6 November 2018

Australian terrorism pool launches cyber study

Australia’s terrorism risk pool has announced a 12-month study on the danger of cyber terrorism to the country, just as the government boosts its regulator’s preparedness to identify such threats.

The Australian Reinsurance Pool Corporation (ARPC) will examine the nature and cost of physical damage from a cyber-attack to commercial real estate, including interruption to commerce.

The research will also investigate how practical it is to extend insurance coverage to cyber terrorism.

 The move follows that of the UK’s terrorism risk pool, Pool Re, to cover damage and business interruption losses caused by cyber terrorists.

The ARPC currently reinsures participating primary insurers against losses from declared terrorist incidents.

But commercial policies, and cover by the ARPC itself, exclude acts of cyber terrorism affecting commercial and expensive residential property.

The scheme meets qualifying claims using its retained earnings, after an individual insurer member’s risk retention is exhausted.

Industry retention is currently between A$100,000 (US$72,230) and A$200m. Funding from the ARPC extends then to A$285m. Thereafter, claims are met through a A$3.1bn retrocession program in which the ARPC participates through co-reinsurance, and then via a commonwealth government guarantee of up to A$10bn. The total value of the ARPC scheme is more than $13bn.

Christopher Wallace, the ARPC’s chief executive, said the study it is conducting jointly with the University of Cambridge’s Cambridge Centre for Risk Studies and with the Organisation for Economic Co-operation and Development, would help guide government policy, and “make a significant contribution to the data set and knowledge of cyber terrorism risk in Australia - a risk which is currently under-researched”.

The research will also run scenario analyses modelling prospective threats.