There's no doubt that the Internet is a wonderful technology. Over the last five years or so we've heard about the ways it will impact the insurance industry. At first, the Internet was expected to overturn existing distribution arrangements — whether through doctoms or incumbent carriers. More recently, it's thought the Internet may best be put to work helping carriers serve their agents and agents their customers.
Commonly recognized Internet issues include proprietary carrier Web sites versus multi-carrier arrangements, single-solution XML versus standard ACORD XML, straight-through versus single-step processing, and so on. There are other issues as well. You're probably familiar with them all and have an informed opinion about what's right for your company.
But there are other, perhaps more important issues relating to the Internet that are being ignored — either because they're invisible or because we haven't appreciated their potential impact. I'll touch on three: the certain failure of the Internet; the misuse of capital; and the overselling of remote Web services. All three could prove disastrous to the insurance industry.
Let me be clear that I don't think the Internet will fail for most casual and consumer purposes. But ultimately it will not work for what are usually described as business-to-business applications (e.g. carrier to agent). It is inherently too fragile.
The Internet was developed to have a high level of physical resiliency. For the most part, transmissions don't depend on any specific physical routing. If a part of the network goes down, traffic is automatically rerouted. It's a clever arrangement.
But physical resiliency isn't enough. As we've seen over the last few years, denial of service attacks, worms, viruses, and other forms of interference and destruction have become more serious, far-reaching, and persistent. Even with advanced warnings, anti-virus software, and readily available software patches, whole companies have been taken off line for hours, even days to clean up the mess.
It's not going to get better. And the real, serious problems haven't even shown up yet. What would happen if a small group of modestly sophisticated technical people decided to make the Internet unusable through a massive proliferation of denial of service attacks — not just for a day but over weeks or months? Is it technically possible? From what I understand, yes. Would anyone have the desire to make a concerted attack on the Internet itself? Given the events of the last few months and the unfathomable motivation behind them, it would be rational to assume the Internet will come under furious and frequent attack.
The industry becomes more dependent on the Internet daily — yet the Internet is likely to fail in ways we can't yet imagine. As a prudent and risk-averse industry, we should anticipate this eventuality and arrange matters to minimize its impact. I don't claim to have a solution, but one might lie in moving industry B-2-B traffic from the public Internet to a shared and carefully managed private IP network.
The inevitable bursting of the dotcom bubble may have been satisfying to the extent that business reality finally overtook fantasy. To a large extent, the really ridiculous, business-to-consumer insurance services have disappeared or are limping along living on the remains of their capital. The roar became a whimper and finally a sigh.
Angels, venture capitalists, insurance carriers, and other risk takers who expected hundred-to-one returns lost millions — even if they haven't acknowledged it yet. The write-offs, work-outs, bankruptcies, mergers, and other financial adjustments are underway. In most cases, the investors will live through the debacle. We needn't worry about them.
But the real damage isn't visible. The consequences of squandering capital on absurd business models didn't end with the demise of those businesses. The misuse of more than $1B intended for the development of insurance technology may kill a whole generation of promising insurance technology businesses before they can come of age. Opportunity has been lost and that will harm the industry for the next decade or more.
Here's the residual problem. It's now enormously difficult for really promising start-ups and existing small insurance technology businesses to get funding. Eighteen months ago, VCs competed tooth-and-nail to dump tons of money into idiotic insurance technology ventures. Now the VCs won't talk to legitimate investment candidates — or if they do make absurd demands.
I know of five small insurance technology businesses that have great promise and could really make a difference to the industry — but they're having a terrible time getting any funding. The VC sins of the past are being visited on companies that deserve better.
If these and other small, ingenious insurance technology firms fail outright or fail to realize their potential — not because of poor ideas, execution, or management, but because of an investment atmosphere polluted by the dotcom stupidity - it's not just these entrepreneurs who will suffer, it's the carriers who could be saving themselves millions by using these new products and services.
What's the answer? A more intelligent approach to insurance technology investment — one built on the idea of creating excellent, solid, valuable companies that grow at a sustainable pace and deliver ten to one returns over four or five years. We need new ways to connect capital to opportunity.
Microsoft, IBM, Sun, HP, Oracle, and a cast of thousands are working hard to develop an expectation that remote Web services will solve the perennial problems of computing. Want to be able to reuse code? You got it. Want to avoid problems of software installation and maintenance? No problem.
We've heard these claims before of course. Object-oriented programming, component architecture, integrated development environments, CORBA/DCOM — whatever, were all going to do the trick. But they didn't.
In the past, software panaceas were marketed as solutions to internal problems. The claims for remote Web services are more grandiose. They promise that systems of interconnected business, maybe whole industries (not just individual businesses) can interconnect via remote Web services to achieve incredible efficiencies.
The backbone on the effort rests on a variety of XML standards, not simply the data transmission standards that are ACORD's preoccupation, but business rules, and higher, even meta-level standards.
How will all this work? One piece of software, say a rating service in need of an MVR, will consult a Web services directory, find a candidate, inquire into what it offers and what data it needs, decide to use it, make the connection — and then it's off to the races. Everything will happen under the covers. The user won't need to pay any attention. The technology will handle all the problems.
Does this make any sense? I don't think so. It's just too complicated. Here's an example of how Web services can cause unforeseen problems.
The inefficiency of current processing systems, the use of paper, the need to re-enter data, and so on, is much maligned. Web services, we are told, has the potential to automate these processes end-to-end, even across corporate boundaries. That sounds like an unalloyed good.
But what happens when some part of this automated end-to-end process fails? Who will know what has failed where? How will it be repaired? What are the work-arounds and how will they be put in place? The inefficiencies of systems actually sometime serve a salutary function — as a kind of firewall. The absence of automatic linkage means that the whole can stand even when one part fails.
What's the solution? A world of free-standing Web services won't work but a collection managed from a central site could. What's needed is some kind of service that can take responsibility for integrating a select set of services for a particular population. In this industry carriers will need to orchestrate the Web services they use and agents will need to depend on integration services that oversee and manage what they can't possibly cope with on their own.
The move from private networks to the Internet can save carriers money and make it possible for agencies to link to multiple companies through one IP connection, the Internet. Unfortunately public Internet reliability and security problems aren't soluble and to depend on the Internet for survival is to court disaster. An industry private IP network might be the answer.
Greedy VCs and others hoped to make a killing by investing in brave-new-world insurance Internet technology. The failure of that initiative is killing rational investment and needed technological development in better-faster-cheaper solutions. A special purpose, practical, lower expectation fund or funds could provide the needed antidote before the whole industry gets sick living on stale technology.
Remote Web services is an interesting and promising idea but is oversold by miles. Were the industry to follow the path as marketed, little would really work as promised. Remote Web services has the potential to create more chaos than order. On the other hand, managed integration platforms/services and generally less ambitious expectations could bear nourishing fruit.
The law of unintended consequences is absolute. It has no exceptions. Shouldn't this industry anticipate and then ameliorate the unintended consequences of the Internet? Makes sense to me.