IUA Warns on Over-Reliance on Cyber Insurance

The latest from the IUA;
Warranty and indemnity insurers may be over-reliant on cyber insurance, a new report from the International Underwriting Association (IUA) has warned. While cyber risks pose an increasingly potent threat in the context of mergers and acquisitions, there may be critical coverage gaps which underwriters need to consider carefully.
‘Cyber Risks and Warranty and Indemnity Insurance Underwriting: Do you understand your cyber exposure?’ has been published by the IUA’s Transactional Liability Committee. It provides a practical guide to help insurers better assess, manage and mitigate cyber risks – discussing policy wording principles and proposing good practice recommendations.
Warranty and indemnity (W&I) insurance is a specialised product to cover breaches in representations and warranties given in the sale of a business. Cyber insurance policies serve a complimentary purpose, but many have standard provisions that automatically terminate cover at the close of such transactions, with limited periods for reporting claims of just weeks or months. Yet cyber incidents often remain undetected for far longer. Consequently, a W&I policy may become the primary or sole recourse for cyber-related warranty breaches.
Faye Hepburn, Underwriting & Claims Executive at the IUA, said: “Cyber risk has evolved into a material underwriting consideration in warranty and indemnity insurance. The central finding in our new report is stark: the mere existence of a cyber insurance policy tells underwriters little about whether that coverage will respond after the closing of a transaction.
“This coverage gap can be compounded by market realities with risk analysis in practice rarely extending to penetration testing or technical validation. There must be a move beyond passive reliance on standard cyber policies and active interrogation of the nature and extent of any cover in place.”
Angus Marshall, Global Head of Transaction Liability at CFC and Chair of the IUA’s Transactional Liability Committee, said: “In today’s transactions, cyber risk is not a peripheral issue – it is central to value, diligence and deal execution. As W&I insurance continues to play a critical role in facilitating transactions, it is essential that cyber exposures are properly understood, articulated and addressed. This paper provides a practical framework for doing exactly that.”
The IUA Transactional Liability Committee was founded in 2024. It brings together underwriting experts to consider challenges faced by the market, to promote good practice and to educate the market on transactional liability insurance and risks. Copies of the report ‘Cyber Risks and Warranty and Indemnity Insurance Underwriting: Do you understand your cyber exposure?’ are available to download at iua.co.uk/news.

About alastair walker 20090 Articles
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.