UK active assailant market continues to scale as lone wolf attacks rise

By Rebecca Delaney

June 16 - (The Insurer) - UK insurers are adapting to the increasing threat of "lone wolf" terrorist attacks by ramping up their active assailant insurance offerings, market participants have told The Insurer.

But concerns remain over the lowering of barriers to entry for cyber terrorists, helped in part by AI and quantum computing.

The threat landscape in the UK has shifted from traditional large-scale attacks towards lone wolf terrorism over the past five years, Rose MacLachlan, underwriter in Markel International’s war, terrorism and political violence team, told The Insurer during last week's Airmic annual conference.

This has been driven in part by social media, with increased targeting of radical propaganda towards young people in particular.

“We’re seeing a shift away from these large-scale attacks to these smaller-scale attacks, which are less sophisticated and the intent isn't so clear. That makes it much harder to detect if it's one person doing it on their own and not linked to any big organisation,” MacLachlan said.

A traditional terrorism insurance policy requires the UK government to certify an event as a terrorist attack based on political or ideological motivation.

In response to the difficulty in identifying and quantifying the triggers of lone wolf attacks, the insurance market has developed active assailant policies (also referred to as active shooter or malicious attack policies), which originated in the U.S. following an uptick in gun violence.

“The threat landscape is constantly changing and taking on a new form, and I think that's what the insurance market has been quite good at adapting to and responding to,” said MacLachlan.

Under an active assailant policy, there are no specifications around motivations or weapons used in an attack. MacLachlan said there has been notable take-up of this cover among venues and entertainment centres, such as concert halls, sporting venues and retail centres.

Increasingly competitive pricing has led to broadened coverage across property damage, financial loss and liability, as well as non-damage business interruption. Some markets such as the U.S. also offer some cover for medical costs.

Active assailant cover is typically purchased as a standalone policy since it contains different wordings and coverage to a traditional terrorism insurance product. In addition, active assailant limits are lower than traditional terrorism policies, generally around 10 million pounds ($13.6 million).

“It's still a relatively new market. The limits are still pretty small, so in terms of the capacity in the market we're not having to fill up huge towers of capacity, but it does seem that it's something that is continuing to grow,” MacLachlan said.

She added that one of the main differences compared to a traditional terrorism policy is the time it takes for a claim to pay out. In an active assailant situation, insureds require rapid response from third-party security firms involved in their insurance policy.

“The difference is that where a traditional property damage policy might require indemnifying the insured back to their original position, this is more about helping the insured during the pre- and post-crisis (period). It goes beyond just indemnifying them to what they had before they experienced a loss,” said MacLachlan.

This trend was affirmed by Jonathan Rae, director of crisis management at Gallagher.

“The most transformational development in the crisis management space at the moment has been the move from a traditional insurance arrangement of indemnification to the prevention, preparation, response and recovery of security-related risks,” he told The Insurer.

“We want to put a policy together that actually provides added value, particularly around giving preventative guidance around securing venues and business activity from a wide range of security-related issues like extortion, workplace violence, stalking and threats.”

Rae added that insureds are carrying out self-assessments of their current security arrangements to benchmark against peers and improve measures where necessary.

“That feeds back into the insurance market where we see that the client is not just sitting on their insurance and not doing any risk management, but looking really closely at their current risk management practices and improving them,” he said.

“It’s about bringing that feedback to the insurers and building that relationship so that there is mutual value, and ultimately reducing the risk by improving the resilience and ultimately being able to negotiate pricing decreases because of the improvement in loss ratio across the book.”

Rae added that these measures are not a condition of coverage, but rather a voluntary enhancement to clients' resilience.

MARTYN’S LAW

UK businesses and venues are now required to introduce certain security measures following the introduction of Martyn’s Law in April this year.

The Terrorism (Protection of Premises) Act 2025 requires public premises in the UK where 200-plus individuals may be present to be better prepared and have plans in place to keep people safe in the event of an attack.

Larger premises and events where 800-plus people will be present are required to take further steps, such as CCTV, bag search policies and vehicle checks.

“Off the back of Martyn's Law, a lot of businesses in the UK will now be looking at their security arrangements. They'll be looking at not only their property damage and financial loss exposures, but (also) their terrorism liability exposure,” said Rae.

While the UK has a mandatory requirement for employees’ terrorism liability, this does not exist for public liability. Rae outlined that coverage can vary, with some general liability policies providing terrorism liability up to the full policy limit, while others may sub-limit this to a certain level, or exclude it altogether outside the mandatory requirements.

“We are recommending that the retail brokers start to have those conversations with clients so that they understand that they potentially could be exposed to liability claims in the event that a terrorist attack occurs at one of their locations and they are non-compliant with Martyn's Law,” he said.

‘THE ART OF THE POSSIBLE’

As the threat landscape becomes increasingly complex, understanding wordings and coverage scope will be crucial for the industry and insureds, said Pool Re CEO Tom Clementi during a panel at the Airmic conference.

“It is a fairly dizzying array of malicious and nefarious risks that we're talking about, including things like deprivation and seizure, alongside subversion, sabotage and all the rest of it. As far as terrorism is concerned, there are lots of definitions of terrorism, rather unhelpfully,” he said.

Pool Re operates under the definition as according to the Reinsurance (Acts of Terrorism) Act 1993, which defines terrorism as “acts of persons on behalf of an organisation that seeks to influence or overthrow the government through the use of force or violence”.

Since its formation in 1993, Pool Re's scope has expanded from fire and explosion to chemical, biological, radiological and nuclear following the 9/11 attacks, and most recently to non-damage business interruption and remote digital interference (also referred to by Clementi as “cyber terrorism”).

“It's a fundamental principle of insurance that you understand what you are covering and, most importantly, that people understand what they're buying,” he continued.

“At the same time, a lot of these threats are dynamic. If you have a very rigid and narrow definition and something happens that falls outside of that, you're then accused of not being relevant or useful. So you want a bit of breadth and discretion, but you also want clarity. It's about finding the right balance.

“One of the paradoxes which I find interesting is that we're living in an age of unprecedented technological advancement, and yet terrorism has become seemingly resolutely unsophisticated,” he said in reference to the increasing prominence of lone wolf attacks.

“Cyber terrorism is an emotive term. Historically we're better off talking about terrorists using the internet for radicalisation, propaganda and communication. My worry is that the barriers to entry for cyber terrorism will get lower, helped in part by AI and quantum computing.”

Clementi concluded with a warning: “We shouldn't run the risk of failing to imagine the art of the possible, even if terrorism right now feels like it's becoming pretty unsophisticated.”