Five things all underwriters should know about cryptocurrency
United Kingdom | Video | June 2020 | 04:45
Despite Bitcoin having released its open-source software 11 years ago, digital assets and blockchain-type
technologies took a long time to gather momentum in the corporate world. Today, many insurance
companies are exploring the potential of these emerging technologies and insurance solutions in relation
to them.
Now is the time to engage. Watch this short video to learn:
- Unique cryptocurrency policy wording.
- The key difference between copies of digital assets vs. physical assets.
- What are hot storage and cold storage?
- Underwriting considerations in relation to digital assets.
- How to assess the security of a wallet.
Video Details
Speaker | Content |
Nicholas Berry |
My name is Nicholas Berry and I’m here with Professor Peter McBurney. We were one of the first law firms to realise the potential importance of digital assets to our commercial client base as well as those operating in the FinTech space. I’m a corporate insurance partner in our London team. We’ve been heavily involved in the innovation of insurance products, looking to cover our FinTech businesses that may transact or provide services in relation to cryptocurrency such as exchanges, but we’ve also been involved in designing products around insurance solutions relating to the storage of crypto-assets. The policy wording is unique in that it needs to capture and deal with many quite tricky concepts that results from the underlying technology that underpins these cryptocurrencies and as a result, what’s been great about this line of work is we’ve been able to leverage our new Head of Consulting Technology, Professor Peter McBurney, who’s sitting next to me. |
Prof Peter McBurney |
Thanks, Nico. So as Nico said, I’m a Professor of Computer Science at King’s College London. I’m not a lawyer so I’m bringing a computer science or computational perspective to this. There’s a big difference between digital assets and traditional physical assets and the difference is that a copy of a digital asset might be just as powerful or just as valuable as the original, which wouldn’t be the case with a painting, for example. Certainly if you have a copy of someone’s BitCoin private keys, then you can do everything with that copy that the people who have the original private key can do. So this creates some problems in terms of storage and custody and secure custody. One distinction that people in this field are making now is between hot storage and cold storage. Basically, hot storage is storage of a digital asset in a medium or on a device that is connected to the internet. Cold storage is storing it in a way or on a device which is not connected to the internet. That’s fine keeping things secure, but if you want to actually use that private key to actually do some transactions now and again, then you have to get the private key from cold storage to hot storage and then presumably take it back from hot storage to cold storage. So that has created issues for insurance of the custody and most insurers that we’ve seen who are willing to insure custody of private cryptocurrency keys, are only willing to insure in the case of cold storage, they’re not generally willing to insure if it’s in the form of hot storage. |
Nicholas Berry | Lloyd’s have actually fairly prescriptive that all policy limits should be in Fiat currency, i.e. not denominated in cryptocurrency because of volatility issues. The other thing that has been noticeable within the buy-side, the customer side, is that customers and buyers of risk are wanting to publicise coverage. |
Prof Peter McBurney |
Security of the custody depends crucially on the hardware, the software and the processes that apply in keeping the custody of these private keys, so in particular, the various processes that govern key life cycles:. the creation of the keys, the creation of backup copies, the storage of the keys and the backup copies, the retrieval, if you wish to retrieve for transaction purposes, and maybe eventual destruction of private keys. So having hardware, software and processes to govern this whole life cycle is crucial to being able to say the system is secure. One activity, as Nico alluded to, one activity we’ve done is to give advice to underwriters on proposals from would be insured organisations for how those processes should work, and in some ways, this is a similar exercise in principle to assessing the security of a vault, but we’re not just assessing the physical security, we’re assessing the software, the cybersecurity in effect and the work flow processes that will be involved with people as they move keys from one stage to another stage. |
Nicholas Berry | Thanks very much for listening to us. |
Prof Peter McBurney | Thanks everyone. |
As we mention in the video, most insurers active in this space have only been interested in insuring digital assets against loss or theft if the assets are kept in cold storage, i.e. “offline.” Recently, this has begun to change, as insurers learn more about the technologies and the risks involved.
We understand from Insurtech Gateway that Lloyd's insurance syndicate Atrium is underwriting Coincover's groundbreaking new policy. Cryptocurrency held in hot storage (online wallets) held by their partner BitGo will be protected against third-party attacks on the wallet or the theft of private keys. Coincover is also involved in providing insurance cover for wallets held by its partner, Civic Technologies, up to a value of US$1 million worth of cryptocurrencies.
In addition to providing insurance cover for loss or theft of digital assets, innovative companies are also taking advantage of the technology underlying cryptocurrencies, known as distributed ledger or blockchain technology.
There are a number of well publicised instances of insurance consortia looking at platform solutions using these technologies in commercial lines applications.
Start-up Nexus Mutual (one of the alumni from NRF’s Insurathon) facilitates a form of pooled risk protection in relation to smart contracts, which are automated computer programmes running over distributed ledgers. The pooling activity involves assessment of the risks of a given smart contract programme by members, including other developers of smart contracts. The proposition is: who is better to assess these risks than other developers?
Another approach is that of Nayms, a home grown Insurtech Gateway start-up, now in its beta test phase. Nayms implements insurance agreements as smart contract software programmes which run over the Ethereum distributed ledger platform. The intention is that the contracts can be transparent, can pay out automatically when pre-agreed conditions are satisfied and can be readily traded. Nayms will be applying this methodology to insuring crypto-risk with matched cryptocurrency.
In summary, this is an interesting time to be involved in the meeting point of insurance and digital assets.