Cyber Re hardening to continue as demand outstrips supply in ~$3.5bn market

The cyber reinsurance market has ballooned to between $3bn and $3.5bn over the past year, with increased demand and concerns over loss trends driving hardening as reinsurers respond by raising rates on excess of loss (XoL) structures and pushing down cedes on quota shares.

The increase in gross written premium (GWP) – up from roughly $2bn at H1 2020 – follows a surge in demand from primary carriers as they grapple with their exposures and escalating loss ratios driven largely by the acceleration in ransomware losses.

Although estimates of the overall size of the wider cyber market vary, sources have put GWP volume as high as $8bn, up from around $7bn in 2020.

With the nascent cyber reinsurance market largely dominated by quota share structures one notable trend has been the withdrawal of variable and qualified quota share offerings.

One broking source told The Insurer that most markets are now strictly standard quota shares, with many having exited the market altogether for variable and qualified quota shares.

While the XoL market – which is led by Fidelis, Hiscox and Envelop Risk – is dwarfed by quota share structures, sources have suggested the appetite for XoL coverage is on the rise among cedants, despite the sharp increases in pricing.

As this publication reported last week, Envelop Risk – which is backed by MS Amlin – secured a $130mn investment from SoftBank, with plans to use the funding to expand its proprietary machine learning and data-driven underwriting activity in the cyber market, as well to expand into other lines of business.

One underwriter pegged rate increases on renewing XoL cyber business at between 30 percent and 50 percent, with some heavily loss-affected outlier accounts witnessing increases close to 100 percent.

XoL covers are typically written in excess of 80 percent loss ratios, with limits available of around $100mn.

Other trends include increasing demand from cedants for aggregate protections to sit alongside their existing proportional coverages, with larger cyber writers seeking new aggregate placements to supplement some of their sideways proportional protection.

Reduced appetite

The quota share market has traditionally been led by reinsurers including Munich Re, Swiss Re, Hannover Re, RenaissanceRe, PartnerRe and TransRe, although the latter two are thought to have scaled back over the past two years.

While the market hasn’t witnessed any notable exits of late there has been a marked reduction in appetite from carriers, it has been suggested to this publication.

“In the past, some lead markets would write almost everything that crossed their desk, that’s not the case now,” one market source told this publication.

“Things are improving both in terms of risk selection and the quality of risk coming to the market,” they added.

Market restructuring

But while some have been scaling back, other lead cyber reinsurance markets have been more bullish, notably Munich Re.

Last month, the German reinsurer said it expects cyber reinsurance rate increases to continue at a sustained pace – which it pegged at “very clearly in the double digits” – with the carrier looking to continue to build out its book in tandem with the hardening market.

Munich Re said that despite the sizeable losses that have been handed to reinsurers by cedants, it views its cyber book as being “fully in line with our expectations”, explaining that the impact on the company was “very limited and compensated by price increases”.

At H1 this year, rival Swiss Re said it intends to remain underweight in the space amid concerns over whether pricing is currently capturing the full extent of the risk.

Primary market driving hardening

As has been reported, while data breaches continue to be a key driver of cyber claims exposures, losses tied to ransomware attacks have become more prominent – and dominant – in the last two years.

At the same time, larger fines and penalties from cyber incidents have emerged due to tighter privacy and data protection legislation.

According to Fitch, in 2020, the direct loss ratio for the standalone cyber market was 73 percent – a huge increase from 47 percent in the prior year and an average of 42 percent from 2015 to 2019. The average paid loss for a standalone cyber claim was $359,000 in 2020 – more than double the $145,000 figure seen in 2019.

In response to these shifting dynamics, many primary cyber carriers have been rolling out new underwriting strategies to de-risk their cyber portfolios.

AIG is understood to be the largest primary writer, closely followed by Chubb, with other major players including Axa XL, Beazley and Axis.

Beazley – understood to be the largest cyber writer in the London market – has been implementing a new cyber underwriting strategy since October 2020, and has witnessed a 20 percent reduction in ransomware frequency per policy and a 50 percent ransomware frequency reduction per premium since the Q4 roll-out.

However, one cyber reinsurance underwriting source suggested to this publication that despite actions taken by certain carriers, those actively managing their cyber exposures weren’t able to be rewarded by reinsurance partners this year.

“Ransomware has eaten up quite a lot of the profits for insurers so they can’t share some of the fruits with the cedants at this point in time,” one source said.

“Ransomware is on everybody’s mind and almost every program that we see is getting priced according to the hard market, rather than trying to pick and choose between the carriers.”