The insurance industry has always depended on history.
Actuaries study past losses, build models, price risk, and quantify probability based on patterns that repeat over time. Web3 breaks that model.
Crypto markets move fast, and infrastructures shift, often exposing risks that did not exist a year earlier. For insurers, this creates a new challenge.
How does one price risk when the past offers little guidance?
In this interview, Dr. Guneet Kaur from CCN speaks with Joseph Ziolkowski, co-founder and CEO of Relm Insurance, about how underwriting works in crypto and what changed after major market failures.
Why Traditional Insurance Models Fail in Web3
Insurance has always relied on large datasets. Crypto does not provide that foundation.
Ziolkowski explains that applying legacy models to emerging risks leads to failure:
“If you’re approaching new risks the same way we’ve approached property and auto liability, the models are going to break.”
Relm replaces backward-looking models with a forward-looking framework.
Instead of asking what happened in the past, the focus shifts to what could happen next. Forward-looking risk decomposition sits at the core of this model.
Ziolkowski explains that risk must be broken into components and rebuilt dynamically, rather than assessed through static historical models.
The process breaks a company into core components that generate risk:
- Governance: Decision-making structures and oversight
- Technology: Security architecture and system design
- Solvency: Financial strength and liquidity
- Counterparty exposure: Dependencies on third parties
This approach allows insurers to build a dynamic view of risk, even when historical data remains limited.
Ziolkowski adds:
“If we look to the past to inform the future, that only works if the past is robust and statistically significant.”
How Relm Underwrites Crypto Companies in Practice
To understand how this works, Ziolkowski walks through a real-world example of underwriting a crypto exchange.
The process starts with the regulatory context. A company operating in a jurisdiction like Bermuda is already subject to scrutiny, which provides insight into its governance and compliance standards.
From there, insurers analyze operational details:
- Custody model: Proprietary custody requires deep technical audits, while third-party custody depends on the provider’s reliability.
- Client profile: Institutional users reduce risk due to stronger due diligence, while retail onboarding introduces additional compliance exposure.
- Onboarding systems: Anti-Money Laundering (AML) and Know Your Customer (KYC) processes shape risk exposure.
- Geographic exposure: U.S.-focused operations face different regulatory and legal risks than non-U.S. businesses.
Ziolkowski describes the process as layered and continuous:
“It’s always this kind of dynamic onion peeling exercise that you have to be committed to go through.”
The result is not a standardized policy. It is a tailored insurance structure built around each company’s risk profile.
Ziolkowski emphasizes that insurance is not only about transferring risk but also about improving how companies operate.
As a result, he frames insurance as an enabler that helps firms build financial resilience and stronger risk management frameworks over time.
Why No Two Crypto Insurance Policies Look the Same
Even similar companies carry very different risks.
Ziolkowski explains that underwriting in Web3 requires constant adjustment:
“Almost every aspect of their operations is going to be different than the one that we just underwrote.”
Some products, such as Directors and Officers (D&O) liability insurance, remain structurally consistent. However, the details change. For example:
- Pricing varies based on risk exposure
- Coverage limits adjust to operational complexity
- Policy terms reflect specific vulnerabilities
- Endorsements tailor protection to unique risks
This makes underwriting in crypto more hands-on than in traditional finance.
What the FTX Collapse Revealed About Systemic Risk
The collapse of FTX did not introduce new risks. It exposed how connected the ecosystem had become.
Ziolkowski explains that insurers already considered counterparty exposure, but the events of 2022 made the scale of the problem clear:
“The importance of counterparty risk and overall risk management had never been more magnified.”
The chain reaction began earlier. TerraUSD collapsed, wiping out tens of billions in value. Three Arrows Capital followed, then Voyager. Each failure revealed hidden dependencies between firms.
Ziolkowski highlights a key contradiction:
“In an industry where people are talking about decentralization, the reality is there’s concentration risk.”
Since then, the industry has matured. Regulators, investors, and operators now pay closer attention to interconnected risks and systemic exposure.
Ziolkowski notes that industry maturity accelerated after the 2022–2023 collapses, with investors, regulators, and operators becoming more aware of interconnected risk and concentration exposure.
Hidden Infrastructure Risks in Web3 Founders Often Overlook
Many Web3 founders focus on smart contract vulnerabilities. These risks matter, but they are now better understood and easier to audit.
Ziolkowski points to a different concern:
- Concentration of oracle infrastructure
- Dependence on a small number of custodians
- Aggregation risk from shared service providers
He explains:
“It’s the squishier and murkier and more amorphous exposures arising from the concentration of Oracle infrastructure.”
These risks often remain hidden during early-stage development. They create single points of failure that can affect multiple companies at once.
Relm uses underwriting not only to price risk but also to guide companies toward stronger structures. This includes encouraging diversification of services and reducing reliance on single providers.
He also stresses that underwriting includes advising clients to reduce single points of failure, such as diversifying custody providers, oracle services, and infrastructure dependencies.
Uninsurable Crypto Risks and Systemic Failures Explained
Not all risks can be transferred.
Ziolkowski highlights stablecoin depegging as a key example:
“Stablecoin depegging cannot be insured, not across the system.”
Insurers can design protection for individual companies, such as funds exposed to a stablecoin. However, systemic protection across the entire market remains impractical.
The same applies to large exchange failures. A major insolvency could trigger widespread losses across the ecosystem.
Ziolkowski explains that systemic risk is not designed to be transferred, which limits the ability to insure large-scale events across the entire market.
To address this gap, Ziolkowski points to future solutions, such as deposit protection models similar to those of the Federal Deposit Insurance Corporation (FDIC). These systems could improve retail users’ resilience.
AI Is Creating a New Category of Risk
Artificial intelligence introduces new exposures that extend beyond crypto.
Ziolkowski identifies several emerging concerns:
- Data set liability: Poor-quality or unverified data leads to flawed outcomes
- Model drift: AI systems can change behavior over time
- Decision-making risk: Automated systems may act without proper validation
He gives a clear example:
“Think about medical diagnostic decisions that are now being made more efficiently through large language models (LLMs)… the outcome and the accuracy… is completely compromised.”
To reduce these risks, human oversight remains essential:
“We would always make sure it’s overlaid with human intervention.”
AI-driven financial tools, including autonomous agents managing wallets or strategies, will likely create new insurance categories in the coming years.
Web3 Decentralization Risks and Future Outlook for Crypto Insurance
Ziolkowski closes with a broader concern.
The industry often presents itself as decentralized.
In practice, key dependencies still shape how the system operates. Access points, custody solutions, and infrastructure layers continue to concentrate risk in ways that many overlook.
He explains:
“You begin to see that risk exposure spectrum through a different lens.”
As institutional capital enters the market, these pressure points may become more pronounced.
Capital tends to favor established providers, which can deepen reliance on a small number of critical services. This shift could redefine how risk spreads across the ecosystem.
Web3 forces insurance to evolve alongside it. Historical models no longer apply, and risk assessment must rely on forward-looking analysis grounded in real-time conditions.
Ziolkowski frames underwriting as more than a pricing exercise.
It becomes a process of understanding systems, identifying hidden dependencies, and supporting companies as they build stronger operating models.
“Systemic risk isn’t designed to be transferred,” he concludes.
The most important risks in crypto do not always come from code.
They emerge from connections, concentration, and the gap between how decentralized the system appears and how it actually operates.
The information provided in this article is for informational purposes only. It is not intended to be, nor should it be construed as, financial advice. We do not make any warranties regarding the completeness, reliability, or accuracy of this information. All investments involve risk, and past performance does not guarantee future results. We recommend consulting a financial advisor before making any investment decisions.
Dr. Lorena Nessi is an award-winning journalist and media technology expert with 15 years of experience in digital culture and communication. Based in Oxfordshire, UK, she combines academic insight with hands-on media practice.
She holds a PhD in Communication, Sociology, and Digital Cultures, and an MA in Globalization, Identity, and Technology.
Lorena has taught at Fairleigh Dickinson University, Nottingham Trent University, and the University of Oxford. She is a former producer for the BBC in London, with additional experience creating television content in Mexico and Japan.
Her research focuses on digital cultures, social media, technology, capitalism, and the societal impact of blockchain innovation.
She has written extensively on digital media and emerging technologies, with her work featured in both academic and media platforms. Her Web3 expertise explores how blockchain technologies shape culture, economics, and decentralized systems.
Outside of work, Lorena enjoys reading science fiction, playing strategic board games, traveling, and chasing adventures that get her heart racing. A perfect day ends with a relaxing spa and a good family meal.
Dr. Guneet Kaur is a senior editor at CCN.com and a Science Fellow at Exponential Science. She is a fintech and blockchain expert with extensive experience in digital finance education, blockchain ecosystems, and cryptocurrency markets. She has worked with global media such as Cointelegraph, as well as education and blockchain platforms, to design and lead strategic content and learning initiatives. As an educator and assessor for top-tier executive programs, she bridges real-world fintech trends with academic insight.
Dr. Kaur is also a published researcher and peer reviewer across fintech and data science journals, including Financial Innovation Journal and International Journal of Big Data Intelligence and Applications. Her work spans data-driven analysis, Web3 innovation, and technical content development. With a strong foundation in both industry and academia, she translates complex financial technologies into practical applications, empowering learners, professionals, and institutions across the rapidly evolving digital finance landscape.
Easy 
