Terrorism risk and insurance

With worldwide capacity for standalone terrorism cover estimated at US$4.3bn, insurers’ appetite for terrorism risk is high. The risks remain equally as high – in the West as well as in other growth markets. Peter Davy looks at policy wordings and risk mitigation strategies

A decade on from the 7/7 London bombings, terrorism still commands UK headlines and preoccupies the government. The threat level, according to MI5, remains severe, meaning an attack is “highly likely” – one level below critical, indicating an attack is imminent.

It also continues to worry businesses in the UK, consistently appearing in the list of most concerning risks. That’s despite the fact that much of the terrorism worldwide is concentrated in countries with limited foreign investment and therefore business exposure. Julia Graham, president of FERMA and director of risk management and insurance for international law firm DLA Piper, says it is a board level issue and one we should all have on our radar.

In May, risk analytics group Verisk Maplecroft published updated terrorism risk scores for cities in its Global Alerts Dashboard, an online mapping and data portal logging terrorism incidents. Based on the frequency and severity of incidents, Bagdad was ranked as the highest risk urban centre, while the rest of the top six was also made up of other cities in Iraq.

Of the 64 cities designated as at extreme risk, the vast majority are in countries suffering from ongoing Islamist-extremist insurgencies, which have been compounded by the rise of ISIS. “There’s been a major deterioration in the already fraught security situation in these cities, as levels of risk very much reflect areas where the Islamic State group is present, or where pre-existing local insurgencies have pledged allegiance to it,” explains Daniel Gray, terrorism and security analyst at Verisk Maplecroft. This also includes Kabul in Afghanistan, Mogadishu in Somalia and Tripoli in Libya.

Similarly, Aon Risk Solutions’ Terrorism & Political Violence Risk Map, published in the same month, showed that just 10 countries accounted for 78 per cent of terrorist attacks since 2007. Iraq, again, headed the list, responsible for 30 per cent of all attacks.

For all the headlines ISIS has generated, businesses can take some comfort that its focus remains relatively local, says Jonathan Wood, associate director for global risks at consultancy Control Risks.

“At the moment it is focused on capturing and controlling territory and establishing a political unit in the Middle East. Its concerns are the military campaign in Iraq, Syria and potentially some neighbouring countries, but it is not really focused on carrying out its own transnational attacks,” he says.

Of course, this only provides limited reassurance. The focus of ISIS may change and broaden – one of the key risks to monitor going forward, says Wood. Moreover, it has already inspired an increase in the number of lone wolf attacks in other countries, including Canada, France, Denmark and the US, as well as the recent attack in Sousse, Tunisia, for which it claimed responsibility.

“In the last couple of years we have seen the emergence of ISIS as a sort of global motivator for these types of attacks, and it has had a demonstrable and significant impact on their frequency,” says Wood.

Aon’s report also notes that France, Germany, Australia, Belgium, Canada, Denmark, Estonia and Norway were all facing increased threats from ISIS and Al-Qaeda affiliates and supporters.

“The number of plots and official warnings and increased threat levels by western security agencies suggest the terrorist threat in the West has not been as high in almost a decade,” it states.

Perhaps more significantly, while businesses’ dealings with Iraq, Afghanistan or Somalia may be limited, a significant number of cities at real risk of terrorism are key economic centres in emerging markets.

“If you look at many of the cities in the top 100, you’ll find they are major growth markets in their own right – cities such as Nairobi, Abuja and Cairo,” says Gray.
Meanwhile, at a country level, terrorism risk is rated as extreme or high in a number of key growth markets such as India, the Philippines and Colombia, where terrorism and insurgency tends to occur in rural areas.

“These are economies that will be the engines of growth in future, not only for primary industries such as oil and gas, but also for services. They are places that foreign companies and personnel want to be,” says Gray.

Moreover, even if companies do not have operations on the ground many are still exposed, as Kade Spears, head of specialty at The Channel Syndicate at Lloyd’s points out. “Companies not directly impacted still have that contingent risk that exists in emerging markets and certainly to their supply chains,” she says.

Likewise, as the nature of the threat has changed, the emphasis for many when it comes to insurance has broadened beyond looking solely at physical damage caused by terrorism.
“Over the past 18 months, the business interruption and consequential loss side of the terrorism policy has become increasingly significant,” says Simon Low, divisional underwriter for political risk and crisis management at insurer Canopius. “The majority of policies we now sell cover it.”

Insurance appetite

As it is, insurers’ appetite for terrorism risk is high. In June, a report by broker Marsh put worldwide capacity for standalone terrorism cover at US$4.3 billion.

“The private market has significantly developed since 9/11,” Low remarks.
Insurers’ appetite for terrorism risk has also seen a general broadening of policy wordings, according to Srdjan Todorovic, head of terrorism in London for Allianz Global Corporate & Specialty, one of the recent entrants into the standalone terrorism market.

On the one hand, says Todorovic, policies increasingly include not just terrorism but also the full range of political violence perils – including war and civil war, insurrection, rebellion and so on; on the other, coverage for non-damage business interruption such as denial of access and ingress/egress are “creeping in” with an ever increasing frequency.

“That’s quite important because as a business you may not necessarily be hit directly, but you could suffer a contingent business interruption loss as a result of a neighbouring business or landmark that is higher on the terrorist’s radar,” he adds.
At the same time, the changing nature of terrorism attacks (with more smaller scale attacks resulting in an increasing risk to life rather than an increasing risk to property damage) has seen greater interest in terrorism liability coverage, protecting against the risk of being sued in the event of an attack.

Again, though, the willingness of insurers to provide cover should be tempered by the challenges that remain. Despite recent expansions of cover, first and foremost, terrorism insurance remains focused on property damage.

“We are very much a physical damage market,” says Jelle, vice-president in the war, terrorism and political violence division of Marsh.

Outside this scope, cover is still limited – with significant demand for more cover for interruption caused by terrorism threats. “Clients are screaming out for threat cover to be more readily available,” says Ouwehand. Likewise, loss of life is picked up by other policies, while there remains a significant gap for cyber terrorism, according to Todorovic. Businesses’ understanding of the potential risks of liability, meanwhile, remains limited, he adds.

Most significantly, however, the increased capacity in the market means there’s little pressure on businesses to improve risk management, according to Spears. “The reality is it’s a very competitive market today and there isn’t that pressure from most players on clients,” he says.

That’s a pity, he adds, because in many cases – particularly when businesses are looking at setting up operations in emerging markets – risk management could be better. “They sometimes run after contracts, have them signed and then think about the need to get insurance, and how to keep people and equipment safe. A lot of it is done after the fact,” he says. “Instead, businesses really need to understand the risks, do their homework first and speak to the experts.”

At Ferma, Graham agrees. “Insurance doesn’t take away the need to understand the risks and manage them. It is a risk mitigation; it is not a risk substitute. Terrorism risk management is about understanding the exposures; making sure you look after your people; and understanding what you do and having nimble and effective response plans in place.”


One insurer that is encouraging better risk management is Pool Re, the mutual reinsurer established by the UK government during the IRA troubles when insurers felt unable to provide cover.

In June it introduced a 2.5% discount for businesses completing the Crowded Places risk management programme run by the National Counter Terrorism Security Office. It is an initiative designed to encourage more consistent standards across business buyers of terrorism insurance, according to Pool Re chief executive Julian Enoizi.
“In the same way as incentives encourage you to put an alarm on your house, this initiative is designed to change the behaviour of insurance buyers and in doing so increasing national resilience,” he says.

It’s one of a number of significant changes Pool Re has announced, most of which will take effect in October. These include the introduction of “risk reflective pricing” for the different zones that it uses to determine pricing, and discounts of 40 per cent for those with low sums insured (below £2 million).

Despite the increase in private market, the pool still has an essential role in providing both cover for nuclear, chemical, biological and radiological attacks, says Enoizi, as well as providing unlimited cover – even in central London and other centres, where private sector insurers have limited appetite for business.
As Ouwehand at Marsh says,“If you’ve got big capacity needs in central London Pool Re will be the number one place to go.”

In March, Pool Re purchased reinsurance (of £1.8 billion) in the commercial market for the first time in its history, seeing the commercial market re-enter the market for UK terrorism market in the process. However, far from the role of the pool diminishing as private sector appetite for terrorism risk expands, Enoizi sees it potentially growing; the discount for SMEs, for example, designed to make terrorism cover more attractive to smaller businesses outside London that haven’t traditionally taken insurance.

It also continues to look at issues such as cyber risks – “from the public/private partnership perspective”, says Enoizi, and whether private sector responses are proving adequate.

“If we are covering physical damage from fire and explosion, then we should at least question whether we should be excluding physical damage from fire and explosion if the root cause of that is cyber [risk].” asks Enoizi.

This article was published in the September 2015 issue of CIR Magazine.

Download in PDF format

Click here for more interviews and analysis

Contact the editor

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.