‍

The D&O insurance market is experiencing clear and consistent signs of softening, with flat to decreasing premiums and significant increases in capacity, after several years of a hard market. This trend is expected to continue into the second half of 2023. New carriers, a lack of transactions in the equity marketplace, and a reduction in the number of Securities Class Action (SCA) claims have led to an increasingly competitive environment for public company D&O.

In the last quarter, average premium reductions were ~10% among our client portfolio, and larger decreases and coverage enhancements were negotiated for quality risks if there was strong competition for places on the program.

The premium relief for D&O insurance has certainly been welcomed by buyers, driven largely by new local and offshore market entrants in the last 12 months, creating competitive tension against existing providers. Despite lower prices, carriers continue to cautiously underwrite public company market D&O insurance.

‍

 Examples of current D&O underwriting issues:

‍

• Environmental, Social, and Governance (ESG) issues are driving the biggest changes to financial reporting and disclosure standards in general.  A recent example of this is the Australian Securities and Investments Commission’s (ASIC) action against ASX-listed Tlou Energy for alleged carbon footprint misstatements

‍

• Cyber risk management relating to D&O concerns.  The cyber-attacks targeting Optus, Medibank and Latitude, for example, made underwriters extremely cautious

‍

• Cash flow management is a key issue, as the ability to access traditional debt markets has been tightly constrained in the current economy

‍

• Inflation and recessionary pressures have impacted overall costs negatively and ultimately, shareholder value

‍

• The backlog of securities claims could have a higher-than-average cost and impact future capacity management and pricing

‍

Cyber security issues are now seen as a critical responsibility among business leaders and cyber risks continue to be ranked among the top concerns for company directors. Cybercrime has escalated in frequency and severity over the last several years, with predictions it will cost around $10.5 trillion annually by 2025. Boards of directors and top-level organisational executives are expected to create protections against cybercrime and remain accountable for IT security during all phases of a cyber incident. As the number of cyber-attacks grows, so does the likelihood of lawsuits related to directors and officers not providing adequate leadership to combat the issue.  The Australian Prudential Regulation Authority (APRA) recently put boards on notice, stating directors and officers are ultimately accountable for operational risks. The revised standard CPS 230 flagged the need to sharpen oversight of accountability for cyber breaches. The effective date of the new standards has been extended to July 2025.

‍

‍

Putting the above considerations to one side, the insured’s market cap and historical pricing levels — as well as the industry, loss experience, location, financial health, investor profile, the experience of the board, the basis for profit guidance metrics, and other individual account characteristics will continue to have a substantial impact on public company D&O renewals.

‍

For private company D&O, rates remain stable with pricing terms and conditions staying the same or reducing slightly.

‍

‍

The Financial Institutions (FI) insurance sector has remained stable notwithstanding broader financial market underperformance.  Despite geopolitical economic challenges – the war in Ukraine, inflation, supply chain disruptions, and soaring interest rates, the insurance market has remained buoyed by strong capacity.  Offshore markets have been broadening their risk appetite and sharpening their pricing and introducing a lot more competitive tension into the Australian market.

Like last year, insurers remain cautious due to the overall state of the economy.  The weak business investment and restrained consumer spending have contributed to negative returns for many large investment funds. This has resulted in insurers exercising even stronger due diligence in the underwriting process.

Examples of current FI underwriting issues include:

• Funds with heavy allocations to the tech sector have been closely scrutinised given the large valuation impairments the sector has been experiencing

‍

• Insureds with Corporate Authorised Representatives (CARS) have been reviewed with more caution, especially in the Fintech space. With their ability to quickly scale and open up new distribution channels through the appointment of new CARs, Fintechs are also seeing an influx of claims originating from a failure of the insured/licensees to adequately oversee CAR compliance with Australian financial services (AFS) licence requirements

‍

• ESG-related liabilities, namely misrepresentations of ESG Fund credentials have become a more prevalent risk exposure.  Actions by ASIC against Mercer Superannuation and Vanguard Australia for alleged greenwashing are just two recent examples of growing scrutiny

‍

• As lending criteria for banks have been subject to tighter controls, we have seen an influx of alternative capital into the private debt and distressed asset space. Underwriters are highly cautious when offering cover to credit funds, preferring diversification overexposure to one underlying asset.  This is particularly noticeable for commercial property given its impairment vulnerability in the current economy

Over the past year, and particularly the past quarter, there have been significant changes in the dynamics of cyber insurance. There was an initial period of disruption characterised by a deteriorating loss environment, limited insurance capacity, increased global demand, and a major pricing correction. The market conditions are now stabilising due to improved underwriting results. Pricing has either levelled off or decreased in Australia and other regions globally, limits are increasing, and competitive forces are leading to more customised underwriting decisions that align with companies' risk profiles.

The turnaround can be attributed to enhanced cybersecurity measures and the initial impact of the Ukraine conflict, which resulted in decreased ransomware activity. However, recent developments show a reversal in this trend. Risk transfer has played a crucial role in promoting stronger risk controls, thanks to insurers' strategies for deploying their capacity.

Policyholders are reaping the benefits of stronger cyber resilience. Despite the significant increase in ransomware activity in 2023, underwriting performance is holding up relatively well. Moreover, existing insurance providers are looking to expand their capacity deployments, supported by the entry of new players. This sets the stage for a more mature cyber insurance market.

Ransomware is expected to remain a prominent factor in cyber losses in 2023. After initial signs of a rebound in ransomware frequency during the fourth quarter of 2022, the first five months of 2023 have seen a notable surge in cyber attacks.

Business interruption resulting from large-scale cyber-attacks remains a significant risk, as demonstrated by the impact of COVID-19. The pandemic revealed how borderless and non-physical threats can escalate losses quickly. Notable cyber incidents such as WannaCry, NotPetya, SolarWinds, Microsoft Exchange, Colonial Pipeline, Kaseya, Log4j, and the recent MOVEit hack underscored the potential for systemic losses. Although the insurance market handled these incidents, it emphasises the need for companies to manage supply chain risks effectively.

With the above in mind, enhanced cybersecurity practices have played a crucial role in achieving better underwriting performance since 2020. Companies have made significant investments to reach this point, resulting in stronger cyber defences that reduce vulnerability to prolonged disruptions and significant losses in the event of a breach. As a result, the market is positioned for profitable growth. If the current growth trends continue throughout the decade, considering the high global demand and the increasing market capacity, the Gross Written Premium in the cyber insurance market could surpass USD 50 billion by 2030. This would rival the scale of other major Property and Casualty lines of business-like D&O insurance.

Conditions in the cyber reinsurance market specifically have relented this year, with pricing stabilising after a period of significant hardening. By 2030, a substantial boost in supply is needed to meet the escalating demand, despite notable advancements.