The upcoming cyber cat bonds include one from Hannover Re, according to sources. It is understood that the reinsurer is working on a format that will transfer cloud outage risk to the capital markets, with input from model provider Parametrix, which it has partnered with before.
Parametric triggers are looked on favourably by some ILS investors and are considered another important step in opening the market for cyber risk for capital markets investors.
This deal will follow Hannover Re adding cyber quota share support to its retro covers in a $100mn deal with Stone Ridge.
Beazley’s private cat bond transaction, named Cairney, raised $45mn, with sources saying that participation was made up of a small group of investors numbering in the low single digits. While the transaction was done as a private placement, it had the facility to be traded as a 144a security.
Fermat was an anchor investor, with the firm’s managing director and co-founder John Seo describing it as “an important step in unlocking capital market investment into cyber risk”.
The placement was also described as “a great first step” by multiple other ILS industry sources.
However, several commenters noted they lacked comfort about the transaction’s scope of coverage and event definitions, which spanned across a wide spectrum of cyber perils.
“If things were more defined, investment managers would feel more comfortable than with a super-wide defined peril,” one said.
Scope of coverage was one of the main reasons put forward by cat bond industry sources for why the Beazley deal finalised at a smaller size than had been hoped for.
The transaction was targeting indemnity coverage for a $100mn layer excess $300mn, although Paul Bantick, global head of cyber at Beazley, said: “We wanted to do $50mn because in our mind that was a good starting place to build from.”
Sources said the transaction comprised discounted zero-coupon notes placed at an 87% level, offering an effective coupon of 14.9%, with the expected loss at 1.55%. It was modelled by CyberCube, with Beazley and broker Gallagher Securities providing adjustments to the modelling.
Growing investor confidence
Bantick said the biggest hurdle in talking to investors was around understanding how loss events unfold and how quickly loss numbers would come together in the case of a cyber hit.
“They want to know how does cyber work? Is it short tail? Because they don’t want trapped capital.”
Trading Risk heard concerns about complexity in cyber risk from Eveline Takken-Somers, senior director at Dutch pension investor PGGM, at our Monte Carlo Rendez-Vous roundtable last September.
Back then, Takken-Somers commented: “You want to start with a novelty premium as we did when we started to invest in cat. You also need a clean product to make that first move.”
Bantick this week explained that if a systemic cyber event was to occur, such as a cloud provider outage or a global ransomware attack, it would be known about instantaneously, similarly as with a hurricane event in property cat.
“We hope it doesn’t happen, but if it does, akin to a property event, we know about it, can adjust and start to estimate losses immediately.”
Bantick said some investors who had seen the Cairney deal already had indicated that they wanted to participate in 2023, but had not been ready to do so at 1 January, and that a further issuance would be coming potentially at 1 April.
He added that “lots” of other investors had been getting in touch after the deal announcement last week.
“We’d love to get it to $250mn and beyond. If the primary market is going to grow to $30bn premium, we are going to need this. There’s massive potential for ILS participation to grow as a proportion of the market as it has done in property cat.”
Future issuances from Beazley could be structured differently from the initial deal.
“Two or three weeks ago it was a question of would we get it done? One day yes, one day no. Now we are going to take a step back and strategise on how we move ahead from here.”
Cyber cat bond structures other cedants are currently working on seek a narrower scope of coverage focussed on an outage of key cloud providers. This applied to Hannover Re’s cyber bond, a source said.
Additionally, event definitions could be tightened to outages of eight or 10 hours, as an example, in a bid to further pare back coverage and establish structures that can be thought of as more closely resembling a cat-type cover.
ILS commenters pointed out that in general, cyber risk modelling is still in its early development stages, especially compared to modelling for nat cat bond deals, and that, therefore, this was an area of concern in the case of Beazley’s pioneering issuance.
One said: “The risk analysis was a little bit too loose.”
Others echoed Bantick’s comment, saying that a general lack of visibility over past cyber event claims data and a relatively superficial level of understanding within the ILS market around how cyber loss events unfold also added to hesitancy around this first cyber deal.
Additionally, the deal’s trigger didn’t work for some. One source noted discomfort about an indemnity trigger, and another said “a parametric trigger would have made life easier”.
Mandate limitations
The ILS market is cognisant of the amount of demand from (re)insurance carriers as the underlying books of cyber business grow, and generally welcomes the prospect of more and bigger cyber cat bond placements in the future.
Howden and S&P statistics show US cyber premiums alone reached $2.25bn by 2021, up from less than $500mn in 2015. They are projected to top $25bn by 2026.
However, even if transactions were structured differently and with perils pared back, a number of cat bond funds revealed that their current mandates do not allow them to allocate to cyber risk.
Even in cases where, technically, cat bond funds are free to allocate, managers perceive a need to communicate more clearly with investors before putting skin in the game.
Sources said that cyber could grow to become more significant in the market, but that this could take a number of years to gain broader investor buy-in.
Active funds
However, several ILS providers have gradually been starting to allocate to cyber risk over the past couple of years, including through private collateralised deals that have been quietly breaking ground, if not publicly disclosed.
This publication revealed how RenaissanceRe sidecar DaVinci has played a meaningful role in the reinsurer’s expansion in cyber over recent years, by providing significant lines alongside RenRe on cyber excess-of-loss (XoL) placements.
Stone Ridge and Fermat’s roles in recent deals have become public, and the former had also previously joined Ontario Teachers’ Pension Plan in backing CFC Syndicate 1988, which has a notable allocation to cyber and digital risks.
Nephila gained permission from Lloyd’s in April last year to write cyber risk through Syndicate 2358, its follow-only specialty syndicate.
Michael Millette-led HSCM has also been among the more active in the cyber space, backing an Aon cyber facility and cyber MGA Occam, amongst other steps in the sector.
It also invested in cyber modelling firm CyberCube in December.
The drivers for these pioneers to get involved in the sector, as this publication noted last year, include rapid recent rate growth in cyber insurance, which in turn can allow margin to be passed onto reinsurers even if not directly by way of quota share deals.
The systemic nature of cyber risk and the high accumulations of exposure that build up are also seen as a rationale for ILS participation in the market, as there is a high need from cedants.
Excess of loss reinsurance deals remain the smaller part of the overall cyber reinsurance segment, which is dominated by traditional quota share, but is seen as affording good growth potential. Insurers are seeking to retain more risk as they have grown more comfortable managing attritional level risk in the class, with Chubb and Crum & Forster both dropping major quota shares.
This is expected to drive more purchasing within the occurrence XoL market ultimately for true tail risk protection from a major cyber cat event.
