WWW.INSURANCEBUSINESS.CA ISSUE 9.05 | $12.95
MGAs Brokers name their go-to partners for niche and hard-to-place risks HOW TO INSURE DIGITAL ART
What’s the best approach to underwriting blockchainenabled artwork?
00_OFC Spine OBC-SUBBED.indd 2
THE LATEST CYBER INSIGHTS
Four sector experts weigh in on emerging threats, risk mitigation techniques and more
CHECKING IN ON D&I
After a transformative year, what must the industry do to keep moving forward?
15/09/2021 2:33:36 am
Lying awake at night worrying if you have the right coverage? When it’s hard to be certain about the next big thing your client is going to do, or fluctuating cost of materials impacting building values, or operational revenues in flux due to COVID-19 restrictions; you can be certain that Cansure can meet your client’s changing needs. Contact us and find out how we can help, so you don’t have to have another “ruff” night. Service | Speed | Expertise
IB FP Ad - New Ideas IFC-01_Ad.indd 2 (Laying Awake).indd 1
8/30/2021 11:00:38 AM 15/09/2021 2:45:32 am
LEADERS in delivering comprehensive insurance solutions!
✓ Business Risks ✓ Creative Solutions ✓ Fast Turnaround Time ▶ We deliver
underwriting expertise for your client’s complex business risks with our creative solutions
▶ Our international
experience enables us to consider many different solutions and industry types
AT CHES SPECIAL RISK, EXPERTISE IS THE KEY DIFFERENTIATOR Our underwriting aims to deliver solutions with a high level of service & expertise!
TORONTO OFFICE | T 647.256.5155 E QuoteMeHappyToronto@CHESspecialrisk.ca AWARD WINNING MGA 5 STAR MGA 2021 5 STAR INSURANCE IN CONSTRUCTION CANADA’S FASTEST 500 GROWING COMPANY TOP INSURANCE WORKPLACE CANADA’S TOP SMALL & MEDIUM EMPLOYERS
OTTAWA OFFICE | T 613.745.6100 E QuoteMeHappyOttawa@CHESspecialrisk.ca BUREAU DU QUEBEC | T 450.999.4494 E SoumissionsMontreal@CHESspecialrisk.ca
15/09/2021 2:45:40 am
CONNECT WITH US Got a story or suggestion, or just want to find out some more information?
UPFRONT 04 Editorial
The industry’s next big challenge: how to insure non-fungible tokens
Key data that should be on your radar
08 News analysis
CYBER INSIGHTS 2021
From shrinking capacity to an alarming rise in ransomware, IBC unearths the cyber trends brokers need to know about
South Western Insurance Group president and CEO John Barclay looks back on the MGA’s 60 years in business – and ahead to what will keep it relevant for the next 60 years
This month’s big movers, shakers and new products
12 Technology update
Does data standardization hold the key to the future of insurance? A closer look at the factors driving the hard construction market
14 MGA update
Brokers name the MGAs that are leading the market in terms of responsiveness, product range, technical expertise and more
The recent rise of digital art is putting pressure on insurers to innovate
COMMERCIAL LINES EVOLUTION How working with an open market correspondent can help personal lines brokers establish a foothold in the commercial space
Why now’s the time to step up automated marketing efforts
FEATURES 58 Victor Cyber combats cybercrime
The MGA’s latest solution is taking cyber coverage to the next level
PEOPLE 64 Other life
Hitting the trails with insurance professional and outdoors enthusiast Becci Taylor
WALKING THE TALK WITH D&I
On the heels of the Dive In Festival, Marsh’s Jason Groves chats with IBC about the state of D&I in the insurance industry
INSURANCEBUSINESS.CA CHECK IT OUT ONLINE
15/09/2021 2:34:30 am
Aviva Middle Market Solutions
Tailored insurance solutions backed by in-depth market expertise and industry focus Canada’s middle market is a growing sector, consisting of dynamic and innovative groups of businesses. With the accelerated pace of change driven by new technology, it’s critical for businesses to understand and manage new and emerging risks. Through the Aviva Enterprise policy, Aviva Middle Market Solutions offers enhanced protection with technical risk consultation and relationship management, to deliver an integrated, service-led proposition that addresses these changes. Our industry-focused approach ensures that our capabilities, products and services are tailored to the needs of the following industries: manufacturing, wholesale, and contracting – with plans to expand in the future.
aviva.ca/business Business Insurance – Property | Casualty | Auto | Equipment Breakdown Aviva, the Aviva logo and Aviva Enterprise are trademarks used under license by the licensor. The Aviva Enterprise policy is underwritten by Aviva Insurance Company of Canada. Terms and conditions apply. For more details about our offerings, please contact your Aviva Underwriter.
02-03_TOC-SUBBED.indd 3 CS-21-8609_CL-Middle Market Print Ad-FINAL_AM.indd 1
15/09/2021 2:34:25 am 2021-05-17 4:34 PM
A problem worth pondering
ack in March, auction house Christie’s made headlines when it sold a piece of digital artwork via non-fungible token (NFT) for an astounding US$69 million. The groundbreaking piece, called “Everydays: The First 5,000 Days,” is a collage of digital pictures taken every single day for 13 and a half years by a digital artist known as Beeple. NFTs are a bit like one-of-a-kind trading cards on the blockchain. Every NFT is a unique token, and in the case of digital art, they’re designed to assign exclusive ownership of the work. What’s tricky to understand is how unique ownership of an NFT artwork could be worth $69 million. And given the distinct lack of insurance options available for NFT art, it seems underwriters are also struggling to wrap their heads around the value of these crypto assets and the best ways to manage NFT risks.
Is the industry keeping pace with the evolution of blockchain technology and cryptocurrencies, or has it already fallen behind? Technically, the owner of an NFT is the only person with the private encryption key for the asset, and as the blockchain is well known for its strong security, really the only foreseeable threat would be a very sophisticated cyber incident in which a criminal somehow gains access to the encryption key and monetizes the NFT for their own gain. While there are potential coverage options for NFTs on cyber policies today, there are many questions that need answering, including how and where collectors, galleries, and auction houses are placing custody of their NFT art, as well as multiple grey areas for third-party liability. The NFT art trend raises interesting questions for the insurance industry. What other insurable assets will suddenly find their way onto the blockchain? Is the industry keeping pace with the evolution of blockchain technology and cryptocurrencies, or has it already fallen behind? What other intangible assets will need to be covered next? And who is going to take on insuring these assets? Those questions, although challenging, provide an exciting opportunity for the insurance industry to stay relevant, exercise innovation and thought leadership, and shore up what’s looking like the next big thing in the digital asset landscape. The sale of a piece of blockchain-based artwork for $69 million has placed NFTs firmly on the public’s radar. Now the race is on for insurers to deliver solutions that will respond to the digital asset wave. The team at Insurance Business Canada
EDITORIAL Managing Editor Paul Lucas Senior Editor Bethan Moorcraft Writers Lyle Adriano, Terry Gangcuangco, Roxanne Libatique, Pete Miller, Surina Nath, Gabriel Olano, Jonathan Russell, Ryan Smith, Ksenia Stepanova, Mia Wallace, Danny Wood Copy Editor Clare Alexander
CONTRIBUTORS David Greenberg
ART & PRODUCTION Designer Joenel Salvador Production Manager Alicia Chin Production Coordinators Kat Guzman, Loiza Razon Customer Success Coordinator Bernz Jalandoni
SALES & MARKETING Senior Business Development Manager Desiree McCue Head of Insurance – Sales & Marketing Cathy Masek Vice President - Sales John Mackenzie Project Coordinator Jessica Duce
CORPORATE President & CEO Tim Duce Office/Traffic Manager Marni Parker Events and Conference Manager Chris Davis Chief Information Officer Colin Chan Human Resources Manager Julia Bookallil Global CEO Mike Shipley Global COO George Walmsley
Editorial Inquiries email@example.com Subscription Inquiries firstname.lastname@example.org Advertising Inquiries email@example.com
Key Media Canada (Insurance) Ltd. 317 Adelaide Street West, Suite 910 Toronto, ON M5V 1P9 tel: +1 416 644 8740 www.keymedia.com Toronto • Denver • London • Sydney • Auckland • Manila • Singapore
Insurance Business Canada is part of an international family of B2B publications, websites and events for the insurance industry Insurance Business America firstname.lastname@example.org T +1 720 316 0151 Insurance Business UK email@example.com T +44 20 7193 0935 Insurance Business Australia firstname.lastname@example.org T +61 2 8437 47OO Insurance Business NZ email@example.com T +61 2 8437 47O8 Insurance Business Asia firstname.lastname@example.org T +61 2 8437 47OO
Copyright is reserved throughout. No part of this publication can be reproduced in whole or part without the express permission of the editor. Contributions are invited, but copies of work should be kept, as the magazine can accept no responsibility for loss.
15/09/2021 2:35:11 am
Specialty insurance for those who get there differently Find your best route at echelonspecialty.ca
15/09/2021 2:35:18 am
STATISTICS SHIPPING LOSSES SINK TO HISTORIC LOWS
GLOBAL PROPERTY RATE MOVEMENTS
Pro rata commission Risk (loss-free) Risk (loss-hit) Catastrophe (loss-free) Catastrophe (loss-hit)
Caribbean 30% 20% 10%
REINSURANCE MARKET SHIFTS TO EQUILIBRIUM
Large ships lost worldwide in 2020
By the mid-year renewal periods, the global reinsurance market was experiencing a boost from improved results in the first quarter of 2021, including premium growth courtesy of continued rate increases. According to Willis Re, reinsurers sought to maintain pricing momentum renewals earlier in the year, although signs pointed to capacity supply outweighing demand. While property market capacity was sufficient across major global markets, certain casualty lines – most notably cyber – have seen reduced capacity and increased demand, driving up pricing. Overall, however, Willis Re observed that the global reinsurance market is trending toward equilibrium thanks to improving terms and conditions.
Decrease in total shipping losses over the past decade
United States 30% 20% 10% 0% -10%
Latin America 30% 20% 10% 0% -10%
Number of shipping incidents worldwide in 2020
ABOVE-AVERAGE PREMIUM GROWTH PROJECTED POST-PANDEMIC The insurance industry can expect a swift recovery in the aftermath of the COVID-19 pandemic, according to the latest forecast from Swiss Re. In 2021 and 2022, written premiums are expected to exceed the 3.5% global average growth rate for the previous decade. Swiss Re noted that rapid economic recovery and hardening non-life markets should fuel demand for cover.
GROWTH IN PREMIUMS WRITTEN
Year-over-year decrease in the number of shipping incidents Source: AGCS Safety & Shipping Review 2021
8% 7% 6% 5% 4% 3% 2% 1% 0% -1% -2%
Source: Sigma 3/2021, Swiss Re
15/09/2021 2:36:01 am
Middle East 30%
WHO BEARS RESPONSIBILITY FOR CYBERATTACKS? Only around a quarter of C-suite executives believe that all employees are responsible for preventing cyberattacks, according to a study by Munich Re. Nearly half believe the burden of cybersecurity lies with the IT department – despite the fact that most cybercriminals gain entry by targeting an individual employee.
WHO IS RESPONSIBLE FOR AVOIDING CYBERATTACKS?
10% 0% 30%
30% 20% 10%
0% -10% 0%
Source: Willis Re 1st View, July 2021
Source: Global Cyber Risk and Insurance Survey, Munich Re
COMMERCIAL INSURANCE PRICES UP YET MODERATING
P&C INSURERS STRUGGLING TO INCORPORATE AUTOMATION
Global commercial insurance prices rose again in the second quarter of 2021, shooting up by an average of 15% and marking the 15th consecutive quarter of increases. However, Marsh reports that the increases are gradually slowing, driven by moderating prices in key lines like property and D&O.
Insurers are facing pressure to integrate automation into their operations. However, in Willis Towers Watson’s recent survey of global insurers’ current automation capabilities, the P&C industry scored just 21.7% overall, suggesting difficulty or reluctance in adopting new technologies.
GLOBAL INSURANCE COMPOSITE PRICING CHANGE
CURRENT AUTOMATION SCORE FOR AREAS OF THE P&C RESERVING PROCESS Data 31.9%
Results production 22.1%
Loss calculations 22.0%
Audit trail 13.8%
Source: Global Insurance Market Index – 2021 Q2, Marsh
Senior management engagement 10.8% Source: 2020/2021 Global Automation in Insurance Report, Willis Towers Watson
15/09/2021 2:36:05 am
The meteoric rise of NFTs In the aftermath of the US$69 million sale of a digital artwork via non-fungible token, NFTs are poised to continue shaking up the fine art space, presenting new challenges for insurers
THE HIGH-PROFILE SALE of the digital artwork “Everydays: The First 5,000 Days” by the artist Beeple for US$69 million in March revealed the staggering possibilities that lie within the rapidly growing non-fungible token (NFT) marketplace. NFTs are rapidly proving to be the hottest new trend in the crypto world – artists, celebrities and companies have all jumped on the bandwagon of this digital asset craze. According to Will Turvey, divisional director of Gallagher’s fine art, jewelry and specie team, while NFTs are still the fresh-
So what’s behind crypto art’s spike in popularity? Due to the rise of screen time over the past year, Reid says, people have become more comfortable with performing transactions online. This behavioural change, coupled with the splash of NFTs in the art market, has resulted in increased interest in this space. And with the growth in the value of cryptocurrencies, items that hold digital scarcity are in demand – and that’s exactly what an NFT offers. “The global pandemic coincided with a 600% year-over-year price increase in the
“The core NFT digital art community continues to grow at a rapid pace. The market shows a lot of speculative trading” Adrienne Reid, Aon Huntington T. Block Insurance Agency faced new entrant to the collectibles market, they are showing signs of rapid growth – during the first quarter of 2021, NFT sales exceeded US$2 billion. “As the traditional art market works to find ways to enter this space, the core NFT digital art community continues to grow at a rapid pace,” says Adrienne Reid, vice president at Aon Huntington T. Block Insurance Agency. “The market shows lots of speculative trading occurring now, along with high volumes being sold on online gaming and sports platforms.”
crypto asset, Ethereum, which serves as the most common instrument for buying NFTs,” says Dennis Lawrence, an intelligence analyst at Aon Cyber Solutions. “As a result, newly wealthy crypto asset owners have discovered NFT artwork as a method to both enjoy their recent windfalls while hoping their artwork appreciates in value over time as a speculative investment.” While NFTs have only recently exploded into public consciousness, they’ve been around the digital art world for several years,
which means insurers and brokers in the fine art space have been mulling how the development of the NFT market will impact insurance services for some time now. Turvey points out that insuring NFTs is very different than insuring physical artwork. “Typical fine art insurance covers physical loss or damage to the artwork,” he explains. “An NFT doesn’t give the owner exclusive access to the artwork associated with it, given the artwork has been digitized. We can all view digital art in the same way the owner of the NFT can – but we don’t all have a time and date stamp to prove that we own the authentic original. As such, what we are insuring for NFTs in the fine art insurance space is not the artwork itself, but the private key that proves ownership, which is stored offline and usually with a third-party custodian that specializes in the storage of these keys.” Because the insurance market for NFTs and cryptocurrency is currently in its infancy, Turvey says, there isn’t as much capacity as there is for typical fine art. This means available limits will not be vast, regardless of the value of the NFT. However, he says, that should change as insurers look for new
08-09_News Analysis-SUBBED.indd 8
15/09/2021 2:36:33 am
WHERE NFTs STAND NOW
$2.5 billion Approximate amount of NFT sales recorded globally in the first half of 2021
10,000–20,000 Average number of weekly NFT buyers since March 2021
$69.3 million Price of the most expensive NFT ever sold growth opportunities. Honor Palmer-Tomkinson of Howden’s fine art and specie division notes that there’s a huge opportunity for underwriters and brokers to understand the crypto world and the new risks this evolving industry creates.
artwork. As an asset with a high value, an NFT attaching to a tweet or meme could potentially be insured in exactly the same way. This is a constantly evolving space, and we are enjoying the challenge of evolving along with it.”
“This is a constantly evolving space, and we are enjoying the challenge of evolving along with it” Honor Palmer-Tomkinson, Howden With a wealth of experience in insuring items of high value, the fine art and specie insurance market is best positioned to do this, Palmer-Tomkinson says. “Howden has been working on a solution that tailors the already solidified crypto currency insurance products to cover NFTs,” she says. “The product that we can currently offer our clients is limited to NFTs being held in cold storage [offline] by third-party custodians and can be insured on an agreed value basis. NFTs don’t have to attach to an
Reid points out that the risks associated with NFTs primary revolve around a need for technology-related solutions and due diligence. Important key points for collectors include settling up multi-key verification for wallet recovery keys, having secure storage for digital asset backups, pinning the underlying digital asset to retain control over the NFT image’s accessibility, and properly reviewing the NFT licensing agreement to understand allowed reproduction abilities. Overall, she says, this space is in its very early
177,048 Number of active NFT wallets worldwide in the second quarter of 2021 (a new record high) Sources: DappRadar, NonFungible, Bloomberg; all figures in US$
stages, and the surrounding legal, regulatory, tax and insurance implications will take some time to work out. Lawrence adds that other areas of concern in the NFT marketplace are counterfeit and custody risks. “For example, hackers have recently conducted tests to expose how a bad actor can create highly sophisticated counterfeit NFTs that appear legitimate on the blockchain,” he says. “As a result, conducting due diligence on NFT artwork will help mitigate some of this risk. With respect to custody, solutions that address decentralized storage, backups and mitigation of risks associated with a user’s private key will help prevent loss or theft.”
08-09_News Analysis-SUBBED.indd 9
15/09/2021 2:36:38 am
INTELLIGENCE CORPORATE ACQUIRER
Archway Insurance; South Coast Insurance Agency
The acquisition of Nova Scotia- and New Brunswick-based Archway (and its subsidiaries) and Newfoundland-based South Coast has doubled BrokerLink’s footprint in Atlantic Canada
Canada Life Assurance Company
The deal boosts Canada Life’s client base by 1.25 million individuals
National Home Warranty
A former Aviva subsidiary, National Home Warranty provides home warranty services to clients in Western Canada
MGB Claims Consultants
Based in Toronto, MGB serves local and multinational clients on large and complex claims in Canada and the US
Huronia Insurance Group; Nuera Insurance
With the acquisition of Ontario-based Huronia and Calgary-based Nuera, Westland now has more than 170 locations in seven provinces
TD Insurance launches private client service
TD Insurance has unveiled TD Insurance Private Client Advice, a new service for high-net-worth clients in Canada. The comprehensive, direct-toconsumer insurance service offers specialized, custom protection for affluent clients and their families, including homeowner’s insurance, personal excess liability, cover for valuable articles such as art collections and jewellery, car and recreational vehicle insurance, yacht and watercraft insurance, crossborder insurance, cyber and fraud insurance, and a complimentary home appraisal for loss prevention.
BrokerLink gains Atlantic dominance
BrokerLink, one of Canada’s largest P&C insurance brokerages, has made two key acquisitions in Atlantic Canada: Archway Insurance (plus subsidiaries Upstairs Finance and C.D. Anderson Insurance) and South Coast Insurance Agency. Through the two transactions, BrokerLink has doubled its size in Atlantic Canada to become one of the largest insurance brokerages on the East Coast, with more than 65 locations and 400-plus employees. Founded in Yarmouth, Nova Scotia, in 1985, Archway Insurance is of the largest and fastest-growing insurance brokerages in Atlantic Canada, serving more than 30 communities across Nova Scotia and New Brunswick with home, auto and recreational insurance solutions. South Coast, meanwhile, has been offering home, auto, commercial, marine and life insurance solutions to customers across Newfoundland since 1978.
Skuld adds automated claims processing tool
Marine insurance provider Skuld has launched an online claims tool designed to automatically reimburse members for crew claims. Available on the insurer’s website, the tool allows members, clients, brokers and crewing managers to notify Skuld of crew claims and add information, documents, and cost. According to Skuld, simple claims will be handled automatically, with cash reimbursement processed as quickly as allowed by the banking system, while more complex cases will be reverted to the insurer’s claims handlers.
15/09/2021 2:37:54 am
PEOPLE Marsh, Citi create risk structure to accelerate vaccine delivery
Marsh has partnered with banking giant Citi to develop a risk mitigation structure on behalf of the Gavi Vaccine Alliance to cover the risk associated with governments that are self-funding COVID-19 vaccine procurement through the World Health Organization’s COVAX facility. The structure provides cover against the risk of non-payment by 21 countries across Africa, the Americas, Asia and Europe. It will enable Gavi to pre-purchase vaccines in bulk from manufacturers with greater confidence to facilitate faster and more equitable distribution of vaccines globally.
Furkin Pet Insurance debuts in Canada
A new pet insurance brand, Furkin Pet Insurance, has launched in Canada, offering a flexible insurance product with one annual benefit and three different annual deductibles, allowing pet owners to choose the monthly premium that best suits their budget. Furkin features annual renewable coverage of up to $20,000, no per-condition limits and no lifetime limits on any eligible conditions. Furkin also provides policyholders with access to telehealth support for their pets, as well as the Petriage mobile app.
Tractable unveils AI-powered vehicle assessments
Insurtech company Tractable has launched an AI-powered solution that allows insurers and adjusters to quickly and accurately assess the external condition of a vehicle’s body. Tractable’s AI Inspection solution works through a web-based mobile app, which uses real-time video to immediately examine a vehicle’s condition and possible damage. In addition to examining the video for damage, AI Inspection can interact with the person taking the video to request specific additional information on the spot, ensuring a reliable assessment.
Aon Risk Solutions
Intact Financial Corporation
Cannabis specialty leader, Canada
Willis Towers Watson
Co-leader, senior housing and long-term care, US and Canada
Chairman of the board
Willis Towers Watson
Co-leader, senior housing and long-term care, US and Canada
Executive vice-president, head of North America construction surety
Pace Credit Union
Anti-insurance fraud association names CEO
Équité Association, the Canadian insurance industry’s first corporation dedicated to addressing insurance fraud, has appointed Terri O’Brien as CEO. O’Brien has more than 25 years of experience in financial services, including antifraud and risk management. She previously served as chief risk officer at Pace Credit Union and Interac Group and has also held senior executive roles at TD Bank, including vicepresident of TD’s North American anti-fraud strategy. Équité was established by the insurance industry in February to integrate the cross-insurer data analytics company CANATICS and the Investigative Services Division of the Insurance Bureau of Canada. The organization strives to detect and prevent insurance crime through the use of advanced analytics, intelligence best practices and coordinated investigations.
Intact adds industry veteran to its board
Intact Financial Corporation has appointed Emmanuel Clarke to its board of directors. Clarke’s insurance career includes more than 25 years at PartnerRe, where he served as president and CEO until 2020. Prior to taking the top job, Clarke held various underwriting leadership roles in PartnerRe’s P&C, specialty lines and international divisions. He serves on several boards, including Wakam, Tremor Technologies and Compre Group. “As a highly respected and seasoned professional with valuable global insurance industry experience, we look forward to Mr. Clarke’s guidance as Intact continues to execute its strategy,” said Claude Dussault, chair of Intact’s board of directors.
15/09/2021 2:38:04 am
TECHNOLOGY UPDATE NEWS BRIEFS Outdoorsy unveils plans to bring its insurtech to Canada
Online RV rental and outdoor travel marketplace Outdoorsy has announced international expansion plans for its insurtech arm, Roamly, starting in Canada. Roamly, which just completed beta testing in the US, offers digital insurance products for recreational vehicle owners, eliminating the commercial exclusion clause that typically prevents online rental activity. Outdoorsy has entered into a commercial agreement with Aon to bring Roamly to Canada, which is the second largest RV rental market outside of the US.
Younger consumers want to be able to text their insurers
Just over half of Canadian consumers between the ages of 25 and 45 said they would prefer to resolve insurance claims via text message, according to a new survey conducted by Hi Marley. In the same vein, about two-thirds of 25- to 45-year-olds said they would prefer to use text messaging to service their current insurance policy. Sixty-one per cent of 25- to 34-year-olds and 58% of 35- to 45-year-olds said they would be more likely to buy a policy from an insurer that offers text messaging over a company that does not.
Crawford & Co. acquires digital claims handling company
Crawford & Company has acquired digital claims handler edjuster, which specializes in tech-enabled contents claims handling solutions. Edjuster’s proprietary contents management platform provides a contents inventory and valuation solution for both highseverity complex claims and high-
volume small claims. According to Crawford, the acquisition will add a digital component to its existing contents valuation service. “This combination will bring together Crawford’s global reach and expansive services with edjuster’s digital capabilities and niche expertise,” said Pat Van Bakel, president of loss adjusting for Crawford North America.
Economical Insurance deploys new tech for fraud detection
Economical Insurance has rolled out a new insurance fraud detection solution developed by US-based insurtech Shift Technology. Economical Insurance is using Shift Fraud Detection to assess and identify suspicious claims in its personal and commercial auto and property lines of business. An AIpowered automated solution, Shift Fraud Detection uses third-party data such as publicly available social media and web content, advanced document and photo analysis, and medical provider data to quickly highlight suspicious claims.
Sedgwick announces upgrades to smart.ly platform
Sedgwick has updated its smart.ly intake and incident management platform to enhance its functionality and potential to take on a wider range of scenarios. The upgrades include real-time system interactions, optical image analysis and robotic process automation. According to Sedgwick, platform’s artificial intelligence and automation capabilities take the approval process for a claim or case from days to seconds, and connected APIs allow the platform to obtain and share information between sources instantly, making it made it easier to report an incident and create new scripts within a matter of hours.
Bringing data up to standard To reap the benefits of real-time connectivity, brokers and carriers first need to prioritize data standardization Real-time connectivity has long been a goal of the insurance industry – the ability to seamlessly transmit data between brokers, carriers and vendors, and to allow their systems to talk directly to one another, could greatly streamline the way insurance business is handled. But connectivity can’t be effectively established until the industry adopts widespread data standardization – an effort that is being spearheaded by the Insurance Brokers Association of Canada (IBAC). According to Tom Reid, IBAC’s connectivity lead, real-time XML standards have been maintained since the early 2000s. However, he says the industry continues to create custom software to transmit data from carrier to vendor and back, which he attributes partly to a “historic lack of will” in the industry to push for connectivity. But that’s all changed in recent years. “In the past few years, we have seen a monumental shift towards connectivity, which has been further heightened by the pandemic,” Reid says. A few years before the pandemic, IBAC launched the IBAC Data Exchange (DX) initiative, an industry-wide collaborative effort focused on facilitating real-time connectivity in the Canadian P&C insurance industry. More recently, IBAC established the DX Connect Alliance (DXCA), a group of seven carriers and 11 vendors that’s actively working with IBAC to implement real-time XML APIs
12-13_Tech Update-SUBBED.indd 12
15/09/2021 2:37:08 am
using standards set by the Centre for Study of Insurance Operations (CSIO). “The first set of business requirements and the data mapping exercise has been completed and shared with all participants,” Reid says. “The DXCA is currently ramping up to start a second project to tackle more transactions.”
“Standards must be applied in a practical and consistent way by a critical mass of carriers, vendors and brokers” Once data standardization is established, the next step for the insurance industry will be to implement system operability based on those standards, Reid says, adding that seamless data flow between vendor and carrier will remove significant friction from the insurance system. “This will manifest in capabilities such as client self-service, a reduction in the number of separate systems required to manage a client, lower transactional complexity and errors, and improved data accuracy,” he says. Ultimately, this will increase efficiency and reduce expenses for both carriers and brokers while also increasing client satisfaction, Reid says. Yet despite the increased interest in connectivity, limited adoption remains the biggest obstacle to data standardization. “To achieve these benefits,” Reid says, “the standards must be applied in a practical and consistent way by a critical mass of carriers, vendors and brokers.”
Ali Nawab Chief product officer SENTIANCE
Years in the industry 15 Fast fact In his free time, Nawab mentors early-stage tech companies on product development and business models
COVID-19 spurs the growth of UBI Consumer interest in usage-based insurance increased during the pandemic. As vehicles return to the roads, do you think interest in UBI will continue to grow? People’s lifestyles changed due to the pandemic, and moving forward, more companies are adopting a hybrid workplace environment. This means that people will still drive less than the usual five-days-a-week drive to the office, so UBI makes sense for them. You pay less when you drive less! From an insurer’s perspective, the risk profile is also changing, given most drivers are driving less, so it’s aligning incentives better. A key benefit of mobile-based UBI is that insurers don’t have to source, provision and service dongles, which are typically tied to the car. Mobile-based UBI programs focus on the driver, which also enables additional features like crash detection and driver coaching.
What are some of the main challenges to implementing UBI in Canada? Privacy is a key concern. Customers are increasingly aware of their data being used to increase their insurance premium, and this has been cited as the main reason for slower adoption of dongle-based products. For mobile-based UBI, technologies such as on-device processing ensure that customer data stays on their mobile devices. Another challenge is the regulatory landscape, which varies by province. Insurers offering UBI programs need to adapt to different provincial guidelines.
Are Canadians more receptive to UBI than Americans? Insurance costs in Canada seem to be higher than in the US. For that reason only, Canadians could be more receptive to UBI and open to it if it will save them money at the end of the day. However, there is still some education required on UBI on an individual level, both on the privacy and benefits side of the product.
How can you make UBI more attractive to customers who have concerns about data privacy? Companies that win will be open and transparent about what data is collected for what purpose. Build trust with customers and deliver actual value to them. Use new technology such as on-device to ensure a higher level of privacy, primarily to focus on the win-win scenarios – lower miles, lower costs – versus profiling higher-risk drivers to increase their premiums.
Do you think UBI will completely replace traditional auto insurance in the future? It’s possible, but it will likely take longer than we think. The insurance relationship is typically active on renewals and claims only, so this offers an insurance company an opportunity to compete on user experience. A UBI program that is tailored for users, works with them to reduce their risk profile and saves money on both sides will ultimately become a standard product offering.
12-13_Tech Update-SUBBED.indd 13
15/09/2021 2:37:06 am
Dealing with a hard construction market The past year has been difficult for both construction crews and those who insure them
more susceptible to theft than ever before. “Overall, shrinking capacity, loss experience and building material costs have created a perfect storm, leading to a considerable hardening of the market,” he says. Both the pandemic and natural disasters have had an impact on construction, Driedger says – but for very different reasons. “Although construction was deemed an essential service throughout the pandemic, COVID-19 has still delayed the completion of projects,” he says. “Commonly, these delays are caused by reduced building supplies or the
“Shrinking capacity, loss experience and building material costs have created a perfect storm”
Between the COVID-19 pandemic and a rise in natural disasters, the construction industry has taken a beating – and so has its insurance market. According to Ken Driedger, AVP of casualty at Vailo, the Canadian wrap-up liability insurance market continues to harden in mid-2021. Since early 2020, rates have also increased significantly, Driedger says – some by more than 50%. “Another wrap-up standard that has changed in the current market is policy extensions,” he says. “Extending a project’s term
used to be quite freely given, but now it is more common to charge for this request. For those brokers and MGAs with binding and rating authority, terms will change when the authorities renew to reflect this hardening.” The builder’s risk insurance market hasn’t fared any better, due to an increase in residential housing prices, shrinking capacity and inadequate pricing. The sudden and dramatic rise in the price of lumber is also a major issue for the builder’s risk market, Driedger says, adding that lumber’s high value has made it
BOXX partners with digital security company
BOXX Insurance has partnered with digital security provider Aura to offer customers an all-in-one suite of online and financial protection services designed to protect against risks such as online fraud, credit identity theft and home IoT device hacks. Along with insurance coverage, the bundled solution gives BOXX customers access to improved preventative digital security services and tools, as well as incident response teams with deep expertise in mitigating the impact of cyber incidents.
extended time required by governing organizations to issue building permits. Manpower shortages are also causing delays; the domino effect is to hire less experienced workers, which typically leads to further completed operations claims due to faulty workmanship. Further, the increased costs of construction inflate project costs.” Particularly on the West Coast, Driedger says natural disasters have had “a huge impact on construction. For example, improved risk modelling is affecting earthquake insurance costs, and forest fires are delaying project starts, as the projects cannot be bound within 50km of an active forest fire.”
CAMGA appoints new board chair and president
The Canadian Association of Managing General Agents (CAMGA) has selected MaryKate Townsend as its new president and Michael Lough as chairman of its board. Townsend is a manager and senior underwriter at Pacific Marine Underwriting Managers, where she oversees the underwriting of pleasurecraft marine business for the company’s Eastern region. Lough is vice-president of community services at Intact Public Entities, responsible for national distribution of the community services book of business.
14-15_MGA update-SUBBED.indd 14
15/09/2021 2:38:29 am
Brett Graham President
Enhancing underwriting with artificial intelligence
AGILE UNDERWRITING SOLUTIONS
Years in the industry 22 Fast fact Agile Underwriting Solutions celebrated 25 years in business in 2020
Agile Underwriting Solutions recently acquired digital MGA Exhale Insurance. What motivated that decision?
Exhale had been planning to launch coverage for connected homes. How big of a niche is the connected home market in Canada?
Over the course of 2021, Agile Underwriting Solutions has worked diligently to transform its technologies, both internally and externally, in an effort to provide broader reach and enhanced product offerings that support the independent Canadian broker channel. Whether through traditional submissions and quoting tools or through newly developed digital methods, our ultimate goal is to provide brokers with choice of distribution. The acquisition of Exhale Insurance, including its advanced AI underwriting technologies and market capacity, aligns with the aforementioned strategic goal of providing choice, capacity and ease of placing risks that may be unique or out of favour with insurance companies, and positions Agile as a market-leading MGA.
Connected homes are quickly becoming the new norm as more and more manufacturers continue to introduce smart technologies and products that allow homeowners to connect to and monitor their homes remotely. Having the ability to make sure doors are locked, being able to monitor activity inside and outside the home in real time, as well as the ability to turn electronic devices on or off, no matter where a homeowner is, makes for a more secure and potentially better underwriting risk. With that said, as these technologies continue to advance, underwriting guidelines will be required to adapt in order to account for the evolving risks by providing products and coverages unique to this market.
How will you integrate those AI underwriting capabilities into your current business structure?
As an MGA, we often underwrite complex risks and work with shifting appetites through the market cycle, which requires us to quickly adapt pricing and underwriting guidelines. With that said, I don’t know that digital underwriting is necessarily the future of MGAs, but rather another distribution tool we can use to showcase products primed for that model. Where digital underwriting will likely see the most success is in low-touch risks with basic underwriting requirements, as well as in those that require limited rating complexities.
Exhale’s advanced AI underwriting capabilities are a great fit and blend well with Agile’s existing underwriting governance and culture. As we continue to integrate the two companies over the course of the next year and into 2022, we plan to expand on Exhale’s success by increasing the platform’s reach coast-to-coast and by adding new products to the platform. This will help to ensure ongoing profitability as Agile continues to grow its business across the country.
Industry vet takes on PLUS Underwriting Managers
Troy Moreira, the former CEO and principal owner of Premier Marine and Premier Canada Assurance, has returned to the specialty insurance arena with the acquisition of PLUS Underwriting Managers through his investment holding company, Mar Nova Holdings. Formed in 2010 and based in Vancouver, PLUS distributes property & casualty insurance products through approximately 200 brokerage partners. It was formerly owned by Alex Meier, the CEO and main shareholder of Vancouver-based AXIS Insurance Group.
Is digital underwriting the future of MGAs?
APOLLO teams up with property tech company
APOLLO Insurance continues to build partnerships with online platforms targeted toward homeowners. Its latest tie-up is with property technology company Perch, which provides an analytics-driven platform that gives users in-depth financial insights during all stages of homeownership. APOLLO will offer Perch users immediate access to digital insurance products. “We believe we can provide an exceptional digital experience for users, making it easier for those looking to build their real estate,” said APOLLO BDM Yonas Alemyehu.
FSRA reviews life insurers’ MGA supervision
The Financial Services Regulatory Authority of Ontario (FSRA) has completed its review of how life insurance companies supervise the MGAs they work with. The review found that contracts between insurers and MGAs do not explain in detail what actions MGAs are required to take and what standards they are required to meet for screening, training and monitoring insurance agents. FSRA also concluded that insurers lack an in-depth process to assess the risks associated with their MGAs.
14-15_MGA update-SUBBED.indd 15
15/09/2021 2:38:35 am
GOT AN OPINION THAT COUNTS? Email email@example.com
The power of marketing tech In a competitive insurance market, automated tools that can optimize messaging, timing and channel are a must, writes David Greenberg IN A FAST-PACED, hyper-competitive industry, insurance companies require powerful marketing tools to engage, grow and build long-term brand loyalists. To meet this need, many insurance brands are turning to marketing automation. Let’s say an insurance company noticed someone browsing their website and looking at specific aspects of a home insurance policy. Now imagine if that person received a perfectly timed email detailing the coverage they had been reviewing and its benefits. Put simply, marketing automation technology analyzes customer behaviour and sends customized messages crafted to garner the attention of an individual. Personalization and timeliness are the power of behaviour-based marketing automation technology, and they’re a major reason insurance brands are leveraging it to set themselves apart. Let’s look at three ways insurance brands are supercharging engagement by using marketing automation.
To better connect with their audience, insurance companies must have a deep understanding of their audience’s preferences and interests. As consumers navigate a company’s social media, website and apps, insurance brands can study their behaviour to learn more about their interests and needs. By doing so, businesses can develop a strong grasp of who’s visiting their channels and what coverage offerings they’re looking for. They can then leverage the insights in conjunction with powerful marketing auto-
mation solutions, like email and SMS, to craft personalized communications that reach their audience in a meaningful way.
Email marketing automation
Email marketing automation is a phenomenal lead-gen tool in an industry dependent on new policyholders. Once a person has given a company permission to message them, marketing teams can send automated emails designed to resonate with a lead wherever they are in the sales process. It’s essential that insurance brands understand their customers, their behaviour and
executed well, these communications are a powerful tool in creating positive experiences with policyholders.
SMS marketing automation
Most consumers are on their phones for more than five hours a day. As such, insurance brands are strategically using SMS marketing to reach people in the place where they spend all their time: their mobile devices. SMS marketing is a highly effective way for insurance companies to instantly share information with their audiences, strengthen the value exchange and create positive brand experiences. Companies can use it to send surveys, important policy updates, promotional offers, alerts and reminders. For example, if a customer is eligible for a discount on their insurance due to years of good driving, an insurer could send them a message congratulating them and inviting them to reduce their rate. This technology empowers brands to maintain high-level communication with their customers. Like all marketing strategies, SMS is not limited to communicating with existing policyholders. Acquisition-oriented communication is key to sustaining a pipeline of new business, especially with younger consumers. If a
“Personalization and timeliness are the power of behaviour-based marketing automation technology” their preferences so they can send messages that are relevant. Marketing automation can even send emails or text messages at the time that someone is most likely to engage. Marketing automation plays just as big a role in retention and upsell as it does in acquisition. Automated messaging can be used to help insurance brands stay on top of upselling and renewal activities by sending personalized, policy-specific emails to auto-renew, bundle or purchase additional products. For existing policyholders, marketing automation can send information about how to lower rates, promote new discounts and offerings, and maintain a high level of communication with customers. When
consumer has opted in to receive notifications, insurance brands can use SMS to entice them to purchase a policy for the first time. In a competitive market, insurance compa nies must engage their leads and existing policyholders with optimal messaging – at the best time and through the right channel. With automated marketing, companies can remove the guesswork and optimize customer communications at the same time. David Greenberg is the chief marketing officer at Act-On Software, where he oversees the company’s marketing and growth strategies. He has more than 20 years of leadership experience in high-growth marketing tech organizations.
© be co
15/09/2021 2:39:19 am
It’s an unfamiliar world. Find a familiar face and a valued partner with Sovereign Insurance. Visit sovereigninsurance.ca to learn more. © 2021 The Sovereign General Insurance Company, a member of The Co-operators group of companies. Sovereign® is a registered trademark of The Sovereign General Insurance Company. Not all advertised products may be available in all jurisdictions. For full terms and conditions, including coverage limitations and exclusions, please refer to the policy wording. The Sovereign General Insurance Company is committed to protecting the privacy, confidentiality, accuracy and security of the personal information that we collect, use, retain and disclose in the course of conducting our business. Visit sovereigninsurance.ca or call toll free at 1-800-661-1652 to learn more.
15/09/2021 2:39:25 am
WE’D LIKE TO SAY THANK YOU. Thank you to the exceptional insurance companies who work with us to deliver security and peace of mind to millions of Canadians. Your support and partnerships are greatly appreciated.
15/09/2021 2:40:35 am
Participants: Northbridge, Pafco and Lloyd’s
15/09/2021 2:40:42 am
SIXTY YEARS YOUNG South Western Insurance Group president and CEO John Barclay tells IBC what has kept the MGA relevant during its 60 years in business – and how it plans to evolve to best serve future brokers “WE’VE GOT a very compelling story.” That’s how John Barclay describes South Western Insurance Group (SWG), which is celebrating its 60th anniversary in 2021, making it one of the longest-standing MGAs in the Canadian marketplace. Since 1961, SWG has provided underwriting expertise to independent insurance brokers across Canada. Over six decades, the company has evolved from a one-person operation with a single contract in Southwestern Ontario to a thriving MGA that offers a broad range of insurance solutions for specialty, niche, program and hard-toplace business. There is one consistent theme underpinning SWG’s “incredible journey,” according to Barclay – its laser focus on helping brokers. That cornerstone has enabled SWG to “persist in the face of great challenge,” says Barclay, and sustain its independent brand for 60 years when much of the market has consolidated around it.
A time of transformation Barclay has been president and CEO of SWG since May 2013. He was well equipped for the role – before joining SWG, he was president of Simmlands Insurance Services for almost four years, where he built the golf-focused MGA into more of a diversified specialty insurance business. Prior to Simmlands, he spent 15 years at Marsh Canada,
where he held a number of roles, including client executive, business unit leader and managing director. Since joining SWG, Barclay has used his extensive industry knowledge and leadership capabilities to re-energize and refocus the company. Fifty years ago, SWG’s core value proposition was its ability to deliver capacity and access to the insurance marketplace, but today, the business looks very different.
model – where we claimed capacity as one of our core value propositions – was not a longterm sustainable strategy. There is a role for wholesale brokers, absolutely. In fact, in this hard market, wholesale is huge right now. But our ultimate goal is to support independent insurance brokers across Canada by providing them with good products at a fair price and expert underwriters who can help them win or retain accounts.”
“Our ultimate goal is to support independent insurance brokers across Canada by providing them with good products at a fair price and expert underwriters who can help them win or retain accounts” Barclay has spearheaded SWG’s transition from more of a wholesale broker to an MGA with in-house authority to underwrite specialty solutions – a carefully weighed strategy that took several years to complete. “Over the years, the domestic insurers in Canada have grown stronger and stronger,” Barclay explains. “It is a very competitive marketplace with a surplus of insurance capital, and therefore the domestic insurers are writing a broader range of risk. We realized that over time, the wholesale business
In recent years, SWG has also undergone a significant digital transformation in support of its goal of “helping brokers wherever and whenever they want to be helped.” Barclay says the MGA has undertaken an “extensive rewiring and complete re-platforming” onto cloud-based digital and automated solutions – again, with the ultimate goal of providing long-term value to the broker channel. SWG has also changed ownership during Barclay’s tenure and, in doing so, has expanded its core capabilities. In May 2018,
20-22_Industry Icon-SUBBED.indd 20
15/09/2021 4:50:38 am
PROFILE Name: John Barclay Title: President and CEO; executive director Company: South Western Insurance Group; Three Holdings Based in: Toronto Years in the industry: 30
20-22_Industry Icon-SUBBED.indd 21
15/09/2021 4:50:45 am
the MGA and its subsidiary, Optisure Underwriting Services (which specializes in inland marine coverage), were sold by Canadian Broker Network to Three Holdings, a privately held insurance services group that also owns MedThree Insurance Group. “Every decision we make revolves around bringing more value to our broker partners,” Barclay says. “The Three Holdings deal has enabled us to deliver more specialty capabilities – MedThree offers specialized allied
lenges caused by the pandemic.” Over the next three to five years, Barclay says he’d like to see SWG double its premium under management. “Our strategy is to onboard more specialty talent and to expand our market segment and product capabilities for independent brokers across Canada,” he says. “That will all be underpinned by a strengthened technology platform and supported by strict actuarial discipline – always with the mindset of SWG
“Every decision we make revolves around bringing more value to our broker partners … That business model of core product wrapped up with specialty capability feels sustainable to us” health, senior care and life sciences businesses – which are supported by SWG’s core capabilities in property and liability insurance. That business model of core product wrapped up with specialty capability feels sustainable to us.”
Post-pandemic and beyond SWG’s product diversity has enabled the MGA to weather the storm of the COVID-19 pandemic without too much pain. Some of its business segments, such as hospitality and small business accounts, have struggled, while other segments, such as those overweighted to property exposures, allied health and professional liability, have continued to thrive. “In the aggregate, the COVID-19 pandemic has been challenging,” Barclay says, “but our business has done well, and that’s due to the strength of our portfolio. We’re coast to coast, so we’re not too exposed or overweighted to any one given economic fluctuation. We’ve got product diversity; we’ve got class of business diversity, and that diversification in our portfolio has provided a very solid foundation for the business to do well, notwithstanding some specific chal-
operating as close as we can to being a virtual insurance company.” As a secondary market, the MGA space serves a distinct purpose, according to Barclay, which revolves around cost-effective product manufacturing, a wide distribution footprint and specialty talent. “Generally, the secondary market can also react faster to market changes – both positive and negative – than the primary domestic insurers,” he says, “so it provides that balance for an insurance company or an alternative capital provider that’s looking to put its money to work.” In order to survive and thrive for another 60 years, Barclay stresses that SWG must continue to develop new innovations and expand its specialty capabilities. “MGAs are always pushing into new industries, new business segments and new capabilities because, over time, capacity demands change or the domestic insurers find ways to write risks internally and the premium rotates back to the standard market,” he says. “If you look at it from a broker’s viewpoint, the MGA industry acts as a pressure release valve for the standard market.”
FAST FACTS: SOUTH WESTERN INSURANCE GROUP
YEAR FOUNDED 1961
LOCATIONS Toronto, Quebec City and Vancouver
PARENT COMPANY Three Holdings, which acquired SWG from Canadian Broker Network in 2018
CORE CAPABILITIES Commercial property, commercial general liability, professional liability, specialty lines
20-22_Industry Icon-SUBBED.indd 22
15/09/2021 4:50:46 am
Brokers name 27 Canadian MGAs that are experts at meeting their clients’ niche needs
Feature article .............................................. 24 Methodology ................................................ 25 5-Star MGAs 2021 ....................................... 28 Profile ............................................................ 30
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 23
15/09/2021 2:41:26 am
SPECIAL BUSINESSREPORT STRATEGY
5-STAR MGAs 2021
LOOKING OUT FOR THE GAPS HELPING BROKERS adapt quickly to changing times and evolving challenges, MGAs provide the specialized expertise and geographical reach needed to meet unique needs. “What sets MGAs apart from the standard market is that we fill gaps in coverage and gaps in product that the mainstream insurers don’t like to offer,” says Anthony Passarelli, president of Modern Specialty Insurance (MSI). For this year’s 5-Star MGAs report, IBC
set out to discover what sets outstanding MGAs apart from their competition. To do so, we surveyed hundreds of brokers and asked them to rank their MGA partners in 10 categories. We also asked brokers what’s most important to them when choosing an MGA partner. As in previous years, responsiveness was brokers’ chief concern; 91% rated it as an important factor when selecting an MGA. One of this year’s three All-Star MGAs,
WHAT’S MOST IMPORTANT TO BROKERS WHEN CHOOSING AN MGA? Overall responsiveness: 91% Ability to place niche or emerging risks: 90% Technical expertise and product knowledge: 87% Range of products: 83% Reputation: 83% Pricing: 78% Marketing support: 70% Technology/ automation: 69% Geographical reach: 69% Compensation: 65%
“What sets MGAs apart from the standard market is that we fill gaps in coverage and gaps in product that the mainstream insurers don’t like to offer” Anthony Passarelli, Modern Specialty Insurance MSI earned a 5-star rating from brokers in all 10 categories. Passarelli launched the company in late 2019 and has since grown it to $40 million in revenue, added 12 employees and launched three niche MGA programs, mostly aimed at filling gaps in the insurance marketplace for transportation fleets. MSI also offers P&C, industry, professional services and contingency programs. Responsiveness is key to maintaining an all-star level of excellence, Passarelli says. “In terms of our turnaround on a quote, we can turn a new business quote around in less
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 24
15/09/2021 2:41:32 am
than 24 hours,” he says. “We happen to spend our efforts on turning around those quotes quickly, because we know that the brokers really value that particular part of the service.” Responsiveness is also a top priority at Milnco Insurance, another of this year’s All-Star MGAs, although a spike in submissions has made turning quotes around quickly a challenge over the past year. “We triage all submissions received based on class of business and quality of submissions, and our team does our best to have a
Milnco received high marks from brokers in both categories. “We are experienced risk underwriters who are passionate about insurance and truly care about helping our broker partners place business,” Clayton says. “Our team has many years of industry experience and is continually expanding our knowledge. By keeping up with the newest products and emerging risks, we are able to supply our brokers with the best solution for their client. We encourage our underwriters to think outside of the box and to underwrite
“Our mission is to be the most customer-centric insurance business in the world – letting computers do the work so that we can focus on building relationships”
METHODOLOGY To determine the most outstanding MGAs in Canada, IBC surveyed hundreds of brokers across the country, asking them to rate the service they’ve received from their MGAs over the last 12 months. Brokers rated MGAs on a scale of 1 (poor) to 5 (excellent) in 10 categories, including pricing, overall responsiveness, product range, technical expertise and product knowledge, and more. Brokers were also asked to rate the importance of each category when choosing an MGA partner. The MGAs that earned an average score of 4 or higher in at least one category were awarded a 5-Star rating for that category. In total, 27 MGAs earned a 5-Star ratings this year. Of those, three achieved All-Star status by earning 5-Star ratings across all 10 categories.
Kevin McKinnon, APOLLO Insurance 60% response provided within 24 to 48 business hours,” says Lisa Clayton, EVP and COO at Milnco. “We continue striving to provide outstanding service and turnaround time, as well as a wide range of products to our partner brokers. We believe these factors, combined with continued open communication and an expanded digital presence to our valued broker partners, will help us maintain our 5-star standing for years to come.” While pricing and product range have traditionally rounded out brokers’ top three priorities when choosing an MGA, this year’s survey results indicate that the value of MGAs’ expertise has come to the fore: 90% of brokers said the ability to place niche and emerging risks is key, while 87% said technical expertise and product knowledge are critical.
each risk specifically versus blanketing a class with a broad brush.”
of survey respondents said they would change MGA partners for more competitive pricing
Digital strides While it was relatively low on the list of brokers’ priorities, technology and automation has risen steadily in importance to them over the years – last year, only 9% of brokers said tech was one of the three most important things they consider when choosing an MGA; this year, 69% of brokers said they consider it either important or very important. Technology is top of mind at APOLLO Insurance, an insurtech MGA and 5-Star winner. APOLLO’s digital insurance exchange portal allows brokers to quote, bind and issue policies in real time, making it possible to get coverage within five minutes.
50% of respondents said they’d consider switching MGAs for a wider range of products
32% of respondents said they’d go to another MGA for better technical expertise
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 25
15/09/2021 2:41:40 am
SPECIAL BUSINESSREPORT STRATEGY
5-STAR MGAs 2021
HOW WELL DID MGAs PERFORM ON AVERAGE? Technical expertise and product knowledge
Ability to place niche or emerging risks
Range of products
“We continue striving to provide outstanding service and turnaround time, as well as a wide range of products to our partner brokers” Lisa Clayton, Milnco Insurance
“We have a team of experts on live chat who are available to delight our brokers with relentless responsiveness,” says Kevin McKinnon, vice-president of national business development at APOLLO. “As well, we have built a product team full of industry experts who understand the Canadian market and what product APOLLO needs to build in order for us to be successful. We will continue to build products that will complement our current offering while watching for market trends that we can respond to in order to maximize our mutual growth with brokers. “Technology is really where we differentiate ourselves – ultimately, we’re an insurtech company,” McKinnon adds. “We continually invest in our portal and technology to improve our broker users’ experience as well as their clients’ experience.” While Milnco received good scores from brokers for its technology offerings, the company realizes there’s always room for improvement. “We are working with a software developer to provide portal access for our valued broker partners to quote Milnco products online, obtain policy documents and request specific types of endorsements online,” Clayton says. “This is in the preliminary stage at the moment, and we are excited to be working towards this, as it will provide added value to our brokers.” APOLLO, too, plans to continue leveraging its technical skills to push the boundaries of what an MGA can do. “Innovation within the insurance industry has largely focused on creating new products for the digital age,” McKinnon says. “We are approaching this digital shift from a fundamentally different angle, enabling insurance to be digital. Our mission is to be the most customer-centric insurance business in the world – letting computers do the work so that we can focus on building relationships. We
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 26
15/09/2021 2:41:45 am
provide a lens on the industry that nobody else is able to offer: a completely unique value proposition of combining technology and insurance expertise in a scalable, affordable way. We are advancing the insurance industry, eliminating paper-based processes in favour of more efficient digital workflows.”
On the horizon As far as challenges go, Passarelli says the most difficult obstacle over the past year has been simply keeping up with his company’s
rapid rate of growth. “This particular award is going to catapult those efforts for us,” he says. MSI is also focused on growing its operations in Saskatchewan, British Columbia and Newfoundland. “Expanding into those newer markets is an exciting opportunity for us and a challenge going forward,” Passarelli says. “And then there’s divesting myself of some of the centralized authority and accountability I have, as I’ve already done, because of growth.
Obviously, one person can’t do it all.” Clayton sees all regions struggling with capacity as insurers have reduced their exposures and appetites. Milnco continues to see rate increases and larger deductibles, especially in the hospitality sector and unprotected rural areas. Yet Clayton is optimistic about the future. “We would love to be able to have in-person meetings with our broker and insurer partners – once COVID restrictions are fully lifted and it is safe to do so, of course.”
Insuring Our Municipal, Public Administration and Community Services Frank Cowan Company has changed its name to Intact Public Entities and we’re stronger than ever. We are excited to put our decades of expertise and innovative new capabilities to work for you. Let our specialized insurance solutions, trusted experience and unsurpassed value added services help ensure the success of your clients. As a proud member of the Intact family and a leading Canadian MGA, we can’t wait to show you what’s next. To learn more visit us at intactpublicentities.ca TM & © 2021 Intact Public Entities Inc. and/or its affiliates. All Rights Reserved.
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 27
15/09/2021 2:41:55 am
SPECIAL BUSINESSREPORT STRATEGY
5-STAR MGAs 2021
2021 Chutter Underwriting Services Phone: 888-382-6697 Email: firstname.lastname@example.org Website: chutteruw.com
OVERALL RESPONSIVENESS Agile Underwriting Solutions APOLLO Insurance
Modern Specialty Insurance Phone: 844-335-9378 Email: email@example.com Website: msins.com South Western Insurance Group Phone: 800-668-4275 Email: firstname.lastname@example.org Website: swgins.com A.M. Fredericks Underwriting Management ABEX Affiliated Brokers Exchange Agile Underwriting Solutions
Cambrian Special Risks
CHES Special Risks Evolution Insurance Excess Underwriting GroupOne Insurance
Milnco Insurance Modern Specialty Insurance
ABEX Affiliated Brokers Exchange Special Risk Insurance Managers Agile Underwriting Solutions
Unique Risks Victor Canada
Special Risk Insurance Managers SUM Insurance Totten Group
Agile Underwriting Solutions Cansure
Unique Risks Victor Canada
APRIL Canada Cambrian Special Risks
CHES Special Risk Chutter Underwriting Services Evolution Insurance GroupOne Insurance
CHES Special Risk Guardian Risk Managers
Modern Specialty Insurance Risk-Can Underwriting Managers
TECHNOLOGY/AUTOMATION APOLLO Insurance
Milnco Insurance Modern Specialty Insurance PAL Insurance Brokers Premier Risk-Can Underwriting Managers Special Risk Insurance Managers SUM Insurance
Milnco Insurance Totten Group
Trans Canada Insurance Marketing (TCIM) Trinity Underwriting
RANGE OF PRODUCTS
Risk-Can Underwriting Managers
TECHNICAL EXPERTISE AND PRODUCT KNOWLEDGE
Risk-Can Underwriting Managers
Risk-Can Underwriting Managers Trinity Underwriting
Guardian Risk Managers
PAL Insurance Brokers
Guardian Risk Managers
Chutter Underwriting Services
Cambrian Special Risks
Cambrian Special Risks
Modern Specialty Insurance CHES Special Risk
Burns & Wilcox
Modern Specialty Insurance
Risk-Can Underwriting Managers
REPUTATION A.M. Fredericks Underwriting Management
ABEX Affiliated Brokers Exchange
PRICING APOLLO Insurance
MARKETING SUPPORT APOLLO Insurance
Cambrian Special Risks GroupOne Insurance Chutter Underwriting Services
Agile Underwriting Solutions
Milnco Insurance Excess Underwriting
APOLLO Insurance GroupOne Insurance APRIL Canada
Burns & Wilcox
Milnco Insurance Modern Specialty Insurance
Cambrian Special Risks
PAL Insurance Brokers
Risk-Can Underwriting Managers
Modern Specialty Insurance
Risk-Can Underwriting Managers
CHES Special Risk
Special Risk Insurance Managers
Unique Risks Chutter Underwriting Services Agile Underwriting Solutions Evolution Insurance
ABILITY TO PLACE NICHE OR EMERGING RISKS
Cambrian Special Risks
Agile Underwriting Solutions CHES Special Risk
Modern Specialty Insurance Chutter Underwriting Services PAL Insurance Brokers
Evolution Insurance Modern Specialty Insurance
Risk-Can Underwriting Managers
South Western Insurance Group
Special Risk Insurance Managers
GroupOne Insurance Milnco Insurance
Risk-Can Underwriting Managers
Modern Specialty Insurance
South Western Insurance Group
Risk-Can Underwriting Managers
Special Risk Insurance Managers Trinity Underwriting
Trans Canada Insurance Marketing (TCIM)
SUM Insurance Unique Risks
Trinity Underwriting Trinity Underwriting Unique Risks
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 29
15/09/2021 2:42:08 am
SPECIAL BUSINESSREPORT STRATEGY
5-STAR MGAs 2021
CHUTTER UNDERWRITING SERVICES Phone: 888-382-6697 Email: email@example.com Website: chutteruw.com
t the heart of our business, passion continues to drive us forward,” says Morgan Chutter, casualty manager. “Today, the Chutter Underwriting Services name has grown to be synonymous with uncompromising quality and best-in-class service. With expertise in hard-toplace commercial accounts and outstanding turnaround on standard business, our broker network support is at an all-time high.” Chutter Underwriting Services has more than 25 years of successful business operations and writes both commercial property and casualty lines. The company has added number of digital instant quote/bind products at chutteruw.com, and while there is emphasis in maintaining and growing these offerings, Chutter also feels that boutique underwriting solutions for complex commercial accounts remain particularly valuable. Chutter considers all casualty and property accounts, from low- to highhazard. “Throughout our history, Chutter Underwriting Services has been known for our commitment to building long-lasting relationships with our clients,” Morgan Chutter says. “We take pride in our dedication to excellence, our reputation for quality and our promise to find or develop premium products for clients, emphasizing value quality, sustainability and efficiency.”
Choose simplicity with our online quoting tool and maximize your time to support your clients With APRIL ON, quote and bind in just a few clicks.
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 30
15/09/2021 2:42:15 am
FUTURE FORWARD HERITAGE PROUD In our 150 years, we’ve experienced so many proud moments. But through all the progress, victories, and challenges, being there for Canadians when they need us most has been the greatest privilege of all. We’re honoured to continue to earn the trust of our customers and broker partners through truly innovative insurance solutions. economical.com
property | auto | business Economical Insurance includes the following companies: Economical Mutual Insurance Company, Family Insurance Solutions Inc., Sonnet Insurance Company, Petline Insurance Company. ©2021 Economical Insurance. Economical and Economical Insurance are registered trademarks of Economical Mutual Insurance Company. All Economical intellectual property belongs to Economical Mutual Insurance Company.
23-32_IBCW 5-Star MGAs 2021-SUBBED.indd 31
15/09/2021 2:42:19 am
SPECIAL BUSINESSREPORT STRATEGY
5-STAR MGAs 2021
It’s cruising a wide open road easy Once you start working with us, the journey is easy. Value your client’s classic and collector vehicles online with Hagerty Valuation Tools, enjoy no production quotas and our online quoting tool is simple. Your car-loving clients will appreciate getting coverage tailored to fit their specialized needs. It’s never been easier to give your clients great coverage.
888-338-7972 | hagertybroker.ca
Policies are underwritten by Elite Insurance Company, a subsidiary of Aviva Canada Inc. Some coverage not available in all provinces. This is a general description of coverage. All coverage subject to policy provisions, exclusions, and endorsements. All third party makes, models, and vehicle names are property of their respective owners. Their use is meant to reflect the authenticity of the vehicle and do not imply sponsorship nor endorsement of Hagerty nor any of these products or services. Hagerty determines final risk acceptance. Hagerty, Hagerty Valuation Tools & Hagerty Drivers Club are registered trademarks of the Hagerty Group LLC, ©2021 The Hagerty Group, LLC. All Rights Reserved.
EXECUTIVE INSIGHTS SERIES
CYBER 2021 What trends and threats do brokers need to stay on top of in a tightening cyber market?
33-52_Cyber Report 2021-SUBBED.indd 33
15/09/2021 4:42:49 am
33-52_Cyber Report 2021-SUBBED.indd 34
15/09/2021 3:34:01 am
EXECUTIVE INSIGHTS SERIES
CYBER INSIGHTS 2021 Insurance Business Canada takes a closer look at some of the most complex cyber issues to emerge so far in 2021 CYBER RISK is everywhere. It’s an enterprise problem that can trigger a string of losses well beyond the technology or systems that were initially compromised. Cyber events can result in business interruption (both primary and contingent), productivity loss, reputational damage, physical damage, and significant legal repercussions and recovery expenses. It’s no wonder the scale and frequency of cyber insurance losses continue to soar. Ransomware is arguably the most pressing issue the cyber insurance community is dealing with today. This variation of malware allows hackers to lock businesses out of their systems until they pay a ransom, usually in cryptocurrency. In recent years, there has been a significant uptick in the frequency and severity of ransomware attacks, impacting businesses of all sizes and in all sectors. Hackers have grown more sophisticated and targeted in their attacks, aiming for larger organizations that can afford bigger ransoms. In the past five years, the average ransom demand has shot up from US$15,000 to US$175,000 – an almost twelve-fold increase – according to the NetDiligence 2021
Ransomware Spotlight Report. Total ransom demands crossed the US$1 million threshold in 2018, the US$3 million threshold in 2019, and publicly available data indicates that they surpassed US$50 million in 2020, although this was likely negotiated down. The ransomware headache doesn’t stop there. In 2020, a new wave of ransomware attacks known as ‘double extortion’ hit the market. With these attacks, threat actors are maximizing their chance of making a profit by threatening the victim with an additional abuse of the information they’ve encrypted, such as selling or auctioning it. In this fast-paced and ever-changing risk landscape, cyber insurers have reacted by seeking more rate and shoring up their underwriting guidelines to control their costs and protect their books. Some have even started sub-limiting ransomware and applying co-insurance provisions, forcing insureds to share more of the risk. The firming of the market is having a big impact on brokers. Not only do they have to work harder to secure adequate coverage for their clients, but they also have to educate
themselves and continue to develop technical skills around cybersecurity controls and best-practice cyber risk mitigation. Proactive cybersecurity controls are absolutely essential in today’s evolving threat landscape. Many would argue that cyber insurance should not be seen simply as a financial risk transfer product; rather, it is a holistic risk management solution that protects not only insureds, but also the cyber insurance market itself. As rates rise, coverage constricts and cyber threats boom, we will only succeed with an ‘all in this together’ approach. With that in mind, IBC reached out to four experts in the space to explore the key themes and questions in the sector, from best practices for risk mitigation to up-and-coming cyber threats. Through their insights, we hope to provide brokers with an enhanced understanding of the current state of the cyber insurance market.
Bethan Moorcraft Senior editor Insurance Business Canada
33-52_Cyber Report 2021-SUBBED.indd 35
15/09/2021 3:34:09 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE MEET THE EXPERTS As the national E&O and cyber product manager at Trisura Guarantee Insurance Company, Angela Feudo is responsible for product development, strategy and training in Canada. Prior to joining Trisura, Feudo worked in underwriting for more than 17 years. She has a diverse underwriting background, having started her career in property & casualty before moving into crisis management and ultimately E&O and cyber.
Angela Feudo Manager, professional solutions Trisura Guarantee Insurance Company
A seasoned leader with more than 20 years of Ian Fraser professional lines/ AVP, tech/cyber and technology insurance professional lines experience, Ian Fraser offers Sovereign Insurance a breadth of knowledge and expertise. At Sovereign Insurance, Fraser develops commercial strategies for cyber and professional lines with a strong focus on product, pricing and customer requirements. He regularly speaks on technical insurance panels and is recognized among his peers as a thought leader in the areas of cyber, professional liability and management liability.
Miki Ho leads business development for Coalition in Miki Ho Canada. He joined the Business development team company in early 2020 and lead – Canada helped launch Coalition’s Coalition insurance operations in Canada in May 2020. With a background in underwriting large, complex cyber and tech risks, Ho is a resource for Coalition’s broker partners and policyholders as they work to solve cyber risk. He believes that insurance is just part of a cyber risk management strategy and is always eager to share insights on how to better manage and mitigate risk.
Lindsey Nelson oversees the global distribution strategy Lindsey Nelson across CFC’s cyber portfolio, undertakes key account Cyber development leader management and provides CFC in-depth training within the business line. Nelson has more than a decade of experience underwriting cyber and technology risks, which has put her in demand for a wide range of conferences, and she continues to play an active role in underwriting.
How would you describe the current state of the Canadian cyber insurance market? Angela Feudo: The cyber insurance market has, for the most part, continued to tighten over the last year. There have been numerous carriers that are reducing their capacity, increasing rates, restricting terms and implementing tighter underwriting controls. While capacity contractions generally are becoming more common, there has been a focus on limiting network extortion. There continues to be an increased number of ransomware events, which has led to this response from the market. As both the frequency and severity of claims have increased, the rates have also increased significantly to compensate. There has been a greater focus from insurers on their clients’ cyber risk management and security awareness. An increase in cybersecurity awareness and risk management will ultimately be beneficial for everyone. The awareness in cyberattacks has also brought an increased interest in cyber insurance. We are seeing more requests for cyber insurance from first-time buyers, as ransomware attacks are no longer viewed as just a large organization concern. Smaller companies have become acutely aware that they too can be targeted. Ian Fraser: With the Canadian cyber insurance industry loss ratio in excess of 400% in 2020, it is fair to say considerable change is being felt across the marketplace. Similar to hard market cycles experienced in the past across traditional P&C lines of business, the cyber market is in the midst of a hard market, which is yielding significant rate increases, tighter policy conditions and a general reduction in capacity. As a line of business that began as a frill toss-in grant of coverage years ago, cyber insurance capacity is quickly becoming tactically deployed under a heightened scrutiny of underwriting – and carriers are selective, offering protection to policyholders who can demonstrate best-in-class IT controls and above-average cyber hygiene. Lindsey Nelson: Obtaining coverage today has become more difficult as the class experiences the first hard market cycle in its history, driven almost exclusively by the
33-52_Cyber Report 2021-SUBBED.indd 36
15/09/2021 3:34:14 am
“With the Canadian cyber insurance industry loss ratio in excess of 400% in 2020, it is fair to say considerable change is being felt across the marketplace” Ian Fraser, Sovereign Insurance severity of ransomware claims. Canada is further challenged by the fact that cyber is still in its infancy, with the total Canadian cyber market sitting at around $300 million. There has been a unanimous acceptance in the market that more rate is required to return to a position of profitability – a fact continuously highlighted through the loss ratios expressed in quarterly reports from OSFI – and brokers are experiencing different renewal terms and conditions. Increased deductibles are not uncommon, and in some instances, co-insurance is being applied by insurers as a way of managing capacity provided and ensuring there is mutual investment in avoiding a large-scale attack.
Insurers are using their data to determine what security measures are preventing claims, what industries are more susceptible to cyber risk by exposure alone and ensuring that the price reflects the fact that ransomware events now cost millions, not the hundreds of dollars of years ago. Minimum security measures are increasingly being required before an insurer will entertain providing coverage. However, it’s not all doom and gloom. CFC is more committed than ever to providing a broad cyber product and is uniquely positioned to navigate through a hard market, as we are better equipped to manage claims frequency through our CFC Response app and to manage severity through what is now
the largest dedicated cyber incident response team globally. Miki Ho: If the events of the past year are any indication, cyber risk is set to become the defining risk of our age. Cyber risk knows no boundaries, and we’ve observed an escalation of attacks on a global scale. This has resulted in a perfect storm for the cyber insurance industry between widespread technology risk, increased regulations, increased criminal activity and carriers pulling back coverage. In Canada, we are beginning to see cyber and privacy liability capacity constraints as losses have increased, and carriers are beginning to increase their underwriting scrutiny. Until recently, most carriers covered ransomware at full limits. Now that ransomware attacks are frequent and more severe, some carriers have started applying co-insurance and sub-limits on a widespread basis. Given the dramatic shift both to a work-from-home culture and monetization of cyberattacks, the underwriting considerations carriers could rely on from just a few years ago have essentially become irrelevant and outdated. Despite changing market conditions, Coalition remains an industry leader, with lower claims frequency and loss ratio compared to other carriers. While other companies are making drastic changes, we are holding strong. We have not sub-limited ransomware coverage, added co-insurance to our policy or added exclusions for end-oflife software.
How have you seen the ransomware threat evolve in recent years, and where do you see this challenging risk headed? Ian Fraser: Without a doubt, ransomware is the fastest-growing cyber threat vector that keeps most companies’ IT professionals and chief information security officers up at night. This is not surprising, given the impact of losing closely held personal and confidential client records, the potential to cause catastrophic financial damage, and the reputational harm to the organization. The frequency of ransomware attacks has increased exponentially over the last five years, as has the cost. The average ransom fee requested has increased from $5,000 in 2018
33-52_Cyber Report 2021-SUBBED.indd 37
15/09/2021 3:34:23 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE THE GROWING COST OF RANSOMWARE Average ransom amount
Average incident cost
$280,000 $260,000 $240,000 $220,000 $200,000 $180,000 $160,000 $140,000 $120,000 $100,000 $80,000 $60,000 $40,000 $20,000 $0
Source: 2021 Ransomware Spotlight Report, NetDiligence; all figures in US$
“There has been a unanimous acceptance in the market that more rate is required to return to a position of profitability” Lindsey Nelson, CFC to around $200,000 in 2020, according to the National Security Institute. Cybercrime Magazine reports that experts estimate that a ransomware attack will occur every 11 seconds in 2021. This alarming trend is only expected to get worse, and detection and mitigation of these attacks is only getting more difficult. In addition to a comprehensive cyber insurance policy backed by a panel of InfoSec vendors specializing in pre- and post-breach risk mitigation, breach preparedness and cyber hygiene serve as leading factors that mitigate the overall cost and impact to any business hit with a cyber breach. We know ransomware threats won’t go away, so imple-
menting cyber loss control measures and being prepared to navigate through one if – or when – your organization is impacted is the best approach to take. Lindsey Nelson: There have been two main developments in the evolution of ransomware over the past 12 to 18 months. First, threat actors have switched to data exfiltration – we’ve seen this in over 50% of the ransomware cases that CFC has managed in this period. Second, there has been a distinct shift to attacks aimed at MSPs or cloud service providers, which has seen more and more small businesses becoming collateral damage. CFC has seen frequency of events flattening over the last quarter, which we would attribute to the proactive approach that we’ve adopted – monitoring our policyholders, scanning for external vulnerabilities and informing them where we have detected a match or compromise via our CFC Response app. We have countless examples of clients that we’ve identified as being compromised, reached out to and remediated, all before they’ve even realized they might need to file a claim. Despite the efforts that we and others are making and the positive impact these efforts are having, severity is still skyrocketing. There was a small dip in extortion payments being made by clients in the first quarter of the year, as clients were either fearful of violating sanctions or simply didn’t believe that they would get their data back, but the threat actors are evolving, new variants are emerging, and ransomware continues to be a profitable industry for criminals. Angela Feudo: Ransomware has increased in the number of companies and types of companies being compromised. Ransomware as a service has allowed for an increase in the number of individuals who can launch a ransomware attack. Threat actors no longer necessarily need to be a technically skilled hacker to deploy ransomware because it is now more accessible than ever to utilize. Individuals and organizations have become more cyber savvy in their defences against cybercriminals, and many have concentrated efforts and resources in creating, maintaining and encrypting backups, as well as focusing on their restoration processes. Due to these efforts, and in the event that files
33-52_Cyber Report 2021-SUBBED.indd 38
15/09/2021 3:34:25 am
A good cyber defence is a strong offence
Be proactive. Protecting your organization with the right coverages can be a real game changer. Learn about Trisura’s cyber solutions today!
a step above
Trisura Guarantee Insurance Company is a Canadian-owned and operated Property and Casualty insurance company specializing in niche insurance and surety products. We are a proud supporter of the Insurance Brokers Association of Canada.
33-52_Cyber Report 2021-SUBBED.indd 39
15/09/2021 3:34:29 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE were corrupted, companies didn’t necessarily have to pay the ransom. Threat actors have moved to engaging in double extortion, meaning that the hackers will threaten to release private information if the organization doesn’t pay. Threat actors are also using distribution denial of service [DDoS] attacks on their victims to put pressure on them to pay the ransom. Hackers have expanded ransomware into a business model whereby they will use the best method against the victim. This can include encryption, DDoS or releasing private information to cause the most disruption. Miki Ho: The threat of ransomware has escalated considerably in the past few years. Attack techniques have become increasingly
“As the business impact of ransomware attacks has grown, so too has the leverage of criminals to demand larger ransoms” Miki Ho, Coalition
sophisticated and more automated, which has enabled criminals to extort ever-growing amounts from organizations. The average ransom demand made to our policyholders in the first half of 2021 was $1.2 million. That’s a large price to pay for any organization – and is a nearly 170% increase from the average demand in the first half of 2020. As the business impact of ransomware attacks has grown, so too has the leverage of criminals to demand larger ransoms. The ability to target small businesses through automated attacks and leverage higher ransom demands has also made smaller businesses more attractive targets than they once were. While the threats of business email compromise, social engineering and funds transfer fraud are still very much present, the cyber insurance community agrees that the hardening of the market is primarily being driven by ransomware attacks. Ransomware remains the most lucrative cybercriminal activity, and the widespread use of poorly secured remote access protocols and tools on the internet will continue to leave organizations open to cyber extortion attacks. Hackers are getting more specific about who they target and the amount of ransom they hope to collect. They are also using increasingly sophisticated attack techniques and ransomware variants to execute their attacks. As a result, we expect ransomware frequency to increase moderately. While threats continue to evolve, we believe that ransom demands have likely hit their highest levels and will flatten, as there is little additional leverage for criminals to gain beyond taking an organization’s operations hostage.
Which industries are most exposed to cyber risk, and are these industries buying cyber insurance? Angela Feudo: Any individual and organization that uses the internet is exposed. Some industries and businesses, however, may be at a higher risk. Historically, the focus has been on healthcare, government, utility companies, schools and financial institutions. This has not changed; today, these industries continue to be at a higher risk, for different reasons. The healthcare industry has many older legacy systems that go unpatched. That,
33-52_Cyber Report 2021-SUBBED.indd 40
15/09/2021 3:34:38 am
coupled with holding patient records, makes them an attractive target. Governments, financial institutions and universities also hold a lot of confidential information. The larger organizations in these industry groups have been buying cyber insurance for years. Now the smaller companies are also purchasing cyber insurance more regularly. We have also seen an increase in claims in the manufacturing, professional services and construction spaces. While there has been an increase in cyber purchases in these spaces, there are still a lot of companies that do not purchase cyber insurance. Miki Ho: Cybercriminals are opportunistic, particularly when it comes to small businesses, and the technology and processes that organizations use are far more indicative of their risk than their industry. No company is too small to be an enticing financial opportunity for attackers. Still, some industries did experience notable increases in claims in the past year. From H1 2020 through H1 2021, we saw an increase in claims frequency of 30% for non-profits, 46% for IT and 53% for professional services. Industrial and manufacturing businesses experienced a notable surge, with industrials increasing 263% and manufacturing increasing 99%. Ian Fraser: Years ago, it was common to hear that the financial services and healthcare industries stood out beyond all others as it relates to exposure to cyber risk. While it still holds true that these segments are considered high-risk, the reality is that companies in nearly all industry segments have exposures that need to be quantified and addressed. Cyber insurance has been brought to the forefront of nearly all commercial insurance placement discussions as a result of many high-profile cyber breaches, and we have seen most mid-market and large commercial clients purchase it for the first time in recent years. Small and medium-sized enterprise client take-up rates have historically lagged behind that of their larger mid-market and large commercial peers; however, recent data has shown that SME take-up rates have increased sharply in 2020, largely due to an increase in cyber risk awareness on account of COVID-19.
Lindsey Nelson: Any business that uses a computer and has employees is at risk. CFC has countless case studies of policyholders of all shapes and sizes across every industry that have fallen victim to a cyber incident. However, we’re seeing a real difference between those industries that might be expected to have cyber claims and those that are actually suffering from cyber incidents. Public sector, education and not-for-profits are typically assumed to be the largest at risk – and it’s true, they have a heightened exposure. This also applies to retail, financial institutions and healthcare. However, the data in the last year points squarely at professional service firms, especially small law firms and financial services businesses.
“The real opportunity for brokers lies in selling to the 85% of Canadian companies that aren’t currently purchasing affirmative, stand-alone cyber cover” Lindsey Nelson, CFC It appears that professional service firms in Canada have been hit particularly hard, primarily due to the confidentiality of the data they store. Six of the largest ransomware events involved professional service firms that faced demands in excess of $5 million – and given the nature of the data, these firms have a propensity to pay. In general, small companies consistently fall victim to ransomware attacks. They’re less likely to have dedicated security staff and more likely to have flat network structures, with simple access control policies that aren’t well maintained. The pandemic highlighted the need for system continuity, and we’ve seen a slight growth in new buyers in the Canadian market, but this is still outpaced by organic rate growth. So, as only 15% of businesses are purchasing cyber insurance, the real opportunity for brokers lies in selling to the 85% of Canadian companies that aren’t currently purchasing affirmative, stand-alone cyber cover.
33-52_Cyber Report 2021-SUBBED.indd 41
15/09/2021 3:34:43 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE MOST COMMON CYBERATTACK TECHNIQUES 60% 50%
Other social engineering
Brute force (authentication)
Other Source: H1 2020 Cyber Insurance Claims Report, Coalition
“The better controls a company has in place, the more likely they will be to obtain better terms” Angela Feudo, Trisura Guarantee Insurance Company How does the hardening cyber market impact insurance brokers? How can they navigate this market successfully and secure the best solutions for their clients? Lindsey Nelson: Planning is key. Increasingly, the question is changing from what risk measures a client should adopt to get lower premiums to how they can get cyber insurance altogether in the face of shrinking capacity and expectations around minimum security controls in place. Be prepared to challenge false positives that come from external scans of a client’s network that underwriters use to aid their assessment of the risk. These reports are valuable, but dangerous in isolation as a true measure of a client’s vulnerability and can often do damage at point of sale when presented to someone in the client’s IT function. Look for stability and consistency in the market – those committed to growing cyber as a class of business and with a Canadian data set built up over years are likely to take a more sensible approach in responding to a hard market. Also look for markets that offer proactive solutions that will respond from the moment their client buys a policy, rather than only providing financial compensation reactively.
Finally, plan ahead and engage with clients to ensure they have the basics in place – MFA for remote access, offline backups and advanced endpoint protection solutions, for starters. Clients won’t always want their cybersecurity dictated to them, but where cyber insurers are seeing lack of these controls leading to cyber claims across their portfolios and across a meaningful sample set of clients, this has prompted the market to require companies to make some investment in risk management before transferring entirely to insurance. With the right cyber insurer, brokers can provide both to the client through in-house security teams. Angela Feudo: The hardening cyber market has created additional challenges for brokers. With markets reducing capacity, it has left brokers looking for replacement markets for those towers. It is now even more important for underwriters to clearly communicate their appetite to brokers so they know who might be a viable option for their clients. Cyber is no longer just privacy-based; for example, the exposure that a manufacturer has versus that of a law firm is very different. It is critical that insurers understand their client’s exposure in order to develop a trusted advisor relationship with their client. It is important for brokers to stay on top of emerging cyber threats, as this will enable them to educate their clients on where the exposures are. A lot of markets are asking for more underwriting information; understanding where
33-52_Cyber Report 2021-SUBBED.indd 42
15/09/2021 3:34:48 am
risk marketplace. Beyond understanding the technical nuances of a cyber insurance policy, an astute broker has a much broader understanding of the cyber risk landscape – including but not limited to common and trending cyberattack vectors – and can successfully articulate their client’s cyber security risk posture to assist with the under writing of their client’s insurance placement.
What are the most common cybersecurity attack vectors and breach methods? Lindsey Nelson: Taking advantage of open
potential exposures lie allows markets to get ahead of risks and be proactive in preparing the necessary increased security measures. The better controls a company has in place, the more likely they will be to obtain better terms. Better controls are beneficial for the client, as their systems will be better protected from exposure. With the evolving digital landscape, it can be difficult to stay on top of the market, particularly if you are not a cyber specialist. Finding a specialist you can trust to help navi gate the market will help. Miki Ho: The hardening market and increased capacity constraints are concerning for brokers. Many brokers will have an increas ingly difficult time placing cyber coverage, particularly for challenging accounts that require specialized underwriting or security improvements before they would qualify for coverage. As other markets have pulled back coverage and increased prices, we still see opportunities for cyber insurance buyers who
are proactively managing risk to access better coverage and more attractive pricing. Coali tion continues to lead the market by offering organizations that implement strong security controls more competitive premiums and broader coverage. In the past year, Coalition launched several new services and software products to help our policyholders proactively manage cyber threats, including pre-breach services, employee training, incident response planning, compliance assistance and IT security services. Ian Fraser: During a hard or hardening market, insurance brokers arguably have the most difficult job within the insurance supply chain. Acting with a duty of care and responsibility to their clients, insurance brokers are responsible for presenting and articulating their clients’ risk exposures to insurers and for negotiating the most favour able terms available for their clients. To facilitate the best solutions for their clients, it is imperative that insurance brokers are deeply connected into the cyber
RDP ports, which are essentially the digital doors and windows to an organization, is still the cheapest and most profitable attack vector. Threat actors exploit these open RDP ports, and these attacks accounted for over 50% of the cyber claims we saw at CFC last year. However, software vulnerabilities are growing at a faster rate than exposed RDP ports. Email phishing remains the simplest to conduct, playing on the human and/or employee error element. Threat actors are capitalizing on remote and hybrid work forces and the susceptibility of employee and human error, enabling them to override any IT security solutions that do work in practice. While ransomware undoubtedly remains a significant threat and dominates headlines, it’s important that brokers remind their clients that theft of funds and business email compromise have not gone away. Nor should reputational harm be ignored. It’s become a growing issue as regulations such as PIPEDA oblige businesses to notify customers when their data has been compromised. Reputa tional harm can include greater and more long-term costs such as cancelled contracts or customers taking their business else where, yet it’s a threat and a cost that few talk about when discussing cyber policies. Miki Ho: While ransomware and funds transfer fraud are the main ways criminals immediately monetize cybercrime, they use a wide array of attack techniques and tactics to gain access to systems in the first place. Social engineering leading to business email compromise, insecure remote access exposed directly to the internet, and third-party
33-52_Cyber Report 2021-SUBBED.indd 43
15/09/2021 3:34:58 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE AVERAGE CYBER INCIDENT COST BY SECTOR $500,000 $450,000 $400,000 $350,000 $300,000 $250,000 $200,000 $150,000 $100,000 $50,000 $0
Manufac- Entertain- Technology Education Restaurants Public turing ment entities
Healthcare Nonprofits Telecommu- Professional Financial nications services services
Source: 2021 Ransomware Spotlight Report, NetDiligence; all figures in US$
“Taking advantage of open RDP ports, which are essentially the digital doors and windows to an organization, is still the cheapest and most profitable attack vector” Lindsey Nelson, CFC vendors targeted in supply chain attacks are the most common attack vectors in claims experienced by Coalition policyholders, and all can lead to potentially catastrophic cyber events. So far in 2021, the top attack techniques experienced by Coalition policyholders include phishing (48%), exploitation of vulnerabilities on public-facing applications (27%) and exploitation of insecure remote access (12%). Angela Feudo: We are still seeing a lot of losses arising from either weak or compromised credentials. Usernames and passwords continue to be exposed in data leaks and phishing scams. When this type of information is stolen or lost, cybercriminals can easily access the company’s systems. If an employee uses the same password for
both personal and business systems and the individual’s password gets compromised on their personal device, the hacker can use this opportunity to hack into the company’s system. Having good password hygiene, using multi-factor authentication or even biometrics can help combat this risk. Phishing continues to be a common method used by hackers, likely because it works. Cybercriminals are expanding on the methods they use in phishing; for example, during the pandemic, we’ve seen phishing scams where criminals are imitating health organizations or use the guise of providing relief money. Continued employee training, phishing tests and employing the principle of least privilege for access in systems can help to combat this risk. It is also important to note that not all threats come from humans. Unpatched applications and servers are also a common vulnerability that can leave systems open to attacks. A good example of this is the January 2021 Microsoft Exchange Server attacks, which affected more than 200,000 servers. Although patches were released by Microsoft in March, they did not retroactively
33-52_Cyber Report 2021-SUBBED.indd 44
15/09/2021 3:34:59 am
remove any back doors that might have been installed by hackers. Implementing software updates and installing patches as soon as they are available can help mitigate these vulnerabilities. Ian Fraser: There are countless cybersecurity attack vectors and breach methods to mitigate against, but some of the most common include phishing, denial of service attacks and malware/ransomware. Phishing is a social engineering attack, which means that a bad actor is playing on your sympathies or trying to convince you that they’re someone else – a trusted entity – in order to obtain sensitive data, like your personally identifiable information [PII], financial information or credentials. Threat actors will send fake emails, texts or websites that look like legitimate correspondence to manipulate you into gaining access to information or corporate systems. While cybercriminals most commonly conduct phishing attacks through email, phishing through text messages has recently become more common. A denial of service [DoS] attack aims to shut down a machine or network, or make a service such as a website unusable, by flooding it with malicious traffic or data from multiple sources – often botnets – or sending it information that triggers a crash. DoS attacks can have a significant financial impact on businesses, both from a business interruption and reputational perspective. Malware is the collective name for a number of malicious software variants, including viruses, ransomware and spyware. Shorthand for malicious software, malware typically consists of code developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Ransomware is a form of malware that encrypts a victim’s files, holding their data hostage. The attacker then demands a ransom from the victim to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few thousand dollars to millions of dollars for large, complex organizations, payable to cybercriminals in Bitcoin.
In the growing threat landscape, what are some best-practice cyber risk mitigation tactics that all companies should implement? Ian Fraser: Incorporating common preventative risk mitigation features such as installing firewalls, MFA, data encryption and least privilege permissions methodologies can significantly mitigate the severity and frequency of an attack occurrence. However, understanding that breaches can – and likely will – occur is half the battle, and being prepared for such an event is critically important. An incident response plan is arguably the most important risk mitigation tool and provides a set of instructions to help
“Understanding that breaches can – and likely will – occur is half the battle, and being prepared for such an event is critically important” Ian Fraser, Sovereign Insurance staff identify, respond to and recover from cybersecurity incidents. The goal is to return to normal business operations as swiftly as possible by removing the threat, minimizing damage and preventing similar incidents in the future. Lindsey Nelson: There needs to be recognition that the cyber risk controls that we should expect of a mid-sized or large corporate firm are going to be drastically different to small businesses, which probably won’t have the best controls in place or IT budgets to do so, and that’s what is incentivizing their purchase of cyber insurance. Larger businesses, however, have unfortunately taken a similar approach, and there should be an expectation of minimum security controls in place, parallel to what insurers typically ask for on traditional crime policies. Perimeter security has been at the forefront of cyber insurers’ interests, as it’s the first layer for criminals to access a victim’s network. Mitigation tactics include looking at open RDP ports and only allowing them to open when necessary to allow traffic to flow in and out of the network. Anyone can view this
33-52_Cyber Report 2021-SUBBED.indd 45
15/09/2021 3:35:03 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE from the outside with the right websites and browser plug-ins, so it’s a quick, valuable tool to demonstrate to clients. I’d be remiss if I didn’t mention multifactor authentication as well – lack of MFA caused over 80% of the ransomware attacks we managed in the year prior. Even if email/ password credentials have been accessed by threat actors, they won’t be able to access the network or victim’s email without a secondary authentication measure like a one-time password or token on their phone. The right cyber insurer will have an in-house security team who will be able to help navigate clients through implementing these measures to become an insurable risk. Angela Feudo: Cyber risk for both individuals and businesses has continued to increase since the inception of the internet. This will only continue to increase over time as we become more connected to the internet
“Every password we set, tool we use and network we access leaves us exposed and vulnerable to cyber threats” Miki Ho, Coalition and cybercriminals find new ways to take advantage of vulnerabilities. Companies of all sizes are vulnerable to cyberattacks, and they should be taking steps to help mitigate those exposures. Human error remains one of the top factors in cyber breaches, and so employee awareness training is key to help combat this risk. Multifactor authentication is becoming a standard security measure that all companies should implement because it improves a company’s security by adding an additional step that a cybercriminal would have to breach to gain access to a company’s system. Employing a patch management process allows you to keep your software functioning properly and maintain good security posture. Stay up-to-date with the most current security fixes to combat any known vulnerabilities in the software. Businesses should also have a current record management system, keeping only records the company needs and getting rid of old data that is no longer useful. If you hold
the record, you will need to protect it. If all else fails, it will be useful to have current backups of important data. Backup strategies will be different for each company, but the data in the backups should be current, encrypted and stored securely off-site. Miki Ho: As small and mid-size businesses become increasingly dependent on internet-connected services and applications, they also become a larger target for cybercriminals looking to exploit vulnerabilities in their systems. Every password we set, tool we use and network we access leaves us exposed and vulnerable to cyber threats. Coalition published a Cybersecurity Guide to provide policyholders and brokers with specific and actionable recommendations to protect their organizations. Increase email security: Email is not a secure form of communication, and every organization should use caution when sending or verifying sensitive information by email. We recommend using a secure email hosting provider and implementing free security measures to enhance email security, including SPF, DKIM, DMARC and MFA. Implement multi-factor authentication: MFA immediately increases your account security by requiring multiple forms of verification to prove your identity when signing into an application. MFA should be implemented on all critical business applications, such as email. Maintain good data backups: A good data backup can mean the difference between a full loss and a full recovery after a ransomware attack. We recommend that all businesses maintain backups both on- and off-site for critical business data and test backups by attempting a full recovery. Enable secure remote access: Remote access creates more risk for organizations and should be implemented carefully. Update your software: Cybercriminals exploit vulnerabilities to gain access to systems or spread malicious software. These vulnerabilities can be located and patched through regular software updates. Use a password manager: Password managers help keep track of multiple passwords and generate new ones at random. They are essentially an encrypted vault for
33-52_Cyber Report 2021-SUBBED.indd 46
15/09/2021 3:35:08 am
storing passwords that is protected by one master password. Scan for malicious software: Endpoint detection and response [EDR], a more enhanced version of antivirus software, is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. Encrypt your data: Encryption is the process through which data is encoded so that it’s hidden from bad actors who manage to gain access. It helps protect private information and sensitive data, and it enhances the security of communication between client apps and servers. Implement a security awareness training program: Through security awareness training programs, every employee gains the knowledge they need to stay vigilant and avoid becoming the victim of a phishing attack. Purchase cyber insurance: If all else fails, organizations want to ensure they can recover financially from a catastrophic attack. Cyber insurance plays a critical role in providing organizations the financial resources to recover and resume operations after a cyberattack.
How has the COVID-19 pandemic impacted the cyber risk landscape? Ian Fraser: Around the world, cyberattacks and their associated costs have skyrocketed during the pandemic. Criminals are attempting to take advantage of the pandemic and aggressively targeting commercial enterprises; small and medium-sized businesses need to be vigilant. According to a new report by IT firm CDW, in Canada, the cost of cyber compromise now averages more than $1.25 million, a 47% increase from 2019. An alarming 99% of businesses surveyed reported a cyberattack between November 2019 and November 2020. COVID-19 has created new challenges for businesses as they adapt to an operating model in which working from home has become the new normal. Many companies are also planning hybrid work models, so they’ll have to stay vigilant about security for both remote work and physical office spaces. There’s a specific focus on securing
remote infrastructure and internet protocol [IP] solutions because of the work-fromhome shift. Companies are accelerating their digital transformation, and cybersecurity is now a major concern. The reputational, operational, legal and compliance implications could be considerable if cybersecurity risks are neglected. Insurers are grappling to understand how this trend will potentially shift the financial performance of the cyber line of business, and many are allocating considerable resources to quantify new aggregation exposures. Angela Feudo: Since the COVID-19 pandemic started, we have seen cyber criminals take advantage of people working from home. A lot of businesses did not have the systems or security designed to accommodate the majority of their staff in a work-fromhome scenario. As a result, there has been an increase in phishing attacks and malware.
Typically, devices at home are less secure, so multi-factor authentication, a focus on employee training and remote incident response plans are critical. COVID-19 has broadened out the cyberattack surface for cybercriminals to take advantage of due to the increase in employees working from home. Many businesses realized the increase in exposure and invested in IT and additional cyber controls to help manage this risk. It is also important to look to the future of post-pandemic business models. It is expected that more businesses will allow for a more flexible workplace, whether that be a full work-from-home model or a hybrid that could include desk sharing. Technology, security and employee awareness training plans will need to be updated to ensure the best cybersecurity hygiene is in place for an organization. It will also be important to refresh the organization’s incident response
33-52_Cyber Report 2021-SUBBED.indd 47
15/09/2021 3:57:48 am
EXECUTIVE INSIGHTS SERIES
plan to include how the company is currently conducting their business and where their employees are located. Miki Ho: In 2020, as many businesses were forced to transition to remote work, they often settled into the ease and reliability of remote working environments. Because there was a rush to get up and running quickly during the pandemic, security risks were often overlooked. It’s easy to forget that what makes it easier for employees to access their accounts and sensitive information remotely also makes it easier for hackers to target and access the same information. The rapid change in how we work gave threat actors access to a largely untapped pool of new targets, and they were often able to remain undetected for longer periods of time when planning their attack strategy. Remote desktop protocol [RDP], which enables the user to connect to a Windows computer remotely, has many inherent security risks. The rate of Coalition policyholders who experienced a claim due to exposed RDP increased from 29% to 40%, and the severity of these incidents increased by 103%. Another unfortunate result of widespread
reliance on remote capabilities were several noteworthy supply chain attacks, systemically crippling hundreds, if not thousands, of businesses simultaneously, such as the SolarWinds and Kaseya incidents. Lindsey Nelson: COVID-19 has increased awareness as businesses were forced to critically look at internal practices and transform IT security – or lack thereof – in the shift to remote working. We’ve seen a surge in demand for cyber policies not only due to the perceived increased exposure, but in response to rapidly hardening market conditions with limited available capacity. We see two main trends to watch out for. First, cyber events are increasingly a small business issue. Recent statistics show that more than 70% of ransomware incidents impact companies with fewer than 1,000 people and less than $50m in revenue. This resonates with CFC’s cyber claims experience. Small businesses are the low-hanging fruit due to their lack of security resources and vulnerability or are becoming collateral damage in larger attacks aimed at MSPs or cloud service providers. Second, cyber insurance and security services are increasingly merging into one. The cyber market is going through a lot of change at the moment, and it’s clear insurers will struggle to compete if they don’t have a fully integrated suite of risk management services built into their product. CFC has a cyber threat analysis team who continuously monitor policyholders, scanning for external vulnerabilities and informing clients where we have detected a match or compromise. We believe that this function truly represents the future of insurance; we’ve got countless examples of clients that we’ve identified as being compromised, reached out to and remediated, all before they’ve even realized they needed to file a claim. Our whole philosophy is that a business will be less of a risk as a cyber policyholder than they will be uninsured.
What other cyber risks are lurking on the horizon? Lindsey Nelson: If only we had a crystal ball! The long and short of it is that criminals are going after companies that are vulnerable
33-52_Cyber Report 2021-SUBBED.indd 48
15/09/2021 3:35:20 am
as the path of least resistance, rather than the ones that are valuable. The risk environment itself is likely to evolve as cybersecurity becomes a national security priority and government and regulatory bodies start taking action and enforcing sanctions penalties against businesses that pay demands or require mandatory reporting by those companies who do. Cyber capacity will be tighter in the next year than it ever has been in its existence as a product line. Those markets that are left will still be writing cyber because of the threat analysis and proactive work they provide clients to prevent incidents from happening in the first place. Policyholders are likely to see insurers limit the capacity they’re willing to provide on extortion cover, either through sub-limits or co-insurance provisions, but brokers have an excellent opportunity to use this to speak to clients upfront about the full limits that typically are available for system rebuild costs should they choose not to pay a demand, and get commitment from clients ahead of an incident as to what their decision will be to avoid paying in the first instance. Ian Fraser: Cyber threats are constantly evolving, employees will always be subject to human error, and it can sometimes feel like criminals are always one step ahead – so it’s important to be aware of, and prepared for, new and emerging risks. Some of the top cyber risks lurking on the horizon include 5G – simply put, by replacing hardware with software, you introduce an increased risk of data compromise. The proliferation of IoT interconnected devices poses the risk of insecure communications and data storage, as well as the increased potential for devices to be compromised, causing confidential data to be accessed. Quantum computing presents a potential to break current forms of encryption, requiring organizations to explore new ways of encrypting and protecting their data. Finally, there’s the growth in popularity of the cryptocurrency market and the absence of government regulation – the anonymity that cryptocurrency provides for ransomware payments is fuelling growth of this attack vector to troubling new heights.
Miki Ho: At Coalition, we have unique insight into the cyber threat landscape and its impact on our policyholders. We expect the market will continue to evolve as losses develop, new threats emerge and attacks become more severe. Our claims, incident response and insurance teams share the following predictions for the remainder of 2021. Ransomware will remain the single biggest threat for all organizations. Ransomware remains the most lucrative cybercriminal activity, and the widespread use of poorly secured remote access protocols and tools on the internet will continue to leave organizations open to ransomware attacks. As a
“Criminals are going after companies that are vulnerable as the path of least resistance, rather than the ones that are valuable” Lindsey Nelson, CFC
33-52_Cyber Report 2021-SUBBED.indd 49
15/09/2021 3:35:43 am
EXECUTIVE INSIGHTS SERIES
CYBER INSURANCE result, we expect ransomware frequency to increase moderately. Conversely, we expect that ransomware severity will flatten, as there is little leverage left to be gained beyond what criminals already have after taking an organization’s operations hostage. The cyber insurance market will continue to harden throughout the year. It will be harder to qualify for cyber insurance, and the implementation of many common cybersecurity controls will increasingly be required as a condition of coverage. We predict that many insurance carriers will also begin to require companies to address identified vulnerabilities during the policy period or risk losing some – or all – coverage. Price increases, co-insurance and sub-limits on critical coverages are already happening and will continue throughout 2021. Supply chain attacks will be more common. Criminals will increase their targeting of software and service providers that other organizations rely upon. Supply chain attacks allow criminals to victimize a large number of organizations at once, rather than just one. As organizations increase their reliance on cloud software and service providers, they open themselves up to more risk – risk they will struggle to control. Criminal attacks will follow nation-state attacks. Several high-profile attacks over the past year, including against Mimecast, SolarWinds and Microsoft Exchange, were believed to be instigated by nation-state actors. While these attacks are typically motivated by espionage rather than financial gain, the exploits used often eventually make their way into criminal hands, as evidenced with the Microsoft Exchange vulnerabilities disclosed earlier this year. We expect this trend to continue. Angela Feudo: Cybersecurity staffing shortages are a concern for businesses and the insurance industry. As the number of attacks grows and the demand for cyber security professionals increases, there has been a continued decrease of cybersecurity staff. According to an article from CNN, there are approximately 3.12 million unfulfilled positions globally. With unfulfilled cyber security positions, businesses are more vulnerable to breaches.
“Cybersecurity is a global concern, not only because hackers can reside anywhere in the world, but also because they can use other companies’ systems to breach yours” Angela Feudo, Trisura Guarantee Insurance Company Cybersecurity is a global concern, not only because hackers can reside anywhere in the world, but also because they can use other companies’ systems to breach yours by utilizing DDoS, man-in-the-middle attacks and cryptojacking techniques. Cybersecurity should be a group effort against cybercriminals. Additionally, as 5G – which is faster and can support more devices than traditional networks – continues to expand, it will increase the cybersecurity risk, as there
is much more software being used in the network, and therefore the attack surface has expanded. The increased speed of 5G, while beneficial to users, can prove to be a challenge for cybersecurity professionals. With its ability to support more devices, 5G will allow for more IoT devices. Not all IoT devices are manufactured with security in mind. With billions of IoT devices connected, all with mixed security levels, there could be potentially billions of breach points.
33-52_Cyber Report 2021-SUBBED.indd 50
15/09/2021 3:35:52 am
Risks have evolved. Risk protection should too.
More precise, comprehensive, and flexible Cyber/Tech coverages designed to address the unique and emerging risks to Canadian businesses.
Visit sovereigninsurance.ca to learn more.
© 2021 The Sovereign General Insurance Company, a member of The Co-operators group of companies. Sovereign® is a registered trademark of The Sovereign General Insurance Company. Not all advertised products may be available in all jurisdictions. For full terms and conditions, including coverage limitations and exclusions, please refer to the policy wording. The Sovereign General Insurance Company is committed to protecting the privacy, confidentiality, accuracy and security of the personal information that we collect, use, retain and disclose in the course of conducting our business. Visit sovereigninsurance.ca or call toll free at 1-800-661-1652 to learn more.
33-52_Cyber Report 2021-SUBBED.indd 51
15/09/2021 3:35:55 am
So * reliable Our in-house cyber claims team consists of nearly 100 digital ﬁreﬁghters on hand to rescue our cyber policyholders in times of trouble.
*Not an actual CFC cyber claims handler
33-52_Cyber Report 2021-SUBBED.indd 52
15/09/2021 3:36:01 am
SPECIAL PROMOTIONAL FEATURE
OPEN MARKET CORRESPONDENTS
Commercial lines evolution My Insurance Broker outlines how personal lines brokers can rely on an open market correspondent partner to help them build a commercial book of business AMID GROWING expectations to serve clients and adapt to their needs, brokers are facing more pressure than ever to create value beyond price. At the same time that new technologies continue to facilitate varying methods for accessing insurance tools and coverage, the COVID-19 pandemic has introduced an unpredictable and seemingly unwavering force that has further complicated the landscape. With demand for digital automation, policy autonomy and socially distanced servicing, relationshipbased brokers are struggling not to become a thing of the past. In light of these new pressures, many personal lines brokers are finding it difficult to remain confident in the delivery of a three-party insurance solution. In response, brokers might be wondering how they can adapt to a rapidly changing environment. Many personal lines brokers have found an opportunity to remain relevant by pivoting toward commercial lines products and services. But with a wide array of specialties to choose from, finding the right avenue for time, value and remuneration can be a challenge. This is where working with small package commercial solutions and MGAs can be a great tool in learning a new segment. These solutions offer packaged coverage for
specific industries on a catch-all basis. With the outlay of seemingly simple business and operational details, a broker can quickly pull together a proposal for a prospective insured and provide a comprehensive solution without much knowledge or expertise. However, as business needs grow and change, this can result in customers
being left without appropriate coverage or misrepresentation of risk – and clients being more susceptible to being poached by other, more experienced brokers.
The first steps So where do brokers start? “Brokers should always start by re-establishing their pursuit
SPECIAL PROMOTIONAL FEATURE
OPEN MARKET CORRESPONDENTS
of knowledge and delivery of service to their customers,” says Simon Walker, general manager of specialty solutions at My Insurance Broker. “With these benchmarks for excellence in mind, it is far easier to justify the time and effort required to be a dedicated commercial broker.” Walker and his team focus on what he calls “the weird and wonderful” – solutions for business that others might deem too challenging or difficult to place. These businesses can be as small as a nail salon or a
lakeside resort or as large as an international weapons manufacturer. Walker and his team have made this task increasingly easier through the acquisition of open market correspondence (OMC) status with the Lloyd’s market. An OMC is an insurance intermediary that introduces business directly to an accredited Lloyd’s broker for placement in the Lloyd’s market on an open market basis. This type of coverage, which is typically a one-off coverage solution, is issued by Lloyd’s according to the
individual risk profile presented. Lloyd’s requires that insurance entities in Canada be approved or registered by its attorney in fact or general representative before they can produce business to one or more sponsoring Lloyd’s brokers for placement on an open market basis. Fewer than 900 brokerages internationally are approved OMC registrants with the Lloyd’s market, which gives Walker and his team a strong advantage in placing hard-to-place risks. So how does this help brokers transition into commercial lines? The space is dominated by highly trained and competitive brokers, which could make for a daunting and frustrating environment when brokers approach domestic markets that have been blocked or attempt to penetrate longstanding relationships. Partnering with an open market correspondent makes for a much more desirable setting for a few reasons. First, accounts and risks that are deemed more difficult to place rarely have solutions supplied by the traditional market. Second, because many of these customers are looking for a knight in shining armour, they may be open to forming new relationships when they have been unsuccessful with other broker partners. Either way, this is the breeding ground for success for new entrants to the commercial space. In addition, Lloyd’s has responded to antiquated processes by embracing change and automation to create easier flow and access for brokers through its OMC partners. “We are prioritizing development of the next generation of PPL, building APIs to increase the digital flow of data, launching a virtual underwriting room pilot to complement the physical underwriting room in London, improving the technology and processes for managing delegated authorities and delivering enhancements to our claims value proposition,” says Marc Lipman, president of Lloyd’s Canada. Finally, this arrangement offers the
2021 Recognizing the best products, policies and services in the market based 100% on research and recommendations from customers
5-Star Professional Liability 5-Star Construction
5-Star Underwriters 5-Star Brokerages
5-Star Insurance Technology Providers
5-Star Property 5-Star MGAs
If you would like further details on our research, please get in touch via email at firstname.lastname@example.org
SPECIAL PROMOTIONAL FEATURE
OPEN MARKET CORRESPONDENTS
broadest and most complete view of frontline commercial underwriting, given that applications, accounts and submissions are meticulously reviewed before a quotation is offered and coverage is placed. Brokers can understand the rigour and detail required to be a strong commercial lines broker. Not only does this breed greater success for future accounts, but it also ensures that
market availability is accessible to provide a solution, regardless of the market segment or complexity.
OMC versus MGA How does an OMC’s work differ from what a managing general agent does? MGAs traditionally have relationships with domestic carriers or Lloyd’s syndicates to offer certain
“Brokers should always start by re-establishing their pursuit of knowledge and delivery of service to their customers” Simon Walker, My Insurance Broker
coverage to certain classes of risk. This narrow scope offers competitive rates for risks of a certain class. However, should a risk not fit the criteria, options become increasingly limited. This presents the potential for a variety of issues, such as binding incorrect limits or customers intentionally misrepresenting a risk in order to acquire coverage. In any scenario, forcing risk placement can have irreparable and long-term consequences. A broker could also need to approach many MGAs to find a potential solution, as their relationships with their capacity and binding authority may vary. With a complex risk, a single MGA might not be able to provide all the solutions necessary to cover it off. Because OMCs submit directly into the Lloyd’s market – in many cases, to the same syndicates that MGAs also work with – brokers and customers are eligible for customized coverage limits and policy wordings to fit their specific business needs. This offers a comprehensive solution without sacrificing coverage, limits or business operations. It also allows for the flexibility required to make sure insurance options are truly an all-comers market without turning away prospects, building the customer’s trust and confidence in a broker’s ability to handle and place risk on their behalf. As brokers broaden their horizons, it’s no surprise that the commercial lines space continues to become an important area of interest. As such, it is vital for brokers to find avenues to build their knowledge and confidence, satisfy their development goals, and serve their communities in new and innovative ways. A specialty, niche insurance partner that can help facilitate avenues in underserved segments of the insurance market can offer a unique opportunity for brokers to create value beyond price and remain relevant for generations to come. Having a strong open market partner can give brokers the flexibility and accessibility to stand out from the crowd.
53-57_My Insurance Broker-SUBBED.indd 56
15/09/2021 4:55:11 am
2021 NOVEMBER 17 – 18 • ONLINE
CONGRATULATIONS TO THE 2021 FINALISTS Insurance Business is pleased to announce the Finalists of the 6th annual Insurance Business Canada Awards. The selection of individuals and organizations across 19 categories is a true representation of excellence in the Canadian insurance industry. They are to be congratulated for their outstanding achievements, innovation and leadership over the past year. The grand winners will be revealed at the virtual awards show happening November 17 and 18.
To view the full list of finalists, visit
www.ibawards.ca For sponsorship opportunities, contact email@example.com
SOCIAL MEDIA SPONSOR
53-57_MyCongratulations Insurance Broker-SUBBED.indd 57 IBCA21 Ad.indd 41
15/09/2021 4:55:16 amAM 15/09/2021 12:41:47
SPECIAL PROMOTIONAL FEATURE
Victor Cyber combats cybercrime Victor Canada has partnered with CFC to launch a new cyber program that provides more comprehensive protection against emerging threats
A TRILLION dollars is an astounding amount of money – yet that’s how much experts expect organizations around the world to spend collectively to help ensure the security of their computing environments this year, according to cybersecurity news outlet CSO. And it’s not just big businesses that are expected to invest heavily in security. More than 70% of ransomware incidents affect companies with fewer than 1,000 employees and less than $50 million in revenue, according to Coveware, a ransomware recovery solutions provider. Why? Typically, companies with less money and fewer resources don’t have the cybersecurity tools needed to monitor threats. Canada is a popular target for ransomware attacks. This summer, the Russia-based Conti ransomware group hacked three small and medium-sized firms in Canada, including an internet provider, an engineering firm and an insurance broker – providing more evidence that cybercriminals aren’t just after big enterprises.
“There has been more change in the Canadian cyber market in the last 12 months than there has been in the last 20 years,” says Lindsey Nelson, cyber development leader at CFC, “and Canadian companies are being
“Victor has collaborated with CFC to expand our cyber insurance program to better meet the needs of our brokers and their clients,” says David Cook, president of Victor Canada. “The new product is a fullpackage cyber insurance solution that offers competitively priced coverage coupled with a broad range of risk management and loss mitigation tools.” Designed to meet the needs of the evolving threat landscape, the solution alerts policyholders to potential security compromises, rather than simply paying out claims. “We are keenly aware that most businesses require a proactive, service-driven solution that includes a full range of risk management and incident response tools, rather than a reactive insurance policy where organizations only respond when a cyberattack occurs,” says Kevin Auger, department leader and senior vice-president of technology, cyber and errors & omissions at Victor Canada. Victor Cyber provides cyber insurance with broad coverage for technology-related risks. Backed by a 100-member-strong team of incident response specialists, the coverage
“The new product is a full-package cyber insurance solution that offers competitively priced coverage coupled with a broad range of risk management and loss mitigation tools” David Cook, Victor Canada disproportionately affected by ransomware claims compared with anywhere else in the world.”
A new solution Partly in response to these developments, Victor Canada is now offering Victor Cyber, a comprehensive, proactive and financially viable cyber insurance option.
also delivers cyber incident response services that cover costs related to legal and regulatory IT security, forensics, privacy breach management, and third-party breach and post-remediation. In addition, the product offers cybercrime support, systems damage and business interruption services, network security and privacy liability, media liability support,
“Together we can raise awareness about the need for cyber coverage that provides proactive security support, as well as access to experts should the worst happen” Lindsey Nelson, CFC
and a suite of risk management services. The Victor Cyber policy also provides access to the Victor Response app, which is based on a CFC mobile app created to detect security alerts and offer help quickly. “It is designed to give customers access to proactive threat alerts specific to their business, free cybersecurity advice through the Ask the Expert section and the quickest
SPECIAL PROMOTIONAL FEATURE
WHAT DOES THE NEW VICTOR CYBER POLICY INCLUDE? Cybercrime support to protect against funds transfer fraud, theft of funds held in escrow, theft of personal funds, extortion, corporate identity theft, telephone hacking, push payment fraud and the unauthorized use of computer resources Systems damage and business interruption services to cover costs related to systems damage and rectification, income loss and extra expenses, dependent business interruption, consequential reputational harm, claim preparation, and hardware replacement Network security and privacy liability to cover management liability, regulatory and payment card industry (PCI) fines, and penalties and assessments Media liability support to defend against threats such as defamation and intellectual property rights infringement A suite of risk management services to deliver perimeter security, password management, endpoint security and employee phishing training way to notify of a claim should a cyberattack happen,” Nelson says. “And, critically, through the Tools section, customers can enable a range of risk management tools such as deep scanning to find vulnerabilities, dark web monitoring for things like stolen
login credentials, and phishing simulations to help employees learn what to look for.”
A foundation of expertise This new offering builds on several years of Victor Canada providing cyber insurance solutions for the small commercial market. During that time, the company has handled a variety of cybersecurity events. In one incident, cybercriminals installed ransomware on a policyholder’s network, demanding a ransom of 2.5 bitcoin (approximately $120,000). Victor was able to help the client wipe their server and restore operations with backup data. Forensics and breach counsel representatives then reviewed the situation and made sure the problem had been properly neutralized.
important coverage to more Canadian businesses is second to none,” Nelson adds. “CFC is one of the largest writers of cyber insurance globally, backed by the largest dedicated underwriting and security teams to support policyholders. Combined with Victor’s brand and scale in the Canadian market, I believe that together we can raise awareness about the need for cyber coverage that provides proactive security support, as well as access to experts should the worst happen.” Auger notes that “many of our competitors provide a cyber insurance product; however, very few are providing a complete insurance package with broad coverage coupled with cutting-edge risk management services. Our new cyber product will help companies better understand their cyber risk
“Many of our competitors provide a cyber insurance product; however, very few are providing a complete insurance package with broad coverage coupled with cutting-edge risk management services” Kevin Auger, Victor Canada In another event, a cybercriminal launched a sophisticated email phishing scheme on an unsuspecting law firm. Once it had discovered the problem, the firm tried to contact the banks and other financial institutions that had wired the money out of the country – to no avail. As a result, Victor covered the client for $250,000. Now, through its collaboration with CFC, Victor is poised to take on new challenges. “Working with CFC has provided a great opportunity to collaborate between our two organizations and better assist our brokers and their clients with their evolving cyber needs,” Cook says. “Victor’s commitment to bringing this
exposures, while at the same time providing access to the cyber tools and information they’ll need to better monitor, mitigate and manage these exposures.” That’s great news for new clients, but what about those who already have a cyber insurance policy in place through Victor? “There will be no disruption of service for existing Victor cyber policyholders as a result of our new cyber product offering,” Cook says. “We will continue to provide policyholders with cyber liability solutions that evolve to better address changing conditions. Our dedicated Victor team will continue to be available to assist brokers and their clients with their cyber needs.”
We’re changing the game. As the insurance enterprise of the future, Victor offers the specialized expertise and core capabilities in underwriting, technology, distribution and access to capital that brokers and clients need to stay ahead. See how we can support you with the strength of one of the world’s largest managing general underwriters.
Walking the talk with D&I Marsh’s Jason Groves, one of the driving forces behind the Dive In Festival, reflects on the insurance industry’s progress on diversity and inclusion
DIVE IN, the global festival for diversity and inclusion in insurance, returned in September with the theme of Active Allyship – aiming to educate and empower insurance professionals around the world on how to be effective allies and champions for all. The festival, held in a hybrid format due to the COVID-19 pandemic, touched on a vast range of topics, from LGBTQ+ and neurodiversity to generational differences, worklife balance, mental health and more. “It’s amazing to look at how far the industry has come as we [complete] our seventh year of Dive In,” says Jason Groves, chair of the Dive In Steering Committee and global director of media relations at Marsh. “In 2015, hardly anyone talked about diversity and inclusion. There were some forward-thinking people. In fact, the first person I ever heard talking about the imperative of diversity and inclusion was [AIG executive chair] Brian Duperreault. I remember being stunned and thinking, ‘Wow! If leaders like Brian Duperreault can get behind this, everyone should be able to.’” Groves has been involved with Dive In from the very beginning. D&I is something he’s always been passionate about, so when former Lloyd’s of London CEO Inga Beale approached him in 2015 and asked him to get involved, he jumped at the opportunity.
Since then, Dive In has grown from a small four-day festival around the Lloyd’s building in London to a global sensation with events in more than 30 countries, reaching over 30,000 attendees. Despite the COVID-19 pandemic, which put a stop to in-person networking and events, Dive In has continued its explosive growth through a hybrid virtual and in-person format. “The COVID-19 pandemic has brought out so many issues, particularly around mental health, women, caring responsibilities and family obligations, race, and more,” Groves says. “Through Dive In, we’ve always given practical advice to people, which they can take back to their organizations and put into practice. It’s always been conceived as a very practical series of events, and I think people took that up last year, thinking, ‘Yes, I do want to know more.’
“That’s why this year’s theme [was] Active Allyship. With the Black Lives Matter movement and various other issues that arose in 2020 around the pandemic, people posted a lot of things on social media, but a social media post doesn’t cut it. That’s not being an ally. The real question is: What can you actually do within your workplace to make it more inclusive and to assist in promoting greater diversity?” Over the past year, forward-thinking companies around the world have started to advance their D&I initiatives. At the same time, there’s been an investor- and shareholderdriven surge in environmental, social and governance (ESG) reporting among corporate entities, and diversity and inclusion is considered a key component of the social pillar of ESG. “The message of Dive In is that it’s for all
WHAT IS DIVE IN? Dive In is the international festival for diversity and inclusion in insurance. It’s an initiative of Inclusion@Lloyd’s, a strategic collaboration between Lloyd’s, the International Underwriting Association, the London & International Insurance Brokers’ Association and the Lloyd’s Market Association. The aim of Inclusion@Lloyd’s is to pool resources, widen perspectives and share best practices in diversity and inclusion to effect change faster. In 2021, Dive In covered a range of topics, including mental health, social responsibility, multi-generational workplaces, gender, LGBTQ+, multi-culturalism, race and ethnicity, and disability.
62-63_Brokerage Insight-SUBBED.indd 62
15/09/2021 2:43:50 am
MARSH’S WORK ON D&I Marsh supports D&I through its global Diversity & Inclusion Council. The council’s members play several roles in ensuring that D&I is a priority throughout the business. Furthering D&I objectives Marsh
Serving as executive sponsors and steering committee members for Marsh’s colleague resource groups
Championing D&I initiatives on a global level
Endorsing budget for D&I initiatives
Serving as spokespeople for D&I efforts
“The COVID-19 pandemic has brought out so many issues, particularly around mental health, women, caring responsibilities and family obligations, race, and more” of us who work in the industry to walk the talk,” Groves says. “It’s not just about saying, ‘I’m an ally.’ What are you doing to demonstrate that? How are you changing your behaviour? What are you doing within your own team and within your own company to show that you’re an ally? This year’s festival will equip people to be more active allies across all the different areas of diversity and
inclusion – which are growing, by the way.” Dive In always looks at the traditional areas of diversity and inclusion, like gender, sexuality and race, but every year, the festival is refreshed with new topics that are top of mind. “The issue of trans rights has become very topical and something that people are very interested in today,” Groves says. “Someone
Ensuring open communication about D&I at Marsh
Supporting colleague resource groups
might read something about trans rights in the news and think, ‘I don’t really know how that relates to me, but if I was to have someone like that on my team, I wouldn’t have a clue what to do.’ And so people come along to Dive In to educate themselves so that they can talk sensibly and act responsibly about issues relating to diversity and inclusion.”
62-63_Brokerage Insight-SUBBED.indd 63
15/09/2021 2:43:59 am
TELL US ABOUT YOUR OTHER LIFE Email firstname.lastname@example.org
Taylor with her best friend a nd fellow insura nce professional, Lori Thebeau, who’s also a me mber of the Becaguimec Trail Association
Members of the Becaguimec Trail Association
Sponsors of the association
Bikes owned by Taylor and her husband
BLAZING NEW TRAILS Insurance marketer and outdoors enthusiast Becci Taylor co-founded the Becaguimec Trail Association to build hiking and biking trails for her peers LONGTIME OUTDOOR enthusiasts Becci Taylor and her husband, Darren, have always been involved in the community. After being approached by the town of Hartland, New Brunswick, to help develop 145 acres of unused land into hiking and biking trails, the couple founded the Becaguimec Trail Association, which has developed almost 15km of trail to date.
Taylor, who serves as marketing and professional development coordinator at the Insurance Brokers Association of New Brunswick, says the organization has enabled her to connect with like-minded women and give them the chance to enjoy the trails. “In our small town, there are gyms and running groups, but nothing like this,” she
says. “In such little time, I’ve made new friends, cheered them on and watched them face their fears. It’s not a competition amongst us, it’s a sisterhood. Super cheesy, I know, but anyone who rides with other women will tell you the same. In a year, I’ve ridden with all these ladies at other trail systems throughout New Brunswick, and we still have lots of plans left for the year!”
Complex risks call for custom solutions. There is no one-size-fits-all approach. With CNA’s Epack 3, companies can untangle their risks by tailoring their coverages with simple, concise language for management and professional liability.
Learn more at cnacanada.ca. “CNA” is a registered trademark of CNA Financial Corporation. Certain CNA Financial Corporation subsidiaries use the “CNA” trademark in connection with insurance underwriting and claims activities. Copyright © 2021 CNA. All rights reserved. 2173-MKTG
00_OFC Spine OBC-SUBBED.indd 3
15/09/2021 2:33:39 am