Although the use of credit scores as an underwriting tool for auto and homeowners insurance is now an established practice, consumer groups, legislators and regulators still have not had their final say on the matter.Indeed, state lawmakers across the nation can look forward in 2003 to consideration of numerous measures to curb the practice-and in some cases outright ban it.

Insurance industry lobbyists acknowledge that the financial services industry could come under some expensive and restrictive privacy compliance rules next year if Congress follows through on plans to hold extensive hearings on the issue.Indeed, Congress could decide to write new laws mandating that consumers be allowed to "opt-in" to sharing of financial data given to one unit of a financial services company with another unit. Currently, the policy at both the state and federal level is that consumers have the right to "opt-out" of companies' cross-marketing programs.

While in flight to Boston on the morning of Sept. 11, 2001 and hearing news of the horrific attacks in progress, Hemant Shah's first concern was the fate of the business associates he met with the previous day at the World Trade Center.But as the founder of Newark, Calif.-based Risk Management Solutions (RMS), he must have realized the seismic change the field he helped pioneer-catastrophe modeling-would soon experience.

As the needs and demands of e-business evolve, companies are faced with an emerging security threat. And it's not a new hacking technique or vulnerability in a particular technology.It's complexity-the complexity of technologies, the complexity of balancing business and security demands, and the complexity of relationships among user communities.

Until last month, the strongest positions regarding modernization of insurance regulation have been proposals for an optional federal charter for insurance companies. But another compelling-and opposing-perspective entered the debate in August, when the Alliance of American Insurers published a report that firmly argues against federal regulation for property/casualty insurance."Optional federal chartering entails a significant risk of adverse and unexpected consequences, no matter how carefully and narrowly initial legislation is crafted," the report concludes. "The better and more prudent policy is to reject federal chartering and encourage and support further modernization of state regulation."

A major step in streamlining agent licensing across the states was taken in August when the National Association of Insurance Commissioners (NAIC) made the preliminary determination that at least 35 states had met the reciprocity requirements for nonresident producer licensing under the Gramm-Leach-Bliley Act (GLBA).At press time, the Kansas City, Mo.-based NAIC was expected to officially certify those states at its meeting in September in New Orleans.

Ever since Gramm-Leach-Bliley passed in November 1999, momentum has been building to reform the state-based insurance regulatory system. The landmark legislation, which allows banks, insurers and brokerages to merge and compete with one another, also ordered the states to enact uniform producer licensing laws by November 2002 (see "Here Come The Feds, May 2001).Yet, although the law mandates uniform producer licensing, it essentially left the rest of insurance regulation to the states. And, according to many in the industry, the state-based system puts insurers at a disadvantage-especially when they're trying to compete nationally with banks and brokerages.

For years, paper-based processing for a commercial insurance policy has made it exceedingly difficult to assess risk and issue accurately priced coverage. Moreover, many insurers and reinsurers have had a hard time fully analyzing client data due to the lack of disclosure by the client.But Schaumburg, Ill.-based Zurich North America launched in February a Web-based solution-called the Business Interruption Coverage calculator-which will be an integral part of its underwriting procedure for business interruption coverage.

As two bastions of tradition, neither the legal profession nor insurance carriers eagerly jumped onto the Internet bandwagon in the late 1990s.But now, the dust of the dot-com wreck is settling, and carriers and their counsel are beginning to see where it makes sense for them to use online technology to manage legal costs and improve collaboration.

Realizing that generating new insurance volume doesn't necessarily ensure profitability-and may even suppress it-State Farm Mutual Automobile Insurance Co. began implementing a strategy to suspend writing new homeowners policies in 17 states.The Bloomington, Ill.-based insurer is also setting the wheels in motion to fully exit the New Jersey auto insurance market over the next five years. State Farm's geographic retrenchment comes on the heels of a reported $5 billion net loss incurred since 2001. The losses were marked by rapidly increasing claims costs due to an inordinately high series of natural disasters-from hailstorms to flooding.

Over the years, insurers have faced criticism for their lack of data integration and customer relationship management (CRM) capabilities. This deficiency took on an added dimension with the passage last October of the USA PATRIOT Act.The USA PATRIOT Act-an acronym for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism-is an anti-money-laundering law designed to prevent terrorists from setting up operations in the United States.

In an unusual move, Allstate Insurance Co. took the offense by filing counterclaims against agents who filed a lawsuit against the carrier last August. The agents sued the Northbrook, Ill.-based carrier for age discrimination and violation of federal civil rights laws they claim occurred when Allstate terminated them in June 2000 (see September 2001, page 8).Allstate filed its counterclaims against the agents in March in U.S. District Court in Philadelphia-charging the agents with unjust enrichment, fraud, negligent misrepresentation, and breach of duty of good faith and fair dealing. Allstate is requesting compensatory, punitive and other damages in an amount to be determined by a jury.

Proponents of federal insurance regulation have moved one step further toward their goal. Two bills have been introduced in Congress that would establish a new federal agency to charter insurance companies choosing to bypass the cumbersome state-by-state system.In December, U.S. Senator Charles Schumer (D-N.Y.) proposed the National Insurance Chartering and Supervision Act. Then, in February, U.S. Representative John LaFalce (D-N.Y.) introduced the Insurance Industry Modernization and Consumer Protection Act. Both bills respond to lobbying from banking and insurance groups that want a simplified regulatory structure for licensing insurance companies.

The Internet has been around less than a decade, and already it has proved to be the quintessential double-edged sword-a potent weapon as well as a useful tool. The Melissa virus unleashed in 1999 cost companies as much as $385 million, followed shortly after by the Love Bug in 2000, which infected more than 10 million systems and cost businesses an estimated $10 billion.

The hardened insurance market, costly incidents of cyber crime, and a new ISO Electronic Data Liability endorsement, which provides clear limitations for cyber risks under its Commercial General Liability standard-are all factors driving commercial insurers to reevaluate their business liability coverage. And many of them are beginning to separate cyber coverage from commercial general liability coverage."You're clearly starting to see traditional insurance policies getting much clearer on their intent around cyber exposures," says Jon Farber, assistant vice president of global technology underwriting at St. Paul Cos. The St. Paul-based insurer is one of several commercial insurers offering cyber insurance. Others include Zurich North America, AIG, Chubb, and Lloyd's of London.

When Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996, one of its major objectives was to reduce health care costs by simplifying administrative and financial transactions across the industry. At that time, national health spending was heading toward the $1 trillion mark annually, and studies proclaimed that "administrative simplification" could save anywhere from $40 billion to $70 billion per year.

Virtually no payers in a HIPAA readiness survey conducted in December by Gartner Inc., Stamford, Conn., indicated they had completed their selection of technology tools to comply with the Health Insurance Portability and Accountability Act.But insurance companies are implementing privacy and security tools for their Web-based applications, and these tools will factor into their HIPAA privacy and security assessments.

Security isn't a new topic in business. Many years ago, businesses were concerned primarily with physically securing information within their facilities. We managed our companies' critical information on a "need-to-know" basis-if you needed to know, then the keeper of the information would share the information with you.With the advent of e-commerce and networked computers comes the added need to secure these networks. Businesses, including insurers, want to facilitate the sharing of relevant data while protecting proprietary and confidential data. And, of course, the need-to-know rule still applies.

When Allstate Insurance Co. announced its aggressive new business approach in November 1999, analysts praised the company for its bold leadership in the New Economy.

Biometric technology is in the throes of an identity crisis. Biometrics relies on matching algorithms that analyze the physical or behavioral traits that differentiate one individual from another, such as fingerprints, the retina or iris of the eye, or the patterns of an individual's voice.Through its use, financial institutions could reduce costs related to identity theft, while simultaneously assuring consumers that their financial assets are protected.