Bank of America (BofA) is concerned about the state-backed cyberattack exclusion being implemented by Lloyd’s and has expressed its apprehension with the insurance marketplace, according to the Financial Times.
Citing people familiar with recent discussions between Lloyd’s and major clients, the publication reported that BofA supposedly raised the matter directly with Lloyd’s during one such meeting. Meanwhile, broking giant Marsh is said to have arranged a time for its clients to do the same.
The FT said neither Marsh nor BofA when contacted for comment. It was noted in the report, however, that changes to safeguards, including insurance, are “understandably a cause for concern” for an industry such as banking.
Lloyd’s mandate
Effective from March 31 this year, a suitable clause excluding liability for losses arising from any state-backed cyberattack must be included in all standalone cyberattack policies falling within risk codes CY (cybersecurity data and privacy breach) and CZ (cybersecurity property damage).
The requirements set out by Lloyd’s in terms of the use of exclusion clauses can be found here.
“It is important that Lloyd’s can have confidence that syndicates are managing their exposures to liabilities arising from war and state-backed cyberattacks,” Lloyd’s said in its market bulletin last August. “Robust wordings also provide the parties with clarity of cover, which means that risks can be properly priced and reduces the risk of disputes.”
Last year, in resp onse to Lloyd’s move, the British Insurance Brokers’ Association aired its concerns surrounding “the practicalities of such an exclusion”.