Reinsurance Tutorials #6 - Season 3
Hi everybody 👋
Today, and for the sixth Reinsurance Tutorials video of the season, we will talk about "When a tense geopolitical context increases the fears of insurers and reinsurers"
This subject will be addressed by CCR Re experts Emmanuelle Huguet and Madeline Jauvat.
Let’s start! ⏬
[Emmanuelle Huguet] : Hello, I am Emmanuelle, Advisory Actuary at CCR Re.
[Madeline Jauvat] : Hello, I am Madeline, Reinsurance Legal Advisor at CCR Re.
[Emmanuelle] : Today, we are faced with a very selective insurance market, for obvious reasons related to the specific nature of the risk.
[Madeline] : And worsened by a very tense geopolitical context.
How is the Cyber risk apprehended by companies today?
[Emmanuelle] : Cyber Risks are thus at the top of the 2022 global risk barometer.
- More than one in two companies would have suffered between one and three successful cyber-attacks during 2021 with heavy financial consequences, and sometimes an estimated drop in valuation of 8 to 10% after the announcement.
- Attackers are increasingly structured and specialized, attracted by high returns on investment.
- Market concern is growing as we now face increasingly sophisticated attacks.
- Companies view more and more every link in the supply chain as a potential vulnerability, which is becoming a key factor in partnership decisions.
What is the insurers and reinsurers’ position today in relation to Cyber risk?
[Emmanuelle] : We have seen since 2021 a significant drop in appetite from a good number of leaders in this market.
Over the past two years, the cyber insurance market has reacted to more frequent and severe claims related particularly to ransomware. Capacity has been reduced, prices have risen sharply and franchises have been increased. Insurers have introduced new underwriting criteria, requiring a minimum standard of cybersecurity controls in an effort to improve risk management and reduce losses. They also reviewed contracts to reduce the risk of “silent” cyber coverage.
The reinsurers also remain very cautious, particularly because of the potentially systemic nature of the risk and the possibility of cumulative claims that can reach astronomical amounts with difficulties in assessing the potential impact. The introduction of annual coverage limits in reinsurance treaties is common now, including in quota-share structures.
[Madeline]: Russia and Ukraine’s conflict highlighted the use of cyber-attacks as military weapon by states and terrorist groups. This also changed the traditional view of cyber risk and our need to integrate new exclusions within contracts, more restrictive than the traditional cyber exclusion clauses. This need was fulfilled at the end of 2021 with the publication of 4 new cyberwar exclusion clauses by the Lloyds Syndicate:
The ‘CyberWar’ exclusion clauses aim to exclude from the scope of cover any loss caused by a war or a cyber operation, which raises many concerns:
- How do we define war when there’s no clear consensual definition in international law? The definition may raise interpretation issues in practice.
- Moreover, it is up to the insurer to carry the burden of proving that the exclusion applies, which is difficult: though the attacked state shall in principle attribute the cyber operation to another state, these exclusion clauses also specify the possibility where the attacked state cannot or does not want to attribute the cyber operation, meaning the burden of proof in this situation is carried by the insurer.
Some states, the US or the UK among others, communicate a lot through official statements to attribute cyber operations to other states. Others, such as France, never attribute cyber operations according to their diplomatic strategy. This shows that the insurer’s burden of proof will be very different depending on which state is attacked. Still, if there’s no official attribution, is it really up to the insurer to carry this diplomatic and political role of attribution?
What alternatives currently exist for companies?
[Emmanuelle] : In response to the difficult conditions in this insurance market as their coverage needs are increasing, large companies are more and more mobilizing their captives to provide additional capacity, particularly on the front lines where capacity is more limited, and where prices are the highest.
The creation of a new mutual, MIRIS specialized in cyber insurance, by a group of European industrial companies is the perfect example.
In addition, the involvement of a captive gives insurers additional confidence allowing companies to obtain greater support from them.
[Madeline] : Bercy clearly encourages the mutualisation of the different parties, and the reinsurance captive is experiencing a new boom, because since 2023 the law allows the constitution tax-free of an equalization reserve concerning the risks listed in the insurance code.
[Emmanuelle] : Thanks a lot for your attention.
[Emmanuelle + Madeline] : Good Bye.
Bye for now 👋
📺 More episodes are coming... Subscribe now to receive them by email! 📥
