E-commerce risk management and insurance

E-commerce, like any other area of human activity, is associated with risks that are fraught with very tangible losses.


As you know, the “I Love You” computer virus interrupted its work (in some cases - repeatedly) or damaged about 70 million computers worldwide, and the damage caused to them amounted to more than $ 10 billion. Currently, there are from 20 to 50 thousand various viruses, and their number is constantly growing. According to a study, over 90% of shopping websites have already encountered hacker attacks.

Risk management is a system of organizational and economic measures aimed at timely identification and assessment of potential risks, prevention or minimization of the consequences of accidental and difficult to predict events that can lead to disruption of the normal functioning or even liquidation of enterprises and organizations. For e-commerce, this means identifying risks, ranking them, and deciding on the allocation of responsibility for risk control.

An Internet retailer that insures the risks of e-commerce must be prepared for the fact that, when deciding on the provision of insurance coverage, the e-commerce insurance company will necessarily involve a third-party company specializing in e-commerce and information security technologies to conduct an independent inspection survey. Based on the results of this inspection, preventive measures are determined (for example, the need to back up the most important information, organize maintenance that meets modern safety and reliability requirements, ensure fire safety, purchase an air conditioning system, etc.), with the implementation of which the insurance program is linked. Let's take a closer look at the main types of risks arising in the e-commerce market.

Currently, there are various technical ways to prevent the respective types of risks. However, it is not always possible to completely eliminate risks by such methods: the degree of information security has its upper limit, determined by the properties of the existing equipment and the specifics of the technologies used. E-commerce risk insurance can be a natural addition to technical protection methods, and the world's leading insurance companies (primarily American ones) began to actively develop this area. 

The most developed market segment is insurance against electronic and computer crimes. In Russia, it began to develop five years ago, when there was a demand for these services from banks and other financial institutions. Usually, insurance of financial institutions against electronic and computer crimes provides for compensation for losses incurred as a result of

  • Unauthorized data entry or changes;
  • Introducing fraudulently prepared or modified commands into the computer system;
  • Damage, destruction or interception of information;
  • Blocking access to data and to the website;
  • Exposure to computer viruses, etc.

The insurance contract may provide for the obligation of the insurance company to reimburse legal costs and other similar costs incurred by the insured as a result of legal proceedings or other legal proceedings brought against him (provided that the insurer has previously approved the actions of the insured in relation to events related to the risks accepted for insurance).