If doomsday preppers have taught us anything, it’s that you can never be too prepared.
Maybe an overstatement, but it may be more relevant to bankers than you think.
We are seeing premiums increase and coverage decrease throughout our market — and cybersecurity concerns are playing a significant role in this trend. In reality, what is truly driving the hard market is the lack of understanding cybersecurity.
You only need to look at recent headlines to see what is causing this rift. Cyber related claims, in particular ransomware and email compromises, have resulted in significant losses that come with a heavy price tag for insurance providers.
When TBA started the Bankers Insurance Agency in 1989, the bank insurance market for Financial Institution Bonds and Directors and Officers insurance was also experiencing a hard market. These tough markets will typically manifest themselves in three ways. First, companies stop writing certain types of coverages. Then they significantly limit coverages. And finally, premiums rise substantially.
Those bankers who were around in the early 1990s will recall, for example, that two insurance companies, St. Paul and Fidelity and Deposit, stopped writing insurance for banks, leaving many banks without coverage.
Regardless, we are seeing an increased concern from the cyber insurance markets for bank coverage without an approach to stay the growing and imminent threat cybersecurity issues pose.
In recent discussions with a major cyber insurance underwriter and a broker who specializes in cyber, both stated that they are seeing cyber premium increases of 25% or more. In addition, some “InsurTechs” — those are newly formed companies who use technology to underwrite risks — have already reached their yearly capacity and will no longer provide quotes for the remainder of this year.
Last month, I had four quotes from a broker who offers coverage from various InsurTechs. I had to hold the quotes for two weeks while waiting on the cyber renewal for my bank to come in. When it came in, the premium had gone up $31,000! When I asked the broker to verify that the quotes from the InsurTechs were still valid, she sent back ONE quote instead of the original four, which had increased $6,000 from 10 days previous. The other three InsurTechs had completely stopped offering coverage in those 10 days!
This is obviously a huge issue for bankers. The good news is that banks are way ahead of other industries when it comes to cybersecurity. Consequently, some companies are still willing to offer terms based upon the level of security the bank provides. Unfortunately, those premiums are much higher than they were a year ago. In addition, we are seeing limits reduced. If your bank had $10 million in coverage last year, it may only receive $5 million or less this year.
If you can demonstrate the bank is making systems more secure, we believe it can ease some of the hard market pressure.
Despite this difficult trend, bankers can take some actions that may help. First and foremost, adopt established best practices for combating cyber attacks and make them part of your bank’s culture. Implement programs that are designed to decrease hacker strikes through multi-factor authentication (MFA), regularly train staff to identify, avoid and report ransomware or phishing attempts and regularly consult with a cybersecurity expert at the executive level.
If you can demonstrate the bank is making systems more secure, we believe it can ease some of the hard market pressure. Some of this may be completely new or make it difficult to know where to begin. We strongly suggest your bank become involved in the various programs that the Texas Bankers Association offers to help curb these potential losses. Check out the TBA Cyber tab on the TBA website, www.texasbankers.com. You will find a wealth of resources there.
On a positive note, I had a bank who had recently implemented some cybersecurity processes and procedures which ultimately resulted in a lower premium increase. In addition, the cyber insurance company offered the bank higher limits. This is an example of when you adhere to elevating cybersecurity into the company’s DNA, you can reap the benefits from your insurance company.
Brien O’Connor has been in the insurance industry for more than 35 years and has been with TBA since 1989, where he heads up TBA’s Bankers Insurance Agency. Brien specializes in bank insurance coverages: Financial Institution Bonds, Directors and Officers Liability, Cyber Liability and Commercial Package coverages. O’Connnor has taught thousands of bankers and held classes in these topics, as well as been an expert witness for the FDIC in cases involving Financial Institution Bonds. Bankers Insurance Agency insures over 250 banks across Texas, Oklahoma, Kansas, Colorado and Arkansas.
[email protected]