BOSTON, MA – Insurance carriers are fundamentally changing how they approach underwriting in response to heightened regulatory scrutiny, according to industry experts speaking at a recent financial services insurance summit. Rather than reacting to regulatory pressure with blanket policy changes or broad coverage restrictions, insurers are instead sharpening their focus on firm-specific risk characteristics—analyzing everything from leadership bios and investment strategies to client base composition and operational controls.
This shift represents a significant evolution in how insurance carriers assess and price risk, particularly for financial services firms, registered investment advisors (RIAs), private equity funds, and firms managing alternative assets. While regulatory crackdowns in the past—such as the 2008 financial crisis—triggered sweeping coverage restrictions and dramatic premium increases across entire sectors, today's insurers are taking a more surgical approach.
"There haven't been any blanket changes to the actual policy forms. If anything, they just keep broadening," said Jessica Thayer, Senior Vice President and Financial Services Practice Leader at Starkweather & Shepley Insurance. "What we're seeing is more underwriting to each specific risk."
For businesses, this means insurance outcomes increasingly depend on demonstrating strong governance, compliance infrastructure, and risk management practices rather than simply fitting into broad industry categories. Firms with robust internal controls and transparent operations can secure favorable terms, while those with compliance gaps or operational weaknesses face higher premiums, reduced coverage, or outright declinations.
Understanding the Shift: From Reactive to Granular Underwriting
Historical Context: The 2008 Financial Crisis Playbook
To appreciate the significance of today's approach, it's helpful to understand how insurers traditionally responded to major regulatory events.
During the 2008 financial crisis, insurers reacted with broad, industry-wide actions:
Sweeping coverage restrictions: Entire sectors faced new exclusions, sublimits, and coverage carve-outs. Financial institutions saw blanket restrictions on mortgage-backed securities, subprime lending, and securitization activities.
Massive premium increases: Rates surged 50-150% across financial services lines (D&O, E&O, fiduciary liability) regardless of individual firm risk profiles.
Capacity withdrawal: Carriers exited entire markets, reducing available limits and forcing firms to cobble together coverage from multiple insurers at significantly higher costs.
Retention increases: Deductibles and self-insured retentions doubled or tripled overnight, forcing firms to retain more risk.
Why this approach: Post-crisis, insurers lacked confidence in their ability to differentiate good risks from bad. Facing massive losses and uncertainty about future regulatory actions, they applied blunt instruments across entire sectors.
Today's Approach: Surgical Risk Assessment
The 2025 regulatory environment is more complex but hasn't produced a systemic crisis, allowing insurers to take a more nuanced approach:
No blanket policy changes: Policy forms remain stable or are even broadening in some cases as insurers compete for quality business.
Firm-specific underwriting: Carriers invest significant resources analyzing individual firm characteristics:
- Leadership: Experience, track record, regulatory history, disciplinary actions
- Investment philosophy: Strategy alignment with regulatory expectations, concentration risks, leverage levels
- Client base: Types of clients, assets under management, geographic distribution, client concentration
- Operational controls: Compliance infrastructure, cybersecurity measures, business continuity plans
- Regulatory relationships: History with SEC, FINRA, state regulators; exam findings; remediation actions
Pricing differentiation: Firms with strong risk profiles receive favorable pricing and broad coverage, while those with weaknesses face surcharges, restrictions, or declinations.
Why this approach works: Unlike 2008, there's no systemic regulatory crackdown creating industry-wide uncertainty. Instead, regulators are focusing on specific practices (private funds, digital assets, fee structures), allowing insurers to underwrite to those specific exposures rather than penalizing entire sectors.
Who's Facing Heightened Scrutiny: Private Funds and Digital Assets
While insurers aren't implementing blanket restrictions, two areas are drawing significantly more underwriting attention:
Private Funds: Enhanced Regulatory Focus
SEC crackdown on private fund practices: The SEC has increased scrutiny of private equity funds, hedge funds, and venture capital managers, focusing on:
Fee transparency: Hidden fees, accelerated monitoring fees, and fee calculation methodologies Conflicts of interest: Side letters, preferential terms for certain investors, allocation of expenses between funds and portfolio companies Performance reporting: Misleading performance metrics or cherry-picked benchmarks Custody and valuation: Inadequate controls over asset valuation and custody practices
Insurer response:
Detailed questionnaires: Carriers now request extensive information about:
- Fund structure and governance
- Fee arrangements and disclosure practices
- Side letter provisions
- Valuation methodologies
- Custody arrangements
- Regulatory examination history and findings
Higher scrutiny for emerging managers: New private fund managers or breakaway teams from larger firms face more intensive underwriting due to lack of track record and potential compliance infrastructure gaps.
Premium differentiation: Funds with strong compliance programs, transparent fee structures, and clean regulatory records receive standard pricing. Those with regulatory exam findings or weak controls face 20-50% surcharges or coverage limitations.
Coverage considerations: Insurers may exclude or sublimit coverage for:
- Fee disputes
- Valuation controversies
- Side letter claims
- Regulatory penalties related to fee practices
Strategic implications for private fund managers:
Document compliance infrastructure: Provide insurers with evidence of:
- Dedicated CCO with appropriate resources
- Compliance manual addressing fee practices, conflicts, and custody
- Annual compliance reviews
- Employee training programs
- Regulatory exam preparation and remediation processes
Address regulatory findings proactively: If your firm received SEC exam findings, demonstrate how you remediated issues. Insurers view remediation capability favorably.
Engage early: Private fund managers should start insurance renewal processes 120+ days before expiration to allow time for extensive underwriting.
Digital Assets: Uncharted Territory
Cryptocurrency, blockchain, and digital asset exposure creates significant underwriting challenges:
Regulatory uncertainty: Evolving SEC, CFTC, and state regulatory frameworks create ambiguity about compliance requirements and potential liability exposures.
Operational risks: Custody of digital assets, wallet security, and transaction processing present unique operational risks unfamiliar to traditional insurers.
Market volatility: Extreme price volatility in crypto markets creates valuation and fiduciary duty concerns.
Fraud and hacking: Digital asset space has experienced numerous high-profile frauds, hacks, and insolvencies (FTX, Mt. Gox, etc.), making insurers cautious.
Insurer response:
Limited appetite: Many insurers exclude or severely limit coverage for digital asset activities.
Extensive underwriting: Firms with digital asset exposure face detailed questionnaires about:
- Percentage of AUM in digital assets
- Types of digital assets (Bitcoin, Ethereum, altcoins, NFTs, etc.)
- Custody arrangements (self-custody vs. qualified custodians)
- Cybersecurity measures
- Client disclosures and suitability processes
- Regulatory engagement and licensing
Premium surcharges: Firms with digital asset exposure often face 25-100% premium increases or coverage exclusions.
Capacity challenges: Fewer carriers willing to provide coverage, reducing competition and increasing costs.
Strategic implications for firms with digital asset exposure:
Quantify exposure: Be specific about digital asset percentage of AUM and types of assets. Insurers view Bitcoin/Ethereum differently than obscure altcoins.
Demonstrate operational controls:
- Use qualified custodians (Coinbase Custody, Fidelity Digital Assets, etc.)
- Implement robust cybersecurity (MFA, cold storage, transaction monitoring)
- Maintain comprehensive client disclosure and suitability documentation
Consider separate entities: Some firms establish separate legal entities for digital asset activities to segregate insurance risk and obtain specialized coverage.
Seek specialized markets: Insurtech and specialty insurers (Chubb, Beazley, Coalition, At-Bay) have more appetite for digital asset risk than traditional carriers.
Beyond Private Funds and Digital Assets: Other High-Scrutiny Areas
Breakaway Firms and Newly Formed RIAs
Why insurers care: New firms lack track record, may have inadequate compliance infrastructure, and face higher failure rates.
What insurers examine:
Leadership backgrounds: Previous firm affiliations, reasons for leaving, regulatory history, disciplinary actions
Compliance infrastructure: CCO qualifications, compliance manual comprehensiveness, policies and procedures documentation
Operational readiness: Business continuity plans, cybersecurity measures, E&O coverage, custody arrangements
Client transition plans: How clients are being transitioned, disclosure to clients, potential disputes with previous firms
Strategic implications:
Invest in compliance early: Don't shortcut compliance infrastructure to save costs. Insurers heavily discount well-structured startups.
Document everything: Provide insurers with:
- Comprehensive compliance manual
- Proof of CCO qualifications
- Cybersecurity policies and controls
- Business continuity and disaster recovery plans
- Client agreements and ADV disclosures
Consider interim coverage: Some insurers offer "startup RIA" programs with more favorable terms, then transition to standard coverage after 2-3 years.
Fee Practices and Revenue Models
Heightened scrutiny of:
Performance fees: Calculation methodologies, disclosure to clients, compliance with SEC requirements
Wrap fee programs: Fee layering, disclosure adequacy, potential double-charging
Marketing practices: Misleading performance advertising, testimonials, cherry-picked results
Strategic implications:
Document fee disclosures: Provide insurers with sample client agreements showing clear fee disclosures.
Demonstrate compliance reviews: Show evidence of annual fee calculation audits and disclosure reviews.
Address regulatory concerns: If SEC or state regulators raised fee-related questions during exams, demonstrate remediation.
Cybersecurity and Data Protection
All financial services firms face elevated cyber underwriting:
Required controls: Multi-factor authentication (MFA), endpoint detection and response (EDR), employee training, incident response plans, regular backups
Insurers are mandating cybersecurity controls as conditions of coverage. Firms lacking basic controls face:
- Coverage exclusions
- Reduced limits
- Higher premiums
- Outright declinations
Strategic implications:
Implement MFA universally: This is now table stakes. Insurers will decline or heavily surcharge firms without MFA.
Deploy EDR: Endpoint detection and response tools (CrowdStrike, SentinelOne, Microsoft Defender) are increasingly required.
Document cybersecurity program: Provide insurers with:
- Written information security plan (required by SEC for RIAs)
- Evidence of employee training
- Incident response plan
- Business continuity and disaster recovery documentation
- Third-party security assessments
Consider cyber insurance: Standalone cyber insurance (separate from E&O) provides broader coverage and higher limits for cyber incidents.
How Insurers Are Evaluating Firm-Specific Risks
Leadership and Management Team
What insurers analyze:
Experience and track record: Years in industry, previous firm affiliations, roles, and responsibilities
Regulatory history: Any disclosures on Form ADV, FINRA BrokerCheck, or state regulatory databases
Disciplinary actions: Past complaints, arbitrations, regulatory actions, or settlements
Governance structure: Board composition, advisory committees, succession planning
Why it matters: Insurers view leadership quality as the single strongest predictor of firm risk. Experienced, clean-record leadership teams receive favorable terms. Those with regulatory baggage face surcharges or declinations.
What you can do:
Be transparent: Disclose any regulatory history upfront. Attempting to hide disciplinary actions will result in coverage declinations or rescissions.
Emphasize remediation: If past issues exist, demonstrate how you've addressed them and implemented controls to prevent recurrence.
Highlight experience: Provide resumes and bios showcasing leadership team depth and industry tenure.
Investment Philosophy and Strategy
What insurers analyze:
Asset allocation: Concentration in specific sectors, securities, or asset classes
Leverage: Use of margin, derivatives, or structured products
Liquidity: Ability to meet redemptions without forced liquidation
Alternative investments: Private equity, hedge funds, real estate, digital assets
Risk management: Processes for monitoring, measuring, and managing portfolio risk
Why it matters: Investment strategies perceived as risky or unconventional receive higher scrutiny and premiums. Conservative, diversified strategies receive favorable terms.
What you can do:
Articulate strategy clearly: Provide insurers with investment policy statements, strategy descriptions, and risk management frameworks.
Quantify risks: Demonstrate how you measure and manage concentration, leverage, and liquidity risks.
Disclose alternatives appropriately: Be upfront about alternative asset exposure and explain how it fits within overall strategy and risk tolerances.
Client Base Composition
What insurers analyze:
Client types: Institutional vs. individual, qualified purchasers vs. retail, accredited investors
Asset concentration: Percentage of AUM in top 10 clients
Geographic distribution: Concentrated in specific states or regions
Client sophistication: Financial experience and knowledge
Why it matters: Diversified client bases with sophisticated investors present less risk than concentrated bases with retail investors lacking financial sophistication.
What you can do:
Highlight diversification: Demonstrate broad client base without excessive concentration.
Emphasize suitability processes: Show how you assess client suitability and appropriateness of recommendations.
Document client sophistication: Provide evidence that clients understand investment strategies and risks.
Compliance Infrastructure
What insurers analyze:
CCO qualifications: Experience, certifications (CIPM, CIMA, etc.), resources available
Compliance manual: Comprehensiveness, specificity, regular updates
Policies and procedures: Code of ethics, insider trading, personal trading, gifts and entertainment, conflicts of interest, data security
Annual reviews: Evidence of annual compliance reviews and testing
Employee training: Frequency, topics, attendance, and testing
Regulatory exams: History of SEC or state exams, findings, remediation efforts
Why it matters: Strong compliance infrastructure signals lower risk and demonstrates firm commitment to regulatory adherence.
What you can do:
Invest in compliance: Don't view compliance as overhead. It directly impacts insurance costs and availability.
Document everything: Provide insurers with:
- Compliance manual (redacted as needed)
- Annual compliance review reports
- Employee training records
- Evidence of regulatory exam remediation
Engage experienced CCO: Qualified, experienced CCOs (either in-house or outsourced) significantly improve insurer perception.
Practical Steps: How to Navigate the New Underwriting Landscape
Step 1: Start Early (120+ Days Before Renewal)
Why: Granular underwriting takes time. Insurers need 6-8 weeks to analyze detailed firm information and develop tailored proposals.
What to do:
- Engage broker 120 days before renewal
- Prepare comprehensive underwriting submission
- Allow time for insurer questions and follow-up
- Reserve 3-4 weeks for proposal review and negotiation
Step 2: Prepare Comprehensive Underwriting Information
Go beyond basic renewal applications:
Leadership bios: Resumes, experience, education, certifications, regulatory history
Investment strategy documents: Investment policy statements, strategy descriptions, risk management frameworks
Compliance infrastructure: CCO resume, compliance manual summary, annual review reports, training records
Regulatory history: SEC/state exam reports (redacted), finding remediation documentation
Client base analysis: AUM breakdown by client type, concentration metrics, geographic distribution
Cybersecurity documentation: Information security plan, MFA implementation, EDR deployment, training programs
Why: Insurers view comprehensive submissions favorably. It demonstrates transparency, organization, and risk management sophistication.
Step 3: Address Weaknesses Proactively
Don't hide issues:
Regulatory findings: Disclose and explain remediation efforts
Leadership changes: Explain departures and emphasize stability
Client concentrations: Acknowledge and explain diversification efforts
Compliance gaps: Highlight plans to address shortcomings
Why: Insurers reward transparency and penalize attempts to hide issues. Demonstrating awareness and remediation of weaknesses is far better than insurers discovering them independently.
Step 4: Work with Specialized Brokers
Not all brokers understand financial services insurance:
Seek brokers with:
- Financial services specialization
- Relationships with carriers focused on RIAs, private funds, and financial firms
- Understanding of regulatory landscape and how it impacts underwriting
- Experience placing coverage for firms with similar profiles
Why: Specialized brokers know which carriers are most competitive for your profile, how to present your firm effectively, and how to negotiate optimal terms.
Step 5: Consider Coverage Enhancements
With policy forms broadening, now is the time to enhance coverage:
Request broader definitions: Expand who qualifies as "insured persons"
Reduce retentions/deductibles: Lower out-of-pocket costs
Increase limits: Ensure adequate protection for growing firms
Add supplemental coverages: Regulatory, cyber, employment practices
Eliminate exclusions: Remove or narrow exclusions added during hard markets
Why: Insurers competing for quality business are willing to broaden terms, not just reduce price.
The Future: What to Expect in 2026 and Beyond
Trend 1: Granular Underwriting Will Intensify
Why: Technology enables insurers to access and analyze more data about individual firms. Expect increasingly sophisticated risk assessment tools leveraging:
Regulatory databases: Automated monitoring of SEC filings, FINRA disclosures, state regulatory actions
Public data sources: News monitoring, litigation databases, social media
Third-party data: Cybersecurity ratings (BitSight, SecurityScorecard), financial stability metrics
Implication: Firms with strong risk profiles will benefit from favorable pricing differentiation. Those with weaknesses will face increasing challenges.
Trend 2: Cyber Controls Will Become Coverage Prerequisites
Why: Ransomware and cyber incidents continue escalating. Insurers are shifting from pricing cyber risk to preventing it through mandated controls.
Implication: Expect MFA, EDR, employee training, and incident response plans to become universal requirements for coverage, not just pricing considerations.
Trend 3: ESG and Climate Risk Will Enter Underwriting
Why: Regulators are increasingly focused on ESG disclosure and climate risk management. Insurers will begin examining:
ESG integration: How firms incorporate ESG factors into investment decisions and disclosures
Climate risk: Physical and transition risks, scenario analysis, disclosure practices
Implication: Firms with ESG expertise and robust climate risk frameworks will benefit. Those ignoring ESG will face questions and potential surcharges.
Trend 4: Alternative Assets Will Remain Challenging
Why: Private funds, digital assets, and non-traditional investments present complex risks that traditional carriers struggle to underwrite.
Implication: Expect continued tight markets for firms with significant alternative asset exposure. Specialized insurers and insurtech companies will increasingly serve this space.
Key Takeaways
Insurers have shifted from blanket policy changes to granular, firm-specific underwriting in response to regulatory scrutiny, focusing on individual risk characteristics rather than broad sector restrictions.
Private funds and digital assets draw heightened scrutiny due to intensified regulatory focus and complex risk profiles, resulting in detailed underwriting and potential premium surcharges.
Leadership quality, compliance infrastructure, and operational controls are now the primary underwriting factors, superseding broad industry categorizations.
Transparency and proactive risk management are rewarded with favorable terms, while attempts to hide weaknesses result in coverage declinations or rescissions.
Starting renewals 120+ days early and preparing comprehensive underwriting submissions significantly improves outcomes.
Working with specialized brokers who understand financial services insurance and regulatory dynamics is critical to navigating the new underwriting landscape.
Coverage enhancements are available for firms with strong risk profiles, as insurers compete on breadth of coverage in addition to price.
The evolution from reactive, blanket underwriting to surgical, firm-specific risk assessment represents a fundamental shift in how insurance operates. Businesses that understand this shift and demonstrate strong governance, compliance infrastructure, and risk management practices will benefit from favorable terms and competitive pricing. Those that view insurance as a transactional commodity and fail to invest in risk management will face increasingly challenging markets and escalating costs.
Need help navigating heightened insurance underwriting scrutiny? The shift to granular risk assessment creates challenges for some firms but opportunities for those with strong governance and compliance frameworks. Working with specialized insurance advisors ensures you present your firm effectively and secure optimal coverage terms.
Sources: Insurance Business Magazine, Starkweather & Shepley Insurance, Financial Services Insurance Reports