Insurance and reinsurance marketplace Lloyd’s of London is to mandate that all policies clearly state whether they will provide affirmative coverage for cyber risks.
From January 1, 2020, Lloyd’s underwriters will be required to clarify whether first-party property damage policies affirm or exclude cyber cover.
For liability and treaty reinsurance, the requirements will come into effect in two phases during 2020 and 2021.
Lloyd’s will monitor compliance with this new requirement through its regular planned oversight activities, which it said will be set out in the market oversight plan for 2020.
In January, the Prudential Regulation Authority (PRA) called on Lloyd’s and the wider UK re/insurance industry to ensure more effective management of silent cyber exposures.
The PRA ordered firms to work towards developing an action plan in the first half of 2019, and to set out clear milestones and dates by which action would be taken.
Following consultation with the market, Lloyd’s explained that it now agrees such a move is “in the best interests of customers, brokers and syndicates.”
From now on, Lloyd’s will view policies where no exclusion exists and there is no grant of cyber coverage as non-affirmative.
A market working group, comprised of representatives from Lloyd’s, LMA and managing agents, will be established to consider how the requirement for clarity can best be implemented for liability lines of business, reporting back before the end of the year.
Professional services firm Accenture recently estimated that cyber risk could cost businesses $5.2 trillion in value creation opportunities over the next five years.
High-profile attacks, such as the $69 million LockerGoga incident faced by Norsk Hydro this year, have also helped to raise awareness of the need for more affirmative cyber coverage in the market.