Insurance Jottings

Cybersecurity package: towards a true European governance of cybersecurity

Note from FERMA (Federation of European Risk Management Associations)

On the 13th September the European Commission adopted a series of measures to increase the cyber protection of European industries and citizens including a strengthened EU cybersecurity agency. FERMA has previously raised its concerns about the lack of focus on risk governance in cyber security and welcomes the current initiative which is a strong package.

 

The Commission is now reaching the middle of its 2014-2019 mandate. These plans are part of a mid-term review of the Digital Single Market strategy (DSM), which was first delivered in May 2015.

 

Among the key ideas are:

  • A Cybersecurity Act to create an EU Cybersecurity Agency to assist Member States in dealing with cyber-attacks
  • A European certification scheme to ensure that products and services in the digital world are safe to use
  • A new directive to combat cyber fraud and counterfeiting of non-cash methods of payment.

 

EU Cybersecurity Agency

The Commission has proposed a Regulation to reinforce the mandate and roughly double the resources of the EU Agency for Network and Information Security (ENISA) and turn it into an “EU Cybersecurity Agency”.

 

The mandate will be extended to assist Member States in preventing and responding to sudden and simultaneous cyber-attacks like Wannacry or Petya. To fight large scale cross-border attacks, ENISA will also be empowered to organise yearly pan-European cybersecurity exercises.

 

To this end, the Commission has published a recommendation for a blueprint for and EU coordinated response to large scale cybersecurity incidents and crises. The processes primarily involve EU and member state institutions, with a deepening relationship with NATO on cyber defence, but the recommendation also calls for the involvement of private sector entities as appropriate.

 

EU-wide certification framework

The Cybersecurity Act will mandate ENISA to establish a new European cybersecurity certification framework similar to food labels but for online goods and services. Cybersecurity certificates would be recognised across Member States, therefore cutting down on costs and administrative burden for companies.

 

Eventually, all existing certificates issued under national cybersecurity certification schemes should gradually disappear when not covered by the future European cybersecurity certification scheme. The pending question will be if cybersecurity certificates should be binding or not.

 

Non-cash payment fraud prevention

The Commission is proposing a new Directive to combat the fraud and counterfeiting of non-cash means of payment. It will aim to boost Member States’ capacity to prosecute and sanction cyber criminals, including criminal justice cooperation and harmonised penalties across the EU.

 

As shown in the latest Europol’s 2017 Internet Organised Crime Threat Assessment (IOCTA), cybercrime and especially payment frauds are becoming increasingly sophisticated and cross border.

 

Advent Claims establishes European operation in post-Brexit move

Advent Claims, a division of Advent Insurance Management, has entered into a partnership agreement with pan-European claims specialist Van Ameyde to provide support after Brexit.

 

The agreement completes Advent’s global network, extending its capabilities to Lloyd’s managing agents and coverholders across Europe and 40 countries worldwide.

 

“Europe is an important and growing region for Lloyd’s and the London market, with many insurers committed to opening EU subsidiaries post Brexit,” said Jerry McArthur, managing, director, Advent Claims. “We are delighted to have partnered with Van Ameyde to deliver claims support across Europe, both in the run up to and during a critical transitional period for the market and beyond.”

 

As part of the agreement, Van Ameyde has taken a strategic investment in Advent Claims, providing capital to help accelerate growth through the development of products and services, and potentially acquisitions.

 

Piet Middelkoop, group CEO of Van Ameyde, commented: “Our investment in and partnership with Advent Claims reflects our firm belief in the management team’s entrepreneurial ability to deliver relevant, timely and creative solutions.

 

“Advent’s established presence in the US, Canada and Australia will also be beneficial to Van Ameyde in extending our geographic reach. This is a truly symbiotic partnership that will yield significant future benefits for both businesses and for our clients.”

 

Iran signs XoL treaty with Scor; makes overtures to other overseas reinsurers

Global reinsurer SCOR has reached an agreement with the Central Insurance of Iran (CII) to provide catastrophe excess of loss (XoL) reinsurance protection, a move which supports the development of the country’s insurance and reinsurance industry.

 

Since the lifting of sanctions in January, 2016, the CII has talked with over 140 foreign insurers and reinsurers that have expressed interest in entering the Iranian market.

 

Currently, the CII, Iranian Re, and Amin Re are the only three reinsurers operating in the country which, until recently, was regarded by many western governments as a pariah-state.

 

Sara Haghighivand, a member of the Professional Committee of High Council Insurance, speaking to Iranian publication, Financial Tribune, said: “It’s important to transfer more risks to credible foreign reinsurers, since more risk is distributed across a broader geographical area.”

 

The agreement was finalised following a meeting between CII President, Abdolnasser Hemmati and Victor Peignet, the Chief Executive Officer (CEO) of SCOR Global P&C which was announced by the CII on the 29th September.

 

“Such an accordance is the consequence of extensive investigations and discussions conducted by Bimeh Markazi (CII) top executives as well as technical experts in the field of reinsurance and law, all in all leading to amendments to the treaty mutually agree”, according to the CII statement.

 

Everest picks Ireland for EU subsidiary

Bermuda-based holding company Everest Re Group has been granted in-principle approval by the Central Bank of Ireland to operate as an authorised non-life insurer in Ireland.

 

The new Dublin-based subsidiary, to be named Everest Insurance Ireland, dac (EIID), will enable the re/insurer to operate throughout the European Union under a single regulatory framework after Brexit.

 

EIID will initially focus on underwriting trade credit and political risk insurance. It has obtained approval to underwrite a variety of specialty commercial insurance products, including third party liability, property and financial lines.

 

Liberty Specialty Markets creates renewable energy unit

Liberty Specialty Markets (LSM) is establishing a new specialist renewable energy team, integrating underwriting, risk engineering and claims, to expand its onshore energy offering.

 

Tom Clifton, senior underwriter – power and renewables, will head the team from LSM’s London office. He will be supported by Jose Luis Ruiz-Poveda, energy manager, based in Madrid.

 

The business will be underwritten from Liberty’s London office and regional hubs in Paris, Madrid and Dubai.

 

KBRA expands into Europe with Dublin office

Kroll Bond Rating Agency (KBRA) is opening its first international office, in Dublin, as part of an expansion into Europe.

 

It aims to provide investors and market participants in the region an additional view on ratings with detailed and timely analysis.

 

The ratings agency has grown substantially in the US over the past few years, having published over 8,000 ratings.

 

KBRA expects all major geographies in Europe to benefit from its approach, including Ireland where it hopes to become the pre-eminent agency, improving access to the capital markets for all entities in the country.