The Untold Story of Risk and Insurance at the Dawn of the Millenium: “Year 2000 Is Not Covered”
By Nancy P. James
Innovators & Entrepreneurs, February 2025
At the dawn of the millennium, insurers disputed over who would bear the costs for Year 2000 software remediation. This question was central to the survival of our industry as Jan. 1, 2000 approached.
Every working economy needs a stable monetary system, a working infrastructure for heat, light, communications, transportation, and civil order. My just-published book, Year 2000: The Inside Story of Y2K Panic and the Greatest Cooperative Effort Ever (Prometheus Books) describes how the very real Y2K threat was averted, describing how Y2K unfolded; how it was discovered, analyzed and corrected; how cooperation on every level succeeded. The magnitude of an anticipated $600 billion national Y2K compliance cost and a one-trillion-dollar total claims, litigation and expenses estimate, both to be borne by a U.S. casualty-property industry of under $400 billion created an existential crisis for insurers. Imagine the complete collapse of the global insurance market; no home, auto, hospital, manufacturing, workers compensation, marine, aviation, medical or professional malpractice insurance. Global economies would come to a standstill. Chaos and anarchy would surely reign. However, no media attention was given to the possible collapse of the insurance sector and its consequences to the global economy. Pausing to note such an oversight is one reason that makes Y2K an interesting story to revisit.
What would happen when the use of computerized two-digit date fields used through all of the latter half of the 1900s encountered the date 01/01/2000? No one knew. As Jan. 1, 2000, drew closer, self-preservation forces, competition, liability shifts, and disclaimers heated up essentially across all commercial sectors. The contemporaneous documents of those pressures tell a story about those who did not know the outcome of the Y2K issue, primarily as related to liability, risk and insurance.
Risk selection is a luxury of underwriting. It is also a luxury for agency and sales forces if production pressures and demands don’t force bad risk selection decisions. I spent over 35 years owning an insurance agency, being pressured by my companies for new business, while knowing I had to refuse what I knew intuitively to be questionable risks. I quickly learned a fair market rate for the technology clients of my agency’s focus, and needed to be competitive while also understanding that an underpriced market segment will inevitably collapse sooner rather than later. I analyzed and examined the exposures my clients and I together identified, providing not only where the risks of loss were, but a measure of those risks, (high, medium, low) along with the procedures my prospective clients were taking to lessen those risks.
Even the most cutting-edge new technologies had some basis for underwriting based on actuarial data.
And then loomed the millennium! A single point in time, no recalculating, no do-over! The specific millennium risk of two-digit year date fields causing confusion grew to enormous proportion when “00” for 01/01/2000 was interpreted as 1900, although the Jan. 1, 2000 remained a single immovable fact. (Yes, we knew the actual 21st century millennium did not begin until 2001, but “2000” on cocktail napkins was so much prettier.) However, I digress. The total national cost for software review, analysis, and re-coding was estimated and widely quoted by the Gartner Group at $600 billion.
There was absolutely no past data for comparison of what the exposures to loss might be. Re-coding legacy software to make two-digit year dates four-digits was inevitably primarily a back-office endeavor. Only the front office corporate officers and directors were seen pacing and wringing their hands, entirely ill-equipped to offer independent judgment on the depth of either their crisis or the status of solutions. So, pricing the very few insurance products offered had to be nearly impossible. Audits and retro programs were the obvious solution. Nevertheless, insurance products were designed primarily for Fortune 100 size clients of long legacy existence. Those were chiefly financial institutions and mega U.S. businesses. My own client base consisted of newer technologies, most less than 10 years old. Four-digit year date fields were already in place. So, we knew that this was primarily a big-business problem for our nation’s competitive and merger survivors. And of course, those institutions’ long-term health and survival were imperative for our country’s economy.
I might pause here to note federal, state and local governments’ issues with Y2K remediation. Since those entities held different criteria for loss, like municipal immunity, I will address them only by saying that all branches of our government hastily passed statutes proclaiming themselves harmless should our national infrastructure collapse. So there.
In March of 1998 the Insurance Times interviewed me for their article titled “Millennium liability slated to hit insurers, agents, lawyers and more.” I was quoted as saying, “The [Y2K] liability is only limited by the limits of one’s imagination,” following my address to the American Bar Association. I predicted that the federal government may step in to help the industry by possibly declaring Year 2000 a “virus” or a “natural disaster,” either of which could affect the issue of fortuity, and invoke coverage not anticipated at that time. Invoking coverage by fiat was not entirely improbable; it was clear I was becoming uneasy.
Insurance issues were crucial from the very beginning, since insurance proceeds arguably might finance the costs of defense and litigation where coverage applies. In addition to investing millions of dollars to update its own in-house technology, the insurance industry had to brace for an explosion of lawsuits surrounding the failure of computer systems to be Year 2000 compatible. Of course, the applicability of coverage for Year 2000 remediation costs was the issue. Litigation attorneys hoped a trillion-dollar issue!
I repeat—a trillion-dollar issue! Thus, worthy of debate. By mid-1999 insurance professionals were getting cranky with the cost projections from “experts,” arguing that most estimates were pure speculation.
Many coverage disputes were being anticipated on both the insurance and legal sides. One interesting one: “All risk” coverage implies coverage unless excluded; Y2K, if defined as a “peril” would then argue for coverage to apply. In a “named peril” policy, again, if Y2K is a “peril” and not listed as a “covered peril,” then coverage would not apply. This position, however, had considerable weakness, since arguably, any new threat might be given a brand-new designation, or name, to invoke coverage. Nevertheless, it was long established that general liability insurers, accepting the primary risks of bodily injury and property damage, were not intended to be the guarantors or warrantors of their insured’s workmanship or product, nor for the withdrawal of any third-party’s defective non-Y2K compliant parts.
American International Group (AIG) was the first company to offer Y2K coverage in early 1997, according to the May, 1997 Best’s Review. Called Millennium Insurance, offerings of both finite and blended programs were offered. Finite programs included premiums as high as 80%, with premium rebates depending on losses. Blended programs also had high premiums, 60% being the lowest over the term of the policy. I am personally aware that Fidelity purchased a $100 million Y2K insurance policy for a premium of $75 million. However, in August of 1998, the AIG form had been withdrawn due to adverse selection per an announcement in June that AIG Executive Vice President Robert Omahne, stated by mid-1998 “[Y]ou are not getting people who are planning for the future. You’re getting desperate people.”
Year 2000 coverage programs were also announced by Aon Risk Services of the Americas, J&H Marsh & McLennan, Minet & AIG, and Travelers Property Casualty Corp. As stated earlier, each of these programs required Y2K audits and commanded premiums in the six figures. Not designed for any but the largest enterprises.
The fact that this software date issue became universally known as the “Y2K Bug” acknowledged a built-in assumption that it was a flaw, a failure, most likely a failure of foresight. But it is important to pause and be reminded that reports of cost for one megabyte of data in 1970 was $3 million; in 1980 $64,000; in 1998 the cost was $5 (CGL Reporter, Fall 1998). That fact alone became a compelling defense against the dollar loss value for Y2K compliance costs, litigation and judgment costs. Let’s not forget that.
Along with our far-reaching insurance sector, there are many more influences in this saga. Influences motivated by self-interest, greed to some extent, and an ultimate motivation to be successful. That required foresight beyond corporate boundaries, beyond self-interest. Y2K became a subtle and unadvertised model of national cooperation. Can we use this now?
Nancy P. James, a Licensed Insurance Adviser, has over 40 years of technology and risk analysis experience. She designed and created the first Internet Liability insurance policy in the country, and is a pioneering expert in exposure threats to data security and privacy. Nancy James can be contacted at jamesnancy@comcast.net and www.nancypjames.com.