Cyber and GDPR

The OPDU Trustee Liability policy provides cover for certain elements of Cyber related risk, as follows;

• Indirect losses arising from cyber events may be covered under OPDUs PTL policy where an allegation of Wrongful Act has been made in accordance with the policy
• In the event that a third-party provider, such as an administrator, fails to supply the service promised under the contract due to a cyber-event, the OPDU policy may respond if you have the Third-Party Pursuit extension. In this case the policy will pay the costs of pursuing the third party for redress subject to the policy terms and conditions
• Investigations may also be covered which stem from a cyber-event becoming known. In this case there is no requirement of an allegation of Wrongful Act.
• We would encourage trustees to review their contracts with their party providers to ensure that adequate provision is made for losses arising from cyber events.
• Civil fines and penalties issued by the Information Commissioner

It’s important to remember that it is not the intention of the Trustee Liability policy to provide Cyber cover. Our recommendation would be for an assessment to be carried out as to whether there is a Sponsor Cyber policy in place, as usually the Sponsoring Employer would have a companywide cyber policy that includes the pension scheme. Any agreements with third parties such as Administrators or Investment Managers should also be checked, as usually there would be some caveats contained within these agreements over data protection / insurances etc.

OPDU can on a case-by-case basis secure stand-alone Cyber cover for Pension Schemes upon request.

To discuss please get in touch.

contact us