New opportunities and challenges are on the horizon as the
ILS sector looks to help manage everything from cyber risk to
cryptocurrency and intangible assets, says Peter Dunlop at Walkers
Bermuda has a long history of innovation in the insurance space.
Led by pioneers Fred Reiss, Bob Clements and others, Bermuda was
the first to develop the captive insurance model in the 1960s and a
solution to the US casualty crisis of the 1980s.
With the implementation of the Insurance Amendment Act 2008 and
the introduction of the light-touch regulated special purpose
insurer (SPI), Bermuda embraced third party capital convergence and
launched itself to pole position as the world’s leading
insurance-linked securities (ILS) marketplace.
More recently, to meet the rising tide of insurtech initiatives,
in 2018 the Bermuda Monetary Authority (BMA) launched a temporary
licence innovative insurer class for both general and long-term
business, and created the insurtech regulatory sandbox and
We in Bermuda await the implementation of the BMA’s Guidance
Note #20 on SPIs and the outcome of the consultation period for
proposals made by the BMA for a new permanent licence, non-sandbox
innovative insurer class, and a new collateralised insurer class,
with permanent capital requirements and the ability to fully fund
its liabilities via outwards reinsurance.
Meanwhile, as the losses from hurricanes Harvey, Irma and Maria
in 2017 and Typhoon Jebi and the California wildfires of 2018 creep
higher, and the ILS market wrestles with the side-effects of
trapped capital, the burning question for the ILS industry is now
“what other lines of business can ILS adapt to?”.
According to most panels on the ILS conference circuit the
answer to that question is “cyber insurance”. Without
doubt, cyber insurance will continue to grow in its application and
demand, but is cyber insurance truly a good fit for ILS? Will it
provide the return to investors that has been missing from property
catastrophe risks these last two years?
What is cyber insurance?
Cyber insurance is not new. Losses from cyber events were first
asserted through errors & omissions policies without those
coverages specifying that they covered “cyber” losses. In
response, standalone cyber policies were developed in the late
1990s from those professional liability coverages and have
increased in sophistication and demand commensurately with the
growth of the technology industry.
Cyber insurance began as a relatively narrow coverage, covering
first party costs of investigation and remediation caused by data
breaches or cyber events. Loss data was scarce and rates on line
were high, while pricing in traditional classes was decreasing.
Now, as cyber insurance—both first party and third
party—has become de rigueur, the market has softened.
Coverage terms have broadened while pricing remains flat.
First party coverage
Today, first party coverages include hacking, cybercrime, damage
to electronic data, increased costs, and/or loss of income similar
to business interruption losses, cyber extortion, cyber terrorism,
and crisis management damage.
They also include notification costs, a head of damage caused by
legislation such as the California Security Breach and Information
Act 2003, which requires Californian businesses to notify affected
parties of unauthorised cyber breaches resulting in a loss of
Third party coverage
Common third party liability coverages indemnify for damages and
defence costs arising from third party claims caused by data
breaches from network security, distribution of private data
arising from such data breaches, electronic media defamation and
invasion of privacy, funds fraud, and cyber terrorism.
The marriage of cyber and ILS
Would third party capital and cyber insurance make a good union?
Demand for cyber insurance is increasing, while third party capital
provides a resilient platform from which the insurance industry can
increase efficiency and grow in size, scope and geography.
However, ILS makes sense in the natural catastrophe class
because investors are attracted to the diversified returns,
uncorrelated to the shocks of financial markets, that nat cat
Those events are geographically confined and there is a wealth
of historical weather and catastrophe data to work with. In
addition, natural disasters are seasonal (although it remains to be
seen what increasing impact climate change will have on the nat cat
high severity/low frequency model) and therefore somewhat
Can the same be said of cyber? Cyber insurers have already been
struck by waves of losses caused by data breaches in the US retail
and healthcare sectors, including big names such as Target, UPS and
Anthem. There is reportedly a wave of cyber-related litigation in
Concurrently, there is a relative lack of data required to
produce a robust, well-balanced, competitively priced insurance
product. Hackers and cyber criminals are ever more advanced and
unpredictable in their attacks and, unlike nat cat, cyber knows no
It is not seasonal. Cyber losses do not lose force when they
make landfall. They cannot be extinguished as a wildfire might be.
Pricing is decreasing and cyber losses are arguably not
uncorrelated from the financial markets, thus removing the
Research undertaken by the Institute of Insurance Economics
found that in 2018 global annual losses from cyber risk were $600
billion with only $6 billion insured, but it is fair to say that an
uncontrolled and undisciplined collaboration between cyber
insurance and ILS could result in catastrophic cyber insurance
losses and at the same time scare off the third party capital
providers that are so vital to the growth of the insurance
industry. It cannot be long until we see a cyber cat bond—but
an ultra-prudent underwriting approach is a must.
With the opportunities created by advances in technology come
certain challenges. Two such challenges are in the areas of
cryptoasset enforcement and intangible asset valuation.
The BMA introduced the Digital Assets Business Act 2018 (DABA),
which provides for the licensing and supervision of digital
assets— cryptocurrencies—business activities in
Bermuda, and the Companies and Limited Liability Company (Initial
Coin Offering) Amendment Act 2018 (the ICO Act), which amends the
Bermuda companies legislation to create a framework for the
regulation of ICOs, more broadly now referred to as tokens.
While the legislative regime in Bermuda for DABA and ICO
entities is robust, there are challenges ahead when things do not
go according to plan. Not only are cryptoassets difficult to insure
but it is well publicised that the Securities and Exchange
Commission in the US, the Financial Conduct Authority in the UK and
the Monetary Authority of Singapore have all taken enforcement
action against cryptoasset entities in a variety of perimeter
issues (ie, performing regulated activities for a cryptoasset
business without appropriate authorisation).
In addition, insolvencies of Bermuda-regulated cryptoasset
businesses raise unique problems for Bermuda liquidators:
- The lack of clarity on the accounting
treatment and valuation of digital assets makes evaluating the
solvency or lack thereof of a digital asset a complicated
- Under the Bermuda Companies Act 1981,
broad powers are afforded to Bermuda liquidators when seeking to
recover assets in the liquidation of Bermuda companies, but the
recoverability of digital assets will be dependent on the ability
to identify targets to seek recourse against. Many digital assets
are created and transferred using anonymous blockchain technology
meaning that, while the BMA can identify the parties to a public
digital asset transaction from the party names given, those names
might be aliases or false altogether, making the process of
ascertaining the identity of transferors and transferees of digital
- With DABA and ICO technology being
decentralised, the global and borderless nature that underpins the
maintenance and transfer of many digital assets can cause
uncertainty when determining how and where to enforce rights
relating to digital assets held by a company in liquidation.
Bermuda liquidators have a traditional toolbox to assist them in
multi-jurisdictional insolvencies, which might not be enough,
- A Section 195 order, compelling any
person connected to the company to provide the liquidator with any
books and papers relating to the company.
- A scheme of arrangement, between a
company and its creditors to restructure a company by varying the
rights of the certain stakeholders.
- A Norwich Pharmacal order, compelling
a party to disclose information in circumstances where one has
knowledge of a wrongdoing but not of the identity of the
- A Bankers Trust order, compelling a
Bermuda bank to provide discovery to enable tracing of funds
believed to be owned by the company and held by the bank.
- A Section 195 order, compelling any
Intangible asset valuation
Intangible assets are non-physical assets such as copyrights,
patents, trademarks, and goodwill, and are distinguished from
physical assets. According to a 2015 report of Ocean Tomo, an
intellectual property bank, 84 percent of the S&P 500’s
value is derived from intangible assets. This amounts to an
inversion of balance sheet values for tangible and intangible
assets from 1975 when intangible assets were valued at 17
This exponential increase in intellectual property value, led in
part by the technology boom, requires us to account for those
intangible assets in a more modern way. GAAP and IFRS accounting
value intangible assets differently—depending on whether
those intangible assets were acquired or grown internally—and
under both accounting systems intellectual property is valued less
favourably than tangible assets such as plant and machinery.
The result is corporate valuations for companies rich in
intangible assets that are lower than should otherwise be
appropriate. This has a knock-on effect on corporate borrowing
costs, credit ratings and corporate financial health as a
These days that difference in accounting approach is outmoded.
Insurance and ILS might turn that problem into an opportunity by
finding a means to establish an insured value for those intangible
assets and provide an intangible asset credit guarantee for, say,
regulatory capital relief purposes.
With the loss creep of the 2017 and 2018 nat cat seasons it is
to be expected that third party capital investors would look for a
different, more stable and remunerative insurance class to
collateralise. Correspondingly, the insurance industry requires
increased capacity and ILS seems an obvious means of raising
It remains to be seen whether the pricing and low levels of data
and loss history for cyber justifies a large scale move to cyber
away from nat cat coverage, which itself still has very low
penetration in undeveloped and developing economies and is
aggravated by climate change.
The irresistible rise of technology creates not just
opportunities but also challenges, especially in the areas of
cyber, cryptoasset enforcement and intangible asset valuation.
Whatever lies in store for cyber, technology, and ILS, Bermuda
is an established leading jurisdiction for fintech and insurtech
and is well positioned to continue its history of innovation and
Originally published by Bermuda: Re + ILS.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
- HBO Max vs. HBO Now vs. HBO Go: What are the differences and how do you upgrade?
- Further tech giants pledge funds, voice to fight racial injustice
- Dyson electric car revealed inside and out, despite cancellation
- Galaxy Note 20 rumors: Photo leaks, camera specs, release date and more
- Ford Bronco debut scheduled for July
- Get a deal on an Asus gaming laptop at Amazon or Best Buy
- Huawei ban timeline: Senator says China is using company to drive wedge between US and UK
- Encrypted messaging app Signal adds facial recognition protection for protesters
- A $23 Bluetooth headphone deal you shouldn’t miss