Insurance Handbook

Overview

Besides the tragic loss of human life, the economic costs of terrorism are immense: increased security and anti-terrorist expenditures, consumer and investor uncertainty, supply chain and business continuity disruptions, industry retrenchment – all and more can have negative impacts on economic growth.¹

Terrorist attacks are also a major threat to the insurance industry, posing the possibility of significant loss of life, injury, and property destruction. And terror attacks involving chemical, biological, or cyber weapons could reach catastrophic proportions.

What is “terrorism”?

Definition of terrorism: There does not currently exist a single, universally-accepted definition of “terrorism”.

Under U.S. law 18 U.S. Code § 2331, “terrorism” (whether foreign or domestic) includes any acts that are dangerous to human life in violation of the law and are intended to intimidate or coerce a population, influence governmental policy, or affect the conduct of a government. Similarly, under 22 U.S. Code § 2656f, “terrorism” is “premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents.”

The original Terrorism Risk Insurance Act of 2002 (TRIA) defines a certified act of terrorism for the purposes of that Act to be

a violent act or an act that is dangerous to (I) human life; (II) property; or (III) infrastructure; (iii) to have resulted in damage within the United States, or outside of the United States in the case of-- (I) an air carrier or vessel described in paragraph (5)(B); or (II) the premises of a United States mission; and (iv) to have been committed by an individual or individuals acting on behalf of any foreign person or foreign interest, as part of an effort to coerce the civilian population of the United States or to influence the policy or affect the conduct of the United States Government by coercion.

The Terrorism Risk Insurance Program Reauthorization Act of 2015 (TRIPRA) adopted the 2007 program reauthorization definition, which struck “acting on behalf of any foreign person or foreign interest” in order to include domestic terrorism under certified actions of terrorism.

Acts of war: The TRIPRA definition of acts of terrorism excludes acts of war. Both personal and commercial insurance policies exclude coverage for losses or damages caused by or arising out of war or “warlike actions,” including insurrections and rebellions. War is usually considered an uninsurable catastrophic risk (though some insurers do offer war insurance) and is not covered by terrorism insurance. The only line of insurance that covers injury or death from an act of war is workers compensation.

Terrorism in the United States: According to National Consortium for the Study of Terrorism and Responses to Terrorism (START), there were 1,922 successful acts of terrorism on U.S. soil between 1970 and 2016.2 Most occurred during the 1970s during a period of widespread politically-motivated violence, particularly bombings.

The September 11, 2001 terror attack, in which terrorists hijacked commercial airliners and flew them into the World Trade Center towers and the Pentagon, remains the deadliest and most expensive terrorist attack in U.S. history. Insurance losses stemming from the 9/11 attacks totaled about $50 billion in 2021 dollars, including commercial liability and group life insurance claims.³ About two thirds of these losses were paid for by reinsurers, companies that provide insurance for insurers. Thirty-three percent of losses were for business interruption; 30 percent were for property losses, including the WTC towers.

9/11 remains one of the largest single insured loss events in history.

Insurance implications of terrorism risk

Terrorism risk is different from other types of insurable risks, posing unique difficulties for insurers and other insurance service providers.

Historical data is scarce. In other lines of insurance such as personal auto, insurers know from historical experience roughly how many covered losses to expect (frequency) and what the costs of those losses will be (severity). This data is used to calculate a premium equal to the risk the insurers are assuming in issuing an insurance policy. Sometimes there is even enough data on natural catastrophes to allow for measurements of frequency and severity, often supplemented with catastrophe modeling.

For terrorism risk, on the other hand, frequency and severity data is scarce. There have been relatively few terrorist attacks in the United States, so there is little data on which to base estimates for future losses. Furthermore, the range of possible severity of terrorism claims is much larger than in other lines of insurance.

Acts of terrorism are not random. Unlike other risks, terror attacks are typically intentional, targeted attacks in specific locations designed to maximize damage. They are not “accidental” – often considered a crucial component of an insurable risk.

They are often geographically concentrated. For insurance to operate economically, losses are typically not such that many or all insureds in one location suffer the same loss, which could bankrupt an insurer. Acts of terrorism are often geographically concentrated to produce a significant economic or psychological impact, making it difficult to efficiently spread the possibility of losses over a geographic portfolio.

This geographic concentration could therefore lead to an accumulation of risk, in which multiple insureds in the same geographical area exposes a single insurer to a possible large loss following a single act of terrorism. Concentration could also lead to adverse selection, in which the people who are most at risk will purchase coverage and are also the same people who are likely to file claims.

Terrorism and personal insurance

Despite the difficulties of insuring against terrorism risk, acts of terrorism may be covered under various personal insurance policies:

• Standard homeowners policies don't specifically reference terrorism but, as your home insurance covers damage to property and personal possessions due to explosion, fire and smoke, acts of terrorism are generally covered.
• Condominium or co-op owner policies also provide coverage for damage to personal possessions resulting from terrorist acts. However, damage to the common areas of a building like the roof, basement, elevator, boiler and walkways would only be covered if the condo/co-op board has purchased commercial terrorism coverage.
• Standard renters policies, like homeowners insurance, will generally cover damage to personal possessions due to the explosion, fire or smoke of a terrorist attack. Terrorism insurance coverage for the apartment complex itself must be purchased by the property owner or landlord.
• Auto insurance policies will cover a car that is damaged or destroyed in a terrorist attack only if the policyholder has purchased optional comprehensive coverage—which covers damage to your car caused by disasters “other than collisions”.
• Travel insurance policies will sometimes cover trip cancellation and interruption and emergency medical and associated expenses caused directly or indirectly by an act of terrorism.

These policies do not require that the act of terror be “certified” as such under TRIPRA.

Commercial insurance: Terrorism Risk Insurance Program (TRIP)

Prior to the 9/11 terrorist attacks most standard commercial property insurance policies covered terrorism, either as part of the policy or without specifically mentioning terrorism – that is, the policies didn’t directly address terrorism, so they effectively covered it.

After 9/11, insurers began to reassess terrorism risk. For a while terrorism coverage became scarce as primary insurers filed requests with their state insurance departments for permission to explicitly exclude terrorism coverage from their commercial policies. By early 2002, 45 states had approved such exclusions for use in standard commercial policies. Reinsurers were also unwilling to reinsure policies in urban areas perceived to be vulnerable to attack.

Both the difficulties of insuring terrorism risk and concerns about the limited availability of terrorism coverage after the 9/11 attacks led to the enactment in 2002 of the Terrorisms Risk Insurance Act (TRIA). The act created the Terrorism Risk Insurance Program (TRIP), a federal loss-sharing program for certain insured losses resulting from a certified act of terrorism.

The program was subsequently renewed for an additional six years as part of the Terrorism Risk Insurance Program Reauthorization Act of 2015 (TRIPRA), with some changes to the original program. It was renewed again for seven years in December 2019. The 2019 bill requires a report by the Government Accountability Office on cyberterrorism risks and a biennial report from the Treasury of data on places of worship.

How it works: TRIPRA essentially acts as a type of reinsurance for commercial property and casualty insurance policies (excluding certain lines such as professional errors and omissions liability). The program only comes into effect when an act of terrorism is “certified” by the Secretary of the Treasury (in consultation with the Secretary of Homeland Security and the Attorney General) that the act falls under the definition of terrorism (see above) and triggers an event dollar threshold.

TRIPRA is subject to, among other things, a triggering threshold for total insurance losses, insurer deductibles, and insurer copays.

• Triggering event threshold: first set at $5 million in the original 2002 act, the triggering even threshold is the required amount of total insurance industry losses from a certified act of terrorism before federal assistance begins. The 2007 reauthorization raised the threshold to $100 million and the 2015 reauthorization will gradually raise the threshold to $200 million by 2020.
• Individual insurer deductibles: if the triggering event threshold is met, each individual insurer participating in the program is also subject to a deductible. The deductible for each insurer is calculated as 20 percent of the insurer’s direct earned premiums for commercial insurance.
• Insurer co-payment above deductible: losses in excess of an individual insurer’s deductible are then shared between the federal government and the individual insurer. The individual insurer’s copay of the excess losses will be 20 percent of losses by 2020, up from 10 percent in 2006, with the federal government paying the other 80 percent.
• Marketplace aggregate retention: the 2015 reauthorization also requires that the insurance industry cover an aggregate retention of $37.5 billion of losses through deductibles and copayments.
• Total cap: TRIPRA caps all losses in a program year for both insurers and the government at $100 billion. Insurers cannot be made to pay for losses in excess of $100 billion. Losses above this threshold are therefore uninsured.

“Make available” requirement: Under TRIPRA, all property and casualty insurers are required to make available coverage for new and renewal commercial policies “for insured losses that does [sic] not differ materially from the terms, amounts, and other coverage limitations applicable to losses arising from events other than acts of terrorism.” In other words, the insurer must allow an insured to decide whether they want terrorism coverage on the same terms and conditions as the insurer offers in their non-TRIPRA coverage.

Policyholders are free to waive such coverage in total or in part. If coverage is not waived, the insurer must clearly and conspicuously state the premium charges resulting from coverage for certified terrorist acts.  If terrorism coverage is waived, the insurer may then add terrorism exclusions to the policy.

Nuclear, biological, chemical and radiological terrorism: TRIPRA does not explicitly include or exclude coverage for losses arising out of terrorist attacks using nuclear, biological, chemical, and radiological (NBCR) weapons. NBCR insurance coverage is not readily available in the private insurance market and is often quite expensive.

NBCR exposures have been considered uninsurable because of the difficulties of reliably measuring frequency and severity, and because of the potential for catastrophic losses far above those from a non-NBCR act of terrorism. Property and casualty insurers have typically sought to exclude these exposures through pollution (liability) or nuclear hazard (property) exclusions or through exclusions explicitly addressing NBCR.

Under TRIPRA, if NBCR exclusions are permitted by a state, an insurer in that state does not have to make NBCR coverage available. These exclusions could also limit TRIPRA coverage for NBCR losses.

Fire: Fire following a terrorist attack could cause huge losses. The standard commercial fire policy (SFP) does not exclude fire following terrorism and, prior to 2003, the SFP did not permit this exclusion, with the result that a policyholder who had rejected terrorism coverage under TRIPRA would still have coverage for fire following an act of terrorism. In a handful of states this is still the case: there are no exceptions for terrorism. However, since 2003, some states have revised their SFP statutes to permit exclusions of fire following terrorism under certain circumstances. Thus, for a policyholder who has rejected terrorism coverage under TRIPRA, in these states there might be no coverage or limited coverage for fire resulting from an act of terrorism. Many states do not have a standard fire policy statute or have SFPs that unconditionally exclude fire following terrorism. In these states there is no stipulated coverage for fire following terrorism.

Terrorism insurance without TRIPRA: The Congressional Budget Office (CBO) hypothesized that terrorism coverage may still be available in the private insurance marketplace in the absence of a federal program – but probably at higher premiums and lower coverage limits to compensate for the increased risks to individual insurers.

Workers Compensation

Workers comp is a compulsory line of insurance for all businesses that covers employees injured or killed on the job, including those injured or killed by acts of terrorism. Coverage for terrorist acts cannot be excluded from workers compensation policies in any state and it is also the only line of insurance that does not exclude coverage for acts of war. TRIPRA’s requirements to clearly and conspicuously disclose premium charges for terrorism coverage also apply to workers compensation.

Special terrorism insurance programs in other countries

The United States is not the first country to establish a terrorism insurance program. Some countries created programs to cover terrorism after 9/11 or earlier, following a terrorist attack on their own soil.

Terrorism and cyber attacks

Cybersecurity risks and costs continue to rise across the globe. One estimate suggests that the economic costs of cyberattacks in the U.S. were between $57 billion and $109 billion in 2016 alone.

How cyber-related losses and terrorism insurance interact remains an evolving issue – particularly since it often remains unclear when a cyber incident constitutes an act of terrorism.

In 2016 the U.S. Department of the Treasury published guidance stating, in part:

• Insurance lines that are regulated under TRIPRA and that include cyberrisks components are subject to the program.
• Stand-alone cyber liability policies are also subject to TRIPRA requirements. 

The 2019 reauthorization bill mandates a Government Accountability Office report to analyze the general vulnerabilities and potential costs of cyberattacks on the nation's infrastructure and reach conclusions about whether cyberrisks, particularly cyberliabilities, under property/casualty insurance, can be sufficiently covered and adequately priced.

The UK terrorism insurance pool, Pool Reinsurance Company Limited (Pool Re), has extended its coverage to include physical damage and business interruption losses caused by acts of cyber-related terrorism. The coverage does not extend to “intangible assets” such as data, which are typically addressed in cyber insurance policies.

Loss Distribution By Type Of Insurance From Sept. 11 Terrorist Attack (1)

($ 2024 billions)

loss_distrib_by_type_of_ins_from_sept_11_terror_attack_24.gif

(1) Adjusted to 2024 dollars by the Insurance Information Institute using the U.S. Department of Labor BLS Calculator.
(2) Loss total does not include March 2010 New York City settlement of up to $657.5 million to compensate approximately 10,000 Ground Zero workers or any subsequent settlements.

Source: Insurance Information Institute.

View Archived Graphs

Endnotes and sources

¹RAND Corporation, “The cost of terrorism in Europe.”

Walter Enders and Eric Olson, The Oxford Handbook of the Economics of Peace and Conflict, “Measuring the Economic Costs of Terrorism,” April 2012.

U.S. Joint Economic Committee, “The Economic Costs of Terrorism,” May 2002.

²START Data Base. The data is restricted to: only those attacks about which there is essentially no doubt that they were terrorist attacks; only successful attacks; and only attacks that satisfied the following START criteria:

• The act must be aimed at attaining a political, economic, religious, or social goal.
• There must be evidence of an intention to coerce, intimidate, or convey some other message to a larger audience (or audiences) than the immediate victims.
• The action must be outside the context of legitimate warfare activities.

³Adjusted to 2021 dollars by the Insurance Information Institute using the U.S. Department of Labor BLS Calculator. Loss total does not include March 2010 New York City settlement of up to $657.5 million to compensate approximately 10,000 Ground Zero workers or any subsequent settlements.

© Insurance Information Institute, Inc. - ALL RIGHTS RESERVED