The cryptocurrency market has grown massively with a recent market capitalisation high of $1 trillion. It is an increasingly popular investment tool – but with rewards come risks.
No exchange or agent trading in cryptocurrency is above the threats. Binance, one of the world’s largest cryptocurrency exchanges lost more than $40 million in crypto assets from a sophisticated attack using a mixture of phishing, viruses, and other attacks. They are not alone, since 2011 it is estimated that over $11 billion dollars has been stolen from exchanges by hackers.
What about insurance?
The market is in its infancy and many exchanges and agents have found it difficult to get cover. The typical challenges are a lack of capacity, appetite, restrictive cover, and cost. Add to that regulatory and territorial issues and it can leave firms in a position where they may not be able to trade at all. Underpinning all of this is a lack of knowledge about the risks and industry. This is why we have been working hard to educate markets and help tell your story.
The good news is that by framing the narrative correctly there is capacity out there and we have helped many clients find the solutions they need using a partnership approach.
“We act for the client. By working with them and taking a ground up approach, we can sell their risk into the insurance market.” Mark Robinson, Sales Director - North
The Top 3 covers you need
Many in the exchange business come from the Financial Services Industry and understand that the risks in the cryptocurrency world are similar and need to be approached in the same manner.
This can be internal as a result of dishonest or fraudulent acts of employees, or external criminals or a combination of both. Whatever the cause of the theft, burglary, or robbery – having cover in place can be huge business differentiator. It provides confidence to clients that the loss of cryptocurrency whilst stored in cold, warm or hot storage is protected.
2. Professional Indemnity
Business errors and omissions can and do happen. When they do, as with other financial services, protection is essential. In fact, in certain jurisdictions it is not possible to trade without proving cover is in place to the regulator.
3. Directors’ & Officers’
Linkedto professional indemnity this can also be a regulatory requirement to trade in certain jurisdictions. Also, the premium can be lower than the alternative regulatory capital required. Claims against directors are on the increase and the cost of claims is rising. This has been driven by a combination of increased litigation, regulatory and bribery and corruption. As a result, having robust cover in place is essential whether your crypto business is a start-up, more established or needs to encourage non-executives to join the board.
Your story needs to be about Enterprise Risk Management
Any exchange that requires cover needs to look at their risk holistically to get the right terms and premium. Underwriters want to be confident that you understand your risks, take them seriously and are mitigating against them.
Having an Enterprise Risk Management (ERM) strategy is crucial in helping tell your story in this respect. At Verlingue we have a risk management team which specialises in helping clients put robust Risk Management Protocols (RMPs) in place to help clients secure the right insurance at the right price.
The market is relatively new in insurance terms, but cover is available with many of the wordings showing developments from existing products such as financial risks, cyber, crime and specie. For this reason, underwriters take a similar approach to cryptocurrency.
This applies to protection around sites with human security patrolling and protecting vaults where cold storage currency is held. In this respect it is similar to a specie policy. In respect of warm and hot storage, insurers require physical protection to be in place for servers and systems, similar to that which they would expect around any other cyber or digital risk.
The internal threat from staff can be negligent or malicious. Either errors in process which allow hackers access, or actively working for cyber criminals. To mitigate against these requires strong vetting and checking of employees as well as education and training programmes on managing the dangers.
Underwriters want to know that you have ‘skin in the game’ and have a desire to protect your brand. Some firms have even gone as far as setting up hackathons with prize money in a bid to prove to clients and stakeholders how secure they are.
A key pillar of Risk Management Protocols is the systems and processes that are in place and how they are stress tested. Everything from personnel to defence against financial crime – be that bribery and corruption or money-laundering to storage of private keys and auditable logging. Insurers are keen to see evidence of risk surveys – especially by legal counsel and third parties.
Our knowledge of the sector has enabled us to develop insurance solutions to protect your business against the main risks faced by this continually evolving sector – which have traditionally been hard to insure. If you would like to find out more about how we can help you with your cryptocurrency risks, please contact:
Mark Robinson Corporate Insurance Expert Technology, FinTech & Crypto Specialist.