REG Reviews
1st December 2022
Last month the FCA releases long awaited Personal Lines data, we saw updates on the Solvency II Reforms, and the CII issued apologies after experiencing their latest cyber attack.
Read these articles and many more, along with our usual updates from REG and the Regtech sector.
The Financial Conduct Authority released its general insurance value measures data on the 25th of November, this data covered July to December 2021.
The FCA indicated that it was “concerned about how the current picture presented in the data appears to compare with firms stating that virtually all products are providing fair value”
The watchdog mentioned that more 2022 data will be collected in February 2023 and that it would analyse this data in order to assess the robustness of product oversight and governance arrangements within firms, including fair value.
The regulator noted “Where the data indicates that individual firms, or products, are not providing fair value, we are seeking to urgently understand their assessments and what, if any, changes have been made to the products as a result.”
“Where we are not satisfied with the explanation, we will consider what tools we should use to protect consumers.”
The FCA reported that claims cost as a proportion of premium range from 5.21% for GAP Insurance (Add on) to 65.95% for Motorcycle (all).
It also highlighted that for some products add-ons have on average lower claim costs as a proportion of premiums, compared to the corresponding standalone product.
The products with the lowest percentage of premiums paid out in claims included GAP insurance – both as an add-on and standalone, travel insurance, excess protection insurance (add-on) and personal accident insurance (add-on).
Home insurance contents was found to pay out 27.86% of premiums and home insurance buildings was at 36.31%. Buildings and contents combined had the second largest line by premium at £2.34bn and the percentage of premiums paid out in claims was 39.9%
The largest line premium by premium at £8.07bn was in motor insurance and the resulted in 56.34% as the percentage of premiums paid out in claims.
The FCA also spoke about Fair Value Assessments, after a 3-month extension was given under certain circumstances to complete the assessments.
It stated that it will be asking “some of the firms offering potentially lower value products to consumers, according to the value measures data, to explain the value of these products and the outcome of the firms’ fair value assessments.”
Furthermore, with Consumer Duty rules coming in force in July 2023, the FCA reinforced that firms will need to act in good faith, avoid causing foreseeable harm and enable and support consumers to pursue their financial objectives.
Firms will also be required to provide support that meets consumer needs and expectations and ensure that consumers can use their product as reasonably anticipated and not face unreasonable barriers during the lifecycle of a product.
The FCA commented that “We expect that value measures data will help firms monitor if they are meeting these requirements.”
The released data includes firm specific information on claims frequencies, claims acceptance rates, average claims pay-outs and claims complaints as a proportion of claims, for a wide range of retail GI products.
Additionally, the FCA stated that “Firms are required to report for relevant products sold to consumers in the UK where total retail premiums (written) are above £400,000 in the reporting period, and where there are more than 3,000 policies in force during the reporting period.”
“Our aggregated product level data only includes products where 5 or more firms submitted data.”
On the 27th of October, the Chartered Insurance Institute was victim to a cyberattack and identified an unauthorised third party had accessed member’s personal data.
The CII reported the hackers had accessed member’s names, firms, emails, telephone number and date of birth. However, the CII also confirmed that the cyberattack had not breached any financial information.
The CII also stated the 20% of its customer records had been accessed and only a limited amount of personal data.
The institute then emailed members to inform them of the breach and reported the incident to the Information Commissioners Office.
The CII issued an apology that stated “We are sorry that this incident happened. We are committed to maintaining the security of the data that we hold. As such, we have taken the incident very seriously and acted swiftly in response to it, undertaking a detailed review of our security systems and testing protocols and making improvements.”
After first detecting the IT systems had been accessed, the CII stated that it “immediately took steps to secure our systems and appointed external IT experts to investigate the incident and identify any impact on our members’ and customers’ personal data”
“Given that this information was already likely to be in the public domain, the advice we have received is that there is very low risk. However, we have already informed all those impacted in the spirit of openness and transparency,” the CII continued.
Earlier this year, CII CEO Sian Fisher confirmed the institute was spending £8m on updating its IT systems.
On the 10th of November, Twitter started experiencing a wave of fake accounts that had been ‘verified’ by the blue tick, impersonating celebrities, influencers, and businesses.
Twitter reacted by suspending many of these accounts, however this led to confusion due to the constant changes in rules to solve this issue.
When Elon Musk announced the new Twitter Blue Subscription service, that allowed users to pay a monthly fee of £6.99, it was met with criticism by experts, suggesting the service could damage trust in the platform due to exploitation by scammers and impersonators.
Impersonators started appearing for major brands such as Apple, Nintendo, BP and Chiquita and high-profile individuals, including, Meta chief Mark Zuckerberg, current and previous US Presidents Joe Biden, Donald Trump and George W Bush, and former UK Prime Minister Tony Blair. Many of these accounts had to be suspended or removed.
The new blue tick system also allowed for exploitation from activists and conspiracy theorists. Although, Twitter managed to remove many of these accounts, they were overwhelmed by the pace of new accounts being created.
Twitter attempted to address the issue by giving high profile account grey ‘official’ badges, however these were them removed by Musk soon after, causing more confusion.
On the 11th of November, the grey ‘official’ badges started reappearing on some profiles and others started reporting that the Twitter Blue services was no longer available.
Although earlier this month Musk announced that Twitter Blue would be relaunched on the 29th of November, the relaunch has now been put on hold until “there is high confidence of stopping impersonation”.
In Chancellor Jeremy Hunt’s Autumn statement, he announced the Government’s decision on Solvency II and stated the package will “unlock tens of billions of pounds of investment for our growth-enhancing industries”.
In July, when Prime Minister Rishi Sunak was Chancellor, he highlighted that the Government wanted to update the UK’s insurers solvency rules quickly, following a consultation in April.
The proposed package includes a reduction to the Risk Margin by 65% and 35% for life insurers and non-life insurers respectively. The ABI welcomed these reductions as well as the proposed broadening of asset and liability eligibility criteria for the Matching Adjustment.
ABI Director General, Hannah Gurga stated “We strongly welcome these changes to the Solvency II regime which will allow the UK insurance and long-term savings sector to play an even greater role in supporting the levelling up agenda and the transition to Net Zero.”
“Meaningful reform of the rules creates the potential for the industry to invest over £100bn in the next ten years in productive finance, such as UK social infrastructure and green energy supply, whilst ensuring very high levels of protection for policyholders remain in place.”
She went on to say “More broadly, it will encourage a thriving and competitive industry which will ultimately benefit the UK economy, the environment, and customers. This meets the objectives that HM Treasury set out to achieve and which the industry has supported throughout.”
Aviva also welcome the new Solvency II package, with the group CEO commenting “We estimate reforms to Solvency II will allow Aviva to invest at least £25bn over the next ten years across the UK, including in critical areas such as social housing, schools, hospitals and green energy projects.”
Jens Stoltenberg, NATO’s Secretary General highlighted the growing threat from cyberspace at NATO’s 2022 Cyber Defence Pledge conference in Rome on November 10th.
Mr Stoltenberg flagged recent cyber-attacks against satellites, critical infrastructure and Government departments, and offered Russia’s invasion of Ukraine as a partial explanation.
The Secretary General stated “Cyber is a constantly contested space and the line between peace, crisis and conflict is blurred.
“That is why NATO has taken the threat to cyberspace from state and non-state actors so seriously for so long.”
“And why we have taken determined steps to guard against cyber-attacks. It is key to our collective defence”, he continued.
Following NATO’s Warsaw Summit in 2016 which saw the agreement of the Cyber Defence Pledge, the Allies have increased investment into cyber defences.
Mr Stoltenberg reinforced this by adding “I call on Allies to recommit to cyber defence. With more money, more expertise, and enhanced cooperation. This is a vital part of our collective defence, and we are all in this together.”
The average claim at FFT is $90,000, which is less than for ransomware, which has an average of $256,000. Unlike ransomware attacks FFT breaches do not usually gain access to costly data restoration or require system recovery, business interruption or breach response efforts.
Rebholz went on to comment “The rise in FFT incidents is linked to BEC, with FFT making up more than half of all BEC-related claims.”
“BEC can result in an email account takeover, whereby threat actors trick employees into giving up their account credentials and gain access to employees’ inboxes — which is particularly effective for FFT.”
Swathes of Instagram followers around the world were kicked off the app, due to a bug telling them that their accounts were suspended. The issue began on 31st October around lunchtime when users were told that their account was disabled for a month due to a violation of community guidelines.
They were told that during this time period they could appeal the decision, otherwise their account would be permanently disabled.
However, given the sheer number of users being banned at once and it being evident that many of them had not broken any of Instagram’s rules, it was suspected that the issue was a bug.
Some users who still had access to the platform also noted a sudden large drop in their follower account, presumably due to their followers being affected by the issue.
After many took to twitter to raise their concerns, Instagram responded to the complaints via twitter saying, “We’re aware that some of you are having issues accessing your Instagram account. We’re looking into it and apologise for the inconvenience.” In just a few hours the tweet had already received more than 14,000 comments and was retweeted more than 40,000 times.
The next day, Instagram reported the problem to be solved writing “We’ve resolved this bug now. It was causing people in different parts of the world to have issues accessing their accounts and caused a temporary change for some in the number of followers.”
It is still unclear whether this was an issue resulting from Instagram’s internal systems or if the system was hacked.
The FCA stated it had to amend or withdraw 4,151 financial promotions between July and September this year, the highest it has seen since 2021 when it started publishing the data.
Although, 95% of the interventions on adverts were in the retail lending and banking sectors, there was a rise in cases where the increasing cost of living crisis was use illegitimately by unauthorised firms or individuals.
During these months 303 warnings about unauthorised firms and individuals were issued by the FCA, 20% of these focused on clone scams.
Clones including William Fountain Insurance Brokers, a clone of HDI Global SE and one using the logo of Assured Partners broker, Borland Insurance, had been flagged during the timeframe this year.
During the timeframe, the FCA reviewed 340 financial promotions. The source of these promotions were mainly consumers (39%), followed by firms (22%) and areas within the FCA (20%). The rest came from other UK regulators and pro-active monitoring.
Executive director of enforcement and market oversight at the FCA, Mark Steward stated “As consumers feel the financial squeeze, they could be tempted by high risk, unregulated products and services or they could become a target for scammers preying on moments of vulnerability.”
“As a result, we’re doing even more to tackle false claims in adverts, issue prompt warnings to consumers, and we continue to engage with the largest tech and social media platforms as they also play an important part in protecting consumers from online harm”
“This is why changes to the Online Safety Bill to cover paid-for financial services advertising online are very much needed right now”, he concluded.
The insurance company’s issued share capital has increased by almost 10% due the raise.
The decision to raise fund for a cyber push was due to the “market dislocation” in insurances classes and Beazley believed it could deliver “outsized returns”.
Beazley also commented that within cyber insurance, “rates remain high, and demand continues to outweigh supply with significant barriers to entry for new carrier”.
Although cyber pricing slowed during the third quarter in the UK, compared to Q1 this year, it is still showing a year-on-year increase of 66%, as reported by Marsh.
The insurer concluded “The company expects the opportunity to write more new business in cyber to continue into 2023 and beyond and growth in property classes will enable the company to accelerate growth holistically, retaining more cyber and specialty business on balance sheet, increasing exposure to profitable business already written by Beazley and reducing the need for additional purchases of reinsurance”.
Willis Tower Watson announced the platform earlier this month, with the aim of allowing real time trade of complex speciality risk between multiple insurers and brokers.
The platform would also offer cover renewals and new business ranging from short-tail to long-tail product lines.
This platform was a response to inconsistent end to end operations caused by rigid legacy systems and incompatible digital practices.
WTW argued that to modernise the value chain, digital connectivity and commercial risk trading were essential and could lead to better solutions for customers and increasing competitiveness.
Head of London Market consulting at WTW, Richard Clarkson stated, “One of the market’s greatest challenges is to make doing business easier from beginning to end – not just one part of the transaction.”
“Developed in collaboration with Liberty and Markel, this new platform signals a step-change in digital trading, especially in a market as complex as London.”
Clarkson then went on to comment, “Underpinned by cutting-edge technology that will transform how brokers and underwriters connect and trade, users will benefit from significant operational efficiencies by improving the speed and cost of doing business through digitisation, automation and better use of data.”