Finally, a new European mutual sees the light
Years ago, in 2013, when the Commission consulted on its Green Paper on the insurance of natural and man-made disasters, I pointed already to the potential creation of mutual insurers as part of a solution: “One important way to guarantee availability and coverage is the diversity and resilience of the insurance sector. Consumers insured by an insurance sector uniquely composed of large groups moving capital and business to where the best ROE is to be found may be at risk if returns are not at the desired level. Can it be argued that insurers which do not have an ROE as corporate finality could be a welcome buffer between the return-focused insurance market on the one hand and the government as solution of last resort on the other hand, at the cross-road between long term solidarity and short-term market demanded profit?“ The discussions on catnat have come even more to the forefront since then, joined by other and increasing protection gaps. In the area of cyberinsurance, for example, the industry has been crying for capacity. Time to dust off the image of mutual insurance?
Similar to the cover of third-party nuclear liability risk, insured by the Belgian mutual insurer ELINI, several large industrial groups have now created jointly a new Belgian insurance mutual to insure their cyberrisks, called MIRIS, Mutual Insurance and Reinsurance for Information Systems. The founding members are Airbus SE (NL), BASF SE (DE), Solvay SA (BE), Sonepar SAS (FR), Compagnie Financière Michelin SAS (FR), Groupe Adeo SA (FR) and Veolia Environment SA (FR). The mutual insurer has been set up as an “association d’assurances mutuelles/caisse commune d’assurances de droit privé” although this caisse commune legal form is not included in annex III of the Solvency II directive. It is a “capitalised mutual” and membership is only granted after payment of the capital. This is different from the “commercial mutuals”, thus MIRIS, where the payment of premium confers membership. Prospective members need to go through a screening process both for their financial strength and their cyber risk management capability. The Board of Directors of MIRIS gathers the output of the screening process and decides whether to submit a membership application to the General Meeting of all the members, who then decide whether to accept the new member. All members pay the initial capitalisation, all members participate in the General Meeting, all members have one vote at that meeting. Furthermore, to ensure the continuing status as a mutual association, all members must maintain an insurance policy at all times during their membership. Typical for a mutual, and accrding to its articles of association, the mutual is non-profit making and has to refrain from making profits. Its underwriting surplus is put into a reserve account, where it will accumulate and be available to underpin the capacity granted to members.
MIRIS’ sole and exclusive purpose is to insure its Members against IT risks. These include (1) the insurance of their general liability (branch 13) for all damages and losses caused by the Insured Members to third parties (class 13); (2) the insurance for all material damage and loss caused to the property of Insured Members, and consequent operating losses (classes 8 and 9); and (3) the insurance for various pecuniary losses suffered by Insured Members (class 16). Because it is a mutual association, MIRIS collects an “annual contribution” and not a premium, although in practice it works in the same way. MIRIS says that it will start with adequate capital to comply with Solvency II, and that it will apply a conservative underwriting model. Actuarial stress tests show a very low probability of depletion of the required capital reserves. If this were to happen, the members will be subject to “supplementary calls”, a first time maximum 6 times the yearly contribution. If that would prove to be insufficient, a second supplementary call till maximum 12 times the yearly contribution is foreseen. Should that still be insufficient, similar to some other mutual insurance models, each claim will then be settled according to the ratio between the totality of the guarantee fund and the provision for equalization and catastrophes and the additional contributions on the one hand and the total amount of claims on the other.
The activities of the mutual will be carried out both in Belgium and in all countries of which the Members are nationals and/or where the Members carry out their activities: this means that MIRIS can cover the worldwide activities of its members (subject of course to sanction limitations), but through policies issued in the EU. MIRIS states that it has been through a stringent anti-trust review to ensure that the Members’ activities outside Europe are not in breach of local competition regulations, and steps have been taken to address issues which have arisen. As MIRIS is a European insurer, it can only accept members from the EEA. Its license application is for direct insurance, but its Belgian domicile means it can also accept incoming reinsurance where necessary.
The Association will not be able to issue any insurance coverage before having obtained approval from the competent Belgian authority. The objective is for the first policy to incept on 1 January 2023. Will other industrial groups follow in other areas where capacity is tight and the need is high? And will the co-legislators which are now considering the Commission’s proposals on e.g., the newly proposed Insurance Recovery and Resolution directive make these requirements also fit for this legal form?
Lieve Lowet