Cyber market 'a long way off from pricing adequacy'

By Michael Loney

Feb 19 - (The Insurer) – Cyber pricing is not adequate as a result of new entrants and issues around how the market reserves, according to one speaker at the NetDiligence Cyber Risk Summit in Miami Beach.

During a state of the markets panel called ‘Addressing Variation Across Regions’, moderator Erin Burns of CRC/INSUREtrust asked for views on whether cyber pricing is currently adequate.

Donavan Burgess, head of underwriting at Relm Insurance, suggested that rates are both adequate and sustainable.

“Yes, because the underwriting culture is really fixated and driven by sustainability and profitability at its core, and it just allows for Bermuda insurance to navigate the cycles in a very stable manner that doesn't really teeter into the means of inadequacy as other regions may do,” he said.

“We really do kind of hold the line when we see portfolios entering below thresholds and below benchmarks,” he added, noting that during the “ransomware shock” a few years ago there was not a pullback in capacity from Bermuda.

Miller's head of cyber, technology and media Hobbs said she has “a different opinion”.

“I don’t think it is adequate, I don't think it is sustainable,” she said. “I think we are a long way off from pricing adequacy, I really do, and I think we need to get back to it,” she said.

“It scares the bejesus out of me that we are not pricing things correctly, and I'm saying that from a broking perspective. We're also a yo-yo market. As a broker, when I'm sitting in front of boards and talking to them about their risk exposure and their renewal, and they say to me, six months out, ‘What's your pricing going to be?’ I have to turn around and say, ‘I don’t know.’”

Hobbs said that the big swings in pricing are not good for the cyber market.

“I think part of the issue is the way that we reserve in this market – I think we're not adjusting things correctly. And the other issue is we've got too much capacity coming in,” she said.

Hobbs continued that there is a lot of money coming into the market from private equity and other sources.

“Everyone wants to go into cyber, and that is creating a problem for us, because the money's coming from elsewhere so no one’s got the tail,” she said. “They're coming in and running it cheaply, and I can't see how that stops.”

Michael Colford, cyber and tech product leader for Westfield Specialty, said he thinks “the market has stabilised a bit”, but added that “adequacy is a different question”.

Colford noted that the rates today versus the rates five years ago are up by more than 300%.

“So you can look at this and say, ‘What's a 5%, 10% reduction at renewal, when we're already up 300% from five years ago?' But with the new markets who don't have to worry about the prior-year losses coming in, and this new capital trying to gain some traction in this market, let's all admit it's a great time to be writing cyber business. The additional capital players are now starting to again drive pricing down a little bit beyond where it was,” he said.

Colford added: “So, despite the recent reductions in rate, I think it's still significantly improved, but we have to continue that stabilisation if we are going to be more long-term players in the space.”

LONDON MARKET HAD TO PIVOT

Miller’s Hobbs said that the London market has been affected by the stance taken by Lloyd’s around war exclusions.

“It was really tough for London last year. Not only were we coming into a really soft market, but then we were losing all the business because everyone just went, ‘Well, we're not going to sell war exclusion.’ So we had to pivot,” she said.

Discussing the Bermuda market, Relm’s Burgess said there has been “a massive transition” in the past four years around the risks taken on by the carriers on the island.

Bermuda players initially focused on high-excess capacity for larger enterprises.

“What we've seen over the last three to four years is a greater awareness, interest and strategic shift to really embrace new forms of opportunity, as well as to start to address complex risk and innovative elements along the risk spectrum that has been largely dislocated from traditional carriers,” he said.

“So not only did we see more Bermuda carriers begin to act as offering primary solutions as well as excess solutions for large enterprises, but we saw the emergence of innovative insurance companies such as Relm Insurance.”

Relm is a specialty carrier focused on emerging industries including Web3, AI, alternative medicine, biotech and the space economy.

Keith Savino, national cyber and technology practice leader at Trucordia, suggested that clients in the US very large-account segment are sophisticated: “The media is helping you sell this product every day of the week by reporting on what the bad guys are doing.

“On the large side, it's actually that $100 million in revenue place right now that is very challenging for folks but has the greatest opportunity for growth,” he said. “I actually think everyone's doing a pretty good job of attacking that marketplace. You're doing the difference in conditions. That's an add-in. We own a few captives.

“Those folks who need to buy that are finding now they can build towers more readily, with more carriers in the excess space now. So it's the five over five over five. So you're solving folks’ problems when a year and a half or two years ago I had companies saying, ‘I used to offer five, now I’m lowering to three.’”

Savino suggested the market does a good job of creating the products, terms and conditions, and the rate.

But he added: “We need to do a much better job on the distribution channel side, so that we're not looking at 90 percent of SMB being uninsured, which can't make you guys happy when you walk down Main Street. I'm an optimist, but a sarcastic optimist.”

BI CLAIMS REMAIN A 'PAIN POINT'

During a state of the market session at the summit, panellists agreed that the cyber insurance market has generally done a good job of managing the evolving risk landscape in the past few years.

“I think as a collective, the markets have done a good job of navigating through the ever-changing landscape, especially as there's new regulation measures and technologies that are evolving on a regular basis, and putting out new endorsements or addressing specific concerns, such as matters related to SEC,” Navarone Dozier, assistant vice president of cyber solutions at Aon.

However, the handling of business interruption remains a frustration.

“The claims for BI specifically, and the lag that's typically associated with it, that is a concern in finding ways to ensure that we are not making these claims last a lot longer than needed,” said Dozier. He also suggested that the market needs to find ways to work more collaboratively, and noted that claims become more costly the longer they are open.

Moderating the panel, Juliet White, head of cyber and E&O at Vantage Risk, commented: “I think business interruption has become sort of the pain point and also what's driving a lot of the purchasing.”

White said that there has been a shift in the marketplace around how BI claims are navigated and in managing expectations of insureds and explaining to brokers how carriers are going to substantiate a loss and how losses move up the tower on the larger programs.

She added: “I think the cyber market has done a lot of really great things to advance coverage. But I sometimes think we maybe missed the boat on including some of the details around methodology, and then also how do we streamline some of the claims matters that come in. Because that's when it gets messy, when you have a wild divergence of expectation versus reality, unfortunately, for what was your true income loss and what are we really intending to cover.”

Tresa Stephens, regional head of cyber, tech and media for North America at Allianz Commercial, noted feedback from brokers and claims colleagues on how this gets managed, and said “it is around expectations”.

“It depends on the program, but maybe you've got 20 or 30 carriers on a program, and then all of a sudden it's like everybody has to align on how they're going to navigate this process. I think it can be really challenging,” Stephens said.

Ashley Sales, southeast regional underwriting manager for cyber and tech at Axis Capital, said that “we lean heavily on our broker partners to be able to distinguish between policy language”.

“A lot of carriers have slightly different definitions for stuff, so we definitely lean on our broker partners to be able to explain that to their clients so that they have a good experience overall,” she said.

Aon’s Dozier said that business interruption is an area “where standardisation would be helpful, having a through-line of how things will be done from the start, so that there's no ambiguity in these things".

“How we get there is to be seen,” he said.

One big issue is carriers using a multitude of forensic accountants who all have a different perspective, he said, which slows down the process as a whole.

“So it is about making sure that we're having these conversations well in advance, and ensuring that our clients understand these aspects too,” Dozier said.

COMMUNICATION SILOS ARE A MAJOR PITFALL

A lack of clear communication between each layer of a tower as well as other stakeholders is often the most common pitfall when managing a BI incident, panellists said during a session specifically on BI.

Deborah Hirschorn, managing director and US cyber and technology claims leader at Lockton, said that all parties, including forensic accountants, brokers, underwriters and clients, should be discussing how to mitigate the loss in the event of BI claim.

“It’s something to (talk) about … especially during peacetime,” Hirschorn said.

“It’s harder to do stuff in the middle of the crisis (when) clients are saying, ‘We thought this was covered. Don’t you understand my business?’ Those are not fun conversations.”

These conversations may look different depending on the vertical because BI claims are so industry-specific, but some commonalities include setting timeline expectations with clients, reporting a loss to all layers regardless of whether it will reach them, and looping in the various forensic accountants that different layers might appoint.

The burden of communicating across lines often falls on the broker, which causes its own set of issues, said Danielle Roth, practice leader and head of cyber claims North America at Axa XL.

“This to me is the most important – everyone [should] have the same information at the same time,” she said. “And the broker does sit in the perfect place.”

In the absence of early conversations about the nature of the incident and the responsibility each layer is able to take on, things can go sideways quickly, Roth warned.

WHEN IN DOUBT, REPORT, REPORT, REPORT

The importance of communication doesn’t stop at the primary layer, said Pat Groshong, cyber claims director at Berkley Cyber Risk Solutions.

For the excess layer, which often has to make decisions on a more case-by-case basis, an important choice to make is whether they need to bring in their own forensic accountant.

“Timing of the retention of the forensic accountant by the primary layer would be important,” Groshong said. “If early on we were advised (of) that, we might join in, depending on the [forensic] accountant and the situation and the absence of factors.”

Groshong is aware that in a BI situation for the primary and first excess layers the instructions are often “just get us out of it”, but that strategy makes it harder for the higher layers.

“It’s understandable from a financial standpoint that you don’t want to spend a lot of money drilling down if you’re going to be paying your limits anyway, whereas, in a higher layer, you really need a little bit more detailed analysis from the forensic accountant.”

Unlike in other lines like auto, where one might worry about reporting in advance for fear of a premium spike, for BI it is mostly harmless to report early, said Meredith Ponce, senior vice president and insurance and claims counsel at Lockton.

“You never know where it is going to end up in the tower. When in doubt, report, report, report,” she said.