Lloyd's of London Cyber Insurance Requirements and Underwriting Standards
Lloyd's of London has established requirements and guidance for managing syndicates' cyber insurance exposure. Key requirements include: mandatory systemic cyber risk exclusions (from March 2023), war and state-backed cyber attack exclusions, cyber insurance risk management standards, and exposure management. Lloyd's Market Bulletin Y5381 (2022) requires all standalone cyber policies to exclude state-backed cyber attacks with clear attribution clauses. Managing agents must demonstrate cyber risk management capability. Lloyd's Realistic Disaster Scenarios (RDS) for cyber include cloud outage, mass ransomware, and data exfiltration scenarios.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (8)
Affirmative Coverage + LMA Model Clauses + March 2023
| Code | Title |
|---|---|
| LLOYDS-CI-Affirmative-Coverage-Property-Cyber-Mandatory-Clarity-LMA-Model-Clauses-March-2023-Implementation | Lloyds Cyber Insurance Affirmative Coverage + LMA Model Clauses + March 2023 |
Claims + Sanctions + Ransomware Payment + OFAC
| Code | Title |
|---|---|
| LLOYDS-CI-Claims-Handling-Standards-Cyber-Events-Sanctions-Ransomware-Payment-Compliance-OFAC-HMT | Lloyds Cyber Insurance Claims + Sanctions + Ransomware Payment + OFAC |
Conduct + TCF + Silent Cyber + Regulatory
| Code | Title |
|---|---|
| LLOYDS-CI-Conduct-Risk-Treating-Customers-Fairly-Silent-Cyber-Reviews-Regulatory-Notifications-Material | Lloyds Cyber Insurance Conduct + TCF + Silent Cyber + Regulatory Notifications |
Pricing + Rate + Authority + Bordereaux
| Code | Title |
|---|---|
| LLOYDS-CI-Pricing-Rate-Adequacy-Underwriter-Authority-Reference-Limits-Exposure-Data-Bordereaux | Lloyds Cyber Insurance Pricing + Rate Adequacy + Authority + Exposure Data |
Reinsurance + Capital + Solvency II + Coverholder
| Code | Title |
|---|---|
| LLOYDS-CI-Reinsurance-Capital-Protection-Solvency-II-ORSA-Coverholder-Delegated-Authority-Cyber-Underwriting | Lloyds Cyber Insurance Reinsurance + Capital + Solvency II + Coverholder |
Risk Selection + Cyber Hygiene + Pre-Bind
| Code | Title |
|---|---|
| LLOYDS-CI-Risk-Selection-Cyber-Hygiene-Underwriting-Criteria-Pre-Bind-Risk-Engineering-MFA-Backup-EDR | Lloyds Cyber Insurance Risk Selection + Hygiene + Pre-Bind Engineering |
Systemic Aggregation + Catastrophe Modelling
| Code | Title |
|---|---|
| LLOYDS-CI-Systemic-Cyber-Risk-Aggregation-Cyber-Catastrophe-Modelling-Vendor-Use-RDS-Scenario-Testing | Lloyds Cyber Insurance Systemic Aggregation + Catastrophe Modelling + RDS |
War + State-Backed Exclusions + Attribution
| Code | Title |
|---|---|
| LLOYDS-CI-War-Cyber-Operation-State-Backed-Exclusions-LMA5400-5403-Attribution-Mechanism-Carve-Backs | Lloyds Cyber Insurance War + Cyber Operation + State-Backed Exclusions + Attribution |
Your Compliance Coverage
If you comply with Lloyd's of London Cyber Insurance Requirements and Underwriting Standards, you already cover:
Vietnam Law on Cybersecurity (No. 24/2018/QH14)
25%
2 controls mapped
Compare →Vermont Artificial Intelligence and Consumer Data Act (AICDA)
25%
2 controls mapped
Compare →US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule
25%
2 controls mapped
Compare →+ 70 more: UK Defence Standard 05-138 - Cyber Security for Defence Suppliers (25%), Turkey KVKK (25%)
See all 73 mapped frameworks ↓Maps to 73 other frameworks
Frequently Asked Questions
What is Lloyd's of London Cyber Insurance Requirements and Underwriting Standards?
Lloyd's of London Cyber Insurance Requirements and Underwriting Standards is a compliance framework from United Kingdom (Lloyd's of London) with 8 domains and 8 controls. Lloyd's of London has established requirements and guidance for managing syndicates' cyber insurance exposure. Key requirements include: mandatory systemic cyber risk exclusions (from March 2023), war and state-backed cyber attack exclusions, cyber insurance risk management standards, and exposure management. Lloyd's Market Bulletin Y5381 (2022) requires all standalone cyber policies to exclude state-backed cyber attacks with clear attribution clauses. Managing agents must demonstrate cyber risk management capability. Lloyd's Realistic Disaster Scenarios (RDS) for cyber include cloud outage, mass ransomware, and data exfiltration scenarios. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Lloyd's of London Cyber Insurance Requirements and Underwriting Standards have?
Lloyd's of London Cyber Insurance Requirements and Underwriting Standards has 8 controls organised across 8 domains. The largest domains are Affirmative Coverage + LMA Model Clauses + March 2023 (1 controls), Claims + Sanctions + Ransomware Payment + OFAC (1 controls), Conduct + TCF + Silent Cyber + Regulatory (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Lloyd's of London Cyber Insurance Requirements and Underwriting Standards map to?
Lloyd's of London Cyber Insurance Requirements and Underwriting Standards maps to 73 other compliance frameworks. The top mapping partners are Vietnam Law on Cybersecurity (No. 24/2018/QH14) (25% coverage), Vermont Artificial Intelligence and Consumer Data Act (AICDA) (25% coverage), US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule (25% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Lloyd's of London Cyber Insurance Requirements and Underwriting Standards compliance?
Start your Lloyd's of London Cyber Insurance Requirements and Underwriting Standards compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Lloyd's of London Cyber Insurance Requirements and Underwriting Standards requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required