Financial services firms face significant cyber insurance coverage gap, as well as growing threats related to climate, geopolitics and technology. Here’s how to tackle the risks

Financial services firms are overestimating their cyber insurance coverage and underestimating the risks they face as a result.

State sponsored cyber attacks pose an increased risk to the FS market across Europe, the Middle East and Africa (EMEA) in 2024, according to Deloitte’s Financial markets regulatory outlook 2024 report.

Financial markets

Speaking to sister publication Insurance Times,  Kareline Daguer, insurance director within Deloitte’s EMEA Centre for Regulatory Strategy, said there is a “very significant cyber insurance gap”.

She continued: “A lot of firms think that they [have more cover] than they really [do].”

She says that insurers need more data, policy and legal clarity to effectively provide cyber cover - adding that regulators could start looking at this evolving line of business more closely moving forward.

“A lot of firms think that they [have more cover] than they really [do].”

Growing threats

The research highlighted that geoplitical threats are also heightening the risk of cyber attacks.

Daguer said: “We are seeing a definite increase in cyber attacks, many of [which] are state sponsored.”

State sponsored activities refer to those that are supported or paid for by a government. Such attacks have become more visible as a result of action taken during the ongoing war between Russia and Ukraine. 

Data from IT company SecurityScorecard corroborates Deloitte’s conclusion.

Its cyber conflict and the erosion of trust report highlighted that 24% of global cyber attacks originate from China, while the Russian Federation was the source of 15% of the world’s cyber attacks.

Other risks to watch

Deloitte’s report warned that the challenging and unprecedented operating conditions that Financial Services firms have faced for the last few years look set to continue in 2024.

It found that although inflation is cooling and increases in interest rates have slowed, both of those factors continue to weigh on the economy.

As a consequence, considerable economic uncertainty persists, and financial and non-financial risks remain elevated.

Geopolitics

The report says that there is increased risk that geopolitical tensions fragment the global economic landscape further in 2024.

It says: “Geopolitical risks could also act as drivers of other prudential risks for both cross-border and purely domestic firms, for example: affecting market risk through increased market volatility; operational risk through increased risk of direct or indirect cyber-attacks; strategic risks where firms have to exit a market quickly; or credit risks to the extent that any of those risks affect clients’ ability to service debt.”

How to manage the threats

Deloitte highlights that Governments and business leaders are seeking to de-risk their value chains, with increasing ‘friend-shoring’ and protectionist measures in critical sectors

For FS firms, navigating this uncertain geopolitical environment will be challenging, and it will be vital to set a robust risk appetite and tolerance levels, use scenario analysis and reverse stress testing, and put in place contingency and recovery plans where risks are particularly elevated.

Sustainability and climate change

Given the macroeconomic headwinds and impending elections in many jurisdictions, political support for long-term net-zero measures could recede if they result in higher costs for consumers and businesses.

However, Deloitte says that it does not expect already agreed regulatory and supervisory deadlines to shift substantially in the near term, adding that “the prospect of a delayed transition (and the increased transition and physical risks that it could imply) only reinforces the need for FS firms to invest time and resources in ensuring resilience against climate and environmental risks.”

How to tackle the threats

Boards should set the expectation for their organisation that climate risk is integrated into all aspects of their decision making. In doing so, they should take steps to test and challenge the validity and effectiveness of the information they are being given.

Technology

The report highlights that for firms with a global footprint, embracing technological innovation will require navigation of an increasingly complex global regulatory landscape with jurisdictions moving at different speeds.

The evolving digital assets regulatory landscape is similarly complex. Regulatory frameworks and perimeters across the globe tend to treat the different types of digital assets and underpinning activities in distinct ways. 

Deloitte says: “For global firms, this complex and potentially divergent supervisory landscape inevitably creates compliance costs and strategic challenges.”

How to tackle the threats

Companies need to fully understand the impact of new technologies on their firm’s risk appetite, risk profile, strategy and reputation, and ensure that use of technology is supported by appropriate controls and governance.