Fintech
The growing cyber risks in Fintech and how to mitigate them | Woodruff Sawyer
Understanding the regulations that govern your business will also be critical and will lay the foundation for the systems you put in place to ensure compliance.
Working with external consultants to identify the specific risks you face when building your product will also help you understand the scope of regulations to adhere to. Not only will it regulate the data privacy protections you must have in place, but it will also determine what forms of licensing you must apply for, such as payment and electronic money institutions that must register under PSD2 in the EU.
This aspect of an IT policy covers network security failures due to network intrusions, data breaches, cyber extortion, including ransomware, or compromise of company email.
Policies can cover negotiating and paying a ransomware claim, data recovery, legal fees, IT forensics, consumer breach notification, public relations, call center setup, credit monitoring and identity restoration.
It can also protect organizations from liabilities arising from a cyber incident or regulatory breach.
Examples include liabilities arising from a contractual obligation, expenses arising from regulatory investigations and sanctions by governments and/or law enforcement, as well as litigation and class action settlements.
Interruption of network activity
An IT policy can help you recover lost revenue and other costs in the event of network outages caused by security failures (such as malware) or system failures (such as administrative errors or poorly performed updates).
Some organizations may struggle to directly demonstrate revenue losses, as this may result in errors and omissions being covered.
Errors and omissions
E&O coverage protects policyholders from claims resulting from performance errors or failure to perform services.
Given the scale of fintech offerings, this could be the issue of an improperly implemented technology platform, a mistake or error in assessing who is eligible for a loan, or it could also be caused by consumers’ inability to access to your funds due to a network business interruption event. All of these can potentially manifest as a third-party liability claim from clients or consumers.
This is something I will explore further in a detailed article next time (stay informed about future articles by subscribing to the Cyber Notebook right here on this page).
Get the coverage you need
Due to the diverse nature of fintech, not all companies will have the same exposures. A well-crafted cyber policy can address the specific risks of your organization’s fintech liabilities.
Insurers are increasingly leveraging data analytics and artificial intelligence to assess cyber risks more accurately, tailor coverage solutions for specific industry sectors, and improve claims management processes.
That said, Guidelines for underwriting IT policies are becoming more stringent in the face of the evolution of cyber attacks. Insurers are looking to put certain cybersecurity checks in place before offering cover.
Working with a broker who specializes in cyber insurance can help you identify the risks you face, understand what it takes to get the coverage you need, and set appropriate limits.
For more information on what you need to know about the cyber insurance market in 2024, read Woodruff Sawyer Guide to the IT future2024 edition.