Established in 2001, International General Insurance (IGI) is a global privately-owned specialist commercial insurer and reinsurer. Our vision is to be the company of choice for clients and brokers through market-leading service and our reputation for stable management and capital security.
A diverse and highly experienced team of underwriters operates our office in London. We also have offices in Dubai, Amman, Casablanca and Kuala Lumpur.
Our diverse portfolio of specialty lines includes Energy, Property, Construction & Engineering, Ports & Terminals, Financial Institutions, Aviation, Professional Indemnity, Political Violence, Legal Expenses, D&O, Casualty, Forestry and Treaty Reinsurance.
Standard and Poor’s upgraded our financial strength rating to “A- “, with a Stable outlook. A.M. Best rated the company A- (Excellent), with a Positive outlook, stating, “the revised outlook reflects IGI’s consistent record of very strong operating performance and the continuous improvement in its enterprise risk management framework.”
We take pride in providing proactive claims management, coupled with open communication, leading to the efficient handling of claims. We endeavour to act fairly and honourably in our relations with clients and brokers.
Asset managers need to face the threat of cyber/engineered crime
Technical security is becoming a rising priority for asset managers, but the sector is not prepared for the changing landscape of risk. Ben Cubitt, Underwriter, Financial Institutions at International General Insurance (IGI), explains that while other financial institutions, such as banks and insurance companies, have been working hard to bolster their electronic and cyber security, the asset management sector is potentially easy prey for hackers and criminal impersonators.
What are the threats facing the asset / fund management industry?
Cybercrime is by no means a new risk, not when compared with the more recent evolution of impersonation or ‘social engineering fraud’ as it’s more commonly referred to in the insurance market. However, both are growing threats for any size of business. While many financial institutions have been beefing up their cyber defences, asset managers, particularly the small to mid-sized ‘SME’ firms, seem to be only just waking up to the fact that they could be targeted just as frequently as the larger, better-known institutions of today.
The stats around cybercrimes may surprise you. The Accenture High Performance Security Report 2016 found that a typical financial services firm faces an average of 85 data breaches per year. Of those attacks, 33% will succeed – that’s two per month. Even more surprising, 48% of respondents said that the greatest security risk arises from internal sources. The Accenture study also found that 59% of attacks take months to detect, while 14% aren’t discovered for a year or more.
This should serve as a broad warning to asset managers that the threat of cybercrime is rampant, and no industry is immune.
Why would asset managers be a tempting target for either a cyber or socially engineered attack?
So far, asset managers have been relatively shielded from both cyber and socially engineered threats. They don’t tend to deal with vast amounts of personal information, unlike a global commercial enterprise. However, they do hold highly confidential and sensitive forms of financial data on behalf of institutional and private clients. They execute hundreds of thousands of trades every day and possess highly valuable intellectual property around investment strategies. This makes them an extremely attractive target.
How have insurers responded?
Insurer appetite to cover these perils can vary. Many policy wordings presently available, including those currently in force for fund managers, do not provide the technical elements of coverage as standard.
For example, standard Crime cover for asset management firms and their funds, are likely to cover the direct financial loss sustained from a computer virus, but not typically the costs associated with handling such a breach. Similarly, for payment transfers that arise out of a fraudulent instruction, be it via an intercepted email or over the telephone by a fraudster, may well fail when tested against a policy’s finer detail. These could exclude losses when such transfers are executed by an authourised individual. Cover would usually exist by either an extension, or a broadening of the original Crime insuring clause(s) and associated definitions/exclusions. Policy wordings can therefore become difficult to interpret and follow. It can be a time-consuming process for brokers and clients to find suitable cover.
IGI’s new ‘Focused Protection’ Investment Management Insurance product provides clear and affirmative cover for these types of scenarios. The environment for firms operating in today’s highly regulated investment management industry has become increasingly complex. IGI has created a policy with covers to provide some certainty in uncertain times.
How can brokers help?
Brokers continue to take steps to encourage insurers to include the elements of cover required to meet such threats, but as mentioned earlier, insurer appetite is not always available and if provided, may well not respond once properly tested. Clients need to be made aware of the situations that can arise if defences in technology and operations are not as robust as they need to be. It’s never too late to learn; and informing clients of such dangers in advance of policy inception is vital.
From IGI’s perspective, the asset managers at greatest risk are the ‘SME’ small to medium sized enterprises, which may not necessarily benefit from the cost of purchasing a stand-alone cyber policy. IGI has narrowed the risk down to meet the requirements of investment managers within the SME space, without the expense.
This ‘new’ breed of criminals moves quickly, and the insurance industry needs to respond in a targeted and efficient way to provide peace of mind to all clients.
Can you give an overview of IGI’s Investment Managers policy?
Here are the key highlights of coverage:
- Civil Liability (available if required, to both Company and Fund)
- Management Liability (available if required, to both Company and Fund)
- Legal costs and expenses incurred from investigating, defending and negotiating settlement of claims
- Additional Cost Covers (available if required, to both Company and Fund) for:
- Extradition proceedings, not subject to any excess
- Prosecution Costs, not subject to any excess
- Regulatory Costs, not subject to any excess unless, such costs and expenses are incurred by the Company or Fund entity
- Reputational Damage Mitigation, not subject to any excess
- Mitigation Costs (available to Company only)
- Crime Cover (available if required, to both Company and Fund) for:
- Employee Infidelity
- Fraudulent Interception and Impersonation
- Malicious Damage to Computers
- Cyber and Data Costs (available to Company only)
- Breach Response Services
- Data Loss
Up to USD 10m in the aggregate inclusive of all costs, expenses and applicable sub-limits
Designed for UK FCA registered businesses, with capabilities to offer on a Worldwide basis (excluding those domiciled in the United States of America or Canada)
If you would like to talk to Ben Cubitt, CLICK HERE, leave a message and youTalk-insurance will pass your enquiry on
If you like the content you see on youTalk-insurance why not take 20 seconds to subscribe to our free newsletter
- 24 May 2018
- 21 May 2018
- 16 May 2018
- 26 Apr 2018
- 19 Mar 2018
- 15 Mar 2018
- 13 Mar 2018
- 7 Mar 2018