Cyber buffets insurers’ long-tail claims

by Resolve Editor Kate Tilley

Three factors are buffeting long-tail claims – cyber, legacy claims, and ructions in the D&O and public liability markets.

That’s the word from Robin Cooper-Driver, head of long-tail lines Asia Pacific for Zurich, who spoke at the AILA Queensland Insurance Intensive.

He said cyber liability was a concern because “no one really understands it” and “you can’t avoid it, even if you don’t write cyber”. It impacted on property, business interruption and public liability policies.

For insureds, their highest priority was the level of recovery services available to restore businesses to normal post attack (see below for the Qld Insurance Intensive’s cyber panel discussion).

Mr Cooper-Driver said legacy claims for abuse were an historical issue that insurers were still grappling with. Aged care was now “a difficult place” because of incidents brought to light by the aged care royal commission which identified systemic issues. “Insurance is not the answer to fix it,” he said.

Special purpose acquisition companies (SPACs) were a problem for D&O underwriters because, despite them being illegal in Australia, there was still exposure.

SPACs are shell companies listed on stock exchanges that buy private companies to take them public without going through the traditional initial public offering process.

Mr Cooper-Driver said the concept was drifting from the US into the Australian market and insurers should be concerned. “We ask hundreds of questions instead of 10 if we’re writing D&O for companies with US exposure,” he said.

Inflation a challenge

High inflation was a challenge for insurers and the US was predicted to reach 7%. “If premiums can’t keep ahead of inflation, margins go backwards. Inflation has moved dramatically and is higher than predicted.”

Social inflation was predominantly a US phenomenon, but was driving change in long-tail claims. Court-awarded payouts that might have been $1 million several years ago were now likely to be $7 million. “It’s a headwind that affects how we make decisions,” Mr Cooper-Driver said.

Greenwashing unacceptable

Climate change was causing more frequent events and there was a new generation of shareholders who were interested in environmental, social and corporate governance issues and would not accept greenwashing, when companies used “pretty pictures and language” to pretend they were environmentally conscious.

Mr Cooper-Driver predicted more D&O claims against greenwashing companies and fund managers that failed to make investments in accordance with their mandates.

Geopolitical risks created uncertainty for insurers and Mr Cooper-Driver advised insurers to review war exclusions in policies. “We don’t know the impact on insureds that have some exposure” in Ukraine.

Emerging trends included a greater focus on customer centricity. In a post-Covid-19 environment there was greater empathy for employees.

Claims services and the ability to react quickly for customers in need was paramount.

Sustainability was another issue because the new generation “wants to associate with brands that align with their values”.

Cyber risk panel session

After his presentation, Mr Cooper-Driver chaired a panel session on cyber risk featuring Carter Newell partner Katherine Hayes, broker Patrick Beckett from Willis Tower Watson and Trent Nihill, head of corporate cyber at cyber specialist underwriting agency Emergence Insurance.

Ms Hayes said it was easy for cyber criminals to buy usernames and passwords online through the dark web and advised delegates to change passwords regularly and check the website Have I been pwned to see if they were a victim of scams. She also advised organisations to use multi-factor authentication.

Mr Nihill said 65% of cyber attacks were against SMEs because they were “low-hanging fruit that couldn’t invest as much in cyber security” as larger companies that were better protected.

Ransomware attackers originally used a scattergun approach but were now infiltrating systems and spending months inside networks to enable them to inflict as much pain as possible. Ransoms of $10 million were “not unheard of” and often paid.

Mr Nihill said it was rare for systems not to be unlocked once a ransom was paid, but it was important for any organisation that had been hacked to thoroughly cleanse the network to ensure the attackers no longer had access.

He highlighted a shortage of skilled personnel to assist organisations that had been hacked and said some insurers were paying retainers to ensure availability when required.

Mr Beckett agreed, saying forensics and IT professionals required for crisis management could “charge well”.

Mr Beckett said cyber-crime threat actors generally sought ransoms of amounts that were easily payable but they were becoming more sophisticated. Without knowing who the perpetrators were, police had insufficient resources to chase them. There was pressure to pay to get businesses up and running again.

Ms Hayes questioned whether ransom payments were illegal, but said if that were the case, there was no enforcement and she agreed victims frequently paid up to resolve the problem.

The panelists agreed insurers’ response plans were critical when hacks occurred. Mr Nihill said Emergence could mobilise within an hour and often within 15 minutes via its 24/7 hotline.

He said despite cyber attacks being “a big industry”, too often organisations did not take simple steps to protect themselves. He outlined the Australian Cyber Security Centre’s essential eight, which can prevent 90% of losses. “Doing the basics can have the most impact.”