Insurance news

McLarens Aviation is a leading provider of loss adjusting, survey and risk services to the global aviation industry, he said, and it hosts a team of over 90 in-house aviation specialists, operating out of a network of offices in 21 countries across the globe. With such a broad reach, it’s little wonder that Oliver has a clear viewpoint of the key pain points pressing on the industry and on what the firm must do to keep pace with the ever-changing needs of its global client base.

“Prior to the COVID pandemic, our big focus was on international expansion, particularly in the areas where passenger demand was increasing in line with economic growth,” he said. “So, for example, we’ve invested heavily in our US presence – particularly in the general aviation market – alongside opening new offices in the likes of Frankfurt, Brisbane, Beijing, Shanghai, Brasilia and Vancouver.

“As we recover from the pandemic, the focus has been on supporting the industry’s return to normality, however, there are some notable areas where we have seen renewed interest. Commercial drone usage has taken off in recent years and shows no sign of abating. We’ve seen a marked increase in UAV claims across our global network, as a result.”

Looking across the market, he noted that there’s growing interest in the development of electric-powered aircraft. There has been significant investment and some notable technological advances, including the maiden flights of some prototype all-electric light aircraft over the past year.

The team at McLarens Aviation has also seen an increase in the number of ground handling incidents between equipment and aircraft, he said. The key challenge here is that airport traffic is increasing rapidly as airports move to return to normal services, leading to increased pressures on turnaround times, aircraft parking, etc. More broadly, the firm is currently hiring across its European network and has recently been appointed to a major airline client in the Middle East.

Claims costs are a challenge impinging on many areas of the insurance ecosystem and the aviation section is no exception. Oliver highlighted that even before the inflationary pressures that are now being seen globally, claims costs were increasing within the aviation sector. Several factors are contributing to making the ad-hoc post-incident repair of some aircraft and engines notably more expensive, he said, including the adoption of new composite materials in aircraft, the control of the spares market by manufacturers and the impact of long-term Power By the Hour (PBH) maintenance contracts.

“We have reviewed our own data relating to typical, day-to-day claims (those under $10 million dealt with on a weekly basis across the globe) and found that claims relating to composite aircraft with significant repair needs are more expensive to deal with than traditional metallic structures,” he said. “This is partly to do with materials. For example, a single-engine fan blade on a large jet engine that might have cost $30k twenty years ago could easily cost $150k today depending on the material and design.

“It’s also to do with maintenance and repair processes. For example, it is not uncommon to receive quotes on a fixed price basis and while this gives some certainty for repair budget planning, the experience of many adjusters will show that these fixed costs contain an element for contingencies. We are continuously engaging with manufacturers and repairers on these points, on our clients’ behalf.”

McLarens has also recruited a number of engineers with specific knowledge of composite aircraft having worked within both manufacturers and operators, he said, and will undertake an internal training programme on these developments.

Read more: WTW introduces Airport Risk Index

Another key trend that Oliver and his team are seeing is the impact of external weather as a cause of insured losses in the aviation sector. Lightening, wind, hail and thunderstorms all pose hazards to aircraft, as does flooding. In many regions, he said, weather events appear to be becoming more extreme and prevalent.

The sudden and unexpected nature of some storms can prevent manufacturers and owners from taking the necessary steps to protect aircraft in time to avoid damage. He noted that while hurricanes can be tracked and planned for in advance, sudden and unexpected storms can turn out to be much more severe than expected or originally reported.

“Microbursts, tornados, and earthquakes are other – albeit less frequent – weather events that have previously been the source of claims having caused severe damage to aircraft,” he said. “Claims, of course, vary in size and scale of damage, from dents caused by hail, to total loss of aircraft.

“In 2011’s Thai floods, for example, damage to runways and aircraft was a major driver of claims. Flood water at airports causes major contamination as well as damage to aircraft parked at the airport that were unable to be flown out. The flood water also causes significant damage to ground equipment and airport vehicles, in addition to affecting stores full of aircraft parts and test equipment that have been immersed in flood water.”

During the COVID-19 pandemic, he said, there was the added challenge that many commercial aircraft were, at least for a period, grounded. The combination of mass accumulations of parked aircraft in single locations and more extreme weather events hugely increased underwriters’ exposure to this risk.

Digging into the upheaval of the pandemic and how well the aviation sector has recovered in the post-COVID period, Oliver noted the sheer variety of major challenges that faced the sector – from staffing and training, to transitioning an unprecedented number of aircraft from storage facilities to the runway.

“There were some major challenges facing the sector and the industry had done a good job at addressing these,” he said. “That’s not to say that some challenges don’t remain. The staffing shortages impacting some operators have been well documented and airlines and airports are working hard to address those.

“Despite some operational challenges, pent-up travel demand post-pandemic remains strong. In the short term, things look positive for the sector, though notwithstanding the wider economic challenges that all industries are facing.”  

Source

When discussing the shift in paradigm of cyber risk in modern businesses, in a recent feature with Insurance Business UK, Aaron Cain, cyber security consultant at Altus highlighted the challenge represented by employees who still think that cyber risk “has nothing to do with them”. It’s a misconception that is damaging to the very fabric of business continuity, which is why creating a culture of ownership around cyber risk is fundamental to good cyber hygiene.

Find out more: Discover how Altus’ team can help you navigate today’s ever-shifting cyber landscape

Digging into the ‘how’ of how this ownership piece can be constructed, Cain noted that it all starts with empowering employees to not just recognise cyber threats but also feel confident when reporting them. Consider the simple but effective messaging of the London Underground, he said, that of ‘see it, say it, sorted’. It’s the same for cyber risk, when somebody sees something suspicious, that information needs to get to the right people as quickly as possible.

“Organisations need to empower their workforce,” he said. “This is the really essential piece, moving away from that [attitude of] ‘my company’s cyber security teams should deal with it… I’m just going to move around something when it doesn’t look right because it doesn’t impact my task’. When somebody makes a blunder or, more to the point, tries to be helpful only to find they’ve done something wrong, the immediate human reaction is to say ‘oh, it wasn’t me, I was over there getting coffee at the time.’”

Read more: A shifting paradigm – how digital transformation is creating new cyber risk exposures

People don’t want to admit when they’ve made a mistake because they believe that blame comes along with that, he said, and that notion has got to change. If organisations don’t focus on eliminating that blame culture and don’t work towards getting to a place where people feel emboldened to admit their mistakes because they know they will be backed to the hilt, then employees will continue to try and bury their mishaps.

“They’ll hide it until it’s too late and you’ll only find out about it when somebody’s going back and doing the recovery,” he said. “[…] I’ve probably run across half a dozen, maybe a dozen companies over the course of my career who are very supportive and say that if you see a problem, just let us know you made a mistake and it’s not going to affect your career or anything else. This brings people into that accountability loop that makes people want to [be honest] because they know it’s going to be good for the company.”

That empowerment piece is part of the solution, Cain said, but a second part is making cyber risk understandable to employees across an entire business. Too often, the cyber security services engaged by a firm are simply not fit-for-purpose because they are generic, pre-packaged solutions that are not applicable to real-life scenarios or a modern hybrid work environment.

Read more: Staggering 90% of cyber risk uninsured

Taking phishing identification training, for example, he noted that click rates are still in the 40-50% range for most firms. When people get it wrong, the test comes back and they do it again, and they keep doing it until they tick the right boxes and get the right results – but without actually engaging with the education content at hand.

“A lot of it has to do with the attitude from the top going down,” he said. “Are you in business just to be in business? Or do you really understand that you need everybody to be secure so that you don’t run the risk of the impact and reputational damage of a cyber incident? Unfortunately, in many cases, people are too busy being ‘in business’ with an attitude of ‘oh, this is an hour lost to what we should be doing’. And that has to change from the top-down.”

The third piece that the Altus team has identified as crucial to creating ownership around cyber risk is around finding a way to make cyber security conversations universal. Just talking to your IT security people doesn’t help, Cain said, and just talking to your board doesn’t help. This message needs to go further and it needs to translate all the way down to the average employee working at the coalface of cyber risk exposures.

“They need to understand – here is what we’re looking for, here’s what we’re expecting, here’s what’s happening in the industry around us,” he said. “Threat intelligence is all around us with people talking about the most recent thing to pop up, so have your people take a look.”

“All it’s got to be is that first couple of times, somebody comes up and says ‘by the way, I saw this’. That’s great because it shows this is applicable to what they’re doing… It’s much more powerful when it comes from somebody who’s actually in the seat, who happens to see this on a scan and knows to ask whether to be concerned about it.”

Cain and his team actively work with organisations to empower their people to understand, notice and report cyber exposures – and he highlighted that at the core of Altus’ delivery model is a focus on collaborative discussions and genuine partnerships. Because too often, cyber security consultants come in and ‘talk at’ a company, focusing on just the IT team or the board, without taking into account the shared nature of cyber risk.

Mentorship is the key to doing this differently, Cain said. He emphasised the power of a ‘three-by-three’ approach to mentorship, where you always have three people that you lean on for insight and guidance, and three people that you’re providing that support to – as this allows the development of a holistic overview of cyber risk and a continuous flow of insight and information.

“Pushing out into a diverse pool gets the perspective of people other than me,” he said. “And when I go to a customer site, I do the same thing. Yes, I talk to the people that need to implement and operate the controls and the board who need to understand what’s going on. But I also then go and talk to the people who are using these controls and say, ‘we’re doing this, do you understand why?’”

People like to know the reasons behind decision-making and to understand how it impacts them, which is why it’s so critical to bring together that mentor-mentee relationship so that everybody across an organisation is in the loop and able to pass relevant information on. When you put those two things together, he said, you come out of a scenario with a stronger cyber culture, a stronger employee base and a stronger corporate structure.

Having supported organisations with these processes for several decades now, Cain has seen how engagement with cyber security resources has shifted. It’s been a continuous evolution, he said, but the dial is moving towards the point where companies recognise that they do what they do best, but they need support in managing their cyber risk exposures in order to be able to continue operating without interruption.

“Part of what I like from Altus’ perspective is that we are working collaboratively not just with our clients but also outside resources,” he said. “We’re working and partnering together [with third parties such as industry experts and the cyber resilience centres] to support companies that might not have the money to sit down and implement a full-blown programme. Because we recognise that the market is better if they’re doing something.”

Altus has created an initiative called ‘Cyber Conversations’ where the team will go out and talk to companies about what’s happening in the cyber security environment and what they need to be doing to protect themselves. This includes providing bespoke templates that suit their operational environment. It’s a genuine collaboration that benefits both parties, he said, and the most telling thing is that it seems to be already working within the wider market.

Recent research has revealed that the percentage of small businesses hit by cyber attacks in the UK is significantly lower than their US counterparts, he said. This is likely because small businesses in the UK are starting to collaborate, sharing tips on best practice and working together to eliminate their exposures as recommended by industry experts and regulators. This has pushed hackers towards multi-national companies and national infrastructure where the reward for a successful breach is higher.

“People are starting to realise that we have conferences, and seminars and online thought leadership articles, and great information coming from the industry that helps them understand what they need to do a bit better,” he said. “I have been pushing this collaboration piece from basically day one with all the things I’ve been doing.

“This was first a goal, then it had deliverables and now it’s down to getting the right frameworks in place so we can all talk together and make sure that we’re bringing the right resources in. No one of us has everything the customer is going to need. All of us together can make sure that the customer has the right things in place at the right time and is getting value for money. And that’s what we’re really focusing on.”

Find out more: Discover how Altus’ team can help you navigate today’s ever-shifting cyber landscape

With over four decades of experience in multiple market verticals, Aaron Cain has worked to integrate and secure business critical information flows across technology stacks ranging from legacy systems to cloud computing.

During years of independent consulting assignments based in the UK and EU, Aaron has developed the ability to frame complex technical and security concepts in concise and clear business terminology. Leveraging his experience with banking, hedge fund and insurance clients, Aaron will be working within Altus to develop specialised cyber security solutions and programmes for the financial services marketplace.

Source

“In our view, the global economy will cool down noticeably under the weight of inflation and interest rate shocks,” said Jérôme Haegeli, Swiss Re group chief economist. “The repricing of risk in the real economy and financial markets is actually healthy and a long-term positive. Higher risk-free rates should mean higher returns for investing into the real economy. During today’s challenging times – and for the economic recovery period ahead – the insurance industry can show its value as it provides financial resilience at all levels of the community.”

Major economies, especially in Europe, are likely to face inflationary recessions in the next 12 to 18 months amid higher interest rates, Swiss Re Institute said. Global GDP growth is projected to slow to 1.7% in 2023, down from 2.8% this year.

Swiss Re Institute predicted 5.4% average annual global CPI inflation in 2023 and 3.5% in 2024, down from 8.1% in 2022. Despite a predicted easing of momentum, inflation is predicted to remain volatile and persistently above historical averages. Inflation is challenging to insurers because it erodes nominal premium growth, impacts global demand and creates higher claims costs in non-life lines, Swiss Re Institute said.

The report predicted that non-life real premium growth would recover to 1.8% in 2023 and 2.8% in 2024 after weak 0.9% growth in real terms this year. In Europe, the predicted improvement reflects strengthening economic conditions as the region recovers from the coming downturn. Potential insurance rate increases and easing inflation in the US and more favourable real growth in Asia are expected to support stronger premium growth in those regions, the report said. China, which accounts for 60% of emerging market non-life premiums, is projected to see 4% real non-life premium growth in 2023 and 5.8% in 2024. 

Commercial lines are projected to benefit most from rate hardening and expand more than personal lines (excluding health), the report said. Swiss Re estimates a 3.3% growth in commercial premiums this year and a 3.7% increase in 2023. In contrast, global personal lines premiums are predicted to shrink by 0.7% in 2022 – driven primarily by underperformance in motor insurance in advanced markets – then recover to 1.8% growth next year.

The cost-of-living crisis in advanced markets is estimated to have driven a contraction in global life insurance premiums of 1.9% in real terms in 2022, Swiss Re Institute said. The report predicted this contraction would be followed by real premium growth in 2023 and 2024 of 1.7%, primarily due to 4.3% growth in emerging markets, including China.

The report found divergence in life premium growth drivers in advanced and emerging markets. Inflation in advanced markets, especially Europe, is tightening household budgets and reducing consumer demand for individual savings products. In emerging markets, by contrast, the growing middle class and government targets for life insurance penetration are driving growth in savings business. Demand is also being supported by younger, more digitally savvy emerging markets consumers who are more aware of the benefits of long-term life policies, the report said.

Source

The detailed sustainability strategy lays out the steps which the company will take over the next 36 months and provides multi-point plans for how it will implement ESG criteria and monitor its performance effectively, a release said. MS Amlin added that the plan would support its commitment to minimising the environmental impacts of its operations globally, while also expanding its social and governance practices.

The plan also aligns MS Amlin’s business strategy with the vision of its parent company MS&AD., while addressing the increased appetite from clients looking for support on sustainability.

MS Amlin’s sustainability strategy has three components:

• Supporting profitable growth – Deploying data, analytics and underwriting expertise to: i) support and influence clients aligning with the UN Sustainable Development Goals (UNSDGs) and transitioning to net zero; and ii) appropriately price for exposures arising from this transition.
• Empowering our people – Embedding sustainability practices to attract, engage, motivate and empower employees, while having a positive impact on the wider community.
• Delivering on obligations – Ensuring MS Amlin is well placed to fulfil its regulatory and other sustainability-related obligations, particularly in relation to climate risk

During the 36-month period, MS Amlin will fulfil the target setting requirements as specified by the Science Based Targets Institute (SBTi). The (re)insurer will also submit its targets for validation to the SBTi.

“MS Amlin has a key role to play in the transition to net-zero. Insurance is one of the enablers of growth and trade, meaning it can spearhead and support with the transition of economies and driving decarbonisation,” said MS Amlin Underwriting Limited CEO Johan Slabbert. “This document and the subject at its heart, sustainability, touches every aspect of our business.”

Slabbert added that the sustainability plan’s scope is broad and that the challenge to meet the requirements is “sizeable,” and that it will not be easily solved in a matter of years – but the opportunity ahead of the company is enormous.

“As the world continues on its journey to transition to a low carbon economy, we recognise that it is our duty to act, and responsibly contribute to these developments,” said MS Amlin head of sustainability and ESG Amir Sethu. “In addition to our corporate responsibility to act ethically, our employees have told us that they are passionate about, and prioritise sustainability, in their personal lives. Our new Sustainability Strategy sets out our goals, and we are certain that we can rise to the challenge and effectively tackle some of the biggest questions we are currently facing in the world.”

Read more: MS Amlin Underwriting brings in claims head

Earlier this month, MS Amlin appointed Clare Constable as head of claims. Constable joins from HDI Global Specialty UK, where she was claims director.

Source

“Lloyd’s provides the ideal platform for Trium,” said Josh Ladeau, chief executive officer of Trium Cyber. “Alongside the obvious advantages of Lloyd’s licences and agency ratings, we will benefit from its global position as a specialty underwriting leader, thought leadership on cyber risk, appetite for best-in-breed cyber exposure, and the globally renowned Lloyd’s brand.”

Prior to Trium, Ladeau was the global head of cyber for Aspen. He is supported by Jeff Bores, as chief underwriting officer and active underwriter of syndicate 1322. The pair have a successful track record of underwriting leadership and strong historical performance in the evolving cyber class.

“The timing for the launch of Trium Cyber could not be better,” Ladeau added. “Demand for coverage is significant and while rates have risen materially in line with exposure, capacity remains severely constricted. Trium delivers to the market significant cyber underwriting experience and fresh capacity at a point of critical need.”

Lorraine Harfitt, chief executive officer of Asta, said Trium’s launch provides an opportunity to make “a focused play in the demanding cyber market.”

“Through Lloyd’s, in line with its best traditions, the Trium team along with Asta has been able to plan and launch an underwriting operation in just a few months, in response to clients’ urgent need for highly-rated specialist cover delivered by experts,” she said.

Alongside coverage, Trium Cyber is establishing the provision of complementary risk management advisory services and customized real-time loss mitigation services to drive rapid claims decisions and favourable loss outcomes.

Source

Specialty insurer Beazley has announced that it aims to raise £385 million by selling new shares in the business, equivalent to a 10% stake.

The insurer said it will raise funds to expand its cyber and specialty businesses. It will conduct the share placement through an accelerated book-building process, with JP Morgan and Numis as the joint bookrunners, according to Reuters.

Source

“My biggest concern is that lots of companies in this space, and even traditional healthcare companies that are transitioning to become a hybrid model, whereby they have some patients that are demanding some services be done electronically, they’re probably acutely unaware of the potential risks and exposures that they’re sleepwalking into,” Boyce said.

 “[Or they may be] potentially unaware that their traditional medical malpractice policy they’ve had for many, many years has now become slightly insufficient, because it isn’t now considering or determining all of these different threats that they’re potentially opening themselves up to.”

Boyce called for a “rethink and refresh” around the risks affecting healthcare businesses in 2022 and beyond, and what insurance needs to offer.

“Historically, we roughly know what the risks and exposures are when we know where the claims are going to emanate from, but the moment you layer in different types of technology to potentially diagnose patient conditions using AI, or if they’re offering a video consultation and they haven’t picked up on something, or they give a misdiagnosis – because they’ve been using technology to diagnose cancerous lesions – it can be really problematic,” Boyce said.

Read more: Digital health and wellness sector lack cover – insurer report

Telemedicine, or virtual appointments, has become commonplace in global healthcare settings, with its use buoyed by COVID-19 pandemic restrictions and consumer choice – the pandemic “probably fast forwarded the adoption of telehealth solutions by about 10 years,” according to Boyce.

The telehealth sector has continued to dominate CFC’s digital healthcare book, accounting for 53% of its portfolio in 2021.

In the UK, 99% of general practitioners now have access to video consultations, up from fewer than 10% in February 2020 before the country’s first COVID lockdown.

At least $17.8 billion has been raised by Canadian healthcare start-ups, according to PWC, with digital healthcare spending expected to more than double by 2030 and much interest focused on telehealth and virtual care services.

“The pandemic was a catalyst but not the sole driver for growth; we’re under no illusions that the pandemic has obviously helped – the fact that it showed telehealth in a completely different light,” Boyce said.

Global telehealth use settled at around 38 times higher than pre-pandemic, a July 2021 McKinsey study found.

Attitudes have changed to the tool since it became more commonplace and medical providers are expected to look to a hybrid model in the coming years.

“There was a lot of people that were hugely against it because they thought that there were huge limitations around telehealth – you couldn’t physically touch and feel the patient and, therefore, you probably couldn’t potentially give them the right diagnosis,” Boyce said.

“But what the pandemic has definitely shown is that actually, these sort of thoughts and comments that people had previously have been very much nullified – there hasn’t been a huge uptick in in misdiagnosis as a result of telehealth.”

Other emerging technologies being used by healthcare organisations include mobile health, remote patient monitoring solutions, and online fitness.

AI – representing just 4% of the MGA’s portfolio as of 2021 – has seen 32% growth, according to CFC.

The technology is being used in chatbots, which can help determine whether someone needs a face-to-face appointment, as well as increasingly in diagnostics, for example to analyse CT scans – the technology can analyse up to 20,000 images in a matter of minutes, according to Boyce.

“The [AI tools] that become more challenging are the ones that are a little bit more like a black box that are making diagnostic decisions direct to patients, as opposed to it being used as a secondary tool, and those are the most concerning areas for us,” Boyce said.

“Not all forms of AI are the same and often you don’t exactly know why the algorithm made that decision.”

Organisations must also deal with a regulation challenge where it comes to AI and telehealth as governments and regulators grapple with what good practice looks like and whether to keep deregulation that came in under COVID.

Intellectual property claims have also proved a challenge for digital healthcare businesses, and around 18% of CFC’s claims in the segment have stemmed from IP issues.

“There’s an absence of legal clarity around whether some forms of AI would be considered intellectual property, so an algorithm which was created by one party – if that potential developer leaves and goes to another organisation, and they create an algorithm that is very similar to it, have they breached their potential IP?” Boyce said.

“A lot of it is concerning because there’s very little in the way of affirmative coverage in any healthcare policy – any medical malpractice policy, you just wouldn’t see coverage for it.”

Read more: CFC builds London market healthcare insurance unit

CFC debuted its digital healthcare practice in the US five years ago and has seen growth across other markets since widening its reach.

Overall, the US accounted for 81% of its book in 2021, from 92% in 2019.

Canadian insureds’ proportion within the business grew from 2% in 2019, to 5% in 2021, with the UK swelling from 5% to 10% over the same period.

“In Canada, we’ve seen slightly slower adoption rates on the basis that it took a little bit of time to get government buy in, and that’s the same with the UK as well,” Boyce said. “They have relatively similar healthcare payer systems whereby in the UK, we have the NHS [National Health Service] but we’ve also got a private system.”

Source

But that was the opportunity afforded to David Carson (pictured above left), head underwriter, K2 CAT, and Richard Coello (pictured above right) MD of K2 Financial, when they set about establishing K2 International – the London market operation of San Diego-based K2 Insurance Services. Discussing how the venture came about, Coello noted that he and Carson were part of Pioneer Underwriting – which entered into a period of difficulty that saw any business units that had not closed down essentially being put up for sale.

“We met with a number of businesses who were interested in taking us on and one of those was K2,” he said. “And they seemed a really natural fit when we met up with them, we just clicked. At that point, they were an entirely US-based MGA platform, though some of their units in the US have London capacity already, and they were really interested in putting together a London platform.”

Those early discussions gave him and Carson a real sense of the opportunity that lay ahead to build something different. From the outset, the wider K2 group offered K2 International’s team a huge amount of independence, he said, and offered them the exciting counterbalance of feeling like a start-up again while also being backed by a highly respected $1.5 billion international brand.

“We took about 30 people out of Pioneer and formed K2 International,” Carson said. “So, on the one hand, the only thing that changed for everyone was the name but actually [our] whole culture has been completely flipped. We had the chance to start again and to create a great place to work. And I think the first success of our business was that we actually did the deal with K2 at all, given that it took place during lockdown and it wasn’t  easy to do a deal [in those conditions].”

It was an exciting leap to move across into the management sphere, Coello said, and while leading through the early days of the pandemic was quite daunting, two years later he is very proud of where the business stands today. The business has seen its profit margin spike from 4-5% to almost 30% driven by the reshaping of the business to a form that works for its team, without sacrificing service quality and now boasts a platform not just fit for purpose but primed for expansion.

It’s not about standing still for K2 International, however, he said, as its platform is ripe for the development opportunities offered by new teams and partnerships. K2 International is actively exploring new opportunities to go out and acquire businesses and teams in the UK and more broadly across Europe on a talent-first basis. The team is fundamentally agnostic about what class of business it’s looking to invest in, he said, but rather is looking to bring on board the right talent and then bolster them with a broad range of support services.

“We’ve taken the opportunity to completely rebuild our infrastructure, to install a new underwriting system and to reconstruct our data warehouse,” Carson said. “Because I think, one of the key USPs for K2 International is that we have best-in-class management of information. Our carriers keep on telling us that of all the MGAs with which they deal, K2 International is up there with the best.”

Having K2 International described as the “Swiss watch” of their portfolio of MGAs was a high point, Coello said, as it reflects the work that has been done by the entire team who have worked tirelessly to get its platform to where it is today. The whole team should be very proud of the work it has done, he said, as the platform is a joy to work on – and he wants to see new business units benefit from that.

Read more: K2 International names new underwriter

“What we would like to do now that we’ve got the infrastructure in place is to expand the number of underwriting teams we’ve got,” Carson said. “Of course, we were a bit stymied by COVID and the lockdowns but now it’s just a question of getting our brand out there – that brand of ‘underwriting with a view’… We are an underwriting company in the true sense of the word. Lots of companies claim to be underwriting companies but aren’t. We’re underwriting first – and second, third and fourth. That’s the key for us.”

The way a lot of MGAs are currently set up is that they are essentially just distributors, selling as much product as they can for their market, Coello said. And that is one way of building out an MGA but he and the team at K2 International firmly believe that MGAs should provide out-performance against the index of the class of business that they’re writing.

“What is the point of an MGA unless it is delivering a better result than those carriers could get for themselves? That, to me, is and should be the main purpose of an MGA,” he said. “And so for us, underwriting with a view encapsulates our fundamental core belief that we’re here to underwrite, risk select and building profitability for our carriers and everything else – the benefits to us and the income that flows successful underwriting and producing high-quality results for our carriers – everything else comes second to that.”

It’s quite an unusual offering across the MGA community, Coello said, but he and Carson have seen first-hand how this philosophy is resonating with entrepreneurial underwriters frustrated with the current norms of doing business in the market. There’s a strong ownership element to being part of K2, he added, as you own your business unit and therefore, you own your results.

“Not all MGAs are structured that way,” he said. “So you have to be pretty confident in joining a platform like K2 that you back yourself to be successful. Because if you don’t, you’re not going to get rewarded. You are in charge of your destiny.

“Some people will not be comfortable with that and won’t want to be part of something like that. But for us, that’s the way we’re structured. I think that’s what makes us attractive, to those underwriters who aspire to build their own businesses within a robust infrastructure. That’s our differentiator and one that we believe will be right for certain types of underwriters. And we want to talk to those types of underwriters.”

Source

The board of directors said it was fortunate to have Zaffino continue his leadership of AIG for “at least the next five years”, having witnessed first-hand his ability to turn his strategic visions into measurable success.

“Under Peter’s leadership, AIG has delivered on ambitious operational and financial objectives and is well-positioned to continue to drive long-term value for the company’s shareholders and other stakeholders,” said John Rice on behalf of the board in a statement from AIG.

Zaffino agreed that AIG’s team had managed a complex ‘turnaround’ of AIG’s performance over the last few years while he was at the helm, including a reported $168 million underwriting income from general insurance in the third quarter of 2022 compared to $20 million the previous year and the initial public offering (IPO) of Corebridge Financial, the holding company of AIG’s life and retirement business.

Zaffino had stressed that the organisation’s third-quarter (Q3) results were even more impressive when viewed in the context of the ‘challenging macro-economic environment’ and hurricane Ian, one of the largest insured-loss hurricanes in US history.

“We instilled a culture of underwriting and operating excellence, dramatically changed our risk tolerance, and transformed the way we work and collaborate across the organisation,” he said. “It is a privilege to lead AIG and our talented group of colleagues, and I look forward to continuing to build on our significant momentum on our journey to become a top performing company and market leader in everything we do.”

AIG provides property casualty insurance, life insurance, retirement solutions, and other financial services to customers across approximately 70 countries and jurisdictions.

Source

His four decades of experience with consulting organisations from every conceivable industry on the risks that customers face have imparted Altus’s Aaron Cain with a keen understanding of the pitfalls and perils of information without insight, data without analytics and knowledge without accessibility.

Find out more: Discover how Altus’ team can help you navigate today’s ever-shifting cyber landscape

As a cyber security consultant at Altus, Cain (pictured) sees first-hand how new areas of exposure are opening up for businesses all the time – and how the role of quality and accessible insights and advice has come into its own amid this tumultuous environment. The tendency with conversations around cyber, he said, is that they become very theoretical and people miss that cyber risk is not an abstract notion but something hardwired even into the physical infrastructure that makes up our workplaces.

“A big concern at the moment is having your infrastructure, in terms of your PCs, your accessible pieces etc internal,” he said. “You’ve got the boundary, you’ve got the shell, whether you’re going to use Cloud or whether you’re going to use something else – it’s still marginally within your control. However, what has now opened up in terms of new exposures, very specifically, is the role of operational technology.”

Read more: Staggering 90% of cyber risk uninsured

To get a full view of the security exposures they face, he said, businesses need to tap into the threat posed by the interconnectivity resulting from the Internet of Things infrastructure of a modern-day office. He cited an example, where in the past he scanned an office he was working in to determine its exposures and found that everything from the copier to the coffee machine was digitally transmitting information to its manufacturer.

“What’s happened is that what used to be a wall around the organisation has become a kind of mesh fishing net,” he said. “And isn’t even things as ludicrous as that, it’s simple things like the sensors that sit in a computer room that tell you whether or not you’re having a fire. They’re connected to the outside world to alert and talk to the fire department. But that connection runs through your network and the question becomes – is it properly segmented?”

Cain noted that the expansion of the operating environment of modern workplaces is a processing gap that then represents part of an attack vector where hackers can enter and do harm. And it’s a problem compounded by the changing nature of software as well. Back in the old monolithic days, he said, when he used to write software for IBM, everything he wrote was his and if he made an error, it was his error.

“Now, there’s more and more software being developed under open source,” he said. “And with open source, you get a lot faster generation of software, but you also then inherit other people’s problems. The Log4j is a classic example, it sat there for generations of software development and nobody really thought about it until somebody thought ‘hang on, I could exploit this’, only to find out that it’s in enterprises, instances across the world.”

No company is an island because of the interconnectivity of supply vectors, he said, as they’re all using software services and other solutions, often without understanding the risk that goes with that.

COVID-19 and the wholesale move to working from home that took place across organisations from every sector, opened up new paradigms, he said, as the natural perimeter of workplaces became extended. But it’s not just remote working, Bring Your Own Device and dynamic workload management (i.e. Virtual Machines, Containerisation) have also extended that perimeter, which means that consideration has to be given to:

1. Network protection via VPNs, Zero Trust
2. Device management protocols like InTune or other ways of checking for acceptable update levels on personal devices before access is allowed
3. The hosting of dynamically configurable infrastructure, local VMs/Containers onsite

“COVID impacted to an extent because companies are now assuming somebody else’s problems,” he said. “The reason being that previously when you dialled into the office, you might have had VPN etc but it was a limited time thing and you knew you had to be careful… So, now you’ve basically got two things, number one, you assume other people’s hygiene. And there are a lot of employees out there who still think it’s the company’s responsibility to protect them from cyber risk, and nothing to do with them.”

But using a company device – whether that’s a laptop, a tablet or a mobile – while working from home means that employees need to be more aware of their cyber hygiene, and act responsibly. This means ensuring that the device security is kept up to date, he said, and ensuring that should the device be lost, stolen or destroyed – the corporate data that remains on it can be restored or wiped.

Read more: “Long way to go” for global cyber insurance penetration

Going back to the idea that cyber risk needs to move out of the realm of the theoretical, he also highlighted the very physical cyber exposures that exist. These critical considerations include things as simple as where your PC screens are positioned, monitoring who has access to the interior and exterior of your building, and ensuring that WiFi extenders are secure.

“Moving to this paradigm, you inherit [these exposures],” he said. “Unfortunately, these are often not discussed when companies are providing policies, procedures, documentation, and employee training about cyber risk. Most of that documentation still assumes that we are an on-site monolithic company with everybody in the office all the time.”

Existing employee handbooks might discuss device security or VPNs, Cain said, but they need to move one step further – to emphasise a holistic perspective on what good cyber hygiene looks like for a remote or on-site worker.

It is in the provision of that broad, holistic overview of a business’s cyber risks and, perhaps more critically, of an accessible breakdown of how to mitigate those exposures where Altus really shines. He noted that it’s a common theme among some of the larger consultancies in the market that the reports they provide – while exceptional in terms of technical content – are being simplified without being made accessible.

Businesses are being charged extraordinary amounts of money for dense reports that they end up passing on to their cyber insurance provider, or in a worst-case scenario to the ICO, without ever reviewing them closely themselves. Also, he noted that the nature of how these reports are created – through intensive, technically worded question sets – also means that the recommendations they generate are sometimes not as accurate as they could be as the business in question doesn’t really understand what’s being asked much less how to answer it.

“Getting this information into a useable format is so important,” he said. “It comes back to the same thing the legal profession has gone through… What we’re doing is getting this information down to common, plain English – away from these acronym-strewn commentaries that make it quicker for us because it’s understandable internally but which don’t help the customer.

“That customer needs information, so policies need to take that next step forward and get away from that ‘this is what it said in the template package that I got for all my HR policies.’ Because are they fit for purpose? In this case, perhaps not.”

Having worked across a variety of consultancies, Cain has a lived experience of what true best practice looks like and he emphasised that he is very grateful to be working for Altus – with its two-decade strong emphasis on real-world programme delivery.

“They basically say that if you can’t put in a diagram then you haven’t simplified it enough,” he said. “Once you can get [that advisory report] to the point that will fit into that Altus programme delivery framework visual description then you’re there.”

One of the problems with standard reports is that these are broken down into three key levels. You have the board report, which is simplified. You have the technical report, which is comprehensive. And you have the justification report – which is essentially completely indecipherable to anybody who is not a cybersecurity expert. The justification report is one which gets given to the lawyers in the event of a breach, he said, to demonstrate what preventative actions have been taken.

“What Altus does is when we produce the package that goes to the customer, it is one seamless package,” he said. “The board can see as much or as little detail as they want. And the technical team see what the board is seeing and sees what’s going on in their environment. It is an absolutely fantastic way to present information in an understandable and  usable fashion.”

Find out more: Discover how Altus’ team can help you navigate today’s ever-shifting cyber landscape

With over four decades of experience in multiple market verticals, Aaron Cain has worked to integrate and secure business critical information flows across technology stacks ranging from legacy systems to cloud computing.

During years of independent consulting assignments based in the UK and EU, Aaron has developed the ability to frame complex technical and security concepts in concise and clear business terminology. Leveraging his experience with banking, hedge fund and insurance clients, Aaron will be working within Altus to develop specialised cyber security solutions and programmes for the financial services marketplace.

Source