Industry Perspective

A Brief History of Marine Insurance

The first formal marine insurance policy was created around 1350.
By: | March 6, 2018 • 14 min read
Topics: Marine | Underwriting

The ubiquitous intermodal box container was developed by Malcolm McLean in 1956. Opposed by longshoremen, railroads, and ship lines, its simplicity and efficiency prevailed, reducing unit costs for retail consumer goods to essentially nothing. But there is a hitch: the efficiency of a pre-packed container means contents are rarely inspected. Flammable or hazardous materials are supposed to be declared, but often are not. As a result, containership fires are not uncommon. The newest massive vessels can carry close to 10,000 40-foot containers, raising new questions about concentration of risk.

Financial history has most often been taken to be the history of money, banking and lending, and stock markets. Fair enough, but insurance deserves equal billing.

It is a widely held belief by insurance professionals and several researchers that marine insurance — hull and cargo specifically — are the oldest forms of insurance. Some date early forms of those to Phoenician traders whose heyday of trading colonies around the Mediterranean began around 1200 BC. The French port of Marseilles was among the farthest west, founded around 600 BC.


Trade over those distances, with voyages lasting weeks and months, clearly involved risks greater than local trade, terrestrial or maritime. The history of business has been driven by the need to concentrate capital. That also means a concentration of risk. The history of insurance has been driven by the concurrent need to transfer and diffuse those concentrated risks.

The prize document in financial history is the oldest known share certificate, representing stock in the Dutch East India Company dated 1606. But marine insurance has that beat by two and a half centuries.

“The first formal marine insurance policy that we would recognize today as such was from 1350,” said Rod Johnson, director of marine risk management at RSA Global Risk, a major UK underwriter. He is also sits on the loss-prevention committee of the International Union of Marine Insurers.

“Marine insurance is based on agreed levels of uncertainty,” Johnson explained. “The owner of the vessel and the shippers of the cargo know where the vessel is supposed to go, but they don’t know exactly where it is or what it is doing at any moment. Neither do the insurers.”

Rod Johnson, director of marine risk management, RSA Global Risk

Those earliest formal policies built on the earliest attempt at international maritime law. According to Medieval Maritime Law from Oléron to Wisby: Jurisdictions in the Law of the Sea by Edda Frankot (University of Groningen/University of Aberdeen), “the most famous medieval sea laws are probably the Rôles d’Oléron (or Jugemens de la mer [Judgments of the Sea]), which are named after a small island off the coast of the medieval duchy of Aquitaine.” They are also known as The Rolls of Oleron.

“They were drawn up in French in or shortly before 1286 and contain regulations for the wine trade from Brittany and Normandy to England, Scotland and Flanders,” Frankot wrote. “The two oldest extant manuscripts containing the Rôles, both from the early 14th century, are of English origin. A mention of the laws in a report written in the 12th year of Edward III’s reign (1329) confirms that the laws were in use in England in the first half of the 14th century. In France, the Rôles d’Oléron had been adopted as the official sea law by 1364.”

If any ship, or other vessel, by any casualty or misfortune happens to be wrecked and perish, in that case, the pieces of the hulk of the vessel, as well as the lading thereof, ought to be reserved and kept in safety for them to whom it belonged before such disaster happened, notwithstanding any custom to the contrary. — The Rules of Oleron (c. 1266) Article XLVI, according to the Admiralty and Maritime Law Guide

There is evidence of insurance-like risk-transfer agreements from Amsterdam in 1598, Antwerp in 1555, and Barcelona in 1484. And indeed, Marine Insurance: Origins and Institutions, 1300-1850 (Adrian Leonard ed. 2016) cites a 1601 quote from Sir Francis Bacon (1561-1626) that marine insurance had existed from “time out of mind.”

While there it is happenstance that centuries-old ephemera such as stock certificates or contracts have survived to provide original source material today, court records are meticulously kept. According to Robert Merkin et al., Marine Insurance Legislation (5th ed. 2014) “There are reports of marine insurance cases coming before the English courts in the 16th and 17th Centuries, and it is clear from the early cases that the courts were prepared to enforce marine policies according to their terms.”

The early concepts in marine insurance sorted first by practice, then contract, inevitably litigation, and finally legislation, included the difference between human causes and natural causes (“acts of man” or “acts of God”). Even that, which might seem to be a bright line difference, quickly got murky. A storm is obviously an act of nature, but failure to steer away from a storm, or to secure the vessel against wind and waves, are just as obviously human failings.

It should also be noted that merchants and mariners are among the least likely business persons to resolve matters by litigation and legislation. Intervention by civil and criminal authorities leads to regulation and taxation, both of which limit profitability. The distaste was mutual, that is courts and governments felt the limitations of their jurisdiction and of their expertise in nautical matters and early global trade.

At first, all that was at stake was the capital invested, or sunk, if that became literally true. Shipowners could also take out liens or mortgages on their vessels, called bottomry bonds. Like an equity loan on terrestrial property, the asset could be seized for non-payment. But if the asset were lost, both the owner and the lender were out.

Insurance represented a different approach: contingent capital. It was pledged by underwriters, but not at risk, and could theoretically be extended indefinitely. Underwriters were literally those who signed their names at the bottom of the policy. The synonym at the time was subscribers. They in turn could lay off part of their risk to others to the point where any one loss, or even a group of losses, could be borne by the wider pools of contingent capital.

Interestingly, marine insurance in Europe developed as a way to protect capital, but around the coast of what are today India and Pakistan at roughly the same time it developed as a way to replace capital. Lands bordering the Indian Ocean long had a maritime trading system every bit as extensive as that around the Mediterranean or northern Europe. There was, however, significantly less capital. The loss of a vessel could be ruinous to a fisherman or trader.

Marine insurance is based on agreed levels of uncertainty. The owner of the vessel and the shippers of the cargo know where the vessel is supposed to go, but they don’t know exactly where it is or what it is doing at any moment. Neither do the insurers. — Rod Johnson, director of marine risk management, RSA Global Risk

Early on, British merchants and mariners struck a balance between private and public interests: the club. Groups of traders, shipowners, brokers and investors would pool their resources.

The key factor is that all members of the club were known to each other and usually pledged to do business only within the club. In insurance, the similar form is the mutual in which pooled contingent capital is pledged.


“A succession of wars against France from the end of the 16th Century had grave effects for both merchant and war vessels,” wrote Merkin.

That “also led to the wave of financial speculation ultimately stamped out by the Bubble Act of 1720, [which] resulted in a prohibition on the carrying of marine insurance by companies other than the two chartered [ones], The Royal Exchange, and London Assurance.”

In February 1688, Edward Lloyd’s Coffee House in Tower Street was referred to for the very first time in the London Gazette, according to the official company history, corroborated by historical references. The article declared a reward for five stolen watches and encouraged anyone with information to contact Lloyd at his shop “in the City.”

To this day “The City of London” is the one-square-mile business center, equivalent to the Financial District in Manhattan.

Lloyd’s coffee house specialized in information about shipping. At this time, there were more than 80 coffee houses within the City of London’s walls, each claimed its own specialization. By the 1730’s, Lloyd’s was emerging as the spot for marine underwriting by individuals.

The American Revolution, followed by the Napoleonic Wars, did not see the dire effects on shipping business as had been seen in earlier naval conflict. That helped to substantiate the viability of contingent risk. Just as important, marine insurance proved to be profitable, attracting more legitimate involvement, business expertise and capital.

Costa Concordia, owned by the world’s largest cruise line Carnival, hit rocks close to the island of Giglio off Tuscany in January 2012, killing 32 people. The captain, who fled as the ship sank, was convicted of manslaughter. The salvage — righting, removing, and scrapping of the ship; as well as payment of damages and environmental restoration — cost $2 billion and took more than two years.

At least one reference dates the first publication of Lloyd’s Ships arrived in 1692 as a news sheet that became Lloyd’s List. The company itself cites 1734 as the initial publication of Lloyd’s List.

“The first edition of Lloyd’s List, one of the world’s oldest continuously running journals, was first published by Thomas Jemson,” according to the official company history.

“He used Lloyd’s name and not his own because by this time, the establishment had instant recognition in the shipping community and a dedicated audience who would pay for subscriptions. More than 300 years on, the paper still provides weekly shipping news to London and beyond.”

Returning to the question of natural versus human causes for loss, an important trial took place in 1764. It was over a ship built in France and insured by Lloyd’s. At the trial after its loss, the vessel was described as being in a “weak, leaky and distressed condition.”

The long case determined that a ship must be seaworthy before leaving shore, and that a loss would not have to be paid on an insured vessel “which suffered from a latent defect unknown to both parties to the contract.”


Favorable rulings and profitability led to a lowering of standards. “Underwriters at Lloyd’s coffee house had enjoyed higher profits in the early 1760s, in part due to the Seven Years’ War, but as it came to an end, marine premiums returned to a lower level,” according to the company history.

This drove certain underwriters to more speculative lines — putting their names to other kinds of risks, including highway robbery and death by gin drinking — and Lloyd’s coffee house soon became notorious as a gambling den.

An extract from the London Chronicle of the time stated: ‘The amazing progress of illicit gambling at Lloyd’s coffee house is a powerful and very melancholy proof of the degeneracy of the times.’” A “new Lloyd’s” was formed by reform-minded members, supported by legislation and regulation.

In 1799 the economy in the German city of Hamburg was in dire straights, and City of London merchants raised a large amount of capital, mostly in specie, to keep its sister port city solvent. The consignment was loaded onto the Royal Navy frigate HMS Lutine, and insured by Lloyd‘s underwriters.

The Lutine was driven ashore in the Netherlands by a storm with the loss of all crew and cargo. In 1858 The Lutine bell was salvaged and hung from the rostrum of Lloyd’s Underwriting Room. Eventually, the bell would be struck when news of an overdue ship arrived — once for its loss, and twice for its safe return.

Just two years earlier the North of England Steam Ship Insurance Association (NESSIA) was founded in Newcastle upon Tyne in January 1856, according to the sesquicentennial history of the successor organization, the North of England Protecting & Indemnity Club.

NESSIA appears to have been among the earliest clubs founded to insure steamships. Although they had been in use for almost half a century, steamships were still a minority of the British merchant fleet, which then accounted for half of all the world’s tonnage.

Some shipowners, especially those in the north of England, bridled at the limited market for insurance, one of the two recognized commercial underwriters, The Royal Exchange and London Assurance, as well as the individuals and clubs in Lloyd’s. By 1824 the legal sanction for that triumvirate was ended, and mutual clubs began to grow.

The North of England Iron Steam Ship Protecting Association, its name reflecting the growing development of the steamship, emerged out of NESSIA in 1860.

“Today the P&I clubs, including 13 international groups, represent about 90 percent of the world’s P&I business,” said Nick Tonge, deputy director (correspondents) at North of England P&I. “There are a few commercial underwriters that get into P&I, and the business is still growing. Vessels are growing in size.”

The insurance ticket signing off on the loss of the Titanic. Courtesy: Willis Towers Watson

The most recent set of broad maritime laws pertaining to responsibilities of owners, masters, and shippers is the International Convention for the Unification of Certain Rules of Law relating to Bills of Lading, universally known as the Hague-Visby Rules.

The original Hague Rules were adopted in 1924, then updated in 1968 and 1979.

Interestingly, several major maritime nations “denounced” the original 1924 treaty; notably the U.K., the Netherlands, Finland, Sweden, Denmark, Japan, Australia and Hong Kong. All subsequently accepted the conventions.

Today only four nations refuse to acknowledge Hague-Visby: Paraguay and St. Vincent & the Grenadines stand by their ’24 refusal; Lebanon declined in ’24 and again in ’68. Egypt accepted in ’24 then denounced in ’68.

To be clear, Hague-Visby does not set insurance policy or practice. They are international conventions upon which individual insurance companies or clubs base their policy terms and conditions.

Marine insurance has now developed into about half a dozen distinct lines, some reflecting the original and timeless need to transfer risk for vessel and cargo, and some reflecting very modern perils. Tonge explained that P&I insurance covers primarily liability: crew claims, passenger claims, pollution, cargo damage and some collision.

Nick Tonge, deputy director (correspondents), North of England P&I

The other elemental form of marine insurance is hull and machinery (H&M), the vessel itself. That is handled largely by brokers in the commercial market.

The third line is freight, demurrage and defense (FD&D) that primarily protects charterers. Today, vessel owners tend to be investors that lease to operators on various types of time charters. “FD&D indicates what the owner is responsible for, and what the charterer is responsible for, but a lot of disputes still arise,” said Tonge.

The other three major forms of modern marine insurance are specialized. There is war-risk cover because acts of war are specifically excluded by both P&I and by H&M. There is also strike cover, to offset expenses arising out of labor disputes by stevedores, pilots and other trades essential to getting vessels loaded and unloaded. And, sadly, there is kidnap and ransom insurance.

For a business practice that dates back millennia, marine insurance continues to develop. The latest element is the newest in all of business: distributed-ledger systems, also known as blockchain technology. While these systems arose out of dodgy cryptocurrencies, it is just this year being put to legitimate commercial use by several consortia of steamship lines, underwriters and brokers.


For example, a vessel is supposed to have war-risk cover if it will be passing through a designated war zone. Often insureds choose not to take on that cost, which can be considerable.

With satellite navigation and “smart” contracts using a blockchain, a vessel can effectively go on-risk if it enters a danger zone and off-risk when it leaves, with the premium pro-rated for only the actual on-risk time rather than the whole voyage.

But even with such digital developments, marine insurance retains its history. P&I contracts are still renewed on February 20 because that was the earliest date on which Tyneside traders could leave port and cross the North Sea to the Baltic and find it free of ice.

The Lutine bell is still rung at Lloyd’s to herald news of an overdue vessel.

And even on the inland seas of North America, “The legend lives on from the Chippewa on down, of the big lake they called ‘Gitche Gumee.’ … And the iron boats go, as the mariners all know, with the gales of November remembered.”

The author thanks Taryn L. Rucinski, supervisory librarian at the U.S. Court of International Trade, for her insight, diligence and cheerful support of in finding and providing research materials.

Reprinted with permission from the Winter 2018 Edition of Financial History Magazine (https://joom.ag/tYCY), quarterly  publication of the Museum of American Finance  (www.moaf.org). All rights reserved.

Gregory DL Morris is an independent business journalist based in New York with 25 years’ experience in industry, energy, finance and transportation. He can be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

Cyber Resilience

No, Seriously. You Need a Comprehensive Cyber Incident Response Plan Before It’s Too Late.

Awareness of cyber risk is increasing, but some companies may be neglecting to prepare adequate response plans that could save them millions. 
By: | June 1, 2018 • 7 min read

To minimize the financial and reputational damage from a cyber attack, it is absolutely critical that businesses have a cyber incident response plan.

“Sadly, not all yet do,” said David Legassick, head of life sciences, tech and cyber, CNA Hardy.


In the event of a breach, a company must be able to quickly identify and contain the problem, assess the level of impact, communicate internally and externally, recover where possible any lost data or functionality needed to resume business operations and act quickly to manage potential reputational risk.

This can only be achieved with help from the right external experts and the design and practice of a well-honed internal response.

The first step a company must take, said Legassick, is to understand its cyber exposures through asset identification, classification, risk assessment and protection measures, both technological and human.

According to Raf Sanchez, international breach response manager, Beazley, cyber-response plans should be flexible and applicable to a wide range of incidents, “not just a list of consecutive steps.”

They also should bring together key stakeholders and specify end goals.

Jason J. Hogg, CEO, Aon Cyber Solutions

With bad actors becoming increasingly sophisticated and often acting in groups, attack vectors can hit companies from multiple angles simultaneously, meaning a holistic approach is essential, agreed Jason J. Hogg, CEO, Aon Cyber Solutions.

“Collaboration is key — you have to take silos down and work in a cross-functional manner.”

This means assembling a response team including individuals from IT, legal, operations, risk management, HR, finance and the board — each of whom must be well drilled in their responsibilities in the event of a breach.

“You can’t pick your players on the day of the game,” said Hogg. “Response times are critical, so speed and timing are of the essence. You should also have a very clear communication plan to keep the CEO and board of directors informed of recommended courses of action and timing expectations.”

People on the incident response team must have sufficient technical skills and access to critical third parties to be able to make decisions and move to contain incidents fast. Knowledge of the company’s data and network topology is also key, said Legassick.

“Perhaps most important of all,” he added, “is to capture in detail how, when, where and why an incident occurred so there is a feedback loop that ensures each threat makes the cyber defense stronger.”

Cyber insurance can play a key role by providing a range of experts such as forensic analysts to help manage a cyber breach quickly and effectively (as well as PR and legal help). However, the learning process should begin before a breach occurs.

Practice Makes Perfect

“Any incident response plan is only as strong as the practice that goes into it,” explained Mike Peters, vice president, IT, RIMS — who also conducts stress testing through his firm Sentinel Cyber Defense Advisors.


Unless companies have an ethical hacker or certified information security officer on board who can conduct sophisticated simulated attacks, Peters recommended they hire third-party experts to test their networks for weaknesses, remediate these issues and retest again for vulnerabilities that haven’t been patched or have newly appeared.

“You need to plan for every type of threat that’s out there,” he added.

Hogg agreed that bringing third parties in to conduct tests brings “fresh thinking, best practice and cross-pollination of learnings from testing plans across a multitude of industries and enterprises.”

“Collaboration is key — you have to take silos down and work in a cross-functional manner.” — Jason J. Hogg, CEO, Aon Cyber Solutions

Legassick added that companies should test their plans at least annually, updating procedures whenever there is a significant change in business activity, technology or location.

“As companies expand, cyber security is not always front of mind, but new operations and territories all expose a company to new risks.”

For smaller companies that might not have the resources or the expertise to develop an internal cyber response plan from whole cloth, some carriers offer their own cyber risk resources online.

Evan Fenaroli, an underwriting product manager with the Philadelphia Insurance Companies (PHLY), said his company hosts an eRiskHub, which gives PHLY clients a place to start looking for cyber event response answers.

That includes access to a pool of attorneys who can guide company executives in creating a plan.

“It’s something at the highest level that needs to be a priority,” Fenaroli said. For those just getting started, Fenaroli provided a checklist for consideration:

  • Purchase cyber insurance, read the policy and understand its notice requirements.
  • Work with an attorney to develop a cyber event response plan that you can customize to your business.
  • Identify stakeholders within the company who will own the plan and its execution.
  • Find outside forensics experts that the company can call in an emergency.
  • Identify a public relations expert who can be called in the case of an event that could be leaked to the press or otherwise become newsworthy.

“When all of these things fall into place, the outcome is far better in that there isn’t a panic,” said Fenaroli, who, like others, recommends the plan be tested at least annually.

Cyber’s Physical Threat

With the digital and physical worlds converging due to the rise of the Internet of Things, Hogg reminded companies: “You can’t just test in the virtual world — testing physical end-point security is critical too.”


How that testing is communicated to underwriters should also be a key focus, said Rich DePiero, head of cyber, North America, Swiss Re Corporate Solutions.

Don’t just report on what went well; it’s far more believable for an underwriter to hear what didn’t go well, he said.

“If I hear a client say it is perfect and then I look at some of the results of the responses to breaches last year, there is a disconnect. Help us understand what you learned and what you worked out. You want things to fail during these incident response tests, because that is how we learn,” he explained.

“Bringing in these outside firms, detailing what they learned and defining roles and responsibilities in the event of an incident is really the best practice, and we are seeing more and more companies do that.”

Support from the Board

Good cyber protection is built around a combination of process, technology, learning and people. While not every cyber incident needs to be reported to the boardroom, senior management has a key role in creating a culture of planning and risk awareness.

David Legassick, head of life sciences, tech and cyber, CNA Hardy

“Cyber is a boardroom risk. If it is not taken seriously at boardroom level, you are more than likely to suffer a network breach,” Legassick said.

However, getting board buy-in or buy-in from the C-suite is not always easy.

“C-suite executives often put off testing crisis plans as they get in the way of the day job. The irony here is obvious given how disruptive an incident can be,” said Sanchez.

“The C-suite must demonstrate its support for incident response planning and that it expects staff at all levels of the organization to play their part in recovering from serious incidents.”

“What these people need from the board is support,” said Jill Salmon, New York-based vice president, head of cyber/tech/MPL, Berkshire Hathaway Specialty Insurance.

“I don’t know that the information security folks are looking for direction from the board as much as they are looking for support from a resources standpoint and a visibility standpoint.

“They’ve got to be aware of what they need and they need to have the money to be able to build it up to that level,” she said.

Without that support, according to Legassick, failure to empower and encourage the IT team to manage cyber threats holistically through integration with the rest of the organization, particularly risk managers, becomes a common mistake.

He also warned that “blame culture” can prevent staff from escalating problems to management in a timely manner.

Collaboration and Communication

Given that cyber incident response truly is a team effort, it is therefore essential that a culture of collaboration, preparation and practice is embedded from the top down.


One of the biggest tripping points for companies — and an area that has done the most damage from a reputational perspective — is in how quickly and effectively the company communicates to the public in the aftermath of a cyber event.

Salmon said of all the cyber incident response plans she has seen, the companies that have impressed her most are those that have written mock press releases and rehearsed how they are going to respond to the media in the aftermath of an event.

“We have seen so many companies trip up in that regard,” she said. “There have been examples of companies taking too long and then not explaining why it took them so long. It’s like any other crisis — the way that you are communicating it to the public is really important.” &

Antony Ireland is a London-based financial journalist. He can be reached at [email protected] Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at [email protected]