.”
“There is a healthy discussion taking place about how to include reputational damage in the insurance policy and how to define the type of event that would result in a shift in share price from an earnings impacting event,” says Marsh’s David Tate. “I’m not sure the product is there yet, but there is definitely an opportunity for the insurance sector moving forward.”
In addition to the struggles of applying a monetary value to a brand-impacting event, the franchised nature of the sector also creates an insurance headache. “Where does responsibility lie from a reputation management perspective?” asks Addison. “The particular manager of a franchised operation may have done everything by the compliance book, yet an incident still occurs that has a negative brand impact.”
And as Barnett points out, given the social media environment in which we now operate, “location-specific incidents have the potential to become brand-level issues in a very short time.”
Expanding the proﬁle
As companies increasingly look to introduce extensions to existing cover, there is of course the risk that these policy patchworks leave gaps in provisions that enable financial losses to fall through, whether as a result of sub-limits being exceeded or incidents falling below large deductibles.
“One key challenge that the insurance industry needs to address,” states Tate, “is the fact that we are often dealing with a range of policies spanning multiple different sub-limits. Moving towards a single, more expansive type of policy that covers a variety of these exposures would be a step that we would encourage. However, at present the wordings and exposures covered remain relatively siloed.”
Addison is in agreement. “The industry needs to move more towards broader all risks type policies rather than focusing on just named perils in each product line.”
“The challenge is understanding and establishing where these risks sit within the overall profile,” believes Hovell. “We are keen to pool our risks where we can and to find effective solutions to mitigate costs and enhance cover. But we have to ensure that we are putting the right resources into the right areas to maximize our efforts rather than simply looking to bundle our coverage.”
“We are very keen to explore opportunities for innovation on the insurance front,” he concludes, “and are keen to have discussions with insurers and brokers to examine ways in which we can better protect our business. But we need to understand exactly what these products are and the value that they bring to our organization.”