We're sorry but your browser is not supported by Marsh.com

For the best experience, please upgrade to a supported browser:


Risk in Context

Exposure Quantification is the Key to Understanding an Organisation's Vulnerability to Cryptocurrency Theft

Posted by Neil Head 13 August 2019


Since the advent of bitcoin – the first digital currency – in 2009, and blockchain, the payment network technology over which cryptocurrencies are transacted over, the number of cryptocurrency users has consistently grown.

The number of individuals worldwide owning a cryptocurrency wallet has increased by more than six times in the last three years [1], and between 1 September 2013 and 7 December 2017, the value of bitcoin experienced a 10,000% increase in its value [2]. The rapid expansion of the circulating supply, and indeed the price of cryptocurrencies, has led to a global increase in appetite for the underlying technology.

How Does it Work and How is it Disruptive?

Blockchain technology utilises a mathematics-based encryption system (cryptography), which inherently protects transactions from theft.

Traditional currencies are controlled centrally by a government and – because of their physical nature – can be regulated by a third-party. Conversely, cryptocurrency runs on blockchain, which is a peer-to-peer network, meaning that no single entity can control a currency's value. The technology creates a directory of all historical transactions, which everyone can access via an open ledger, in stark contrast with the way usual payment networks operate.

The entities that could suffer most from the widespread use of cryptocurrency are banks. Cryptocurrency is inherently a cloud-based technology that allows independent currency transactions, thereby disrupting the very foundations upon which banking was founded [3].

Why Quantify Cryptocurrency Risk?

The increased scale of cryptocurrency, predominantly in its value and prominence, has meant more and more organisations are seeking responsive risk management and insurance solutions. As they look to not only understand the risk cryptocurrency holds, but also how to quantify that risk, insurance should be a larger consideration than it might have been previously.

Aside from market volatility, one of the high potential risks attached to holding cryptocurrency is cryptocurrency theft (CCT). CCT is a specific line of coverage under Crime policies that concerns the risk of cryptocurrency assets being stolen over three different mediums: cold, warm, and hot [4].

Modelling Future Threats and Thefts

Given the many ways that cryptocurrency assets can be stolen, how can a company quantify its potential risk and losses?

Armed with a listing of historical CCT incidents reported in the public domain and bespoke inputs, both the frequency and severity of a potential future theft event can be determined. This allows the generation of a loss model that projects CCT losses on a case-by-case basis.

Such a model can help an organisation make informed risk financing decisions and identify the optimal insurance programme for its unique risk profile.

Understanding the growing risk of CCT and having a broad view of historical CCT incidents will go a long way to ensuring the appropriate cryptocurrency risk cover is obtained, and that adequate risk mitigation strategies are put in place.


 4. Cold – offline not connected to the internet.
Warm – the transition period between cold and hot storage.
Hot – online, connected to the internet.
Read more

Neil Head

Analyst, Marsh Risk Analytics


Are You Keeping Track of Your Supply Chain?

Posted by David Tate 19 August 2019


Food Delivery – Disrupting the future

Posted by David Tate 13 August 2019