Major insurers have been warned about serious “gaps” and “limitations” in their modelling and resilience to cyber threats and natural catastrophes.
The move by the Prudential Regulation Authority (PRA) follows a stress test it carried out into 54 insurance firms alongside 21 syndicates at Lloyd’s of London. It assessed their ability to prevent, react and respond to major crises, including cyber attacks and natural disasters.
The PRA discovered that insurers are uncertain about the likelihood of ransomware attacks, data leaks and cloud outages. It said insurers also need to improve how they quantify losses from natural catastrophes, risk margins, discounting, tax and unexpired risk.
The watchdog added that insurers should “consider how realistic it is for them to be able to sell assets in conditions following a market-wide issue, where there may be few willing buyers”. Current practices could lead to “a misestimation of scenario impacts for individual insurers”, it warned.