Jim Blackstrom found that the millennium hangover can hang on quite a while, even though he thought he had prepared his office for Y2K.
On that historic Friday night, as the old millennium ticked down to its waning hours and minutes, this normally responsible insurance advisor and his wife toasted in the New Year with doubles of Millennium single-malt Scotch, bought especially for the occasion. By the time they finished watching the ball drop to Times Square on TV, he was feeling just fine. He knew he was more than ready for the dawning of this new millennium. He’d just had an excellent year financially, and with everything he’d done to protect his office and his files, he was sure the Y2K bug wouldn’t dare bite him or his business. He had upgraded his PCs and his systems, hired a consultant to help develop a contingency plan and a vendor for his disaster-recovery plan, plus hard copies of all his client information nestled in their file folders. He was looking forward to a relaxing weekend watching the bowl games and parades, and a smooth return to business the following Monday.
Blackstrom’s new millennium really didn’t dawn in earnest until that first Monday. He hit the road early so that he could gas up his car on the way to work. He hit three stations before he found working pumps, and already a dozen cars were in line. While waiting, he heard on the radio that many traffic lights were malfunctioning and traffic was backed up for miles. Security systems in several buildings had failed, too, and robbery after robbery was being reported. All of it was due to "embedded microprocessors going off like little land mines," as one broadcaster put it. As he listened, Blackstrom caught himself chewing at a nail. By the time he decided to leave the gas station, after only being allowed to get a half tank, traffic was such a mess that he didn’t arrive at his office for hours. Sure enough, it had been looted. His supposedly Y2K-compliant security system turned out to be useless, and his computers, so painstakingly upgraded for Y2K compliance, were gone. It was a black day at Blackstrom Financial.
However, as he realized with relief, he did have his backup plans. Finding no dial tones on the office phones, Blackstrom called his disaster-recovery vendor on his cell phone. Soon, his offices had two fine new PCs blinking away. But the accounts-payable data looked like hieroglyphics, and his clients’ ages in his tickler file were in negative numbers. “At least I have hard-copy backups,” Blackstrom said to himself, as he directed his depleted staff to pull them out. Reams of paper appeared efficiently from the files. But the fire alarm interrupted the task just before the sprinkler system went off. “So much for that,” he said ruefully to himself, as he, his employees and the papers got thoroughly soaked.
Then, just as the sprinklers stopped, the lights went out, the computers went down and so did the heat. Knowing he had little gas in his car and that getting home would be an impossible mess, Blackstrom began to wish he’d had the foresight to bring a sleeping bag and, more importantly, the Millennium Scotch.
Although the scenario is fiction, it’s not an unlikely set of worst-case Y2K events, according to what many experts say. On a more serious note was the case of David Sterling, owner of Sterling & Sterling Insurance, a Woodbury, N.Y., insurance brokerage. Last year, he believed he had inoculated his operation against the Y2K bug, but a premature case infected his brokerage. Now, Sterling speaks with back-from-the-future experience.
In mid-1998, he had installed a security system for his company featuring magnetic door locks opened by swipe cards. The system itself had a metal box containing a control panel with a date-recognition component that interfaced with a personal computer. The cards had expiration dates, and half had "00" for 2000.
On Jan. 4, 1999, the brokerage’s 86 employees arrived, but half of themthe half with the 00 expiration datescould not get in. What had happened? It turned out that the control panel for the security system contained embedded chips that could not read 00 as a date.
“We thought we had already done our Y2K preparedness,” a frustrated Sterling recalled. The brokerage had purchased 40 new PCs and had also done other work. And even though the PC attached to the control panel was compliant, the panel itself was not, so the employees were locked out. Sterling had to wait a week for new Y2K-compliant chips to be shipped, “and we had no security system for that week,” he said.
The overall Y2K problem also arises from the fact that millions of computers as well as software languages and microchips in many computers, not to mention many of those microchip devices, were originally designed to read only the last two digits of a year and to assume the first two digits would be 1 and 9. On Jan. 1, 2000, computers and electronic devices with unchecked and unrepaired hardware or software will read 00 not as 2000 but as 1900 and, potentially, will either shut down or quit working properly.
Embedded chips, or microprocessors, are tiny mini-brains hardwired or soldered into all kinds of electronic equipment. These microchips help run items as simple as a clock or as complex as a sophisticated financial system. Besides security systems like Sterling & Sterling’s, these mini-brainsif they cannot read 00can potentially wreak Y2K havoc with cameras, elevators, heating and air-conditioning systems, phone systems, satellites, fire-alarm and sprinkler systems, postal machines, copiers and fax machines, mainframes and servers, telephone switches, traffic lights, power grids, cars like some 1989 Cadillacs with a date function and even some auto-flush toilets.
Systems with embedded chips are tough to evaluate because those chips are typically integrated into the circuitry, making them hard to test and replace, according to a contingency-planning report commissioned by IBM and issued by the D.H. Andrews Group, a Cheshire, Conn.-based consultancy specializing in computer technology. The Institute of Electrical Engineers in London says the danger can emerge where a computer controls a system’s operation and interfaces with different devices used for a single function or multiple related functions. The failure rate of these embedded systems, according to IEE and American experts, will range between 3 and 5 percent.
Most Y2K authorities stress that evaluating embedded systems is crucial. Since finding and fixing the chips may be “impossible in a reasonable time frame,” the Andrews Group/IBM report says "it is all the more important to have contingency plans in place to deal with future failures." It could be a bit like playing Russian roulette or crossing an old minefield.
At this point, experts estimate that worldwide, about 50 million of the pesky little chips could potentially erupt into problems come the millennium. Most of the time nothing will happen, but every once in a while, a live problem may pop up, and no one may immediately know for sure exactly where it came from. And then there is the "ripple effect," where a problem in one system causes problems in any (or every) system with which it interfaces, even though the rest of the system is Y2K-compliant.
Come the brave new millennium, Sterling expects some "pain-in-the-neck glitches," but not any major disasters. Still, he worries about how major systems such as power companies will deal with embedded bugs. “You rack your brain, but you don’t know where those embedded chips are,” Sterling said. “It’s a scary thought. Even these big sophisticated companies, sure they can perform extensive compliance testing, but if a lowly control panel turns off a switch, they’re dead.”
What the Regulators Say
While no one really knows for sure what bugs will turn up under the Y2K rock, many experts are predicting only isolated problems. However, just as many experts can also be found forecasting an apocalyptic outcome.
Regulatory organizations such as the Securities and Exchange Commission, the National Association of Securities Dealers and the National Association of Insurance Commissioners are all taking the problem very seriously. All three have issued reams of guidance, compliance requirements, checklists and Y2K information through their web sites.
The NASD is less worried about rollover failures than about incidents that could be perceived as Y2K-related even if they are not, that could undermine investor confidence.
An NAIC document on internal contingency planning outlines potential problem scenarios that include failure in the infrastructuresuch as power, water, transportation, sewersand in communications systems ranging from the mail to the phone to the Internet. Also enumerated are possible failures of the federal government, social unrest, and political fallout.
Insurance-specific scenarios encompass incomplete or failed Y2K preparation, destruction of records, computer viruses, failure of insurance company financial systems so that assets cannot be used or accessed, increased fraud, inability to pay bills or make payroll, lack of available governmental resources to deal with increased complaints and with insurer instability, and systems failures. The NAIC also knows companies need to be sure their field forces can remit premiums and applications and that their systems are ready for any situations that might develop.
“Only one thing is certain about the impact of the Year 2000it is difficult to predict with certainty what truly will happen after December 31, 1999,” the SEC notes.
Is Everybody Ready?
Nationally, Y2K readiness costs could approach $200 billion. Among life insurance companies, the price tags are ranging from $2 million for small ones to “up to nine digits” for the largest ones, according to Thomas Upton, a senior life company analyst at Standard & Poor’s Ratings Group.
Although the insurance industry is cited by several technology consultants and others as one of the best-prepared industries in the country and many captive agents also seem well prepared, the level of preparedness appears to be lower among a few brokers, according to a minority of brokers who seemed relatively unconcerned.
Nonetheless, assuming that everyone has at least checked out internal hardware and programs, Y2K issues for producers can still range from macro-level issues such as the impact on the securities markets to making contingency plans covering what might go wrong, to such micro-level issues as ferreting out embedded bugs and agency-specific software that’s not connected to the home office.
For instance, a consultant was checking a large northeastern insurance brokerage when he discovered about 600 spreadsheets that no one knew about, compiled in an older software program no one had thought to look at. The spreadsheets were used to forecast cash disclosures and projections on annuity products and financial forecasts. If they had not been brought into Y2K-compliant software programs and saved, they could have incurred legal liability come the year 2000, says Y2K consultant Eli Dabich, CEO of Synergy 2000, Pasadena, Calif. Large life companies the agents worked with would not have thought to check out such spreadsheets, he added.
Dabich, who has worked with a number of large insurance companies and agencies, said even large brokerages with 200 to 300 PCs may not have cohesive written plans for Y2K readiness. If a suit arises, he says, “without a cohesive written plan, you’re dead meat.”
Many life companies are providing help to agents and representatives on company web sites, and some even plan to have special assistance available in the waning months of the old millennium and the beginning of the new. MetLife, State Farm Insurance, Principal Financial Group and others are posting Y2K FAQs (frequently asked questions) on their web sites. Many life insurers have also set up call centers to help their agents, reps, customers and clients get through the transition. At this point, MetLife’s call center has not gotten many calls, according to a spokeswoman, but the volume may pick up as the year winds down.
Insurers have also sent out checklists, kits and other materials to help agents get Y2K-ready. Phoenix Home Life Mutual plans additional communications near the end of the year on what situations to look out for and what to do about them. For example, if you cannot reach someone via the phone, try e-mail.
Phoenix and Prudential Insurance recently outfitted their career agents with new software and hardware vaccinated against millennium bugs. Early this year, Pru rolled out its Y2K-compliant equipment in a program called LaunchPad. The system checked out in data-quality tests in a simulated year-2000 environment. Without LaunchPad’s uniformity, "testing would have been much more difficult if each agent used a variety of laptops and software programs," says Irene Dec, Pru’s year-2000 program manager.
And State Farm says that if a preauthorized payment is missed because of millennium-related disruptions, a notice will be sent to the policyholder describing the steps needed to avoid interruptions in coverage or lapses. Agents, too, will be notified.
Papering Over the Problem?
At all levels, from the small one-person shop to mammoth insurance conglomerates, one constant is seeking written assurance that business partners, from software companies to vendors and utilities, are Y2K-compliant.
Most large life companies have posted a “Year 2000 Readiness Disclosure” statement on their web sites, in accordance with the Year 2000 Information and Readiness Disclosure Act of October 1998, which applies to all companies, not just insurers. This act provides considerable wiggle room to insulate companies from legal liability. The letters and statementsby legal necessityinvariably have weasel phrases like “Y2K-compliant to the limit that can be determined." Why? "No one can really guarantee absolute compliance since no one really knows for sure what Y2K will bring and everyone depends to some degree on other parties,” notes one senior executive charged with Y2K responsibility for a large life company. Accumulating and filing these readiness statements is recommended by many Y2K experts.
Producers likewise should not make absolute promises or statements to their clients that no Y2K problems or interruptions will occur. Such an unconditional statement could constitute a written invitation for a liability suit, according to legal experts. In fact, some larger insurers, fearing lawsuits, have refused to comment on their Y2K preparation beyond the readiness statement on their web sites.
Then there is yet another catch: What does “compliant” mean anyway? “There is no objective standard for what ’compliance’ means,” says disaster expert Lee Clarke, a Rutgers University professor and author of Mission Improbable: Using Fantasy Documents to Tame Disaster.
Clarke notes that small agents or advisors are themselves embedded in networks and depend enormously on streams of information coming into the office. “The little guy really has no way to check up on those streams other than getting a letter,” he says. Clarke adds that the dawning of the next millennium could reveal a lot of technological interdependencies that could cause surprising glitches from unexpected sources.
Adding a variation to Clarke’s theme, consultant Trudy L. Schwartz, president of Digital Works Inc., Wilmette, Ill., says that just because a system does not crash immediately doesn’t mean problems won’t pop up later. Schwartz, an insurance-industry veteran who helped CNA Insurance Companies develop its Y2K preparedness, says sometimes a business party might provide a statement that actually limits its liability. Further, several sources said insurance professionals should check their errors and omissions coverage to see if it encompasses Y2K liabilities.
Giving a bit of relief on legal liability, a recently enacted federal law, designed to ward off frivolous suits, provides a 90-day grace period to fix computers that breakdown due to the Y2K bug and limits punitive damages against small businesses. Securities, however, are excluded from the relief.
What If “X” Fails?
As year-end nears, the most immediate concern for many insurance professionals may boil down to how important their clients think the millennium rollover will be and what they are doing about it.
According to separate surveys by two securities brokeragesU.S. Bancorp Piper Jaffray and Merrill Lynchinvestor concerns are now company-specific. "Evidence of company-specific problems is already becoming commonplace," says Terry Sandven, director of portfolio strategy at Minneapolis-based Piper Jaffray. The Merrill Lynch survey found that concern shifted from millennium compliance costs early in the year to company-specific compliance problems and the likely liability a company might incur.
Financial advisors and agents have heard some Y2K-related liquidity concerns from their clients. “It might be reasonable to take out a few hundred dollars, but not to liquidate any long-term investments,” advises Randy L. Scritchfield, CFP, a financial planner at the Montgomery Group, Damascus, Md., echoing the consensus on this issue. He adds that while so far inquiries have been occasional, concerns could rise toward year-end.
Contingency planning is stressed because of the shadow that might fall between Y2K compliance statements and actual performance and because of the many other Y2K ambiguities. The NAIC wants all insurance companies to make contingency plans. Even if internal systems check out, “you can’t know if your systems will be unaffected by outside parties,” an NAIC official cautions. “Analyze the chances of this failing because ’X’ is happening with one of your partners,” the official admonishes.
The SEC requires life companies to have contingency plans in the event one of the underlying funds in a variable product is unable to accept or invest incoming funds or a fund cannot price its securities or redeem them.
While most regulators are scrutinizing life companies, the Arkansas Insurance Department (as well as Wisconsin’s) seems to be the main insurance regulator so far to address agents’ Y2K issues officially. It is recommending keeping one current paper copy and an extra electronic copy of whatever paperwork is needed to conduct business.
Dabich at Synergy 2000 says most of the insurance agencies and brokers he has seen “do not understand they need a written contingency plan where people can see what they have to do and run with it.”
Still, many industry professionals plan to back up or print out whatever is mission-critical. Donald Morris, CLU, vice president and co-owner of Sitzmann, Morris & Lavis, an insurance broker in Oakland, Calif., plans to make hard copies of the holdings and the values of all the variable products held by his clients as of the final business day of the year. He can then check the stated values from various companies against published stock-market quotes.
Donald H. Mehlig, CLU, ChFC, of Cal-surance Benefit Plans, an insurance broker in Torrance, Calif., is keeping hard copies of all his universal and variable balances “so they can be reconstructed,” as well as many other records. And although Michelle (Micki) Hoesly, CLU, ChFC, a principal at the brokerage Capital Resources in Virginia Beach, Va., has only two PCs, she intends to back up her records on a zip drive the day before the new year as well as print out year-end statements and policy values.
Joseph Keller, a senior vice president of career distribution and individual life-line operations at Phoenix Home Life, offers salient advice: “I think it would be prudent to maintain the statements received at the end of the third quarter, or at the month’s end [in November and December] from anybodya bank or mutual fund or whateverjust so you can go back and compare after the century changes, go back and make sure everything is okay.” And Guardian Life’s Armand DePalo, director of its Y2K program, advises: “If you have some business that needs to be done on January 3, go out of your way to get it done in December.”
When checking systems for embedded chip problems, experts recommend that professionals keep detailed records of the process in case they are needed later to deal with lawyers, regulators or others.
The General Accounting Office, Congress’ research and investigative arm, has issued the following instructions in its report on contingency planning and disaster recovery: “Define and document triggers for activating a contingency plan. Assign implementation dates for the plan. Assign tasks to individuals, perhaps establish teams for business resumption. Rehearse and test by Dec. 31st. Establish a ’zero day.’ Business operations might shut from Thursday, Dec. 30, to Monday Jan. 3. The business would shut off all its systems by Dec. 31, then begin a phased power-up on Saturday, Jan. 1, 2000.”
Trudy Schwartz recommends having critical staff come in on New Year’s Day to begin running spot checks. Feeds between internal systems and feeds between systems that have an outside electronic interface are likely candidates for trouble, she says. Even though a system may not have crashed, Schwartz says it “could still have data corruption, and be awarding people paid-up life insurance policies because the date logic is corrupted.” After first checking out all systems, she recommends a secondary auditing of data for two weeks to a month.
Most large life companies are planning “lock-downs.&rdquot; Prudential plans a “frozen zone” from the beginning of December through January 15. During this time, the company plans no new products or new versions of products, no new software or new enhancements. Lock-downs at some large companies cover much longer periods. Many life companies also have back-up sites with generators and extra fuel on hand.
Brave New Manual Millennium
If computers do indeed go down, could agents just return to manual procedures? Betsy Cash Woolfolk, CLU, a senior vice president and co-founder of the Minnesota Life agency, Virginia Asset Management, Richmond, Va., says that if hers do, “I’d work with the rate book again,” as she did when she entered the business.
But the Arkansas Insurance Department cautions that information for manual processes now in a computer must be backed up in hard copy first. A NAIC official too says some processes could be converted to manual or to less sophisticated equipment, although to what extent must still be determined.
Steven Aufdeheide, the D. H. Andrews Group partner who is the principal author of its contingency planning report, says returning to manual processes could be a good fallback position for life agents and financial advisors. To facilitate manual processes, he recommends using a standalone PC, isolated from Y2K infection. He also recommends finding potential “workarounds”non-computer-dependent ways to perform tasks. And he stresses making two hard copies of all materials when backing up files. Also, he says, print out and stockpile any computer-generated forms or computer-stored standardized documents that might be needed.
No Relief After New Year’s
So, after all that expenditure of money and effort, can everyone heave a huge sigh of relief around the middle of January? No one knows yet. Inaccurate data could crop up even in the fourth quarter of 2000, and double-checking data will take its toll on productivity, say several experts.
One Wall Street economist who is predicting a Y2K-triggered recession, worries that many U.S. oil suppliers in emerging nations will incur problems, creating a fuel shortage down the road in 2000. Several sources also worry about the Asian markets outside of Japan.
But whatever happens, Professor Clarke at Rutgers remains optimistic. He says Americans always respond well, whether it be earthquakes in California or hurricanes in Florida. Happy New Year!
Side Bar:Continuity and Contingency Planning
- Keep good records.
- Keep hard copies and/or electronic backups of all financial statements for at least November and December.
- Keep, as of the last business day of November and December, all current asset values for insurance and annuities for all clients. Keep any values or statements reported quarterly as of the end of the third quarter and as of the end of the fourth quarter.
- Keep copies of all December investment and transaction confirmations.
- In the first weeks and months of 2000, compare 1999 records against statements and reports received in 2000 and check for discrepancies or unusual changes.
- Identify mission-critical office functions
- Identify every process that supports mission-critical functions.
(i.e., the ones that, if disrupted, could lead to shutdown, revenue loss, hazards, etc.).
- Identify every task in each process.
- Identify any dependency associated with each task (e.g. outside input, special computer software or hardware).
- Ascertain which tasks are the least critical and prioritize.
- Define what is controllable and what is not.
- Focus on likely failure scenarios.
- Identify alternatives to tasks subject to dependencies.
- Identify what measures can be taken in advance to lessen the impact of potential glitches.
- Identify what needs to be done if failure or glitch cannot be fixed.
- Identify what circumstances would trigger implementing alternative processes. A quick fix or a partial or full replacement?
- Identify how normal processes would resume.
- Commit plans to writing.
- Rehearse (a bit like a fire drill).
- Beware of fraud.
Sidebar: Sites of Interest
- www.naic.com. Has links to 50 states.
Click “millennium book.”
- ftp.fedworld.gov/pub/irs-irbs/irb97-45.pdf . Expensing Y2K costs.
Click “Small Businesses and the Year 2000.”
Electrical engineers in the United Kingdom.
American electrical engineers.
Click “Year2000 bookmarks.”