Non-affirmative cyber appears to be a continuing problem for the global insurance linked securities (ILS) community, according to a survey of fund managers by PCS.
PCS said that non-affirmative cyber is commonly described as (re)insurance coverage related to a cyber event not expressly covered as such in a cyber or blended program.
In a recent survey of more than 75 percent of the ILS community (measured by assets under management), the question was posed: “Do you believe you have non-affirmative cyber exposure?” Seventeen of 22 respondents – 89% by AuM – believe they do.
Tellingly, however, while the overwhelming majority of respondents surveyed believe they have non-affirmative cyber, many reported that they are not sure where in their portfolios it is, how much exposure they have, or how to manage it.
According to PCS, “most respondents appear to have accepted non-affirmative cyber simply as an aspect of doing business, although they reported that they would like to carry as little as possible”.
It added: “As to how much non-affirmative cyber exposure ILS funds may have, or where it might sit in their portfolios, ambiguity abounds – as it generally does, in all fairness, in the traditional reinsurance market.”
“Some ILS funds reported that they simply accept the risk, while a few have sought to identify and quantify it. Most respondents seemed to indicate that the non-affirmative cyber risk they held (if any) was tolerable, particularly given the use of cyber exclusions in other classes of business.”
Many of the ILS funds that answered this question also indicated that they have exclusions specifically related to cyber in the reinsurance business they write. The process of adding those exclusions generally became easier, PCS was told.
While addressing other exclusions in the market, ILS fund managers reported that they were also able to bring in cyber exclusions. Some respondents said that they do their best to exclude non-affirmative cyber but assume that some exposure may slip through.
Many indicated that they must have some “somewhere” in their portfolios but had made no specific effort to identify or quantify it at that time.
PCS added: “Based on the survey responses, the question that remains is whether there are any significant differences between the cyber exclusions used by ILS funds that believe they have some non-affirmative cyber exposure and the exclusions used by those that do not believe they have any non-affirmative cyber exposure.”