Cyber Tower Follow-Form Mechanics Deep-Dive: How Excess Layers Coordinate (and Where Gaps Emerge)

The Answer in 60 Seconds

Cyber tower structures (covered conceptually in Article 167) coordinate across layers through "follow-form" mechanics — excess layers adopting the terms of the primary policy. The coordination matters because gaps between layers create coverage discontinuity exactly where SMEs need cover most. Key follow-form considerations: definitions consistency (covered events, claim, loss, etc. defined identically), exclusions consistency (excess insurer cannot exclude what primary covers, with specific carve-outs documented), notification consistency (single notification protocol across layers), defence cooperation consistency (single defence coordination), drop-down provisions (whether excess responds if primary insolvent), and specific allocation provisions (how mixed claims are allocated). For Singapore SMEs at substantial Cyber limits (S$10M+), tower follow-form mechanics are commercial sophistication that specialist multinational brokers handle. Understanding the framework helps SMEs participate effectively in tower structuring and identify potential gaps before they manifest at claim time.

The Sourced Detail

For Singapore SMEs operating Cyber tower structures, follow-form mechanics determine whether the tower operates as a single coordinated programme or as a fragmented set of policies with gaps between layers. Understanding the mechanics matters at procurement and at claim time. Cyber Liability operates within the Insurance Act 1966 framework administered by MAS; for breach notification considerations driving Cyber claim cost, see PDPA Section 26D and PDPC guidance.

The follow-form principle

Foundation principle. Excess insurers in a tower adopt the form of the primary policy. The primary policy's coverage scope, definitions, exclusions, and operational provisions become the foundation; excess layers respond on the same terms once the primary exhausts.

The commercial rationale. Without follow-form:

• Each excess insurer would underwrite independently with potentially different scope
• Coverage gaps could emerge between layers
• Claim coordination would be substantially more complex
• Operational considerations required for every claim

With follow-form:

• Single underwriting framework across the tower
• Coverage scope continuous across layers
• Single claim coordination
• Specific commercial efficiency

What follow-form covers

Definitions consistency.

Key Cyber policy definitions must align across layers:

• "Cyber Event" or "Computer System" definition
• "Loss" definition (first-party costs, third-party damages, defence costs)
• "Claim" definition
• "Insured" definition
• Specific other foundational definitions

If primary defines "Cyber Event" broadly to include specific scenarios, excess layers must follow that breadth. If excess layers narrow definitions, gaps emerge between layers.

Exclusions consistency.

Standard Cyber exclusions should be consistent:

• War / nuclear / terrorism (with specific Cyber-relevant scope)
• Specific bodily injury / property damage
• Specific contractual liability
• Specific other defined exclusions

If excess layers add exclusions not in primary, scenarios excluded only at higher levels create gaps where SME might need cover most.

Operational provisions consistency.

• Notification timing and recipients
• Defence cost provisions
• Specific defence cooperation
• Specific consent requirements
• Specific allocation provisions

Inconsistency here creates operational complexity at claim time.

Where follow-form has limits

Insurer-specific provisions.

Each excess insurer has specific provisions that may differ from primary:

• Specific notification addresses (different insurer for each layer)
• Specific authorised representative provisions
• Specific dispute resolution provisions
• Commercial relationship provisions

These differences are administrative and don't affect coverage, but require documented operational protocols.

Specific carve-outs.

Excess insurers sometimes negotiate specific carve-outs:

• Specific event types
• Operational scope
• Operational considerations

These carve-outs should be documented and SME-aware.

Drop-down provisions.

Drop-down addresses primary insurer insolvency:

• With drop-down: excess "drops down" to fill primary's role if primary insolvent
• Without drop-down: excess only responds after primary exhaustion (and exhaustion may not be possible if primary insolvent)

Drop-down is a specific commercial negotiation. For substantive towers, drop-down provisions are typical.

Specific notification mechanics

Single notification protocol.

For follow-form towers, ideal practice:

• SME notifies broker
• Broker coordinates notification to all layers
• Single notification triggers obligations across the tower
• Specific commercial efficiency

Operational complexity.

Each insurer may have specific notification provisions:

• Different notification addresses
• Different authorised representatives
• Different timeline requirements
• Operational considerations required

For SMEs, broker coordination at notification is foundational.

Specific defence cooperation

Coordinated defence approach.

Tower structures typically coordinate defence:

• Primary insurer leads defence (typically)
• Excess insurers participate per their layer engagement
• Specific defence counsel selection coordinated
• Specific settlement decisions coordinated

Specific consent provisions.

Defence and settlement decisions typically require insurer consent:

• Primary consent at primary layer levels
• Excess consent at excess layer levels
• Operational considerations required

Specific allocation at settlement.

When settlement amount triggers excess layers:

• Primary fully exhausted before excess engages
• Specific allocation between layers based on settlement structure
• Operational considerations

Specific exhaustion mechanics

Primary layer exhaustion.

Primary policy must be "exhausted" before excess engages. Exhaustion typically requires:

• Primary loss equal to primary limit
• Specific defence cost considerations
• Specific other loss components

Defence costs in / outside limits.

Critical commercial provision:

• "Defence costs within limits" — defence costs erode the limit
• "Defence costs outside limits" — defence costs in addition to limit

These provisions affect when excess engages:

• Within-limits primary exhausts faster (defence + indemnity sum = limit)
• Outside-limits primary takes longer to exhaust (only indemnity erodes limit)

For consistent follow-form, primary and excess defence cost provisions should align.

Specific common gap scenarios

Scenario A: Primary insurer insolvent, no drop-down.

Without drop-down, excess cannot respond until primary exhausts — but exhaustion is impossible if primary insolvent.

Outcome: Coverage gap. Drop-down is the structural solution.

Scenario B: Excess insurer adds exclusion not in primary.

If excess adds specific exclusion, scenarios within excess scope but excluded at excess level create gaps.

Outcome: Operational considerations during placement matters.

Scenario C: Definition inconsistency between layers.

If primary defines "Loss" broadly and excess defines narrowly, specific claim categories may exhaust primary but not engage excess for the full amount.

Outcome: Definition consistency is foundational.

Scenario D: Notification inconsistency.

If different layers have different notification timelines and SME notifies broker timely but broker coordination fails, specific layer notification may be untimely.

Outcome: Broker coordination at notification matters.

Scenario E: Defence cost provision inconsistency.

If primary has within-limits defence and excess has outside-limits, primary exhausts faster than expected based on excess assumptions.

Outcome: Provision consistency across layers matters.

Commercial considerations

Layer sizing.

Common layer sizes:

• Primary: S$5M-S$10M typical for material operations
• Excess layers: S$5M-S$10M each for SME towers; substantial layers for larger operations
• Commercial considerations

Specific premium economics.

Excess layers typically less expensive per dollar of cover than primary:

• Primary highest cost per dollar
• First excess substantially lower
• Higher excess progressively lower

For SMEs, this means substantial total cover can be achieved more cost-efficiently through tower than through primary alone (if available at the limit).

Specific market diversification.

Tower structures typically use multiple insurers:

• Avoid single insurer concentration
• Operational considerations
• Operational sophistication

Specific industry applications

Financial services. Substantial Cyber towers common given regulatory and class-action exposure.

Healthcare. Substantial towers given PDPA significant-harm exposure for medical data.

Technology / SaaS. Substantial towers common given customer-facing exposure (see Article 191 on Tech E&O coordination).

CII / FDI operators. Substantial towers driven by Cybersecurity Act 2018 framework (see Article 172).

Multinational operations. Substantial towers often required by US class-action exposure (see Article 166 on US operations).

Specific Singapore market considerations

The Singapore Cyber tower market has matured:

• Major insurers (AIG, Allianz, Chubb, AXA, Tokio Marine, Liberty, Beazley, etc.) provide tower capacity
• Specific specialist brokers
• Operational considerations
• Operational discipline frameworks

For SMEs procuring substantive Cyber towers, specialist Cyber broker engagement is foundational.

Operational discipline

At placement.

• Comprehensive specification of primary terms
• Specific follow-form documentation across layers
• Specific carve-out documentation
• Specific drop-down provisions
• Operational considerations

At renewal.

• Coordinated renewal across all layers
• Specific underwriting consistency
• Commercial relationship management
• Operational considerations

At claim time.

• Single notification through broker
• Specific defence coordination
• Operational considerations
• Operational discipline

Specific cross-border tower considerations

For Singapore SMEs with cross-border operations:

• Specific multinational tower structures
• Specific local mandate coordination
• Operational considerations
• Specific specialist multinational broker engagement

These structures interact with the Master/Local vs DIC/DIL choice (see Article 190).

Common Mistakes / What Goes Wrong

1. Definitions inconsistency between layers. Specific coverage gaps.
2. Exclusion inconsistency between layers. Specific coverage gaps.
3. No drop-down provisions. Specific primary insolvency exposure.
4. No coordinated notification protocol.
5. Defence cost provision inconsistency. Specific exhaustion mechanics issues.
6. No allocation provisions. Commercial complexity at settlement.
7. Single insurer concentration in tower. Specific concentration risk.
8. No specialist broker for tower structuring.
9. No renewal coordination.
10. No industry-aware approach.

What This Means for Your Business

For Singapore SMEs operating Cyber towers:

1. Definitions consistency across layers is foundational. Specific gap prevention.

2. Exclusion consistency across layers matters. Specific gap prevention.

3. Drop-down provisions essential for primary insolvency protection. Specific structural foundation.

4. Coordinated notification protocol via broker. Operational discipline.

5. Defence cost provisions consistent. Specific exhaustion mechanics alignment.

6. Specialist Cyber tower broker. Operational considerations essential.

7. Annual coordinated review across all layers.

8. Specific industry-aware approach.

The Cyber tower follow-form architecture is sophisticated commercial structure. SMEs that engage with specialist brokers and maintain coordinated operational discipline benefit from substantial coordinated cover; SMEs that treat tower structuring superficially face gap exposure at claim time.

Questions to Ask Your Adviser

1. For my Cyber tower, what follow-form provisions apply across layers?
2. Are definitions and exclusions consistent across all layers?
3. For primary insurer insolvency, what drop-down provisions apply?
4. For notification, what coordinated protocol applies?
5. As my limits / exposure evolve, what tower evolution should I plan for?

Related Information

• Cyber Liability Single Policy vs Tower Primary + Excess Structure: When Does Tower Make Sense?
• Our Systems Are Locked and the Attackers Want Bitcoin — What Do I Do Now?
• PDPA Section 26D Mandatory Data Breach Notification: The 3-Day Clock Explained

Published 5 May 2026. Source verified 5 May 2026. COVA is an introducer under MAS Notice FAA-N02. We do not recommend insurance products. We provide factual information sourced from primary regulators and route you to a licensed IFA who can match a policy to your specific situation.