DaLiu / Istockphoto.com
A dramatic surge in cybercrime and an increasing awareness of the risk among the population has reassured the industry that cyber insurance will develop into an important area in personal lines insurance.
While traditional crime has been falling steadily in the past 20 years in the UK, cybercrime cases have shot up in recent years, surpassing the total number of cases of traditional crimes, according to data from the Office for National Statistics.
Online banking fraud increased by 64 percent year-on-year in 2015 to £133.5 million.
In the commercial space, cyber insurance has been a hot topic for a while. The US is the most developed market for cyber insurance in the world, driven by the introduction of regulations including mandatory disclosure laws for data breaches.
The US cyber insurance market more than tripled in size between 2013 and 2016 with premium volume jumping to more than $3 billion from around $1 billion during the period, according to a June 13 market briefing by Munich Re and UK General at Lloyd’s of London.
Experts expect mandatory disclosure laws being introduced under the European privacy directive, the General Data Protection Regulation (GDPR), coming into effect in 2018, to have a similar effect effect.
The new regulation includes fines of 4 percent of the company's global turnover or €20 million, whichever is greater.
Cases of cyber-attacks will be reported and consumers will not only become aware that a company has been targeted, but also that their personal information may have been misappropriated, says Dan Hyde, partner at law firm Penningtons Manches.
Cyber is seen as one of the few growth opportunities for re/insurers in what is otherwise a soft market where many companies are reducing their exposure, particularly in the property/casualty space.
Annual gross written premiums in cyber are set to increase from around $2.5 billion in 2015 to reach $7.5 billion by 2020, according to estimates.
Initially the GDPR will cause an uptick in the commercial and SME (small and medium-sized enterprises) space, says Tim Marshall, cyber underwriter at Munich Re during the presentation.
But individuals are becoming increasingly vulnerable due to the prevalence of Internet of Things, connecting all sorts of objects from TV’s, cars, or fridges. As the number of connected devices in use is already growing exponentially, experts believe that it is only a matter of time until personal cyber insurance will experience a similar boom as the commercial lines.
“It’s going to become more and more in the public awareness which is going to drive people to understand this risk more and that will lead to a pick-up,” says Marshall.
Ransomware attacks such as WannaCry which affected more than 200,000 organisations in 150 countries, stopping car factories, hospitals, shops and schools, could also affect private lines customers, Marshall explains.
An insurer offering advice through a hotline to victims of a cyber-attack will be key to bring the cover down to the personal line, he notes.
In order to prepare for the expected growth in demand for personal cyber insurance, Munich Re and managing general agent UK General have partnered to develop a product for personal lines.
Fraudsters have, for example, been able to take over transactions from Santander and were not reimbursed by the bank, UK General managing director Karen Beales explains. An online holiday booking could turn out to be a scam, she adds. In 2016, holiday booking scams totalled over £7 million, according to BBC research. Also, an online purchased product may never arrive, all cases in which personal cyber insurance could assist and reimburse clients, Beales explains the drivers behind the new product.
The insurance should also include cyber bullying, a phenomenon which is becoming increasingly common due to the spread of social media, Beales notes. Almost 40 percent of participants in a survey said they experience frequent cyber bullying online, most of them involving explicit images, according to the presentation.
The new cyber product may first be sold as an add-on to an insurance contract, most likely home insurance, potentially also within a mobile device (gadget) policy.
“At the moment, if you put it in home insurance, you are putting something in front of someone who is currently considering buying insurance,” Marshall explains the rationale.
The plan is to market the cyber product as a fixed price add-on, emphasizing the service it provides to the client.
UK General would not be the first to market a personal cyber insurance in the UK. Plum Underwriting, a managing general agent with roots in Lloyd's and focusing on the specialist home insurance market, is already offering such a product.
The cover is automatically included in home insurance products for clients with contents from £75,000 to £150,000 (mid net worth) and contents valued at more than £150,000 (high net worth).
The products offer home systems cover including restoration of systems & data and computer virus removal following a cyber-attack. They insure the clients against cyber-crime including fraud, cyber ransom, telephone hacking and give identity theft assistance. The products also cover cyber online liability for data privacy, computer transmission, defamation & disparagement. The limits for the two offered products can be £50,000 (mid net worth) or £100,000 (high net worth).
At a later stage, cyber cover could become a standalone product, Marshall notes. For the younger generation, which is less inclined to buying insurance, it might be necessary to find another route to market. This route could lead to a cooperation with password managers, applications that assist in generating, storing, and retrieving complex passwords from an encrypted database.
The potential for cyber insurance growth may be higher in the commercial lines than in the personal lines, but the potential has yet to tested.
“It is very hard to find clients which do not have cyber exposure," Marshall notes.
Cyber, Insurance, Personal Lines, UK General, Munich Re, Plum Underwriting, UK, Europe, Dan Hyde,Tim Marshall, Karen Beales