The cyber insurance mutual formed by a group of European corporates has received its insurance operating licence from the Belgian regulator and will begin commercial operations on 1 January, 2023.
MIRIS (Mutual Insurance and Reinsurance for Information Systems) has been created by industry veterans Danny Van Welkenhuyzen, Mark Pollard and Philippe Obert and will provide additional cyber insurance capacity for its members.
“Innovation of this level of importance in the insurance industry is unusual,” said Danny Van Welkenhuyzen, MIRIS CEO.
“The National Bank of Belgium, as regulator, needs to verify all aspects rigorously – the suitability of the members, of the governance structure, the feasibility and solvency margins of the business plan.
“We have worked closely with them for many months to satisfy the stringent requirements appropriate to the project. They have been a fantastic partner and we are delighted to have obtained the license.”
MIRIS is domiciled in Belgium and will provide direct insurance. It can only accept members from the European Union and European Economic Area (EEA) with €25 million of capacity being allocated for each member in its first two years of operation.
The chief information security officers (CISOs) of its members, alongside their insurance manager colleagues, have played a significant part in the project and will contribute to a risk control function that screens new members and shares risk management best practices.
“Cyber risk is probably the fastest evolving risk the insurance market has ever needed to consider,” said Mark Pollard, chief operating officer.
“In an industry where data and past experience shape the market response, this rapid evolution creates uncertainty, and consequently market volatility which challenges the risk transfer objectives of the policyholders.
“MIRIS aims to provide additional capacity, and in the longer term to help to stabilise the market for its members. That depends on the members being exceptionally well protected against the risks.
“MIRIS will have a role in promoting and validating excellence in cyber risk protection, as well as providing risk transfer capacity.”