Abstract

In this episode, Mr Ashley Coles, Director of Security Risks, Price Forbes & Mr Brett Davey, Founder and Managing Director of Insurance Consultants & Experts, I.C.E, Singapore look at the insurance sector – from kidnap and ransom risk management techniques to anti-piracy and cyber security crisis management.

This podcast series is presented by Dr Alessandro Arduino, Principal Research Fellow and Dr Ameem Lutfi, Research Fellow, at the Middle East Institute, National University of Singapore.

Listen to the full podcast here:

Full Transcript:

[Alessandro Arduino]: Welcome to the 12^th episode of the National University of Singapore  Middle East Institute podcast series ‘Boots Off the Ground: Security in Transition in the Middle East and Beyond’. In this series, we look at the future of warfare and  will see uniformed soldiers or ‘boots on the ground’, be replaced by private military companies, autonomous weapon systems and cyber weapons.

My name is Alessandro Arduino and I am the co-host for this series along with my colleague, Ameem Lutfi.

We are very glad to have with us today Ashley Coles, Director of Security Risks, Price Forbes. Ashley began his career as a kidnap and ransom underwriter at Hiscox, focusing on Latin America family kidnap and ransom insurance. Ashley then proceed to specialise in the Maritime Piracy programme, again at Hiscox, before joining a major UK broker in London as a security risk broker focusing on emergency evacuation and security risks in the Asia Pacific region. Also, if I recall correctly, Ashley has been in Hong Kong and Malaysia too for many years and is now back in London working with UK Price Forbes.

We are also extremely glad to have with us Brett Davey, today. Brett is the Founder and Managing Director of Insurance Consultants & Experts, I.C.E., based here in Singapore. He has over 30 years of underwriting experience in London and a vast insurance knowledge and experience in different classes of underwriting and global markets.Today however, we are going to get him to speak regarding kidnap and ransom and cybersecurity.

Thank you very much, both of you, for joining us today.

[Ashley Coles]: Thank you, Alex, it’s a great pleasure to be here. Really appreciate it. Thank you very much for having us today.

[Alessandro Arduino]: In our previous podcasts, we’ve been talking extensively – almost preaching – about the necessity for the private military sector and private security companies to cooperate with the insurance sector. I’m really excited to have both of you here today and we can get into the details of this possible cooperation and the role of this very niche and specialised part of the insurance [industry].

Ashley, to start off, can you give our listeners a quick overview of kidnap and ransom insurance – for instance, how does it work, who should be getting it, how long has it been in the market and so on. The floor is yours, Ashley.

[Ashley Coles]: Thanks very much, Alex. I suppose it’s worth to begin by saying that the kidnap and ransom insurance market has been in existence for approximately 40 years now so it’s an extremely well-established product and very commonly purchased.

The insurance originated in Latin America, which I don’t think will be a surprise to your listeners. It was developed by insurers and private crisis security firms to originally protect high-net-worth individuals, their families and companies as well, against the highly prevalent risk of kidnap threats and extortion in Latin America. In the 1980s,  places like Mexico were experiencing a plague of kidnappings by people like Pablo Escobar who were using it as a political tool. Kidnapping was also rife in places like Venezuela, Brazil, Colombia and Argentina.

The product was developed to protect these people against what was a day-to-day crime in those countries. Over the years, this highly, as you say Alex, specialised niche form of insurance, has been recognised as an essential purchase for companies operating in or traveling to locations which are considered to be medium or high risk. I suppose it’s been recognised as being hugely beneficial to companies who have a particular brand to protect, have business travellers and people who are seconded overseas.  It is also to protect companies from the risks that they face within their own borders these days. We can talk more about that because it focuses on cyber threat, I think.

In current times, any company of any size will buy a confidential kidnap and ransom policy to protect those at the very top of their organisation – all the way through to anyone under their duty of care, regardless of their role and status. The key point here is that if a company is going to be targeted, anyone within that organisation can be targeted.

The insurance program in itself is highly confidential. We use code names associated with those programs to protect the buyer of that insurance. The insurance is a unique hybrid of access to world-class insurers who protect the client’s financial position in the event of an incident. The second strand of that is access, on an unlimited basis, to the world’s leading private security firms and crisis response teams thereby offering our clients financial protection. Perhaps the most important part for our clients is this unlimited access to crisis advisory firms who are amalgamations of highly experienced individuals who may be ex-military or ex-intelligence officers, journalists who have operated in conflict zones, NGOs and charity workers who have done conflict resolution and through years of training, able to respond immediately to and on behalf of our clients who are suffering because of an incident. Ultimately, this insurance policy is to secure a safe and timely resolution of that incident.

There aren’t many leading insurers in the  world –  you can count them with one hand and they would include the likes of AXA XL, Aspen, AIG, Travelers, Brit, Tokio Marine HCC and Hiscox. Each insurer has an exclusive partnership with one of these world’s leading crisis response advisors. So in buying a policy for our clients, if you like, our clients become members of these trusted advisors and have priority and unlimited access to these crisis response firms for any kind of incident in their personal lives or their business duties.

Thus, it’s a very holistic programme which has grown over the last 40 years to cover, in some cases, up to 56 insured crisis perils. We work with companies of all shapes and sizes and with the high-net-worth community too, which includes celebrities. Of course, those whose work is exposed to malicious actors as well, are covered. One might argue that any company with a large brand these days is exposed to malicious actors on some level – be it the risk of a kidnap of a board director, or a high-net-worth individual, or a simple phishing scam of an employee at their desks these days, usually those working from home and on a cyber-level. We’ll talk more about that later.

Typically, our portfolio supports customers who have big brands and people to protect both at home and overseas. However, when we look at our portfolio of business, Alex, it tends to be those in the construction, mining, NGO and charity sectors, media and the financial sectors by virtue of the places that they tend to visit and do business at in the world. That list of industries is not exhaustive and we often also cover one-off trips or projects for individuals travelling into uncharted territory in the name of business. I hope that gives you an overview of the markets and the products.

[Alessandro Arduino]: Definitely, Ashley. I see there is already a lot of overlap between the real world, security and cybersecurity but especially in the area that our focus is measured on – the Middle East. I agree with you when you mention that this kind of a product is an essential purchase.

Moving on from what Ashley just mentioned to us, Brett, do you think that compared to other kinds of insurance, health insurance for example, kidnap and ransom is a more proactive insurance rather than a reactive one in protecting against possible threats? Let me try to clarify my question – let’s say that rather than only responding to field claims, the insurers that operate in a complex environment and as Ashley mentioned, you can count [them] with one hand, do they work closely with the client in providing training, preparing or even handling the threat in real time?

[Brett Davey]: Hi, Alex. Thank you first of all, for inviting me to this session. To answer your question, I think that this is absolutely correct. The more proactive clients and private security companies can be, the better we’re all prepared for the risk and cheaper the premiums they get. They will also have a much smoother transition all the way through the insurance, in case there’s an incident for the client. Kidnap and ransom insurance very much look at prevention, using training methods and pre-planning with excellent risk management techniques. The likes of Price Forbes, Ashley there with vast experience, and myself here at I.C.E., we’re very happy to encourage and engage with private security companies, especially those that are new to the business perhaps – there are quite a lot of new ones around. We’ll touch on that later when we speak about China.

The clients and insurers can make sure that each event has a smooth and loss-free outcome by giving us as much information as possible, in advance. I often get very last-minute transits because one thing we have to bear in mind about such a business is that, unlike a property risk for example or a long-term construction risk, which is not so secretive, we do have clients trying to buy insurance at the last minute because they don’t want the actors or transgressors to know what is going on with the risk in advance. Once we can build trust with clients and the private security companies, then we can get them to tell us more in advance. This is something that Ashley and I have had a little bit of difficulty with in the last year dealing with new clients from China because we’re trying to build trust with a group of people that we’ve never met. We’ll touch on this again later.

We’re often trying to teach and show them that the sooner they let us know what they’re  doing, the sooner people like Ashley and I and the insurance companies can point out some extra risk management factors that can be put into place in advance, which will make the whole process smoother.

The vast experience that we have overseas, here in Singapore and in the London market can bring together people who are able to advise inexperienced and new clients and private security companies where their risks lie and how to prepare for them. In fact, the more experienced insurance players in this area are often willing to give a prevention discount for the premium of each policy. What we’re saying to the client is that: We will give you back some money if you would help us to help you to put into place some risk management and an extra prevention because what we often find is that, the private security companies [are] look at their own security risks [while] the client wants to get on with actual business. It’s the experience, perhaps, of insurance companies and the likes of Ashley there who can point out factors that have gone wrong in the past. We try to encourage them to put these right in advance, by saying we will give some premium back if you will put into place certain mitigating factors in advance. And I think that is an important factor. To answer the question there, in a nutshell, yes, it’s very much about risk prevention in advance.

[Alessandro Arduino]: Brett, you mentioned that building trust in the time of Covid-19, especially with new clients that have a different business culture, is not an easy task. Ashley, if you agree with Brett, regarding the proactive nature of this kind of insurance, in your opinion, what are the different kinds of actors that [the insurance industry] would work with in responding to the risk? Let’s say, as you mentioned before, intelligence companies, private security companies, state armed forces, journalists, or local militias or fixers even. How closely do you guys work with these different actors?

[Ashley Coles]: That’s a really good question. I think the answer to that is – predominantly, we work hand-in-hand, first and foremost, with private crisis advisory firms and private security firms. These firms are those that I suppose, are most highly regulated in our industry. They are, as I’ve sort of identified earlier, the experts in these types of incidents – such as a new partnership that we have with one of Asia’s and China’s leading security firms HXZA [Hua Xin Zhong An] who have thousands of employees worldwide supporting clients through times of crisis and in high-risk areas.

What we try to do is we aim to partner our clients with the right private security firm to ensure that the client has the capabilities to do their business correctly in the selected territory. For example, we would never partner a client of ours with a response firm that has no experience in Nigeria if they’re operating in the Gulf of Guinea. We look at that very, very carefully. Now you know, in the event of an incident, first and foremost, it is the private security firms that are responding for our clients because our clients are given a 24/7, 365 days emergency response line.  That is the line that is triggered and activated first for our clients.

Depending on the type of incident – I should say, of course, every incident is very, very different – those private security firms such as HXZA or SRM or Control Risks, whoever it might be, will draw on their relationships with the local authorities.  On your point earlier about local militias and the military, we don’t get heavily involved with them at all. However, the private security firm responding to an incident will draw on relationships, as I say, with those local authorities, diplomatic services and governments to secure that safe and timely resolution of that incident, I guess. Hence, the network of people who could become involved in an incident expands and cascades from the private security firm. Now, of course, in some territories – I’ve got to be careful what I say here – you’d want to be very careful about which authorities you work with because if they weren’t already involved in the kidnapping in the first place, they may well become involved in the kidnapping further on. I won’t mention any names or territories for obvious reasons. Of course those private security responders are highly trained and they understand the political groundwork in which they’re working.

The other thing I should say is that our products, our insurance program, is predicated around peaceful negotiation, which is I suppose, [a] successful, tried and tested method for a safe release of a victim. We don’t get involved with rescue missions or conflict situations. It’s very much perceived as a business transaction, which might sound strange to your listeners, but that is the simple basis of a negotiation. Someone is holding someone for something – whether that’s a financial concession, pay-out of land or goods or services, the idea is to resolve that situation successfully and it could involve other members of the government, diplomatic services etc.

Our products are designed such that the responders and crisis advisors perform a range of duties for that client while responding to a case and  not just limited to the negotiation process with the perpetrators of a kidnapping, for example. They also provide internal communications within the company to allow that business to continue to function, liaise with affected family members, employees, PR agencies and also assist the client in negotiating what can be the very strict legal framework in which they have to stick to in various jurisdictions. When we saw the rise of kidnapping by the Islamic State or Daesh, in places like Syria, of course, that became very complicated because the Islamic State is a sanctioned entity and we are not allowed to pay ransoms directly to them. The responders were helping, alongside local authorities, [to] negotiate the client’s framework in which they could operate so I think, as I say, it expands the network. [It] can be very, very large in some cases or it can be extremely small.

[Alessandro Arduino]: Thank you, that was a very detailed answer. You mentioned in your answer, Hua Xin Zhong An – we had that company in our podcast previously. You also mentioned Control Risks and I’m hoping to have them in a podcast in the near future. Let me follow up on your answer Ashley – we don’t need the nitty gritty details of course, but in order to help us make sense of the role these different actors play, can you give us a very brief play-by-play [account] of any specific ransom or kidnapping incident? How do you respond from the start, from [receiving] news that a client or employee has been kidnapped and how this evolves?

[Ashley Coles]: Yes. Thanks, Alex. So typically, we are not the first ones, as the client’s broker or advisor, to learn of a kidnapping incident or a threat or an extortion. The client will contact the 24/7 emergency number and access the private security responders. A duty case officer at one of these firms will provide the client with initial telephone advice. You’d hope this happens in the first hour or two, which we call the ‘golden hour’. The way that the client responds to the initial stages of the incident obviously has a long-term impact on the resolution of that incident so they [duty case officers] will tell the client what to do and what not to do, while taking details. Now if it is a kidnap for ransom, and it’s a verified kidnap for ransom, i.e., the client has received a demand for a missing person, then usually a highly-trained consultant will be deployed to the headquarters of that company or to the family home of the victim. Other consultants will then be deployed to the location of the incident or as near and safely as possible.

For example, in the Indian Ocean Somali hijacking epidemic, which started in 2008, sometimes it was very, very difficult for consultants to get into Somalia or Mogadishu and get close to the event so a lot of these cases were conducted from places like Nairobi. For Syrian kidnap cases, of course, it can be very challenging to get across those borders so things were done from Beirut or as near that as possible.

The client has the consultant managing their business, their business at home and at the headquarters, they are setting up a crisis management team for the client and that will involve several key stakeholders – board of directors, heads of security, risk management, insurance people, group legal type people and then on the ground, you have a team of people working hand-in-hand with local authorities.

In some cases, to ensure safe and timely release, the negotiations are linked between the consultants on the ground and the consultants at headquarters to ensure a very simple and efficient transition. I think that the most challenging part of these incidents, of course, is the communication piece – do you pay a ransom immediately, as soon as you receive a ransom demand? Well, in most cases, the answer is no because what that says to the perpetrators is, we have unlimited amounts of cash to spend readily. Through negotiations, you aim to bring that ransom demand down, if possible, and if safe for the victim and eventually, as I say, secure that release.

Now, obviously each case is different and our program covers everything from kidnap threat, extortion, hostage crisis, assault and terrorism-type incidents. Each one is different, but that gives you a view of how a kidnapping-for-ransom case will work and those cases could be two hours long or two days long. The longest cases we’ve seen have been years long so those consultants are working for and on behalf of the client’s day-in, day-out throughout. Of course, they’re there for the post-incident debrief as well, to allow the client to try and mitigate that kind of risk happening again.

[Alessandro Arduino]: Now, when you mentioned Somalia, the problem of piracy came to mind immediately. Albeit dwindling in the recent year, it is starting again on the other side of the African continent and on this Brett, if I recall correctly, piracy and piracy threats are some of your areas of expertise. Can I ask you to give us a similar play-by-play with regard to how you would assess the risk when someone comes to you to underwrite their hull, cargo, or crew? What factor(s) would you look at and what steps would you suggest to a shipping company, especially to bring down premiums?

[Brett Davey]: Thank you, Alex. Excellent answer there from my esteemed colleague, Ashley, and this is following on, as you say, with piracy rather than [the] land-based kidnapping threat. We have some slight differences here. I will touch on some of the answers we gave earlier. We do find that we’re dealing with vessels traveling from one place to another and I’ll come on in a minute to some of the details we’d like to have but I could not stress enough about building up trust with clients and knowing in advance, as much in advance as possible, when these vessels are going to travel. We certainly have had a lot of experience recently, of people getting in touch with us with almost a day to go. They knew that the vessel was going to travel and where it was going but they try to hold on and give information at the last minute so it, perhaps, doesn’t get into the wrong hands.

Hence, it is essential to build up some trust with clients who can tell you [information] in advance, almost give you a schedule of what is going on. That way, we can give them a much better service, perhaps tell them where it is a difficult journey, the pinch points, even try to help them [with] the areas the vessel should avoid, if possible—because certainly, with Price Forbes and London market insurers, they would very much keep up to date with the latest maritime news by seeing where there are many incidents coming up.  Of course, all of us will have a look at what is happening globally. If there is a sudden escalation of something around the Middle East, as you mentioned, say Yemen, or something to do with Iraq or Saudi Arabia, then those vessels may be better off moving into another place.

But coming down to some of the general details, we’d like to know things like the full journey description, type of vehicle, we need to know from the vessel point of view, what is the name etc. All of this appears in the actual contract, the policy, with the departure and arrival dates, any stop-off points and the exact  route expected to be taken because obviously, we’re talking  about piracy here. If you’re traveling in a nice part of the world, then that’s fine but inevitably, we get asked for marine piracy cover when they know they’re going to go to a new place. Somalia many years ago was a typical place where there was a lot of piracy. I think globally that has been solved now in many ways but it is cropping up elsewhere around the world.

We would also like to know things like the contents that are being carried on the ship. Sometimes the actors can find out and know what the ships are carrying so that they can target those more. We’d like to know the amount of security and guarding for the whole journey, all of it. Things like – does the vessel have a citadel, what’s the experience of the crew, particularly the captain, to know exactly how to use the citadel, where to go to the citadel, for those inexperienced, that is the security hole that the crew would go to in the event of an attempted boarding or someone coming too close to the vessel. We’d like to know things like [the] speed of the vessel, can it manoeuvre, quite often vessels can outmanoeuvre other vessels that are trying to board them, so is the vessel easily boarded, is there a free board, or has it been provided with easy ways to fend off other vehicles or vessels that try to land on the side of them.

Also, [the] security company. As Ashley mentioned before, that’s very important to all of us these days because we want to work with private security companies that have good experience. We’d like to know what security company is on board. Clearly, it would make a huge difference to whether a risk is accepted and what the premium would be if there isn’t a security company on board a vessel that is going into an area of known piracy with an expensive load on board, then it could almost perhaps be something that can’t be insured.

We are obviously trying to tell  clients and teach them —this is something else that we do try to  do by the way,  and would like to do more of – training programmes for clients and for private security companies so that when they come to us with these risks, they already know what we would like to know and see. The more of what I’ve just mentioned happens, the cheaper the premium is going to be because the underwriter is going to feel a lot more comfortable if he knows that this vessel already has a nice route, is covered by security and that we know exactly what is going to go on with it at all times.

We’d like to know the list of crew members—that is essential. They’re the people that we are covering after all so if there are any getting off during the journey or more coming on during the journey, then we would need to know that. That includes knowing the security personnel   who are on board as well. So really, everybody on board who is going to be covered by the kidnap and ransom part of the piracy policy, we would like to know exactly who they are. As I say, where they’re boarding and leaving the ship, that’s needed.

Clients do need to realise that the more information that underwriters can have, [the] the higher the likelihood of a reduced premium and a better understanding of the risk by all concerned. It’s things like – let’s be fair, we want to get the vessel from one place to another with no incident so the more risk management that’s done in advance, the better. If there is an incident, then we’re going to have a smoother transition through rescue, as Ashley rightly said there for the land-based kidnapping and ransom, it’d be the same for piracy; negotiation to try and get people free and away. Also, if there is any form of other claim, that claim can be dealt with very quickly.

We do get some vehicles or some vessels when anchored, or just laying off, they get boarded just for pilfering and so those can be covered as well. We want to make sure that if the client has a loss, the claim is paid quickly. It’s not just about having information for a cheaper premium, [it is also about] having the information so that the underwriters can respond quickly when there is an incident for the client.

One thing I would say is that the Covid-19 period has brought about quite a lot of poverty, joblessness and loss of business especially to people who were probably already in poverty and that has caused some areas of the world to now have more incidents of people just trying to find a way to make a living. I think last year, we had a 150% increase in the amount of attempted boardings, not full-on piracy, but just that. The Straits of Singapore, for instance, saw much more vehicles going up to large ships and just going on board quickly to pilfer things in the middle of the night so there is an increase in what you might call piracy. Clearly, if these people are doing this more often, they may get bolder and so, we may end up with far more full-on piracy incidents in the long term. At the moment, it’s very essential for clients to really look at their risk management because Covid-19 and the desperation that some people are in now has made them look more at how they can get on board vessels and pilfer.

[Alessandro Arduino]: Ashley, moving on from what Brett just mentioned (the act of desperate people), please correct me if I’m wrong but in the general maritime insurance, that kind of insurance is applicable everywhere except for areas that are designated as ‘war risk’, where a separate and more high premium cover is needed. Now, while in the past, marking out a war zone was almost a straightforward exercise, with the rise in number of non-state actors, proxy and so on that we are witnessing in the last decade, making the difference between war and peace is getting more blurred. We are getting into a more ample grey area so how do insurance companies make this decision?

[Ashley Coles]: It’s a really interesting one and we like it in the insurance world, Alex, because it keeps us on our toes everyday. I think one of the things that I feel particularly privileged about is working here in London alongside Lloyds of London, underwriters and insurers of course [and] people as experienced as Brett in Singapore. Of course, the Lloyds of London insurers here have cutting edge access to things like the Joint War Listed Areas (JWLA) updates, Lloyd’s List, world’s leading political risk and security analysts and of course, their actuaries in-house. While the world is extremely fluid, as you’ve rightly identified and Brett has sort of surmised, these areas are being constantly updated. This means, for me, as a broker,  an advisor to my clients or as an underwriter, I’m able to present and write your risk accordingly.

I think in recent years, the best example is the Gulf of Guinea off the coast of Nigeria, Togo and Benin. Now, that has almost entirely replaced the Indian Ocean as the global piracy hotspot and really, in 2008, I don’t think we could have predicted that in the same way that we have.  I think we saw the Indian Ocean pandemic as an epidemic, as a piracy epidemic, as a long-lasting problem but it sort of came and went as soon as private security firms were allowed on board vessels by legislation. Now, we see a major problem in the Gulf of Guinea off the coast of Nigeria and this is an extreme risk location for our clients, both onshore and offshore because you have a huge piracy problem in the Gulf of Guinea. Onshore you have opportunistic criminals, terrorist organisations and organised crime syndicates operating, kidnapping and of course, an offshore kidnapping can become an onshore kidnapping quite quickly if the crew is removed from the vessel, which is often the case.

These are extremely challenging parameters for the insurance and security industries to work in so I think it’s worth saying that insurers are certainly not in the business of shying away from high-risk cover – it’s what we love so if anything, it’s what the insurance industry is here for. But as you say, this could come at a premium and insurers are constantly updating their programmes and policies to respond to the risks in the maritime and security sectors at almost in real time, Alex, so what might be a risk of a vessel being hijacked in Nigeria today, for example, becomes the risk of a rocket attack in the Middle East tomorrow so insurers have to respond to that, move with the times and some days, you’ll wake up in the morning and there will be a new product to respond to that new crisis.

To summarise, in very simple terms, when looking at a risk – the term risk – we look at what the client is doing and where they’re going. When we present that to the underwriters, their job is to assess that risk, what is the potential here for a disaster or a loss and they rate it on that basis. In the maritime world in particular, which is the oldest sector of insurance in the Lloyds of London market, we see insurance being extremely bold throughout, even what we would consider the most complex of underwriting processes, as Brett said, to enable our clients to go about and do their day-to-day things to keep their businesses alive and most of all, keep the world moving.

[Alessandro Arduino]: I would like to ask a few more questions on this later on. At the beginning, Brett mentioned about China and I got quite interested. Now, I do believe that for both of you, the Chinese Belt and Road Initiative (BRI) is going to provide a lot of work and if I recall correctly Brett, you are currently working with Chinese private security companies on several BRI projects and these projects cross some of the high-risk or even war risk areas that we just mentioned. Are there any special considerations or threats that come with protecting Chinese-funded projects? Is there space in this Chinese-led initiative for non-Chinese insurance providers?

[Brett Davey]: Alex as you state, the BRI is appearing on the global stage and not just in Asia, I think. You’re very experienced in this too and you’ve studied it a lot. Even I have been interested and surprised to see just how far the BRI goes; there aren’t any real boundaries to it. It wasn’t that long ago that we had an inquiry that Ashley and I were looking at where BRI was mentioned but it was about a Chinese company buying another company in Mexico. It just goes to show how far the loosely-termed BRI is travelling, perhaps – it’s not just around the local Asian region or Central Asia.

To answer the first point you mentioned, the insurance considerations would have a knock-on effect from both political and economic global considerations. The Chinese-funded projects – basically wherever the Chinese are welcomed around the world – then insurance considerations of threat may seem to be reduced from the local population and government. That makes obvious sense but of course, that is a changing landscape all the time. We’ve just seen a major change in the USA. It will be fascinating to see how the USA now gets on with China, going forward and whether there is an easing of tensions that we saw before that may make a difference [on] where China is going to operate on its BRI and other initiatives, actually. We do get asked to cover Chinese clients and companies all over the world, not just on the BRI.

There’re a couple of types of situation here. Basically, wherever the Chinese are welcome around the world, then the insurance consideration may seem to be reduced in the local population and government, as I said but there is a vice versa of course, which has to be mentioned. It is the type of consideration that applies particularly when we consider insurance risks like kidnap and ransom and say, terrorism. Following the global economic and political news events which do change almost weekly, for the Chinese abroad, it is a good benchmark for risk.  However, let’s take Covid-19 as an example – despite the science, there will still be millions of people whose view is that this pandemic is the fault of the Chinese because, as we know, that’s technically where it started. For those who perhaps lost jobs and then see the Chinese turn up on the so-called BRI to start building anew, it can lead to frustration and an increased threat. That is human nature.

I don’t think, as Ashley has mentioned before, we want to go into too much detail here, about which parts of the world are going to pose more of a threat to the Chinese but we can see that almost on the global scale, they are into Africa and even Latin America as well. In those parts of the world, there would be a different view about what Covid-19 has done, perhaps. People may have lost relatives and if they are blaming the Chinese for that pandemic, then they may see a risk that is being built – it could be a road, a factory, it may just be an executive, as something that they want to take revenge on. We do see the Chinese BRI, in many cases, being a threat.

On the reverse side of that, I would say, there are plenty of places in the BRI region – let’s take Pakistan, for instance, where they’re doing a good job, perhaps. They’re building new roads, bringing in infrastructure and quite often, into difficult areas too. People have needed this for a long time and perhaps, couldn’t get it before so I think [it] is worth balancing one slightly over the other – which means that is a better risk. What it actually does mean is that most of the time, they’re not going to go and try to insure it so Ashley and I normally only get asked to look at insurance risks that are difficult and in difficult places.

Underwriters can follow the political landscape, of course, as part of a number of factors for risk assessment. That’s very important for them to do – just looking at the world and global news on a daily basis is very important as there’s always something going on that may affect a risk threat to any of the clients who are asked to insure.

One thing for sure is that the Chinese are spending billions on the BRI projects – that’s factual, forget the politics for a minute or what it actually means in certain countries around the world. This will have plenty of benefit for those who wish to take advantage of that expenditure and insurance premiums are included in that. The more they spend, the further they travel and the more difficult places they go to build railways and roads, then the insurance is going to be needed and there will be plenty of premiums there for people to spend on.

Let me just quickly go on to the second part of your question, if I may, regarding non-Chinese insurance providers. It can seem a little biased for Ashley and me, I guess, to say that yes, we most certainly feel strongly that there is a big part to play. I think it’s an obvious thing to say but the London market has been around for 300 years and the Chinese insurance industry not quite as long. Just stating that factor that there is a lot of experience in the London market, a lot of that experience actually comes from claims that happened in the past and of course, the London market is quite innovative as well. Lloyds of London, in particular, still has a very good sense and view of, I wouldn’t go as far as to say, every risk is insurable, but they certainly do try to be as innovative as they can and kidnap and ransom and terrorism can be very, very difficult risks to insure. I think the London market has built the experience – people like Ashley for sure, who have got the experience to bring into what is a fairly new market for the Chinese. They, the underwriters, have vast experience too and I think [this is] one thing Ashley and I have been trying to do in the last year. Difficult again, as we’ve said, with Covid-19.

We are seeing increasing requests for risks from China and let’s have a quick look at why they might look outside of the Chinese [insurers] market. I think I’d have to be honest here – what I’ve heard from some people is that generally, they can get cover. I think the Chinese government is now starting to realise that they have more people abroad. I think we’ve mentioned before, between us in speech, that almost 20 million Chinese students are abroad at any one time and although they may not all be targets, when there is an incident, some people will turn on the Chinese students. It happened in America when Trump was having a fuss with China, a lot of harassment came down on Chinese students abroad. Apart from that, BRI – going back to that, a lot of companies, executives and government officials are overseas now building up the BRI. The Chinese government may not actually protect all these people as well as it might want to as there are certain countries where they’re not welcome. Their money is welcome, their roads and railways are welcome but interference to protect people on the ground may not be.

Thus, we now have a situation where the Chinese government has told private security companies and clients in China that they need help for this work.  Private security companies are building up global networks with the help of people like Ashley and the insurance industry in London, who already know a lot of the security companies globally. We’re helping to get them outside of China and build up their own networks so that at the end of the day, we can help them build confidence and trust.

Ashley and I have definitely come across situations where we have to be sensitive to some Chinese clients due to the cultural and language barriers. Some of them have said that they only want Chinese insurers to insure them but the problem they have is that the experience and willingness perhaps, aren’t there. A lot of Chinese insurance companies don’t have advanced networks to be able to help when a Chinese client is stuck somewhere remote in the world but the London market and the likes of Price Forbes do have that experience already so we’re trying to help them build the trust, hoping they come to us more.

I think we’ve also heard and it’s fair to say that – I’ve seen this in other classes of business for insurance, not just kidnap and ransom – some Chinese clients are a bit concerned about Chinese insurance companies insuring their risk quite happily but struggling to pay claims when the claims come along and we don’t want that in the insurance world. We run very compliant operations in the West these days. We’ve been through our troubles in the past and we know that once you sign the contract and the intention is there, you really need to pay your claims when the claims occur. In this instance for kidnap and ransom, you also need to do what you promised – to be there for the people on the ground and provide them with help wherever you can and I think there is some doubt among Chinese clients whether Chinese insurance companies can do [that].

The overall assessment, I feel, is that having hands across the water, non-Chinese insurance companies working with private security companies and Chinese clients outside of China, is something essential.

[Alessandro Arduino]: When you mentioned Pakistan and the efficiency and effectiveness of the BRI in Pakistan, my colleague and co-host of this podcast Ameem Lufti, would have jumped into the discussion about it but unfortunately, he is not here with us today. Please let me be straightforward in asking you a question – just a quick answer for this will do. When I used to travel in Washington DC – now it’s been a while since anyone  has travelled- the first question that I was always asked was about Chinese private security firms and if they have a hidden agenda or are they being the People’s Liberation Army (PLA), in disguise.

Continuing the discussion, Brett, with your experience in a Southeast Asia-based insurance company working on Chinese projects, we’re looking at the other side of the coin. Do you perceive that there is a kind of mistrust or a liability from the Chinese side in dealing with sensible [sensitive] information?  Let me exemplify – would Chinese state-owned enterprises (SOEs) be reluctant in sharing information? Do they fear that this information given to the insurance company will then be passed, let’s say, to their American competitors or even to the intelligence service?

[Brett Davey]: This is a really good point and I’m afraid, yes, there is a slight problem and an issue there which is simply the lack of trust, unfortunately. We touched on it several times so we really do want to make a big effort and it’s been difficult with Covid-19 because of the [lack of] travelling. I think we can’t stress enough that we can do as much as we can, online.  Ashley and I have had lots of conference calls with Chinese clients and Chinese security companies but at the end of the day, I think they would like to see you, shake hands and look in your eyes. That’s caused us a bit of a delay now so trust is very important and we need to build that as we go along because it works both ways, actually. I think there’s been very certainly a lack of trust from some Chinese clients because we are talking kidnap and ransom here, so it is sensitive information at times.

Also, insurance companies outside of China have suffered in the past, insuring different clients and risks in and outside of China in good faith and then having problems collecting premiums and having losses for risks that they weren’t told about so we’re trying to build that trust further as we go along.

As I say, it’s on both sides but I believe that the BRI, in a globally aware economy, there is a willingness and need for us to close the trade gap as fast as we can because as we already said, BRI is not just in China or around the fringes of China, it is getting out to a large part of the world. To be honest, as we said, the pandemic in 2020 really dented that opportunity so we really need to somehow try to build more trust.

Let’s come back to your point, the Singapore market. We are at the Chinese doorstep and we obviously have a very Chinese flavour and feel in the region with us but the fact is that, most insurance companies that could handle these difficult and complex risks like kidnap and ransom are simply branch offices of European or American companies. Therefore, in the first instance, yes, there is a lack of trust from the Chinese on these companies. We don’t really seem to have many Asian companies based here in Singapore or in this region that can handle the likes of kidnap and ransom and thus, perhaps, have hands across the water and I think that needs to be worked on a little bit more. We’re dealing with some of the big European and American companies that have branch offices here, of course, so there is a lack of trust there. I mean, if we look at things in China, to counter that, they’re trying to use Shenzhen as a financial centre and trying to build up their experience as well, as best they can, to try and give confidence to the Chinese. We’ve had more contact with people from Shenzhen but again, that’s still actually in China.

I feel that in this particular class of business, yes, it is very difficult to build up trust and there is a lack of trust there – potentially on both sides and we need to make a big effort in the future, obviously post-Covid-19, to try to go and see if we can build up more trust. We have a number of large companies setting up offices in China but from what I am seeing, reading the economics and the news, these are still quite disjointed. It doesn’t become a large branch office of a German company in China, it still has the brand over the door but it actually has to conform with local Chinese regulation so I think there is a great need for Chinese businesses and the insurance industry outside of China to really have a firm handshake and try to work together.

[Alessandro Arduino]: A few months ago we had Gene Yu, CEO from Black Panda on our podcast. He is a former Green Beret, Special Forces, he’d been working in the ‘boots off the ground’ in kidnap and ransom and he moved to the cyber part of kidnapping and ransom – to the ransomware. With him, we discussed how moving from kidnap and ransom negotiation to cybersecurity was a very seamless transition and that the skills required in both areas are quite similar.

Now I know that you have started providing cover against cyberattacks, so does Yu’s response resonate with you? Would you say that in principle, protecting against ransomware and physical ransom is quite a similar endeavour? What are some of the unique challenges that come with protecting against, let’s say, cyber terrorists, criminal cyber organisations and hackers?

[Ashley Coles]: Thanks, Alex. Brett you can jump in where you deem fit. I know Gene at Black Panda well and he is one of the world’s leading experts on this and an outstanding advocate for our industry. I think initially when cyber-ransom and cybersecurity issues came to the forefront, there was this sense that dealing with a cyber-ransom demand was actually very similar to dealing with a kidnap for ransom.

I think in recent years that’s changed to a certain extent and what that has resulted in is a lot of the private security firms bringing in extremely experienced IT experts and growing those departments to deal with what has become a much more complicated issue than just negotiating a ransom demand, if that makes sense. I think we’ve seen a change in the industry there with the very big firms that now have highly specialised departments with IT specialists. Of course, when it comes to cybersecurity issues, there’s big data issue etc.so experts who were used to dealing with people, are now dealing with IT systems and data systems which are slightly different so it does require a different approach to things.

I think the other thing to say is that, our programme and policies provide response for social media cyber issues as well, which we’re seeing coming to the fray. Relating to high-net-worth individuals, it’s very easy now to go on to someone’s Instagram, Facebook or social media and work out where they are and how they live their lives almost on a day-to-day basis and that’s extremely dangerous so we help clients put in place systems on their social media sites to ensure that they are safe where that side of things is concerned. It’s a much wider issue, I think, going forward.

Brett, I don’t know if you want to add anything to that.

Brett Davey: Yes, thank you here, Ashley. I think, as we know, it’s a growing area. I don’t know Gene as well as you guys do but I listened to his podcast and it was interesting to see that he has moved from traditional ‘boots on the ground’ – the kidnap and ransom on the ground. Those incidents are still about people dealing in piracy or actual kidnap and ransom and then the rescue for that. That’s a people-business and Gene has moved over now, more towards what he sees is a big challenge and it’s been in the news a lot obviously, protection of security on the cyberspace. As you said Ashley, there is a big difference between a standard cyber policy that perhaps, is going to cover you for straightforward risks on your network interruption, mistakes by the Admin or IT, or just, electronic outages etc. What we’re really talking about here is the comparison between full-on kidnap and ransom and actual cyber-extortion and ransomware and that has become Gene’s expertise.

In my view, the piracy and kidnap and ransom are still going to continue and that’s not going to transition into straightforward cyber. I think we touched on this point earlier on – that there are certain parts of the world where piracy and kidnap and ransom will continue just because of a lack of funding or ability or that’s just what they’re used to doing so they’re going to carry on with that. Then, we have the new cyber threat – a high-level for big corporations and governments alike and this is where Gene’s focusing. I think more people will try to catch up with that but it is a difficult one because it is a new area and ever-evolving. Underwriters themselves have got to try and keep up with the new technology and threats that are coming along and we don’t necessarily have an awful lot of knowledge because you don’t have enough claims experience and therefore we don’t really have a lot of capacity available, to put to some of these risks right now.

Also, there’s a third part and that is potentially the coming together of the two and in some instances, moved from ‘boots on the ground’ to ‘boots off the ground’. Perhaps we’ll even see certain situations where the two are used together; you will have a situation where there is a cyberattack on a vessel that completely mobilises the vessel and then you will have the pirates actually come along by boat to do what they usually do. That situation is out there as well, at the moment.

So for me, right now, I’m not a massive expert as Gene is in this field. Yes, I certainly could see some transition across but I think there will be at least two, if not three sets of threats that we’ve got to look into, going forward.

[Alessandro Arduino]: As we are nearing the end of our podcast, please let me ask the last question and it’s related to your prediction about your short- and medium-term future of the industry. Firstly, the lookout for 2021 and 2022 for both the maritime and cyber industry, given the ongoing devastation caused by Covid-19 and secondly, what the kidnap and ransom insurance industry will look like, in the coming 30 years? Ashley, you first, then Brett, I will let you sum up the conversation.

[Ashley Coles]: Thanks, Alex. Yes, I think the Covid-19 pandemic has meant that a lot of our clients have been grounded and stuck at home so in the short term, we expect a lot of pent-up travel power and I think in the second half of this year, we’ll see people get back on the road and aeroplanes and therefore, there’s going to be demand hitting through the roof, I think, in the second half of this year and going into 2022.  That, for sure, will result in an increase in incidents. It’s been relatively quiet on the security front as a result of Covid-19 so certainly a lot of pent-up travel power there. I think, as Brett identified earlier, in the medium term, we hope to see the linking of business, corridors and relationships opening up into China and that’s really exciting for us all. Then finally, just to say, looking long term, I think we will see an increase in the consultancy element associated with our insurance products and a widening of scope in terms of what the insurance can provide – so both protecting our clients financially and giving them unmitigated access to security services on a wider level..  I think our product will become even more of a hybrid of crisis management and insurance, as we go forward.

[Brett Davey]: Thank you for that Ashley. That’s a very good introduction into that area. It’s a very difficult one, obviously, looking 30 years ahead for the kidnap and ransom industry. It’s probably easier to look 30 years ahead for cyber risk because it looks like there is going to be a massive battle going forward as technology advances and various governments and countries get involved here.

The kidnap and ransom insurance industry however, I think, as Ashley rightly said, it will carry on and we will do our best to keep an eye on economics and global politics and really try to open up trust around the world globally.  We’d love to work more with the Chinese clients and also, if necessary, the Chinese insurance industry, to help show them, train them and get to a point, perhaps, where risk management and insurance is so good that this risk is mitigated completely.

I think there is, possibly -Gene’s view comes back here for me a little bit- that kidnap and ransom, if we can get to grips with it and build trust, we could maybe mitigate quite a lot of it in the future but cyber is the one that is going to grow out there. I think that’s what he’s looking forward to in the future.

[Alessandro Arduino]: Thank you again both of you, for your very interesting and informative insights and thank you to all our listeners too, for joining us.

[Ashley Coles]: Thank you very much.

[Brett Davey]: Thank you, Alex.