The years may change, but one constant is that there will always be risks that need to addressed and managed. With natural and -man-made disasters, episodes of corporate malfeasance, and technological challenges continuing to make life interesting for risk professionals worldwide, 2014 was no exception. As we look ahead to a new year, it is helpful to remember the events that helped define this Year in Risk (or at least the 10 months preceding this issue going to press) so that we can better prepare for what lies ahead.
LEGAL MARIJUANA SALES BEGIN IN COLORADO
January 1
As a state law legalizing the sale of recreational marijuana went into effect, dozens of retail marijuana stores opened their doors for the first time in Colorado. By the end of August, the Colorado Department of Revenue reported that it had collected more than $21 million in marijuana taxes, licenses and fees. Although marijuana remains illegal under federal law, 23 states have legalized medical marijuana, while four states-Colorado, Washington, Oregon and Alaska-and Washington, D.C., also allow recreational use, creating new workers compensation concerns for employers nationwide.
POLAR VORTEX CAUSES COSTLY DEEP FREEZE
January 7
The southward shift in a frigid weather pattern known as the polar vortex led to record-breaking cold temperatures throughout much of the United States and Canada. On Jan. 7 alone, some 49 record-lows were set in the United States, including readings of -14° Fahrenheit in Detroit. Meanwhile in Canada, temperatures in Winnipeg dropped into the -30s. According to the Insurance Information Institute, it was the fifth-costliest winter on record, causing $2.4 billion in insured losses and $3.4 billion in economic losses.
WEST VIRGINIA CHEMICAL SPILL THREATENS DRINKING WATER
January 9
More than 300,000 West Virginia residents were left without -drinking water for weeks after up to 7,500 gallons of crude 4-methylcyclohexanemethanol, a chemical used to clean coal, leaked from a Freedom Industries storage tank into the Elk River. Although not considered lethal, health officials were concerned that exposure to the chemical could cause illnesses. The company filed for bankruptcy -protection shortly after the -incident and eventually agreed to a $2.9 million settlement with its insurer, AIG Specialty Insurance, over coverage for damages. The proceeds of the settlement were intended to go to nonprofit groups to help the affected community.
BITCOIN EXCHANGE SHUTS DOWN, INVESTORS LOSE MILLIONS
February 28
Toyko-based bitcoin exchange Mt. Gox declared bankruptcy after revealing that 800,000 of its customers' bitcoins—worth more than $450 million at the time, and representing 7% of all bitcoins in circulation—had been lost and possibly stolen by hackers. Although the company eventually found 200,000 bitcoins that had been stored in an old-format digital wallet, the rest were never recovered and the incident has called into question the security of the virtual currency market.
GM'S IGNITION SWITCH RECALL SCANDAL
February 13
General Motors' recall woes began modestly enough when the company recalled 800,000 vehicles because of faulty ignition switches that could shut off the engine and disable the airbags. By October, GM issued more than 75 separate recalls covering more than 30 million vehicles worldwide, costing the company billions of dollars in recall costs and lost revenue. Of these, the ignition switch issue would prove to be the most tragic-reportedly, the automaker had been aware of the problem for more than 10 years. So far, at least 30 deaths have been attributed to the defect, with these numbers likely to increase as additional claims are received by the $400 million compensation fund established for victims.
MALAYSIA FLIGHT 370 DISAPPEARS
March 8
Less than an hour after taking off from Kuala Lumpur en route to Beijing, Malaysia Airlines Flight MH370 disappeared over the Indian Ocean. The ensuing search has covered some 23,000 square miles and is considered the largest and most expensive in history. Thus far, however, it has yielded no concrete clues as to the whereabouts of the Boeing 777 and its 239 passengers and crew. Insurers have paid more than $110 million to help fund the search and cover the loss of the aircraft and its passengers. In July, tragedy struck Malaysia Airlines once again when its Flight 17 was shot down over Ukraine, killing all 298 aboard.
TOYOTA PAYS RECORD $1.2 BILLION PENALTY
March 19
Toyota agreed to pay a $1.2 billion dollar criminal penalty to the U.S. Justice Department-the largest ever levied against a car company-for covering up safety problems related to unintended acceleration in its vehicles. The issue caused the recall of some 10 million cars in 2009 and 2010. Although he did not discuss GM directly, Attorney General Eric Holder said, "Other car companies should not repeat Toyota's mistake. A recall may damage a company's reputation, but deceiving your customers makes that damage far more lasting."
PRESIDENT OBAMA SIGNS BILL TO DELAY FLOOD INSURANCE REFORM
March 21
President Obama signed the Homeowner Flood Insurance Affordability Act of 2014 into law, which delayed for four years the implementation of provisions of 2012's Biggert-Waters Flood Insurance Reform Act. This act requires an increase in flood insurance premiums to better reflect the risk in certain areas. During the delay, FEMA will reassess flood maps so that premiums can be established more accurately. Currently, the National Flood Insurance Program is $24 billion in debt due to the high cost of recent flood events.
WASHINGTON MUDSLIDE KILLS 43
March 22
The deadliest landslide in U.S. history occurred when a mile-wide section of mud and debris engulfed a neighborhood outside Oso, Washington. Forty-three people were killed and 49 houses and buildings were destroyed. Heavy rains, the weakening effect of a previous mudslide in the area and the impact of logging on ground stability were blamed for the disaster. The Seattle Times also reported that proper flood plain permits were never secured when the Steelhead Haven neighborhood was built in 1960, obscuring the true magnitude of the risk.
EBOLA OUTBREAK CONFIRMED IN WEST AFRICA
March 25
Since the initial confirmation by the World Health Organization of an outbreak of Ebola in Guinea, nearly 5,000 people worldwide have been killed by the virus (as of Nov. 2). It is the largest outbreak in history, primarily affecting the West African nations of Guinea, Liberia and Sierra Leone. Cases in Dallas, New York and Spain involving infected travelers from West Africa and the health care workers who treated them have sparked fears that the disease could spread, however. Despite warnings from health organizations that such measures could worsen the epidemic, travel restrictions and mandatory quarantines have been put in place in the United States and other countries, prohibiting travel from affected areas. Ebola screenings have also been implemented at certain international airports including New York's John F. Kennedy and Newark.
HEARTBLEED BUG DISCOVERED
April 1
Researchers discovered a serious vulnerability in Open SSL, encryption software used by millions of websites that provides security and privacy for internet communications. According to cybersecurity firm Codenomicon, which named the bug, Heartbleed "compromises the secret keys used to identify service providers and to encrypt traffic, names and passwords of users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users." Although a patch to fix the problem was quickly released, internet users were advised to change their passwords. As late as June, at least 300,000 websites were still unpatched.
FORT HOOD GUNMAN KILLS FOUR
April 2
A gunman killed three and injured 16 before taking his own life in a shooting spree on the Fort Hood military base near Killeen, Texas. The assailant, who worked on the base, was reportedly distraught over being denied leave. Fort Hood was also the site of a 2009 mass shooting that claimed 13 lives. According to an FBI study, mass shootings are on the rise in the United States. On average, there were 16.4 mass shootings a year from 2007 to 2013, compared with 6.4 shootings a year from 2000 to 2006. In 160 incidents identified since 2000, 486 people were killed and 557 wounded.
SOUTH KOREAN FERRY MV SEWOL SINKS
April 16
A ferry carrying 476 people, most of whom were high school students on a field trip, capsized and sank off the coast of South Korea. Despite a massive rescue operation, 295 people perished in the disaster. Nine are still missing. Subsequent investigation revealed that the captain was not at the helm when the overloaded MV Sewol took a sharp turn, causing it to begin sinking. The crew also abandoned ship after telling passengers to remain in their cabins. The captain was found guilty of gross negligence and sentenced to 36 years in prison for his role in the disaster.
FCC ANNOUNCES NEW NET NEUTRALITY RULES
April 23
The principle of net neutrality, which dictates that internet service providers (ISPs) treat all content equally, came under fire when the Federal Communications Commission announced plans to allow broadband ISPs to create a "fast-lane" with better connectivity for companies willing to pay a premium. Those in favor of neutrality-including many of the largest content and service providers such as Netflix, Facebook and Amazon-suggest that such measures will allow providers to arbitrarily limit or block certain content.
TORNADOES STRIKE SOUTHEAST UNITED STATES
April 27
Tornadoes touched down throughout the southeastern United States, killing 35 people and causing more than $1 billion in damage. The four-day outbreak produced 84 tornadoes, including two severe EF4 tornadoes that killed 16 in Arkansas and 10 in Mississippi. High winds, heavy rain, and hail caused damage and flooding in more than 20 states. Another outbreak in June in the Midwest produced four more EF4 tornadoes, one of which destroyed the town of Pilger, Nebraska, killing two.
NBA OWNER BANNED FOR LIFE
April 29
After it was revealed that Los Angeles Clippers owner Donald Sterling had made racist remarks in a recorded conversation with his girlfriend, NBA Commissioner Adam Silver fined Sterling $2.5 million and banned him from the league for life. Before the ban, almost 20 sponsors, including State Farm, Virgin America and Kia Motors, had pulled their support for the team in protest of Sterling's remarks. Amid continued opposition, Sterling finally sold the team to former Microsoft CEO Steve Ballmer for $2 billion.
EU RULES IN FAVOR OF "RIGHT TO BE FORGOTTEN"
May 13
In a precedent-setting digital privacy case, the European Union Court of Justice ruled that Google and other search engine providers must comply with requests from people who want to remove links containing their personal information. The case pits digital privacy rights against the freedom of information, and critics fear that it could lead to a censored and sanitized internet. Google reported that it received 12,000 requests on the first day the policy went into effect.
U.S. PATENT OFFICE REVOKES REDSKINS TRADEMARK
June 18
The U.S. Trademark and Patent Office cancelled the Washington Redskins' trademarks on the grounds that "a substantial composite of the Native American population found the term 'Redskins' to be disparaging." The NFL team is appealing the ruling. While the decision does not force a name change, it does mean that the team will not be able to protect itself against copyright infringement. Any company will therefore be able to sell unlicensed team merchandise without fear of legal reprisal. Although polling shows the majority of Americans do not believe the team should change its name, opposition has been growing steadily.
CHINESE HACKERS TARGET FEDERAL EMPLOYMENT DATA
July 9
Officials revealed that Chinese hackers breached the computer network of the U.S. Office of Personnel Management in March. The attack was noteworthy because, although hackers frequently try to break into government networks, they rarely succeed. The hackers may have been targeting a system that allows employees to apply for top-secret security clearances. In May, the U.S. Justice Department also indicted five members of Unit 61398, the alleged cyberespionage division of the Chinese People's Liberation Army, charging them with hacking into the networks of steel, nuclear plant and solar power companies to steal trade secrets.
TYPHOON RAMMASUN CAUSES $7 BILLION IN DAMAGES
July 9
The seventh-most costly Pacific typhoon in history, Typhoon Rammasun tore through the Philippines, China and Vietnam, killing almost 200 people and causing more than $7 billion in damage. While China bore the worst of the financial damage with $6.25 billion in economic losses, the Philippines experienced the most casualties, with 106 people reported dead from the storm.
FLOODING INUNDATES MIDWEST, NORTHEAST AND MID-ATLANTIC STATES
August 11
Substantial rainfall over a three-day period caused flooding throughout a number of U.S. states. Detroit was hit particularly hard as two months of rain fell in just 24 hours,
damaging thousands of homes and causing $1 billion in economic losses. In Long Island, New York, a foot of rain fell in just nine hours, while Baltimore experienced its second-wettest day on record. In total, the storm damaged more than 70,000 homes and caused $2 billion in losses.
HAPPY CAMP WILDFIRE HIGHLIGHTS AN ACTIVE SEASON IN CALIFORNIA
August 12
The largest wildfire in California this year, the Happy Camp Complex fire burned more than 134,000 acres from August through October, causing more than $86 million in damages. Exacerbated by ongoing drought in the state, this California wildfire season was particularly active. Overall, there had been almost 5,400 wildfires in the state by the end of October, according to the California Department of Forestry and Fire Protection, exceeding the five-year average for the same interval by 1,000. Other notable fires included a series of wildfires in San Diego County throughout the month of May that burned almost 30,000 acres and cost at least $60 million in damages and firefighting costs, and the King fire, which burned 97,000 acres in September.
NAPA VALLEY SHAKEN BY EARTHQUAKE
August 24
A magnitude 6.0 earthquake struck the San Francisco Bay area, damaging property, infrastructure and local Napa Valley wineries. Although the quake caused an estimated $2 billion in economic damages, up to $100 million of which were borne by the wine industry alone, insured losses were much lower because less than 5% of the homeowners and businesses in the area reportedly have earthquake insurance. An experimental early-warning system at UC Berkeley was able to provide a 10-second warning of the quake. Earlier in the month, a magnitude 6.1 temblor in China proved to be much more devastating. The Ludian County quake caused $6.3 billion in damages, killed more than 600 people and injured over 3,000.
INSURERS TURN TO NEW LEADERSHIP
September 1
A number of insurance companies announced new top leadership in 2014. Among them, Peter Hancock took over as CEO of AIG on Sept. 1 after Robert Benmosche announced he was stepping down in June. In July, FM Global said that Thomas Lawson would take over as CEO at the beginning of 2015 after current chairman and CEO Shivan Subramanian announced his retirement after 40 years with the company. Additionally, Oliver Bäte was tapped to lead Allianz in May of next year, succeeding CEO Michael Diekmann, and Alan Colberg will take over as CEO of Assurant on Jan. 1, replacing Robert Pollock.
HOME DEPOT BREACH EXPOSES 56 MILLION CARD NUMBERS
September 2
In the largest retail data breach to date, hackers stole 56 million credit and debit card numbers and 53 million email addresses over a five-month period using malware installed primarily on payment systems in self-service checkout lanes. Despite the size of the breach, Home Depot's reputation has fared better than Target's did in the aftermath of its breach last year. Experts have pointed to Home Depot's prompt response to the problem, but have also suggested consumers are going through "breach fatigue" and are tired of hearing about such issues. There has been no shortage of breaches this year, with JPMorgan Chase, eBay, Neiman Marcus, P.F. Chang's, Michaels, the IRS and others reporting hacking incidents. As of Nov. 3, the Identity Theft Resource Center -identified 644 breaches in 2014, exposing more than 78 million records.
CVS STOPS SELLING CIGARETTES
September 3
"This is the right thing to do," stated drugstore chain CVS, which stopped -selling cigarettes and tobacco -products in its 7,600 stores nationwide. The move meant that CVS would forgo $2 billion in annual tobacco sales, but was intended to bolster the company's image as a health care provider. "By removing tobacco products from our retail shelves, we will better serve our patients, clients and health care providers while positioning CVS Caremark for future growth as a health care company," read a company statement. "Cigarettes and tobacco products have no place in a setting where health care is delivered."
BP FOUND "GROSSLY NEGLIGENT" FOR GULF OIL SPILL
September 4
U.S. District Judge Carl Barbier ruled that BP was guilty of "gross negligence" and that its conduct was "reckless" in the 2010 Deepwater Horizon oil well blowout that killed 11 workers and spilled millions of barrels of oil into the Gulf of Mexico. The verdict could add $18 billion in fines under the Clean Air Act to the $42 billion sum that BP has already spent on cleanup costs and damage claims from the disaster.
NFL FACES DOMESTIC VIOLENCE SCANDALS
September 8
After a video surfaced of Baltimore Ravens running back Ray Rice punching his fiancé, the NFL came under fire for its response to the incident. Rice was initially suspended for two games, but amid criticism that the league was being too lenient and calls for commissioner Roger Goodell to resign, the suspension was made indefinite. Compounding the problems for the NFL, Minnesota Vikings running back Adrian Peterson was charged with child abuse just days later. Public uproar and criticism from sponsors prompted the NFL to create a new domestic violence policy to address the recurring issue.
FENCE-JUMPER BREACHES WHITE HOUSE SECURITY
September 19
An intruder leaped over the White House fence and was able to sprint 250 yards across the lawn, go through the front door, overpower a Secret Service agent and run through the main floor before finally being apprehended. The president and his family were not in the building at the time. This was the fourth fence-jumping incident at the White House this year. After it was also revealed that an armed and improperly screened security guard had been allowed to ride an elevator with President Obama, Secret Service Director Julia Pierson resigned on Oct. 1.
HURRICANE GONZALO STRIKES BERMUDA
October 17
Hurricane Gonzalo, the first Category 4 hurricane since 2011, struck Bermuda after being downgraded to a Category 2 storm, knocking out power for most of the island and causing up to $400 million in damages. It was the worst hurricane to strike the island since Fabian, which caused roughly twice the monetary damage in 2003. Thus far, the 2014 Atlantic hurricane season has been relatively quiet, with only six named storms as of Nov. 1. Of those, only Gonzalo and Edouard were major hurricanes of Category 3 or higher.
VIRGIN GALACTIC SPACECRAFT EXPLODES
October 31
Virgin Galactic's commercial spacecraft, SpaceShipTwo, exploded in midair during a test flight, crashing into the Mojave Desert. A test pilot was killed and another injured. The cause of the explosion is still being investigated. Earlier in the week, an unmanned Antares rocket carrying supplies bound for the International Space Station exploded shortly after liftoff. The rocket was owned by Orbital Sciences Corp., which has a contract with NASA to conduct multiple supply missions to the space station. The incidents have cast uncertainty around the burgeoning U.S. ?commercial space industry.
TRIA SET TO EXPIRE
December 31
Although expected to be resolved before the end-of-year deadline, the Terrorism Risk Insurance Act is set to expire on December 31. Two separate reauthorization bills are currently moving through Congress, with the House bill proposing more significant changes than the Senate version. Industry experts are generally in agreement that an extension of TRIA is necessary. "The availability of adequate coverage is directly linked to the existence of TRIA," RIMS President Carolyn Snow said in her February testimony before the Senate Banking Committee. "If TRIA is allowed to expire, uncertainty will re-enter the marketplace, which will have a negative impact on the affordability and availability of terrorism coverage."