Sharing the cyber risk

Published on Fri, 18/03/2022 - 10:40

By Jiten Halai, Head of Structured Risk Solutions, UK & Lloyd’s, AXA XL

Challenging conditions in the traditional insurance marketplace, notably for cyber coverages, have prompted many buyers to seek to increase the amount of risk they retain with their captives. Jiten Halai, Head of Structured Risk Solutions UK & Lloyd’s at AXA XL, explains how a structured solution can help buyers of cyber coverage to take higher retentions and manage risk volatility within their captives.

The past few months have been challenging for many buyers seeking to find coverage for their cyber risks. While the insurance market has been adjusting to the macro-financial dynamics and the effects of the COVID-19 pandemic, cyber risks have been advancing up insurance buyers’ agendas after a notable uptick in the frequency of attacks.

The number of ransomware attacks against corporations mushroomed in 2021, with about 37% of global organisations reporting that they were the victim of some form of cyber extortion attempt. By November 2021, there had been more than 500 million attempted ransomware attacks worldwide. The US Federal Bureau of Investigation’s Internet Crime Complaint Center reported a 62% year-over-year increase in the number of complaints filed between January and July 2021. In the UK, according to the National Cyber Security Centre’s 2021 annual review, there were three times as many ransomware attacks in the first quarter of 2021 than there were in the entire year 2019.

The increased threat of cyber attacks has prompted companies in all industry sectors to seek to increase their protection. But against that backdrop, the volume of attacks resulting in an increasing number of insured losses, and other financial pressures, have meant many traditional insurance markets have reduced their capacity for cyber coverage and/or tightened terms and conditions.

Captives - you say you don’t have one but maybe you should?

As a result of the market dynamics, many of our clients have been looking to their captives as a potential source of cyber coverage. Captives have often been used by clients to underwrite high-frequency, low-severity risks, but in recent months many have been using their captives to underwrite less traditional lines of coverage such as cyber.

While the captive is a useful tool for transferring this risk, including cyber risks in a captive may introduce some volatility which risks managers are keen to manage. This is where structured (re)insurance can play an important role.

A structured (re)insurance programme can offer multi-year coverage and protection against risk volatility over time.  For example, a simple three- to five-year reinsurance contract with a term aggregate limit and premiums that include an element of profit- and risk-sharing over time with a reinsurer, could enable captives to avoid annual risk spikes from large individual events or aggregated losses.  Furthermore, it could potentially enable a captive to reduce or redeploy some of the capital it would need to hold without such multi-year, structured reinsurance support.

An important characteristic of structured (re)insurance comes from the multi-year policy period, which provides captive owners with a degree of insulation from the traditional insurance market pricing cycle, locking in capacity from underwriters.

Structured (re)insurance gives the captive owner certainty about the maximum premium payable in any one year while limiting the level of retention on its balance sheet; this does not fluctuate year on year as it might with short-term contracts. And as well as giving captive clients the ability to better plan, since the volatility and fluctuations are reduced, this type of solution also enables clients to share in the performance and profitability of the contract over time.


Structured (re)insurance is a real example of a way in which underwriters can work in true partnership with clients with the common goal of managing claims and risk volatility over a multi-year period. A buyer is rewarded for good claims management by essentially building up an experience balance over a period of time, which can be commuted back to them at the end of the term of the contract.

For cyber risk, which is commonly regarded to be of growing importance for many clients, the ability of the buyer to reduce the potential volatility in the limits and price of coverage available to them in any given year means they can better plan ahead and ensure they have the correct level of coverage for this evolving risk. 

As buyers look to captives to cover a greater variety of non-traditional risks, structured (re)insurance can help to enable that evolution while encapsulating AXA XL’s ‘payer to partner’ ethos.