Enhancing the terms and conditions around cyber insurance and reinsurance coverage, especially around cyber warfare and what is excluded from policies, is an important factor that can attract new capacity, including from the capital markets, Claudia Hasse of Munich Re has explained.
Speaking recently around the annual Baden-Baden reinsurance meetings in Germany, Hasse discussed Munich Re’s position on cyber underwriting in Europe and explained that there is still work to do on cyber war exclusions to provide greater certainty and attract much-needed capacity to support cyber insurance market growth.
Claudia Hasse is a Chief Executive Manager at Munich Re, with responsibility for Non-Life business in Germany, Cyber business in Europe and Latin America, and the German Pharmapool business.
Hasse explained that the cyber reinsurance market in Europe has grown to about EUR 2 billion, from EUR 400 milion five years ago, and that Munich Re has a market share that ranges from 5% to as high as 20% in Germany.
Munich Re firmly believes cyber insurance can be modelled, even though in some cases it is not proving particularly profitable business.
In fact, while Munich Re has a cyber combined ratio worldwide of around 85%, it is “a notch higher” in Europe driven by a number of large single losses and lower rates, Hasse explained.
But, in Germany, the combined ratio is over 100% for the industry.
Importantly though for Munich Re, “In our portfolio, we see an increase in losses, but not to the same extent,” Hasse said.
“We believe that there are two reasons for this out-performance. First, we choose our partnerships very consciously, and second, we support our clients with all our knowhow in pricing, wording, risk assessment, and we also help them provide pre-and post incident services. As a consequence, our clients on average outperform the market,” she continued.
On the insurability of cyber risks, Hasse said, “We believe that most cyber risks can be modelled and insured, such as IT virus for example, or data breach, or the failure of an IT service provider but there are clear limits to the insurability.”
But cautioned that, “Systemic risk like critical infrastructure or war cannot be insured, and currently, especially war exclusions are being discussed.”
Going on to explain what these exclusions are and what it could mean for the functioning of the cyber risk market.
Hasse said, “The goal of the current discussion is to make this exclusion more reflective of particular cyber warfare circumstances and for the London market clauses have been developed already with Munich Re participation and those clauses are currently being adapted to the individual European markets, and will then be implemented.”
She explained that Munich Re already has war excluded within its own cyber wordings.
But she highlighted how providing greater certainty about what is covered in the cyber insurance and reinsurance market could also help to build up more capacity, which is sorely needed to assist the functioning of that market.
“This is important in order to create confidence regarding cyber so that new capital, especially from the capital markets, becomes ready to come in,” Hasse explained.
Finally, Hasse also pointed to the need for higher pricing across cyber insurance and reinsurance.
She said that, “Given the loss trends and the accumulation potential we see in cyber, our technical price will increase in Germany and in Europe.”
But Munich Re is also hoping to grow in this segment as well, as Hasse said, “Overall, we are very confident that our strategy is the right one and we plan to further grow in cyber in Europe.”
Way back in 2018 Munich Re called for capital markets support in cyber risks, recognising the need for more capital, in particular on the retrocessional side.
This remains a problem today, with a lack of retro meaning reinsurers cannot write as much cyber risk as they’d like, but the uncertainty in wordings and in particular around cyber war exclusions has really hindered the ability of the capital markets and insurance-linked securities (ILS) to get involved.
Therefore, it’s encouraging to hear there is more effort ongoing to clarify this in wordings and that one of the largest reinsurers is keen to seek third-party capital support for its cyber business.