By Diana Kowatch, CPCU, AU, AAM, CPIW
What about me? One of the most frequently asked questions directed to us regarding the Year 2000 problem is: "How do I know if one of my clients has a large exposure to the Y2K problem?" The answer to that is: Everyone has potential exposure. But realistically, that answer will not suffice. Although everyone truly must be aware of the problem and review his or her own situation, what we hope to do is give a little direction to those that have the biggest potential for loss.
What is the problem again?
First, we will try to restate the problem briefly. Any computer or computerized system that in any way uses a year date must be evaluated to see if that system reads a four-digit year date or a two-digit year date. In the past, to save time and energy, two-digit year dates were used instead of four. As the millennium approaches, those systems that will not recognize a four-digit date may have problems when the double zeros for the year 2000 date are entered. The system will not know if the date is supposed to mean 1900 or 2000. Also, two-digit year-date systems where the codes 99 or even 98 were used to designate things other than the year must be caught and corrected immediately. Code must be rewritten to recognize the four-digit year date or dire results may occur.
The problem will not wait till the year 2000 as many people originally thought. Already incidents are occurring with things such as insurance policies, warranties, guarantees, contracts, and credit cards that expire in 2000. That year 2000 date is disrupting and bogging down more and more computer systems as two- and three-year events are entered.
The problem applies to any computerized system of any type, whether it be an actual computer or a piece of machinery or equipment that uses a computer chip and computer technology. Nowadays, what doesn't have a chip in it? From our microwave to our garage door opener to our car to our security system--the list is endless!
So which of my clients are targets?
Again, virtually every personal and commercial client has some degree of exposure to the problem. Some of the exposures will be mere inconveniences while others may cause substantial disruption to operations, if not shutdown, and/or major liability lawsuits.
What follows are some thoughts on the types of risks with fairly high degrees of exposure to the millennium problem, either on a first- or third-party basis. In no way is this list all-inclusive; it just provides direction on where to start.
Service risks that rely heavily on computer systems in order to process vast numbers of transactions that are date sensitive, or any other risk whose services use dates are susceptible. These risks have both first-party exposures if their own systems do not operate and third-party exposures to their customers and clients when services fail or become unavailable. Examples include (but are not limited to):
* accounting firms
* banks
* communication services such as telephone, cable, and Internet
* credit card operations
* emergency services
* financial institutions and financial consultants of all types
* governmental agencies--federal, state, and local
* insurance agencies and brokerage operations
* insurance companies
* law offices and legal firms
* libraries and research facilities
* medical facilities-hospitals, pharmacies, doctors' offices
* real estate operations
* stock exchanges and stock brokers
* transit, trucking, and shipping risks
* utilities
Manufacturing risks that rely heavily on computer-operated assembly, design, quality control, or manufacturing processes have a very high first-party exposure. Nowadays, this means just about every possible category of manufacturing operation.
Manufacturing risks that design, assemble, or manufacture any part, piece, or end-product that in any way uses computer technology have high potential for products liability suits should products fail. Again, it may not matter if the manufacturer makes only a part and not the end product--potential for products liability will exist. Target products are:
* air-conditioning units
* aircraft, airport, or aviation equipment
* automobile and related components and parts
* cash registers, bar code readers, and UPC symbol readers
* computer hardware and component manufacturers
* cooking units
* electronic products of all types
* heating units
* lighting devices
* safe and vault manufacturers
* security systems and other security devices
* temperature control devices
* traffic signaling devices of all varieties
Retail operations have significant first-party loss potential if they have automated or electronic inventory, bar code, credit card, scanning or cash register systems. And of course, the type of customers that have the highest potential for suits of any and every type are computer software design, programming, or consulting operations.
Do you get the picture that just about everyone is going to face some degree of inconvenience if not outright serious loss?
At the present time, very few first-party insurance coverages are available. Those that are, appear to be priced for larger business. Most individuals and small to mid-sized risks will find them costly.
There is always the option of waiting to see if the predicted catastrophic events really do occur. If and when they do, you can decide whether or not a lawsuit against another party should be made. Then you can stand in line behind all of the other businesses that also waited and hope there is enough time and money to go around to compensate all of the injured parties who also waited to the last minute.
The most practical option is to immediately begin a complete inventory of all computing systems involved in a particular business operation and audit or check each for the year-date problem. This is a time-consuming process for any business, but there is barely enough time left to do so. This means correspondence to manufacturers and other vendors. When older systems are still in use, it may also mean research. It will be costly in both time and money. But if a proactive approach is not taken fairly quickly, no one is sure of the actual results. Should the disaster be as bad as is thought, there most likely will not be enough financial and personnel resources (such as computer programmers and systems engineers) available to handle the overwhelming needs of our society. *
The Rough Notes Company home page includes a "discussion group" for Y2K issues. Visitors to the site can comment on Y2K issues, pose questions and stay up to date on these issues. The Web site is located at http://www.roughnotes.com.
Take inventory
The first item to start with is a physical inventory of all hardware and electronic devices owned, leased, or used. This list should be on a separate sheet of paper. A physical inventory should be confirmed with a comparison to financial records. It should include computers, their peripherals and accessories and other electronic or computerized devices such as fax machines, telephone answering systems, and so forth.
Sample or test runs--but don't try this at home!
In order to determine if the year-date situation exists, it is possible to run test or sample Year 1999 or Year 2000 dates. Great caution is urged when doing this type of testing. An experienced, qualified system technician should be consulted to run such tests.
Prior to any such testing, substantial backups must be made of all aspects of the system in case of failure or crash.
The questionnaire
For each computer, its peripherals, and similar type of equipment (CD-ROM, modem, scanner, digital camera, printers, laptops, fax, telephone answering system, etc.) in your operation:
1. What type of operating system do you have (who is the manufacturer)?
2. What version of the operating system does your computer have?
3. Have sample tests been run to determine if the problem exists? * Yes * No
If yes, what are the results?
4. Have you checked with the operating system vendor to confirm in writing that the version of the system you use is 100% Year 2000 date compliant?
* Yes * No
Vendor must explain any deviations:
5. Who is your agency management system vendor?
6. What version of the agency management system do you have?
7. Have you checked with your agency management system vendor to confirm in writing that the version of the system you use is 100% Year 2000 date compliant? * Yes * No
Vendor must explain any deviations:
8. Who is your rating system vendor?
9. What version of the rating system do you have?
10. Have you checked with your rating system vendor to confirm in writing that the version of the system you use is 100% Year 2000 date compliant? * Yes * No
Vendor must explain any deviations:
11. Do you have a separate accounting system?
* Yes * No
If yes, ask the same questions about your accounting system.
12. Do you interface with any insurance companies?
* Yes * No
If yes, list each:
13. For each insurer listed, confirm if that insurer has been contacted to confirm that the company is 100% Year 2000 date compliant:
Explain any deviations:
14. Do you interface with any information vendor for items such as MVRs, rate/loss cost information, credit reports, credit card, financial or other sources of information? * Yes * No
If yes, list each:
For each listed, confirm if that vendor has been contacted to confirm that it is 100% Year 2000 date compliant:
Vendor must explain any deviations:
15. Do you have a security system? * Yes * No
If yes, who:
16. Have you contacted that vendor to confirm in writing that it is 100% Year 2000 date compliant?
* Yes * No
17. Do you have a thermostatically controlled heating/air-conditioning system? * Yes * No
If yes, who:
18. Have you contacted that vendor to confirm in writing that it is 100% Year 2000 date compliant?
* Yes * No
Vendor must explain any deviations:
Y2K supplemental questionnaire for other businesses
The most current update to the Rough Notes Company Commercial Risk Management Survey contains a Y2K Supplemental Questionnaire to assist agents and brokers in evaluating the exposures of their clients. Please contact our customer service department for more information on the Commercial Risk Management Survey. Phone: (800) 428-4384 or Fax: (800) 321-1909
©COPYRIGHT: The Rough Notes Magazine, 1998