Sompo — Sompo Cyber Insurance

Rule:

1.4.2 Regulator Liability — Full Limit (both Standard and Premier Plans); 1.4.3 Investigation Liability — Full Limit (both Standard and Premier Plans). No explicit sublimit for PDPA fines stated separately in the proposal form.

Covered:

Full Limit under 1.4.2 Regulator Liability and 1.4.3 Investigation Liability

Rule:

1.3.2 Network Extortion Coverage — Full Limit or $1,000,000 whichever is lower (both Standard and Premier Plans). 30% Coinsurance above Policy Excess applies via endorsement.

Covered:

true

Sublimit Sgd:

1000000

Sanctions Clause:

false

Panel Negotiator Required:

false

Rule:

1.2 Business Interruption (8 hours waiting period) — Full Limit (both Standard and Premier Plans). Indemnity period not specified in proposal form. Contingent BI and Network Failure (2.5) listed as Not Applicable for both plans.

Waiting Period Hours:

8

Contingent Bi Covered:

Not Applicable — not listed as covered under either plan; 2.5 Network Failure is Not Applicable for both Standard and Premier Plans

Indemnity Period Months:

rule string

Rule:

1.1.1 Data Forensic Expenses — Full Limit; 1.1.2 Breach Consultation Costs — Full Limit; 1.1.3 Costs to Restore — Full Limit; 1.1.4 Breach Response (Notification, Credit, and ID Monitoring) — Full Limit; 1.1.5 Public Relations — Full Limit. All applicable to both Standard and Premier Plans. Duration of credit/ID monitoring not specified in proposal form.

Panel Required:

false

Forensic Covered:

true

Pr Crisis Covered:

true

Credit Monitoring Months:

rule string

Notification Costs Covered:

true

Rule:

1.3.1 Hacker Theft Cover — Not Applicable under Standard Plan; $50,000 under Premier Plan. Social engineering, invoice redirection, and funds transfer fraud are not individually enumerated in the proposal form. Hacker Theft Cover is the closest named benefit.

Sublimit Sgd:

50000

Social Engineering:

rule string

Invoice Redirection:

rule string

Funds Transfer Fraud:

rule string

Rule:

War, state actor, or cyber war exclusions are not explicitly enumerated in the proposal form extract provided. No reference to LMA5564/LMA5564A or equivalent clauses found in this document.

Excluded:

rule string

Lloyds 2022 Clause:

false

• Social Networking Sites/Portals
• Adult Networking Sites/Portals
• Adult Entertainment Providers or Sites
• Online Trading
• E-commerce Platforms including any service that has payment and/or financial transactions functions
• Data Aggregators
• Online Gambling Operators
• Digital Currency Exchanges
• Credit or Debit Card Processors
• Financial institution or companies governed by Banking or Financial Institution Act or related Acts
• Legal Services/ Solicitors/ Lawyers
• Healthcare Services/ Medical Services/ Clinic/ Dental/ Hospitals
• Insurance Brokers
• Recruitment Agent/ Executive Search Services
• Companies with consolidated total annual revenue more than S$20,000,000
• Companies with overseas operations
• Companies with more than 2 subsidiaries or subsidiaries with revenue exceeding the Named Insured or different business nature from the Named Insured
• Businesses whose network is connected to a parent's or any main franchise's network
• Applicants who have sustained any single loss or losses, including any fines, of a type that would be covered by a cyber/data protection insurance policy
• Applicants who have knowledge of any act, omission, fact, event or circumstance that may give rise to a loss under this proposed insurance offer
• 2.3 Network Improvement — Not Applicable (both Standard and Premier Plans)
• 2.5 Network Failure — Not Applicable (both Standard and Premier Plans)

PCI DSS Cover (1.4.4):

100000

Network Extortion Coverage (1.3.2):

Full Limit or $1,000,000 whichever is lower

Emergency Costs (2.1) — Premier Plan Only:

50000

Hacker Theft Cover (1.3.1) — Premier Plan Only:

50000

Loss Adjustor Costs (1.3.3) — Premier Plan Only:

50000

Loss Mitigation Costs (2.2) — Premier Plan Only:

50000

If your consolidated total annual revenue is more than S$20,000,000, you are not eligible for this SME offer. Please contact your insurance intermediary for separate underwriting.

This form does not constitute a contract of insurance. This risk is not bound until all required information is submitted to and approved by SOMPO Insurance. Please note cover will only commence when you have received written confirmation from SOMPO Insurance. This offer document is a summary of cover only. Cover is subject to the full terms, conditions and exclusions contained in the Sompo Cyber Liability Insurance Policy Wording.

---

| Policy Benefit (Insuring Clauses) | Standard Plan | Premier Plan |
|---|---|---|
| **Crisis Management** | | |
| 1.1.1 Data Forensic Expenses | Full Limit | Full Limit |
| 1.1.2 Breach Consultation Costs | Full Limit | Full Limit |
| 1.1.3 Costs to Restore | Full Limit | Full Limit |
| 1.1.4 Breach Response (Notification, Credit, and ID Monitoring) | Full Limit | Full Limit |
| 1.1.5 Public Relations | Full Limit | Full Limit |
| **Business Interruption** | | |
| 1.2 Business Interruption (8 hours waiting period) | Full Limit | Full Limit |
| **First Party Coverage** | | |
| 1.3.1 Hacker Theft Cover | Not Applicable | $50,000 |
| 1.3.2 Network Extortion Coverage | Full Limit or $1,000,000 whichever is lower | Full Limit or $1,000,000 whichever is lower |
| 1.3.3 Loss Adjustor Costs | Not Applicable | $50,000 |
| **Third Party Liability** | | |
| 1.4.1 Third Party Liability | Full Limit | Full Limit |
| 1.4.2 Regulator Liability | Full Limit | Full Limit |
| 1.4.3 Investigation Liability | Full Limit | Full Limit |
| 1.4.4 PCI DSS Cover | $100,000 | $100,000 |
| 1.4.5 Consumer Redress Fund | Full Limit | Full Limit |
| **Automatic Extensions** | | |
| 2.1 Emergency Costs | Not Applicable | $50,000 |
| 2.2 Loss Mitigation Costs | Not Applicable | $50,000 |
| 2.3 Network Improvement | Not Applicable | Not Applicable |
| 2.4 Personal Reputation Cover | Full Limit | Full Limit |
| 2.5 Network Failure | Not Applicable | Not Applicable |

| Policy Condition | Details |
|---|---|
| Continuity Date | Policy Inception Date |
| Retroactive Date | Policy Inception Date |
| Territory/Jurisdiction | Worldwide |
| Period of Insurance | 12 Months |
| Defence Costs | Part of the Limit of Liability (via endorsement) |
| Network Extortion Coverage | 30% Coinsurance above Policy Excess (via endorsement) |

---

(Figures listed below are in Singapore Dollars)

| Revenue (based on past 12 months revenue) | Limit of Liability | Policy Excess | Gross Premium (includes 9% GST) | Please tick option |
|---|---|---|---|---|
| **Up to $1,000,000** | $250,000 | $1,000 Each and Every Claim (Applicable to each and every insuring clauses) | $1,021.88 | ☐ |
| | $500,000 | | $1,348.88 | ☐ |
| | $1,000,000 | | $1,689.50 | ☐ |
| | $2,000,000 | | $2,139.13 | ☐ |
| **$1,000,001 to $3,000,000** | $250,000 | | $1,348.88 | ☐ |
| | $500,000 | | $1,689.50 | ☐ |
| | $1,000,000 | | $2,030.13 | ☐ |
| | $2,000,000 | | $2,588.75 | ☐ |
| **$3,000,001 to $5,000,000** | $250,000 | | $1,580.50 | ☐ |
| | $500,000 | | $2,030.13 | ☐ |
| | $1,000,000 | | $2,479.75 | ☐ |
| | $2,000,000 | | $3,147.38 | ☐ |
| **$5,000,001 to $10,000,000** | $250,000 | | $2,370.75 | ☐ |
| | $500,000 | | $3,038.38 | ☐ |
| | $1,000,000 | | $3,719.63 | ☐ |
| | $2,000,000 | | $4,727.88 | ☐ |
| **$10,000,001 to $20,000,000** | $250,000 | | $3,270.00 | ☐ |
| | $500,000 | | $4,387.25 | ☐ |
| | $1,000,000 | | $5,518.13 | ☐ |
| | $2,000,000 | | $7,316.63 | ☐ |

---

Additional premium of 50% on the STANDARD PLAN selected above
(Optional) ☐

---

Additional premium of 20% on the PLAN selected
(Optional) ☐

---

To better prepare you against the adverse impact of a security breach on your business, we are making the services below available specially for you at **no additional costs**.

Identify if cyber criminals are actively trading your employees stolen information
(Optional) ☐

1. Name and Designation: ___________________________________
2. Email: ___________________________________
3. Contact Number: ___________________________________

---

You are only eligible for this SME offer should your company satisfy all the underwriting criteria listed below:

i. Social Networking Sites/Portals
ii. Adult Networking Sites/Portals
iii. Adult Entertainment Providers or Sites
iv. Online Trading
v. E-commerce Platforms including any service that has payment and/or financial transactions functions
vi. Data Aggregators
vii. Online Gambling Operators
viii. Digital Currency Exchanges
ix. Credit or Debit Card Processors
x. Financial institution or companies governed by Banking or Financial Institution Act or related Acts
xi. Legal Services/ Solicitors/ Lawyers
xii. Healthcare Services/ Medical Services/ Clinic/ Dental/ Hospitals
xiii. Insurance Brokers
xiv. Recruitment Agent/ Executive Search Services

Your business (including your subsidiaries) have controls in place for:

i. System security controls such as anti-virus, firewall or equivalent protection and timely installation of software patches.
ii. Access security such as passwords for all employees and other users with privileged access

Your business (including your subsidiaries) perform weekly data backup and have recovery procedures

i. Your Company and subsidiaries are based in Singapore and do not have any overseas operations.
ii. Your company do not have more than 2 subsidiaries and for each of these subsidiaries (a) the revenue is not more than the Names Insured, and (b) the business nature is the same as the Named Insured.

Your business network (including your subsidiaries) is not connected to your parent's or any main franchise's network

i. Your business (including your subsidiaries) have not sustained any single loss or losses, including any fines, of a type that would be covered by a cyber/data protection insurance policy
ii. You (including your subsidiaries) do not have knowledge of any act, omission, fact, event or circumstance that may give rise to a loss under this proposed insurance offer

---

**NAMED INSURED:** 
___________________________________

**ADDRESS:** 
___________________________________

**BUSINESS NATURE:** 
___________________________________

**DATE OF INCORPORATION:** 
___________________________________

**REVENUE FOR THE LAST 12 MONTHS:** SGD$ 
___________________________________

**DATE TO COMMENCE COVER** (must not be before the date of this application): 
___________________________________

---

Sompo collects, uses and discloses your personal data in accordance with the Personal Data Protection Act 2012.

Sompo may disclose the personal data of our Insured to third parties that includes (but not limited to):

i. The service providers engaged by Sompo;
ii. Companies within the Sompo group;
iii. Co-insurers and reinsurers;
iv. Underwriters;
v. Government agencies

You, our Insured, consent to Sompo using and disclosing your personal data. You may withdraw your consent by written notice to Sompo but Sompo may not be able to provide you with insurance products, services or response to any insurance related matters afterwards.

1. Depending on the work arrangement/schedule of SOMPO's Service Providers, it may take 7 to 10 days to arrange for the services to be conducted.

2. Each Consultation Service is capped at 1 hour and anything beyond will be chargeable at the discretion of the Service Provider.

3. After the engagement with SOMPO's Service Providers for any service, if further service is required from the same Service Provider, it will be done through a chargeable separate engagement between the client and the Service Provider.

4. SOMPO will not be held responsible or liable, directly or indirectly, for any loss or damage caused or alleged to have been caused by the use of or reliance on any of the services performed by any of the Service Providers.

5. SOMPO reserve the right (a) not to provide any of the service, (b) to add new services, and (c) to remove any of the services at our discretion.

6. These services are only available to the entities in Singapore at this stage (if otherwise, please contact us to discuss).

---

On behalf of all proposed Applicants I/We declare and agree that all information provided in this proposal or attachments is true and correct in every respect and that all information that may be material in considering this proposal form has been fully and accurately disclosed to Sompo Insurance Singapore Pte. Ltd. in writing in a manner which would not mislead a prudent insurer.

Statement pursuant to Section 25(5) of the Insurance Act (Cap 142) or any amendments thereof; I/We agree that this declaration shall be the basis of and incorporated in the insurance contract and that the insurance contract may be avoided (amongst other things) if I/we fail to disclose in this application, fully and faithfully, all the facts which I/we know or ought to know.

I/We undertake to inform Sompo Insurance Singapore Pte. Ltd. of any material alteration to the above information whether occurring before or after the completion of this insurance contract.

a. I/We am/are obliged to advise Sompo Insurance Singapore Pte. Ltd. of any information which may be material to its consideration of this application. This information includes all information I/We know (or could reasonably be expected to know) which could influence the judgement of Sompo Insurance Singapore Pte. Ltd. whether or not to accept this application and (if accepted) on what terms, including cost and otherwise.

b. Failure to provide this information may result in Sompo Insurance Singapore Pte. Ltd. refusing to provide the insurance.

c. I/We have certain rights of access to and correction of this information.

---

**Signature of authorised Principal Officer, Partner or Director:** 
_________________________________________________________________

**Full name of authorised signee:** 
_________________________________________________________________

**Date:** _____ / _____ / _____