Ferma hopes ongoing dialogue over PPPs will now pay off

Ferma has told Commercial Risk Europe that it has kept dialogue open with all relevant stakeholders on the need for EU-wide risk management and state-backed transfer solutions for systemic risks, after the federation put cyber front and centre by calling on the EC to reignite discussions over a public-private partnership (PPP) for this growing threat. At the same time, Marsh said it wants the insurance market to stop its public wrangling over cyber war clauses and better explain to clients exactly what it is doing in this tricky area and why. But the broker fears that the revamped war clauses could set precedent for further detrimental changes to cyber cover. Earlier this summer, Ferma and a group of leading (re)insurers and brokers called on the EU to restart discussions over a PPP to help manage and transfer systemic cyber risks. Releasing a joint report, the key stakeholders have urged public bodies to move beyond theoretical PPP solutions and come up with practical moves amid growing uncertainty for insurance buyers when it comes to areas such as cyber war. Launching the Cyber insurance dialogue – How Europe can lead the way to cyber resilience report in Brussels, Philippe Cotelle, vice president of Ferma and chair of its digital committee, said it is vitally important to “bridge the uncertainty that is growing around catastrophic cyber loss scenarios that are not covered by insurance”. “We can’t be uncertain. We need to know exactly the boundaries where insurance will work so that we can adapt our risk management according to those boundaries, and supply a clear answer to top management about how we plan to address catastrophic cyber losses. This is a big element of the report. We call for Europe to seize the opportunity, as it did in the past on the GDPR, to put the continent at the leadership on those key issues,” he added. Experts from across the insurance market used the report to say it is time to move beyond discussions on how to build cyber resilience and actually develop a PPP for systemic cyber risks. “We need to get to the root of some of the problems. We need to make sure the right people are in the room having the conversations that need to be had. Across different parts of the world there have been many engagements talking quite theoretically about this topic as opposed to pure action. Right now, we want to sit round a table and have that proper discussion with all stakeholders… now is the time for us to restart that in a much more robust way,” said Scot Sayce, global head of cyber at Allianz Commercial, at the report’s launch. Attentions was really drawn to the need for PPPs after companies found they had little business interruption cover in place for Covid-19 losses. This was because most insurers excluded non-damage business interruption (NDBI) risks over fears about systemic losses. As the state had to step in to bail out business, several interested parties, including Ferma, pushed for a PPP at European level to help manage and transfer this risk. Cotelle told CRE after Ferma’s cyber report was published that political appetite for a PPP to cover NDBI and other systemic risks faded as the recovery from Covid-19 took precedent. But he said the European risk management federation has kept the lines of communication open with the EU and other relevant stakeholders, such as the European Insurance and Occupational Pensions Authority (Eiopa). The hope is that this will now pay off with a solution for cyber risk. “In 2020, Ferma drew the European Commission’s attention to the severe shortage of insurance for business interruption losses where there has been no physical damage (NDBI coverage). At the time, and when there was more political momentum, Ferma had concrete discussions with a variety of stakeholders across the insurance value chain, and also with public authorities, as well as international organisations such as the OECD,” began Cotelle. “We have subsequently understood that the political priorities shifted with the large relief Covid-19 package of NextGenerationEU, as the recovery and resilience facility took precedent. Nevertheless, Ferma has kept the dialogue open on systemic risks more broadly with all the relevant stakeholders,” he added. “In this cyber report, we are really aiming to refocus attention on the need for greater public private cooperation, which may take the form of PPPs or other mechanisms. Our call to action, if you will, is that Europe has an opportunity to be a leader in developing a framework that would help to address the coverage gap for risks that cannot be borne by the private insurance market alone,” he said. Cotelle added that Eiopa and the National Bank of Belgium, as well as some of the major players in the private insurance market, believe the cyber report can advance this dialogue. “But of course, Ferma will push for the dialogue to lead to actions,” Cotelle said. It is worth noting that the European Central Bank (ECB) and Eiopa has published a joint discussion paper – Policy options to reduce the climate insurance protection gap – and called for comment by June. The ECB and Eiopa point out in the paper that while national governments may oppose further state-backed funding during this tough economic period, it makes sense from an economic perspective. So the ECB and Eiopa clearly see great potential for new PPPs using the insurance sector as the first layer and capital markets and the ECB itself higher up. And they agree with Ferma that risk mitigation and management must lie at the heart of such future schemes. One of the big systemic risks currently being stripped from insurance cover is cyber war through mounting exclusions from Lloyd’s and the wider market. Clearly the insurance industry cannot, and will not, take on this risk without some form of state-backed support. The removal of war-related cyber cover has left insurance managers in the lurch, either unable to buy protection any more or unclear exactly what is covered and what is not. Brian Warszona, cyber, media and technology practice leader in the UK at Marsh, is concerned that some brokers are downplaying this issue for competitive advantage and is worried that war clauses may be the thin edge of the wedge for cyber insurance buyers. “It is unfortunate that we are seeing some brokers use this as a way of competition and taking a different perspective to make it seem like a non-issue in some regards. I think it is an issue that if it continues to expand in the way this is being pushed out, communicated and enforced, may give precedence to future changes, other than the War Exclusion, that could potentially cause more damaging results,” he told Commercial Risk. A big problem for clients is the way the insurance market has argued over the war clauses in public and failed to deliver clarity on key issues, continued Warszona. “We have to do better as a market to communicate what is going on between ourselves before it gets out in the open. The biggest thing that happened with the LMA war exclusion being publicly drawn out for the past six to 12 months is everything has broken publicly. So we as brokers wanted one thing and carriers said they wanted another, via the LMA or otherwise, and we have gone back and forth on amendments. This started getting into the media and then it became more of a problem for our clients to understand the impact to their insurance purchasing needs. Even Lloyd’s Patrick Tierney has said communication could have been better. And I totally agree,” he said. “We have to set up a better way to respond to what is and is not covered. The main part of that for us is the “major detrimental impact” not being defined. A major detrimental impact to a family-owned retail store is clearly different than a $10bn turnover company. So is it a percentage of the annual turnover? Is it a section of the IT infrastructure completely going down? Does it mean major parts of your operation are down? We just need to define where that kicks in and what it means,” the broker added. Warszona said the biggest losers in all this are clients. He believes they have been left confused by very complex cyber coverage that has now become even more complicated with war, nation state and sovereign nation aspects interacting. “This gets down to needing to develop mock scenarios of what is covered and what is not to help out with communication. We need Lloyds and the LMA to provide that, considering this is their initiated war exclusion for all syndicates, which will potentially transcend into company paper down the road,” he concluded.

Ferma hopes ongoing dialogue over PPPs will now pay off

Marsh fears cyber war clauses could set precedent for further restrictions

Want to read this article?

Read Next

UK law firm appeals £60k penalty for failing to report data breach

Ardonagh appoints CEO for Dutch business as Leons steps down

Renewable energy providers must demonstrate resilience, says FM

Guidance on supervision of climate-related risks from IAIS

Markel to buy marine MGA The MECO Group

UK law firm appeals £60k penalty for failing to report data breach

Ardonagh appoints CEO for Dutch business as Leons steps down

Renewable energy providers must demonstrate resilience, says FM

Guidance on supervision of climate-related risks from IAIS

Markel to buy marine MGA The MECO Group

Keep yourself informed

Sign up for Commercial Risk’s newsletters

Want to read this article?

Read Next

UK law firm appeals £60k penalty for failing to report data breach

Ardonagh appoints CEO for Dutch business as Leons steps down

Renewable energy providers must demonstrate resilience, says FM

Guidance on supervision of climate-related risks from IAIS

Markel to buy marine MGA The MECO Group

Related Articles

Keep yourself informed

Sign up for Commercial Risk’s newsletters