HIGH-PROFILE £100+ MILLION CLAIM EXPOSES CYBER COVERAGE GAPS
UK retailer Marks & Spencer took a £300 million hit to profits after a hacker group known as Scattered Spider gained access to data via a third-party vendor.
What’s striking? Only “around half” of the financial loss is expected to be covered by M&S’s cyber insurance.
For brokers, this is a high-visibility reminder that insureds often misunderstand the limits of their cyber policies — especially around indirect losses, operational disruption, and third-party risk.
Source:
Hooker, L. (2025, May 21). M&S cyber-attack disruption to last until July and cost £300m. BBC News.
NUANCED UNDERWRITING NEEDED
A new Gallagher Re report digs deeper into the mechanics of these attacks — and their underwriting implications.
“Nuanced underwriting is needed to gauge resilience against evolving threat tactics,” it states, spotlighting Multi-Factor Authentication (MFA) vulnerabilities by attack type.
Gallagher also outlines key cyber loss drivers:
- Data Breach and Privacy Liability
- Business Interruption
- Regulatory and Legal Defense Costs
- Reputational Harm
- Aggregation and Systemic Risk
Brokers working with tech-forward clients may find their current policies aren’t calibrated for modern threat vectors or the full fallout of regulatory and reputational exposure.
Source:
Gallagher Re. (2025, May 19). Cyber attacks targeting UK retailers. Gallagher Re.
FCA TARGETS STABLECOINS AND CRYPTO CUSTODY IN NEW CONSULTATION
The UK’s Financial Conduct Authority is pushing forward with crypto oversight — this time zeroing in on stablecoins and custody services.
The proposed rules could:
- Require stablecoin issuers to guarantee redemption at par value
- Demand proof of transparent and well-managed reserves
- Hold custodians accountable for continuous access to digital assets
These moves signal the regulator’s intent to treat certain crypto services like core parts of the financial system — with the same expectations around resilience, redemption, and risk.
Source:
Financial Conduct Authority. (2025, May 28). FCA seeks further views on stablecoins and crypto custody.
UK UNVEILS DRAFT CRYPTO REGULATIONS TO BOOST INNOVATION AND SAFEGUARD CONSUMERS
Chancellor Rachel Reeves recently introduced draft legislation to formally bring cryptoassets under the UK’s financial regulatory umbrella.
The measures are designed to walk the line between encouraging fintech growth and setting clear standards for consumer protection. Crypto firms may soon be required to demonstrate:
- Transparent disclosures
- Strong operational resilience
- Defined accountability frameworks
This is a potential inflection point for institutional crypto adoption — and risk transfer markets will need to evolve in parallel.
Source:
Hall, I. (2025, April 30). UK releases draft legislation for regulating crypto assets. Global Government Fintech.
Wrap-Up:
Each of these stories carries implications for how brokers frame risk — whether advising on cyber retention levels, structuring parametric crypto coverage, or building ART solutions that account for non-traditional exposures.
Want to talk through what this means for your book? Get in touch with Relm’s underwriting team.
