Published: 6 June 2019

Anthony Banya

BIMCO has sought to address industry concerns about cyber security incidents by publishing a new contractual clause.  The BIMCO Cyber Security Clause 2019 is suitable for inclusion in a wide range of maritime contracts. It requires the parties to implement and maintain a level of cyber security “appropriate” to their businesses and use reasonable endeavours to ensure that their sub-contractors do the same.

If an incident occurs, the parties are required to notify each other promptly and share further details within 12 hours. There is also a duty to take reasonable steps to mitigate and/or resolve the incident. As and when further information becomes available that might help deal with the fall-out, the parties must share it.

The clause does not deal with payment fraud. It does not contain any force majeure provisions, so the parties are not relieved of their other duties under the contract. However, they are liable in damages for any breach up to a suggested cap of USD 100,000 (subject to gross negligence or wilful misconduct). This cap can be amended, depending on the parties’ insurance arrangements.

The clause with explanatory comments is available on BIMCO’s website  Members will have to create a log in profile but once that is done, there is free access to the site with all BIMCO’s contracts and clauses.