Cyber risks can grow into systemic events for the insurance industry, but insurers themselves are unlikely to be the source of systemic cyber risk.
This was one of the points brought up by panellists at the Insurance Risk & Capital Americas 2020 virtual event, when questioned whether cyber risk is systemic.
“It’s a complex question, because at one level cyber risk could be very specific to an institution, and in this sense it’s not systemic,” said Halina von dem Hagen, global treasurer and head of capital management at Manulife.
Nonetheless, a data breach at a major company “could cause disruption throughout many sectors and could have negative consequences for the real economy if, for example, customers are afraid to engage in regular trading,” she said.
However, it is “rather implausible” that such an impact would emanate from an insurer or its activities, she added.
Mary Frances Monroe, senior advisor and insurance lead, regulatory affairs department at the Institute of International Finance, said she agreed that cyber risk can grow from an operational disruption into a systemic event, “when confidence in the financial system is seriously compromised or eroded”.
This is particularly the case if financial data is destroyed or altered, she said.
“But whether a cyber event becomes a systemic event depends on the context,” she noted.
To avoid cyber risks becoming systemic risks, she urged information to be shared between private and public institutions, and for cyber resilience to be improved.
The conversation was part of a wider discussion around systemic risks at the Insurance Risk & Capital Americas 2020 virtual event last week.
All panels and sessions from the Insurance Risk & Capital Americas 2020 conference are available on demand on the events platform for another two months - where registered delegates can access the replays.
Non-registered delegates can contact [email protected] for access to the events platform.
Insurers, regulators and commissioners can register for free by emailing [email protected]