BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.
The growing use of captive insurers to cover cyber risks is providing policyholders with a mechanism to modify insurance coverage to fit their needs, according to industry experts.
In addition, by using captives to cover primary risks, captive owners can directly access reinsurance and excess insurers and help develop cyber coverage in the wider market, they say.
“The whole insurance market for cyber is growing significantly, and within that the captive element is growing as well,” said Anup Seth, managing director for captive and insurance management for Aon Insurance Managers (Bermuda) Ltd. “I would say it’s such a growing market that more and more companies are utilizing their captives.”
“I am seeing more interest today in cyber in captives than I have at any other point in time,” said Jim Swanke, director of risk consulting with Willis Towers Watson P.L.C. in Minneapolis.
“We’re having more and more conversations involving cyber risks in captives,” said Michael Serricchio, a managing director with Marsh Captive Solutions based in Norwalk, Connecticut. “In the past four years, we’ve had a 100% increase in the number of captives insuring some cyber exposure.”
Policyholders are placing a wide variety of cyber exposures into their captives, sources said.
“Captive owners’ approach to using their captives to provide cover for cyber risks differ widely,” said St. Peter Port, Guernsey-based Peter Child, managing director for Artex Risk Solutions Inc., a unit of Arthur J. Gallagher & Co.
Risks covered via captives include: professional services error and omissions; multimedia liability; security and privacy liability; data recovery and loss of income; regulatory defense; post-event impact mitigation costs and data extortion, he said.
Putting cyber risks into a captive can provide an entry point for captive owners to access the commercial markets, captive managers say.
“Many clients are either buying a commercial policy or they’re taking the first step to a commercial policy by using their captive first and then going to the commercial market sometime down the road,” said Mr. Serricchio. “We’re finding risk managers and treasurers and general counsels looking to their captive to be able to support, in some way, shape or form, cyber for the organization if it makes sense and is done in a conservatively prudent way.”
Captive owners are using their captives to cover first- and third-party cyber exposures in the primary layer, and then accessing the excess, surplus lines and reinsurance markets, said Mr. Swanke of Willis Towers Watson.
Captive owners can also use the vehicles to tweak and tailor coverage, said Mr. Seth of Aon. Whereas an insurer’s standard cyber insurance form might have certain sublimits for business interruption, for instance, a manufacturer might extend that coverage and even add contingent business interruption for key suppliers.
“They start with the carrier language and bespoke it for their own needs. We’re seeing that a lot,” Mr. Seth said.
In some cases, captive owners may have a better understanding of the risks they face than the commercial insurance market, said Mr. Child of Artex. “In those cases, the captive can provide a greater breadth of cover to ensure that the combined policies of the market and the captive give the kind of protection that the captive owner needs.”
“Insurers are certainly aware of the evolving nature of cyber risks, and so commercial policies will have exclusions and gaps. A carefully drafted captive policy can fill in some of those gaps,” added Karl Huish, executive vice president for North America with Artex Risk Solutions in Mesa, Arizona.
By putting a primary layer into a captive, “clients are finding that they can develop their own manuscript policy form, their own policy language,” Mr. Swanke said.
This can also benefit a policyholder when entering the commercial market, he said.
“Then, when they go into the reinsurance market for more limit, they try to get the reinsurers to follow the form,” Mr. Swanke said. “They use the captive as a tool in that primary layer to try to dictate the cover up the tower, in both the reinsurance and retail areas as well.”
Mr. Seth added that with such an approach, insurers are sometimes more willing to provide excess layers of coverage. “They see the client with skin in the game by taking a meaningful primary retention. We’re seeing that approach help with the overall structure of the program,” he said.
“Hopefully, the market will recognize that you are taking on a sufficient amount of retained risk in your captive so reinsurers are more inclined to go along with your coverage,” Mr. Swanke added.
This, in turn, helps inform reinsurers of policyholders’ requirements and contributes to the overall evolution of the cyber insurance marketplace.
“I believe that as reinsurers start to follow the manuscript forms, it informs the marketplace of what features clients are looking for,” Mr. Swanke said.
As an evolving exposure, regulators are monitoring cyber risk and will likely introduce rules related to how captive insurers can cover the exposures, according to industry sources.