Warranty and indemnity insurers may be over-reliant on cyber insurance, a new report from the International Underwriting Association has warned. While cyber risks pose an increasingly potent threat in the context of mergers and acquisitions, there may be critical coverage gaps that underwriters need to consider more carefully.
The report, Cyber Risks and Warranty and Indemnity Insurance Underwriting: Do you understand your cyber exposure?, suggests that many cyber insurance policies automatically end cover when a transaction completes and often allow only a short claims reporting period despite cyber incidents frequently remaining undetected for a much longer period.
The IUA warns that W&I insurance could therefore become the primary or only source of protection for cyber-related warranty breaches.
Faye Hepburn, underwriting and claims executive at the IUA, said: “Cyber risk has evolved into a material underwriting consideration in warranty and indemnity insurance. The central finding in our new report is stark: the mere existence of a cyber insurance policy tells underwriters little about whether that coverage will respond after the closing of a transaction.
“This coverage gap can be compounded by market realities with risk analysis in practice rarely extending to penetration testing or technical validation. There must be a move beyond passive reliance on standard cyber policies and active interrogation of the nature and extent of any cover in place.”
The report provides practical guidance on assessing cyber exposure, policy wording and underwriting good practice.
The IUA's Transactional Liability Committee, which published the paper, was established in 2024 to promote good practice and improve understanding of transactional liability insurance.
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.








YOU MIGHT ALSO LIKE