To address the unique exposures from blockchain technology, businesses cannot rely on legacy insurance coverages, which were not underwritten or contracted for with these risks in mind. There is a need for insurance solutions fitted to this technology and its risks. The lack of data on loss events from blockchain creates a challenge to underwriting the risk, but as the understanding of the technology grows along with broader business use, insurers may become more comfortable shaping coverage to meet blockchain exposures.
Legacy insurance policies are not the answer. A loss of cryptocurrency or other digital assets cannot necessarily be shoehorned into commercial crime coverage, for instance. Exclusions in D&O policies, such as those for professional services as well as data breach or electronic data exclusions, would likely apply to claims for lack of diligence by management or the corporate board in overseeing adoption or reliance on blockchain technology. And business interruption losses from harm to intangible property or electronic data do not meet the coverage prerequisite of damage to tangible property in traditional property policies. Thus, early adopters of blockchain technology need to evaluate the gaps in their insurance programs, and insurers should consider new offerings to address them. In some cases, insurers also should consider the possibility of claims for “silent blockchain” coverage if specific legacy policy wordings haven’t been reviewed in light of the increasing use of this technology.
The good news is that the growing cyber coverage market may be situated to respond to the need for specific insurance wordings addressing exposures arising from blockchain. Over time, it seems likely that cyber policies will be offered with blockchain technology specifically in mind, but there are likely to be gaps in any coverage in the near term. Many cyber coverage wordings in use today would not necessarily encompass the exposures posed, for instance, by unauthorized access to or breach of data stored on another blockchain node not owned by the insured or contracted for through a third-party service provider. However, depending on the facts, some existing cyber wordings might encompass certain exposures from a failure or hack of a blockchain. Data breach related costs and even data corruption, loss of use or intangible property losses from a blockchain failure might fall within some cyber coverages. And, ransomware or business interruption coverage grants in cyber policies might also be at least partially responsive to certain blockchain loss events. Early adopters should discuss their coverage needs with their insurers, who undoubtedly will be evaluating the market for policies geared to growing business use of blockchain.
In the future, cyber coverage is likely to be fine-tuned to blockchain technology, just as it has evolved to address other emerging technology-related exposures. Insuring the blockchain is an important, emerging challenge both for companies adopting this technology and their insurers.