ISO Insurer Survey: Automated Vehicles and New Rules for the Road
By Hazel Yang Lee
For insurers and drivers alike, the coming transition to fully automated vehicles is likely to be a bumpy road—and a road with its share of speed traps and blind curves. Beyond the technology’s promise for increased safety and efficiency, it’s also anticipated to cause unprecedented change to the auto insurance industry and will likely alter the way insurers handle underwriting and claims going forward. To better understand the insurance industry’s perspectives with regard to automated vehicles, ISO, a Verisk Analytics business, conducted the ISO Automated Vehicles Survey, capturing comprehensive feedback from approximately 400 participants.
Results from the survey should help bring focus to many of the opportunities, perceived threats, and strategic and operational considerations under review by key insurance professionals. ISO’s survey contained a series of questions aimed at capturing both high-level insights and more granular viewpoints and also encouraged respondents to share their thoughts candidly. One takeaway from the survey was a general uncertainty that many insurers face as they try to better understand what automated vehicle technology means to the insurance industry in both the short and long term.
Identifying the related risks
The basis of this uncertainty hinges on a number of factors. Among them, many insurers seek clarity in the determination of liability in the event of an accident. There may also be an increase in product liability exposures for the system components as vehicles become more automated. Accessibility of the data collected from the vehicles for rating, underwriting, and claims-handling purposes could be a further issue. Also contributing to industry uncertainty are the potential for heightened cybersecurity and privacy concerns, the shift of auto exposure from personal to commercial lines that may be precipitated by the change in the traditional ownership model of personal vehicles, and the rise of on-demand networks providing autonomous driving services.
In addition, there is general concern about the potential for an increase in risks to company reputation and public relations should a possible major media event play into the general public’s current apprehension over the safety and security of these technologies. Even further, some insurers expressed concern regarding the potential “cannibalism” of the current insurance mechanism, because auto manufacturers may attempt to increase market presence using their existing customer relationships and data they acquire from vehicles. While all of these reactions merit further discussion, three central issues drove much of the survey results.
1. Unclear determination of fault and other regulatory/legal issues
When asked what companies were doing to prepare for automated vehicles, approximately half the respondents stated they were just beginning to have informal discussions, and more than a third stated that nothing had been discussed or designed to address automated vehicles specifically. Many respondents asserted that it would be difficult to evaluate their business models in step with the proliferation of automated technologies without clear regulatory or statutory guidance on how liability will be determined in the event of an accident involving an automated vehicle. So, not surprisingly, unclear determination of fault and the need for a specific regulatory/legal framework ranked high on the list of insurer considerations.
The Federal Automated Vehicles Policy (FAVP) released in September 2016 did not expressly address any changes to current insurance requirements or liability assignments and generally affirmed that they should still be regulated at the state level. States are responding as needed, which can be seen with Michigan’s laws addressing automated vehicles (SAVE project). In part, the rules allow motor vehicle manufacturers to operate on-demand networks of automated vehicles under specified conditions in accordance with participation in this project. Mich. Comp. Laws Ann. § 257.665b also requires, in part, vehicle manufacturers to assume liability when a participating vehicle in autonomous mode is found at fault for an accident.1 This corresponds with the statement from some auto manufacturers that have pledged responsibility if their automated systems become the cause of an accident. Despite these initial delineations of who assumes fault in the event of an accident, claim settlement may still be delayed while investigations are being conducted to determine fault. It appears then that data collection and insurer access to such data will become more important as claims handlers attempt to assemble the information needed to determine liability.
While insurance requirements and liability rules for automated vehicles are slowly being addressed in the United States, the United Kingdom recently introduced the Vehicle Technology and Aviation Bill, which, if passed, would require a single insurance mechanism for automated vehicles that provides damages for injured parties when accidents are caused by vehicles engaged in autonomous mode.2 Further, this bill provides, in part, that an insurer’s limit of liability may be reduced or excluded should a vehicle owner fail to install required software updates or if an owner makes unauthorized alterations to the vehicle’s operating system.
The UK bill also provides possible subrogation remedies for insurers should there be any other entities that may be liable to the injured party. If passed, such proposed legislation could facilitate quicker resolution of claims and provide delineation of responsibilities between a human driver and the automated technology. The bill has the support of some British insurers that desire to “keep insurance as straightforward as possible.”3 This type of legislation may represent an active first step in providing clarity to UK insurers and may help to alleviate some of the uncertainty that many insurers have expressed in ISO’s survey.
2. Potential increase in business risk for some insurers
Various statistical models predict a significant reduction in auto accident frequency as a result of safer driving anticipated from automated vehicles. The same models suggest only a moderate increase in severity attributable to potential increases in the costs of claims handling and repairing expensive technology. This predicted decline in frequency may generate lower loss costs—potentially leading to a drop in premiums that could also significantly affect insurers with books of business containing a greater concentration of personal auto premiums.4 This type of trajectory (and further speculation over the timeline in which such loss in premiums could occur) may be a cause for concern for the insurance community.
ISO’s survey also asked respondents when they believed their businesses would be significantly affected by automated vehicles. Nearly half the respondents stated they expect this to occur in the next six to ten years. As a result of perceived business impact, approximately 65 percent of the survey’s respondents said that insurers will have to innovate to reflect the changing needs of the insurance market and develop new products and services in place of traditional product offerings. Yet respondents also expressed concerns about how best to reengineer their products and effectively reposition them for the impending change. Uncertainty over key factors remains—including uncertainty in the speed and scale of technological advancements, regulatory changes, consumer acceptance, access to data, and other potential considerations.
On the flip side, some respondents saw opportunities in leveraging both the increase in the volume of data as well as various types of data that may stem from sensors, computers, and other software used in the operation of automated vehicles. Others saw revenue potential from new types of insurance products. These opportunities include a hybrid product that blends product liability and traditional auto liability insurance, expanding into noninsurance products, transitioning into other business lines, and consolidation among auto insurers.
3. Security issues such as cyber threat and privacy concerns
Cybersecurity threats and privacy concerns also ranked near the top of the list of insurers’ operational considerations. More than 60 percent of survey participants ranked security issues as highly important, with one remarking that “cyber exposure with [the] new technology could create catastrophe-level claims.” This corresponds with a general fear held by some that hackers could take control of a vehicle or fleet of vehicles, infect various components of a vehicle’s software with malware, and potentially cause accidents resulting in significant injuries and losses.
Privacy concerns may be involved, since vast amounts of data from various computer components could be compromised, resulting in new cyber liability exposures. Such issues may also be exacerbated by an increase in vehicle components. As technology evolves and increased connectivity occurs between vehicles and their internal and external environments, hackers could find greater access to manipulate and disrupt.
Public opinion about cyber threats appears to mirror ISO’s survey results. One recent survey by the Michigan Transportation Research Institute found that approximately 80 percent of people were at least “slightly concerned” about hackers contributing to crashes, while more than 40 percent were “significantly concerned” by the possibility.5 Due in part to the possible increase in cyber liability exposure, some survey participants pointed to a potential need for cyber liability coverages to protect against possible data breaches, hacking, and other cyber threats.
For its part, the Federal Automated Vehicles Policy recommends that manufacturers and other entities follow best practices and guiding principles for cyber physical vehicle systems prescribed by various organizations, including NHTSA, SAE International, and the Automotive Information Sharing and Analysis Center (Auto-ISAC).6 This recommendation is part of the policy’s 15-point list of safety assessment criteria that also includes data recording and sharing, privacy, and system safety, in addition to vehicle cybersecurity.7
While ISO’s survey underscores many significant issues that insurers face, companies that can better anticipate and evolve with the changing landscape will be best prepared for new opportunities that arise as a result of assimilating automated vehicles.