Tag Archives: Prudential Regulation Authority

Quantify Your Silent Cyber Exposure With These Three Steps

In 2017, WannaCry infected computers in over 150 countries across the globe, taking out critical functions such as the National Health Service (NHS) in the U.K. One year later, the NotPetya cyberattack brought many household names to a standstill. The pharmaceutical giant, Merck, was reportedly the source of US$1.3 billion of total impact to (re)insurers from the NotPetya attack, 87 percent of which was considered silent exposure. These two major cyberattacks highlighted to insurance carriers the risk of being exposed to silent cyber events and the need to start quantifying and managing that risk.

Regulators have started to take notice. Since summer 2017, the U.K. Prudential Regulatory Authority (PRA) is asking insurance firms to provide action plans on how they plan to address their silent cyber risk. In November 2018, Moody’s announced it will soon start evaluating organizations on their risk to a major impact from a cyberattack. Following this, in July 2019, Lloyd’s announced a deadline of January 1, 2020 for all syndicates to start to address their silent cyber risk where “… all policies provide clarity regarding cyber coverage by either excluding or providing affirmative coverage.”

NotPetya and WannaCry were just two examples of costly silent cyber events. As pressure from regulators mounts and cyberattacks become more common, it is imperative to understand where silent cyber exposure can be found, and how much it could cost you.

Continue reading

Climate Change – What’s the GIST?

From our numerous client conversations, climate change as a business issue has risen high on the agenda, and this has certainly escalated over the last twelve months. There is a growing recognition of the need to quantify the impact that climate change will have on your business. But – where do you start with this? One of the major challenges is knowing what question to ask. With the inclusion of climate change scenarios within the General Insurance Stress Test (GIST 2019), which the larger U.K. insurers and Lloyd’s syndicates are required to respond to, the Bank of England Prudential Regulation Authority (PRA) is outlining one approach.

RMS is particularly well placed to support insurers in responding to the “Assumptions to Assess the Impact on an Insurer’s Liabilities” portion of the climate change section within GIST, which examines how changes in U.S. hurricane and U.K. weather risk under different climate change scenarios may affect losses.

Continue reading