Cyber crime, cyber attacks and rogue traders have cost banks around the globe a lot of money, and they are increasingly turning to insurance firms to counter those so-called operational risks.
According to a report in Reuters, insurers have said they can protect lenders by giving them more expertise on financial and operational risks. The move for banks is being prompted by pricey court cases, IT outages and cyber attacks from ransomware like WannaCry and NotPetya that hit Credit Suisse, Deutsche Bank and Lloyds, among others. As a result, financial institutions are all looking for ways to offset the costs via insurance.
Many of the contracts being reached between insurance companies and banks are done privately with none of the details making it to the public, according to Reuters. In one instance in which that wasn’t the case, Credit Suisse last year sold a bond that was tied to the operational risk of the bank. Buyers were given coupons of more than 4 percent, but could lose all their money if the bank is hit with a rouge trader, cyber attacks or other costly incidents, noted the report.
“Insurers are getting more and more sophisticated as risk management partners,” said Domenico del Re, director at PricewaterhouseCoopers (PwC), in an interview with Reuters. “If you think of the parallel with fire risk, by helping companies getting advice on where sprinklers should located, the same is happening with cyber, where insurers are linking up with IT and cyber specialists.”
To meet the growing demand, Reuters reported, insurers are hiring risk specialists with big bank experience to help look at the practices of the financial companies to which they provide insurance. Angelos Deftereos, senior underwriter for operational risk at insurance firm XL Catlin, pointed to his background to underscore the point.
“Before joining XL Catlin, I was responsible for implementing the operational risk framework at the asset management division of Morgan Stanley,” Deftereos said in the report. “So, I have an insight into these risks as well as how they are managed/controlled.”