With the increasing concentration of people and businesses in high-risk areas and the increasing interdependencies within the world, catastrophes are more likely than ever. Consider the disasters of Hurricane Katrina and the September 11 attacks. Not only was Hurricane Katrina the largest natural disaster in US history, but it also demonstrated how economic and social activities affected by the event translated into global risks with worldwide ripple effects. Katrina had major impacts on several international markets, such as oil, gas, and insurance. The terrorist attacks of September 11 had the immediate impacts of property damage and fatalities, killing more than 3,000 people from more than 90 countries, injuring about 2,250, and inflicting direct damage estimated at nearly US$80 billion. They also caused significant business interruption losses throughout the world and reshaped international relations.

Natural disasters and terrorist attacks are examples of what have been classified as low probability-high consequence (LP-HC) events. Despite the first half of their title, these events are now in the headlines with increasing frequency. There are features of these potentially catastrophic events that need to be carefully examined in order for individuals, firms, and governments to take steps today to reduce the risk of their occurrence in the future and to reduce the consequences should they occur. Every government in the world faces the question of how to help its citizens face the risks of catastrophe. Reducing these risks requires a concerted effort by individuals and firms. This poses a set of challenges due to the difficulty of anticipating LP-HC events.

It Will Not Happen to Me

Prior to catastrophic events, decision-makers often assume that these disasters will not happen to them. Hence they have little interest in undertaking costly protective measures. Only after a disaster is there concern with taking steps to prevent another such catastrophe from occurring. Hurricane Katrina and the September 11 terrorist attacks highlight this point.

Before Hurricane Katrina, the US Army Corps of Engineers did not adequately shore up the existing levees to protect the New Orleans metropolitan area from flooding. The reasons were several: cost increases, design changes caused by technical issues, environmental concerns, legal challenges, and local opposition to portions of the project. The Corps’ project fact sheet from May 2005 noted that the appropriated amounts in the President’s budget for fiscal year 2005 were insufficient to fund new construction projects that included levee enlargement. The interested parties concerned with the hurricane threat to the Gulf Coast acted as if a disaster such as Katrina would not occur in the next few years. This is sometimes referred to as the NIMTOF—Not in My Term of Office—phenomenon. It was convenient to ignore the numerous alerting studies—which stated that the existing levees were inadequate and that one of the nation’s highest priorities should be to reinforce these flood control projects—or even the October 2004 National Geographic warning about what could be the most devastating natural disaster in US history. The scenario became reality 10 months later.

The federal government is now committed to providing disaster assistance to the victims of Katrina. There is serious discussion of reinforcing and rebuilding the levees in New Orleans and other parts of the Gulf Coast. A few days after Katrina made landfall, the US Senate needed just a few hours of discussion to vote to grant nearly US$60 billion in federal aid. As of February 2006, six months after Hurricane Katrina, some US$88 billion in federal aid had been allocated for relief, recovery, and rebuilding, with another US$20 billion requested to help victims of the storm and the region recover and rebuild.

Likewise, prior to the September 11 attacks, insurers viewed losses from terrorism as so improbable that they never explicitly considered the risk when pricing their standard commercial insurance policies. Losses from terrorism were never excluded from so-called “all-risk” policies, with the exception of some marine cargo, aviation, and political risk policies. Even the first attack on the World Trade Center (WTC) in 1993 and the Oklahoma City bombing of 1995 were not seen as threatening enough for insurers to consider revising their view of terrorism as not worth considering when pricing a commercial insurance policy.

The attacks of September 11 produced a fundamental change in how terrorism is perceived in the United States. Insurers and re-insurers, who paid the bulk of the US$35 billion of insured losses from the terrorist attacks, were reluctant to continue offering protection except at very high prices. As a result, insurers excluded terrorism damages from their “all-risk” commercial policies when renewing these policies. Firms demanding insurance protection against such losses were forced to purchase a policy that included terrorism as a specific cause. They often had difficulty finding an insurer offering such coverage at a premium they were willing to pay. Sometimes they could not find a seller willing to provide terrorism insurance at any price.

The lack of availability of terrorism insurance soon after the September 11 attacks led some private sector groups, such as the construction and real estate industries, to call for federal intervention. In response, the US Congress passed the Terrorism Risk Insurance Act of 2002 (TRIA) at the end of 2002 and renewed the act for two years with only minor changes at the end of 2005. Under TRIA, insurers are now obligated to offer terrorism coverage to all of their commercial policyholders. Firms are not required to purchase this insurance unless mandated by state law, as is the case with workers’ compensation protection. To date, more than 50 percent of commercial enterprises in the United States have bought terrorism insurance. It is very likely that this proportion would increase significantly should another attack occur on US soil.

Interdependent Security

An interdependent security (IDS) setting is one in which each individual or firm that is part of an interconnected system must decide independently whether or not to adopt protective strategies. These measures can reduce the risk of a direct loss, but there is still some chance that the individual or firm can suffer damage from others who do not adopt similar measures. The economic incentive of any decision-maker to invest in protective actions thus depends on whether it expects others to follow suit—a classic case of game theory. The protective strategies can be direct risk-reducing measures as well as information-gathering and preparedness strategies. That such events are typically probabilistic and that risk is often determined in part by the behavior of others gives a complex structure to the incentives that individuals or firms face when deciding whether to invest in risk mitigation measures.