Lloyd's of London Cyber Insurance Requirements and Underwriting Standards
Lloyd's of London has established requirements and guidance for managing syndicates' cyber insurance exposure. Key requirements include: mandatory systemic cyber risk exclusions (from March 2023), war and state-backed cyber attack exclusions, cyber insurance risk management standards, and exposure management. Lloyd's Market Bulletin Y5381 (2022) requires all standalone cyber policies to exclude state-backed cyber attacks with clear attribution clauses. Managing agents must demonstrate cyber risk management capability. Lloyd's Realistic Disaster Scenarios (RDS) for cyber include cloud outage, mass ransomware, and data exfiltration scenarios.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (8)
Affirmative Coverage + LMA Model Clauses + March 2023
| Code | Title |
|---|---|
| LLOYDS-CI-Affirmative-Coverage-Property-Cyber-Mandatory-Clarity-LMA-Model-Clauses-March-2023-Implementation | Lloyds Cyber Insurance Affirmative Coverage + LMA Model Clauses + March 2023 |
Claims + Sanctions + Ransomware Payment + OFAC
| Code | Title |
|---|---|
| LLOYDS-CI-Claims-Handling-Standards-Cyber-Events-Sanctions-Ransomware-Payment-Compliance-OFAC-HMT | Lloyds Cyber Insurance Claims + Sanctions + Ransomware Payment + OFAC |
Conduct + TCF + Silent Cyber + Regulatory
| Code | Title |
|---|---|
| LLOYDS-CI-Conduct-Risk-Treating-Customers-Fairly-Silent-Cyber-Reviews-Regulatory-Notifications-Material | Lloyds Cyber Insurance Conduct + TCF + Silent Cyber + Regulatory Notifications |
Pricing + Rate + Authority + Bordereaux
| Code | Title |
|---|---|
| LLOYDS-CI-Pricing-Rate-Adequacy-Underwriter-Authority-Reference-Limits-Exposure-Data-Bordereaux | Lloyds Cyber Insurance Pricing + Rate Adequacy + Authority + Exposure Data |
Reinsurance + Capital + Solvency II + Coverholder
| Code | Title |
|---|---|
| LLOYDS-CI-Reinsurance-Capital-Protection-Solvency-II-ORSA-Coverholder-Delegated-Authority-Cyber-Underwriting | Lloyds Cyber Insurance Reinsurance + Capital + Solvency II + Coverholder |
Risk Selection + Cyber Hygiene + Pre-Bind
| Code | Title |
|---|---|
| LLOYDS-CI-Risk-Selection-Cyber-Hygiene-Underwriting-Criteria-Pre-Bind-Risk-Engineering-MFA-Backup-EDR | Lloyds Cyber Insurance Risk Selection + Hygiene + Pre-Bind Engineering |
Systemic Aggregation + Catastrophe Modelling
| Code | Title |
|---|---|
| LLOYDS-CI-Systemic-Cyber-Risk-Aggregation-Cyber-Catastrophe-Modelling-Vendor-Use-RDS-Scenario-Testing | Lloyds Cyber Insurance Systemic Aggregation + Catastrophe Modelling + RDS |
War + State-Backed Exclusions + Attribution
| Code | Title |
|---|---|
| LLOYDS-CI-War-Cyber-Operation-State-Backed-Exclusions-LMA5400-5403-Attribution-Mechanism-Carve-Backs | Lloyds Cyber Insurance War + Cyber Operation + State-Backed Exclusions + Attribution |
Your Compliance Coverage
If you comply with Lloyd's of London Cyber Insurance Requirements and Underwriting Standards, you already cover:
SQF Code Edition 9 - Safe Quality Food
25%
2 controls mapped
Compare →Privacy Act 1988 (Australia)
25%
2 controls mapped
Compare →PCAOB AS 2201 - Audit of Internal Control Over Financial Reporting (ICFR)
25%
2 controls mapped
Compare →+ 86 more: NIST Privacy Framework (25%), Nevada Gaming Control Board Cybersecurity Requirements (25%)
See all 89 mapped frameworks ↓Maps to 89 other frameworks
Frequently Asked Questions
What is Lloyd's of London Cyber Insurance Requirements and Underwriting Standards?
Lloyd's of London Cyber Insurance Requirements and Underwriting Standards is a compliance framework from United Kingdom (Lloyd's of London) with 8 domains and 8 controls. Lloyd's of London has established requirements and guidance for managing syndicates' cyber insurance exposure. Key requirements include: mandatory systemic cyber risk exclusions (from March 2023), war and state-backed cyber attack exclusions, cyber insurance risk management standards, and exposure management. Lloyd's Market Bulletin Y5381 (2022) requires all standalone cyber policies to exclude state-backed cyber attacks with clear attribution clauses. Managing agents must demonstrate cyber risk management capability. Lloyd's Realistic Disaster Scenarios (RDS) for cyber include cloud outage, mass ransomware, and data exfiltration scenarios. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Lloyd's of London Cyber Insurance Requirements and Underwriting Standards have?
Lloyd's of London Cyber Insurance Requirements and Underwriting Standards has 8 controls organised across 8 domains. The largest domains are Affirmative Coverage + LMA Model Clauses + March 2023 (1 controls), Claims + Sanctions + Ransomware Payment + OFAC (1 controls), Conduct + TCF + Silent Cyber + Regulatory (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Lloyd's of London Cyber Insurance Requirements and Underwriting Standards map to?
Lloyd's of London Cyber Insurance Requirements and Underwriting Standards maps to 89 other compliance frameworks. The top mapping partners are SQF Code Edition 9 - Safe Quality Food (25% coverage), Privacy Act 1988 (Australia) (25% coverage), PCAOB AS 2201 - Audit of Internal Control Over Financial Reporting (ICFR) (25% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Lloyd's of London Cyber Insurance Requirements and Underwriting Standards compliance?
Start your Lloyd's of London Cyber Insurance Requirements and Underwriting Standards compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Lloyd's of London Cyber Insurance Requirements and Underwriting Standards requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 700 frameworks.
Get Started Free →Free forever — no credit card required