1. Date change to the year 2000 and related problems for the Insurance Industry

The date change to the year 2000 is an important event for the insurance industry, perhaps even more so than for other financial entities: not only the possible date related disruptions of its own I.T. systems shall have to be confronted with, but also, and above all, the repercussions that these might have upon such business activities as contract issuance, damage settlement, customer claim management.

Therefore, together with technical and organizational risk profiles that are common to all economic sectors, additional risk profiles become peculiarly relevant for the insurance sector in connection with the need to prepare for potential increase in customer claim rate due to possible conversion failure, particularly within the general civil liabilities, fire, other property damage and transported goods.

Moreover, objective coverage difficulties for the year 2000 risk due to the absence of uncertainty factor and conditions upon which to base premium calculation with traditional insurance technique, must be noted.

This conviction is widely shared within the majority of the EEC insurance supervisory authorities, International Association of Insurance Supervisors (IAIS) and OCSE.

In the presence of such potential risk and evaluation uncertainties, the main objective of the Supervisory Authority--that of guaranteeing the stability of those system components which may be threatened by underestimating of damage claim--stands out more vividly.

Contract obligations must be fulfilled with no delays, error or hitches whatsoever, and confidence of policy holder towards the industry must be maintained.

what, then, the insurance industry approach within such scenario?

Doubtlessly, while caution shoul be exerted in risk underwriting, adequate information should be conveyed to policy holders, particularly to those that are most exposed to the millennium date change.

On the basis of what has been noted hitherto, information must focus on the concrete behavioural patterns that the customer must follow to be qualified as contractually diligent.

To perceive the importance of this issue is to enact the most effective prevention practice and, in pathological instances, it may allow the insurer to field an effective reaction strategy where negligent insurance behaviour emerge.

As regards new contracts, the domestic market has adopted a common approach by adding, to policies at risk, a substantial exclusion clause for compensation of damage directly or indirectly caused by date change related malfunctioning.

The possibility of a significant increase in litigation rate with those customers that will not have adopted the necessary measures to achieve I.T. system compliance must however be underscored.

It is obviously left to the firm to undertake residual risk coverage when the user has adopted all of the necessary measures to neutralize or reduce year 2000 risk.

This approach would have the merit of associating, to a rigorous risk assessment, an answer to policy holder requirements once his cooperative behaviour be ascertained.

2. What is Isvap doing

What initiatives has the Institute undertaken?

Isvap has been urging business preparation through such typical Authority instruments as guidance letters and on site instruction and assessment, in close coordination with omologous EEC Supervisory Authorities, CE Commission and Joint Year 2000 Council.

In several occasions, the attention of insurance and re-insurance firms has been drawn upon the possible year 2000 date change effects as well as inter-relations between internal and external I.T. systems.

Through a detailed questionnaire, the Institute has been able to assess awareness level, completed or planned remediation activities, testing schedule and budgeted resources for each firm.

What does the resulting picture look like?

Questionnaire responses as of December 31, 1998, are indicative of a situation characterized by high awareness level coupled with significant organizational and conversion efforts, even through the stablishment of ad-hoc working groups.

However, some critical areas emerged with regard to cost assessment and inadequate test planning

To boost insurance and re-insurance firms committment on the issue, the Institute has expressely requested supervised firms to indicate the portion of insurance portfolio at risk, in the 1998 budget report. Moreover: remediation program for central and local I.T. systems detailing work progress, test schedule and project cost must also be indicated.

Finally, preparation of a detailed emergency plan specifying procedure, method and business operation recovery time for the management of possible critical instances has been requested as a mandatory requirement.

Budget review is still in progress. It may be anticipated, however, that the great majority of the firms have scheduled testing completion by June 30, 1999. As for the cost, this appears to be substantial within the sector as a whole.

A second survey was carried out in April, 1999, based on the Comitato Anno 2000 questionnaire.

The results show that approximately 90% of the firms had executive projects in place, project completion was expected by June 1999, and year 2000 project managers had been appointed.

Furthermore, major firms - wihich cover 80% of the market - have reached system compliance for over 80% of mission-critical systems, the market as a whole being positione on a sligthly lower figure.

With regard to completion schedule: 93% of large firms expect to complete mission-critical system conversion within the third quarter; only 2.7% plan program testing in the last quarter. Only 11% of large firms have scheduled implementation for the last quarter while 23% expect to complete contingency planning within the same.

3. Inspection of monitored firms

The Institute, in addition to questionnaire assessment, has began assessment inspection activities that covered organization, I.T. systems and business.

The inspections confirmed potential year 2000 risk exposure as previously assessed by questionnaire response analysis.

To summarize the results of completed inspections, which have included some of the major firms, it may be stated that the industry has consciously undertaken specific actions.

Awareness and involvement level of business structures appeared satisfactory both at central and local level.

More specifically, one of the issues that was most carefully reviewed concerned definition of resources and responsibilities.

In operational terms, the chosen solution within all reviewed cases was that of centralizing organizational and information responsibilities at parent company highest management level. Depending on corporate complexity, single firm representative participation in the "Year 2000 Project" team has, or not been scheduled.

With regard to information technology, the approach was to assess existence of system and application hardware, software structure inventory. These assessment have provided general insights upon firm I.T. assets and time required for conversion of non-compliant structures.

With regard to business, all of the inspected firms have already included, or plan to include, an exclusion clause in all new contracts , though maintaining residual risk coverage.

For existing policies with expiry beyond January 1, 2000, the majority of firms have alerted potentially exposed customers through a specific information campaign.

The Institute will call on slow moving firms to enhance their involvement level.

Conclusions

what conclusions may be drawn?

In the past few months, monitoring activity has focused on I.T. system conversion schedule and procedure, policy holder information, specific risk peculiarities.

To summarize, it can be affirmed that the Italian insurance system has largely adopted the most suitable initiatives, particularly as concerns information technology, organization and business areas, new contract.

However, in the coming months Isvap will continue to underscore that, notwithstanding remediation activity, the industry should not feel clear of all risk, particularly with regard to settlement of year 2000 related damage.

In any case, it will be acting to reduce and manage any negative impact.

In the months ahead, within the spirit of this conviction, Isvap will verify that requirements and deadlines outlined by the Supervisory Authority - and that the system has undertaken - shall be effectively complied with.