Cryptocurrency Insurance – does the need satisfy the want?
“They must have insurance,” is a common phrase in times of peril. Be it a car accident or a medical emergency, an insurance cover never goes amiss. However, in the fickle world of cryptocurrencies, the term “insurance” is met with little concern and a lot of laughs.
A layer of insurance is only as strong as the industry it covers. And, if you’ve spent even an hour in the cryptocurrency industry, you’ll know it’s no Hercules.
Centralized storage units make it worse. While Bitcoin was designed to be held in personal wallets, secure through private keys, the surge in trading has built the case for custody. Exchanges, in particular, have seen tremendous growth in ‘crypto-on-site,’ making them easy targets.
Cyber-criminals can pool resources to target a single address. Hacks and security breaches are a mainstay, with over $4.2 billion siphoned off in scams and hacks throughout 2019, according to a report by CipherTrace. There has been a change in the modus operandi of crypto-scams too. In 2018, when the coin-offering scene was hot, several fake projects propped up and invested heavily in marketing and promotion. They received millions in funding and made a run for it.
Once regulators and market participants caught up, the target was on exchanges’ backs.
From Dublin to Seoul, 2019 saw over a dozen high-profile hacks. Even those as seemingly secure as Binance weren’t safe. The Malta-based exchange was hacked in May, with hackers siphoning $40 million in Bitcoin.
Binance, however, did have insurance, internal albeit, called the secure asset fund for users or SAFU! as their customers exalt [complete with the exclamation].
Volatile, high-value, Internet-based, Internet-vulnerable, shifty compliance – it’s easy to see why hackers would target cryptos in exchanges. But, the onus should be on protecting customers’ funds, and if a breach takes place- ‘making them whole.’
Even with the industry maturing at a steady pace, regulators easing their nerves, and institutions licking their lips, the surrounding infrastructure to legitimize cryptocurrencies is absent. One of the elements of this legitimacy would be insurance, but that isn’t catching up, despite its need.
Only a handful of exchanges have an insurance fund to back their wallets. Binance, as previously stated, has SAFU which is an “emergency insurance fund.” Created in July 2018, the fund backs the exchange’s cold wallet,
“To protect the future interests of all users, Binance will create a Secure Asset Fund for Users (SAFU)….we will allocate 10% of all trading fees received into SAFU to offer protection to our users and their funds in extreme cases.”
An internal fund does allow for flexibility, but also leads to a new set of questions. How is this fund allocated? Which cryptos are held? How is it stored? Similar questions would be asked of any insurer.
When AMBCrypto asked Binance the aforementioned questions, Jessica Lung, the Malta-based crypto-exchange’s Global PR head only directed us to the attached tweet by CEO Changpeng Zhao.
We have enough BTC to cover.
— CZ Binance ??? (@cz_binance) May 8, 2019
Insurance brings assurance. To be seen in the same length and breadth as any other well-defined asset class, insurance is necessary. “Necessary, but not there yet,” is how James Putra, Director of Strategy at Tradestation Crypto, put it, in a conversation with AMBCrypto.
Institutions seem to agree. Three-quarters of asset managers believe that insurance will act as a catalyst to help crypto go mainstream, as per a survey by Greenwich Associates.
Hacks and uncertain regulations are the main foes holding these asset managers back, both of which can be addressed by insurance.
Another predicament is the “newness” or the fledgling nature of the crypto-industry, factors that open up further uncertainty, claimed Thomas Cain, Regional Director at AON, one of the leading insurance providers in the world.
While insurance is in institutional demand, supply is lacking; the crypto-insurance industry has more confusion than clarity. Broadly, the confusion surrounds the following questions.
Who: Larger picture
For traditional financial services, insurance is necessary. It’s also specific.
Insurance is placed on risk, or rather, what’s most likely to be risked. For medical insurance, its health and for automobile insurance, its the car.
But for crypto, there’s no one answer. There’s a lack of specificity of victim party – exchange or customer.
Insurance companies insure assets i.e. coins of a notional [dollar] amount from any form of risk. The ‘risks’ here are most likely to be hacks or security breaches, but those are not the only risks.
While insurance companies have insurances against criminal breaches, they do not “capture some of the nuances” of the crypto-space, asserted Putra. Wholesale failures, 51 percent attacks, network risks are absent from such policies.
These risks are intrinsic to individual customers, rather than exchanges which have no say in the governance of an external coin. That said, the case of insurance for a “firm-level event” versus an “individual customer event” falls flat. Putra added,
“They’re insuring the firm as a whole, for a firm-amount, not specifically the customer…there’s no guarantee that any individual customer is going to see the benefit of those insurance policies.”
What: One from the other
An insurance policy is not taken out on an exchange as a whole, but rather a “subset of a firm’s business practices.” An interesting case evidencing this is Coinbase.
The American exchange has had insurance on its hot wallets since 2013. Coinbase also took out an additional “hot wallet policy” with AON, with a $255 million limit.
Notably, even Coinbase differentiates between insurance triggers.
Philip Martin, Security Chief at Coinbase, in a blog post, had stated that while the “most likely consumer loss scenario” for exchanges is a hack, policies cannot be so simplistic.
Insurance policies can be divided into crime and specie. While the former is understood, the latter relates to unique goods, like art. Martin looks at the specie market as having “value at rest” and despite having remnants of a type of blockchain architecture, he contravenes,
“Importantly, that means that a Specie policy would not be responsive to a loss of funds that occurred due to an on-blockchain failure…The best use of Specie policies is as a hedge against major natural or regional disasters, or insider theft/destruction of private key”
Crime polices, according to Martin, are “value in transit.” Like such policies unable to cover “incident responses,” it would not cover currency failures, citing, for crypto-reference, a 51 percent attack. Hence, differences in what insurance is offered matters.
When and How: Digital or asset
Insurance is defined on the basis of the point of incidence. With crypto-insurance, this clause plays out on two fronts – point of breach and point of loss. The question of where ‘incident’ falls, is uncertain.
Should such a policy claim be made on the breach of security, pointing to cyber-insurance, or on the assets lost, claiming asset insurance?
Putra, here, goes back to the case of a firm versus individual insurance claim(s).
For the U.S market, he suggested something like the FDIC and SIPC’s policies. The FDIC [Federal Deposit Insurance Corporation] provides dollar-for-dollar coverage for “failed FDIC-insured depository institution” up to $250,000 per customer. A similar feature for investments in stocks and bonds is the SIPC [Securities Investor Protection Corporation], which provides coverage up to $500,000.
Here, the insurance policy would be placed on a “notional value of assets” expressed in dollars, not a specific asset. Hence, the policy will be applied in dollars and not in the crypto’s “unit value.”
“A $100 million insurance policy will cover $100 million in lost assets, under specific conditions. Not necessarily a unit value of crypto.”
To figure out what this ‘notional amount’ is for a specific set of assets, well, that’s the trick.
When and How: Guess the amount
The volatility of the market is another setback. Due to the inability to price cryptocurrencies adequately, an insurance policy would provide skewed coverage depending on the historic, notional, or agreed price of crypto, each of which may be worlds apart.
With digital assets having high exposure, the premiums will reflect the same. Sarah Downey, Co-leader, Digital Assets Risk at insurance broker Marsh USA, stated that premiums are partly on the basis of the “exposure to a specific exchange.” Crypto-exchange Bittrex recently confirmed insurance worth $300 million on its cold wallets via Marsh’s brokerage services. Downey, speaking to AMBCrypto, said,
“Premiums are, at least in part, based on the potential exposure to a specific exchange so that more assets under the control of the exchange the likely potential for larger exposure and a higher premium.”
Insurance will be tied to the number of assets held on an exchange. Here, the question relates to the fractioning of insurance. Different insurance policies for different cryptos, based on ‘exchange exposure.’
Downey added that since digital assets are fairly new and insurance even more so, underwriters are still catching up. Due to the “limited amount of loss data,” there is no precise model to base the underwriting on. However, some exchanges have obtained premiums “on par” with their traditional financial service companies. This would be on a “client by client basis,” albeit, just for now, she claimed.
When and How: This versus that
CoinMarketCap lists 2000+ coins; insuring all of them is pointless. Insurance companies would need to develop a model to determine which coins are insurable, before addressing exchanges.
In this determination, while important, volatility will be secondary. Insurance companies would look at the security of the coin and its overarching network. Downey said,
“The concern is not so much over the volatility of an asset but, instead it is more about the transparency and security around the protocol behind a specific cryptocurrency.”
Insurance payouts – currency will also be called into question.
An investor losing Bitcoin will not be too chuffed about getting dollars in return, unless a complicated crypto-based insurance policy is concocted. The ‘hodler argument’ of crypto versus dollar does not hold when coins – lost and dollars – are reimbursed.
Question of regulation
Uncertainty is not limited to internal factors, but also external. Here, the concerns are specific – regulation and knowledge.
Since crypto-insurance is all about the crypto, the legal definition of the asset insured is pertinent, and a mess. Bitcoin, for instance, is legislated as a commodity, property, and a unit of account, in different countries. In some, it is even illegal.
According to Putra,
“When you’re taking people from traditional financial services and now giving them this new asset which is very fluid in some of its definitions, it becomes hard for them to wrap their heads around.”
The lack of standardization of what Bitcoin is is replicated in how it’s traded, transferred, stored, and valued. Once a standard is determined, the dominos will fall.
Downey credited the “lack of education” as another big obstacle for insurance providers. Seen primarily as catering to traditional regulated markets, for insurance providers to understand the complexities of the crypto ‘wild west‘ is an arduous task, and not a short one either.
However, that knowledge gap is shrinking. Downey added,
“The insurance markets themselves also spend a significant amount of time trying to learn, so I do think we’re heading in the right direction.”
Questions but no answer
If you think about it, insurance and decentralized currency are made for each other. One is about the decentralization of risk, the other about the decentralization of finance. So close in principle, so far in practice.
While its addition would make cryptocurrencies legitimate, or to use a less crass term, structured, to many it would deter the claim of decentrality. Hesitation, hence, is warranted.
For crypto and insurance to embrace, the questions posed above should find standardized solutions.
This standard could be internal. Comprising of crypto-service providers. A pool where exchanges contribute to a community reserve, one that could make customers ‘whole’ and prevent a price collapse.
Rather than vertical assimilation, why not horizontal? According to Putra, in the future, a “crypto-insurance fund” could be developed where users pay-in crypto-assets and receive benefits in times of peril. For the community, not individual exchange.
A payout in an insurance only – InsuruoCoin [ICO] perhaps? With the campaign slogan – Make ICOs great again? [MIGA]?
This may even [d]evolve to tribalistic tendencies, with each coin having its own insurance fund? Bitcoin [Insurance] Fund, Ethereum [Insurance] Fund?
Who knows how the convergence of the cryptocurrency market and the insurance industry develops. A certainty, however, is that as cryptocurrencies and crypto-service providers grow, the market will crave specialists and structure and insurance, of some form, will be essential.
“They must have insurance,” will soon be the crypto-parlance.