Insurer Brain

Stoïk: Difference between revisions

Browse history interactively
Content deleted Content added
VisualWikitext
Created page with "{{Section separator}} == Company profile == 🏢 '''Formation and structure.''' Stoïk SAS (SIREN 900 293 887) is a French privately held Société par Actions Simplifiée founded in 2021 and headquartered at 4 rue Euler, 75008 Paris.<ref name="pappers_stoik">{{cite web |title=Société STOIK (900293887) : Chiffre d'affaires, statuts, extrait d'immatriculation |url=https://www.pappers.fr/entreprise/stoik-900293887 |publisher=Pappers}}</ref> The company operates as a cyb..."
 
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1:
{{Infobox company
| name = Stoïk
| legal_name = STOIK (SAS)
| logo = Logo of Stoïk.svg
| logo_size =
| logo_alt = Stoïk company logo
| logo_caption =
| type = Private — cyber insurtech MGA
| exchange =
| ticker =
| isin =
| lei =
| license_type = Insurance intermediary (MGA)
| npn =
| coverholder_ref =
| incorporation = France
| founded = {{Start date and age|2021|06|01}}
| headquarter = 4 rue Euler, 75008 Paris, France
| domicile = France
| insurance_jurisdictions = France<br/>Germany<br/>Austria<br/>Spain<br/>Luxembourg<br/>Belgium
| regulator = ORIAS (France, no. 24000772)<br/>DGSFP (Spain, key AS0144)
| ultimate_parent =
| shareholders =
| key_people = Jules Veyrat, President/CEO, Co-founder<br/>Alexandre Andreini, Risk Director, Co-founder<br/>Nicolas Sayer, Technical Director, Co-founder<br/>Philippe Mangematin, Insurance Director, Co-founder<br/>Franziska Geier, Managing Director, Stoïk GmbH<br/>Vincent Nguyen, Director of Cybersecurity
| num_employees = More than 130 (January 2026)
| customer_segments = SMEs and mid-sized companies (turnover up to €1 billion)
| lines_of_business = Cyber insurance
| segments =
| products = Stoïk Protect (prevention platform)<br/>Stoïk MDR (managed detection and response)<br/>Cyber Pro IT (professional liability plus cyber)
| technology_platform = Proprietary prevention and monitoring platforms; CrowdStrike EDR integration
| capacity_providers = Tokio Marine Europe S.A.<br/>Axeria IARD<br/>Swiss Re
| distribution = Broker-centric; over 2,000 broker partners (January 2026)
| geographic_markets = France<br/>Germany<br/>Austria<br/>Spain<br/>Luxembourg<br/>Belgium
| num_customers = More than 10,000 companies (January 2026)
| competitors = Coalition<br/>At-Bay<br/>Baobab Insurance<br/>BOXX Insurance<br/>Cogitanda<br/>Converge Insurance<br/>Corvus Insurance<br/>Cowbell<br/>Elpha Secure<br/>Eye Security<br/>Dattak
| market_share_rank =
| financial_year =
| market_cap =
| revenue =
| insurance_revenue =
| operating_income =
| ebitda =
| net_income =
| gwp = ~€50M (2025)
| nwp =
| loss_ratio =
| combined_ratio =
| commission_rate =
| total_assets =
| invested_assets =
| technical_reserves =
| csm =
| net_debt =
| equity =
| operating_margin =
| solvency_ratio =
| roe =
| total_funding = ~€69.8M
| last_round = Series C, €20M, January 2026
| last_valuation =
| lead_investors = Impala<br/>Opera Tech Ventures<br/>Alven<br/>Andreessen Horowitz<br/>Munich Re Ventures
| capital_structure =
| ifsr =
| capacity_partner_ratings = Tokio Marine Europe S.A. (A+, S&P)<br/>Axeria IARD (A-, AM Best)
| ratings =
| footnotes =
}}
{{Summary:Stoïk|5}}
{{More details}}
{{Section separator}}
== CompanyCorporate profile ==
 
🏢 '''European cyber MGA.''' Stoïk operates as a cyber-focused managing general agent and insurance distribution platform that combines underwriting delegation, embedded prevention, and in-house incident response. The company positions itself as Europe's first cyber MGA, integrating cyber insurance with continuous prevention and detection services alongside a dedicated incident response capability.<ref name="series_c_pr">{{cite web |title=Stoïk Series C Press Release |url=https://stoik.cdn.prismic.io/stoik/aW9LwQIvOtkhBukF_%E2%9C%85Stoi%CC%88kSeriesCPR_January2026.docx.pdf |publisher=Stoïk |date=January 2026}}</ref>
🏢 '''Formation and structure.''' Stoïk SAS (SIREN 900 293 887) is a French privately held Société par Actions Simplifiée founded in 2021 and headquartered at 4 rue Euler, 75008 Paris.<ref name="pappers_stoik">{{cite web |title=Société STOIK (900293887) : Chiffre d'affaires, statuts, extrait d'immatriculation |url=https://www.pappers.fr/entreprise/stoik-900293887 |publisher=Pappers}}</ref> The company operates as a cyber-focused Managing General Agent (MGA), integrating insurance underwriting with cybersecurity services. It first registered as an insurance intermediary in September 2021 (ORIAS #21007462) as a courtier d'assurance with authorization to handle client funds.<ref name="pappers_stoik"/> In 2023, Stoïk created a dedicated subsidiary, Stoïk France SAS (SIREN 923 382 881), to conduct insurance brokerage activities; this entity obtained its own ORIAS registration (#24000772) in February 2024.<ref name="pappers_france">{{cite web |title=Société STOIK FRANCE : Chiffre d'affaires, statuts, extrait d'immatriculation |url=https://www.pappers.fr/entreprise/stoik-france-923382881 |publisher=Pappers}}</ref> Stoïk also established Stoïk CERT SAS in 2023 to house its in-house cyber incident response team.<ref name="pappers_cert">{{cite web |title=Société STOIK CERT : Chiffre d'affaires, statuts, extrait d'immatriculation |url=https://www.pappers.fr/entreprise/stoik-cert-951381243 |publisher=Pappers}}</ref> As of early 2026 the group comprises the main holding company (Stoïk SAS), its operating brokerage arm (Stoïk France), the CERT unit, a German office (Stoïk GmbH in Munich), and a Belgian subsidiary acquired in 2025 (CyberContract).
 
📋 '''Legal identity.''' Stoïk is constituted as a simplified joint stock company (SAS) registered in the Paris Trade and Companies Register (RCS Paris) under number 900 293 887, with its registered office at 4 rue Euler, 75008 Paris.<ref name="stoik_terms">{{cite web |title=Terms of Use |url=https://www.stoik.com/en-us/terms |publisher=Stoïk |access-date=2026-03-09}}</ref> The French government business directory records the entity's creation date as 1 June 2021.<ref name="annuaire_entreprises">{{cite web |title=STOIK — Annuaire des Entreprises |url=https://annuaire-entreprises.data.gouv.fr/entreprise/stoik-900293887 |publisher=French Government |access-date=2026-03-09}}</ref> In France, Stoïk is registered with the ORIAS intermediary register under number 24000772.<ref name="stoik_homepage">{{cite web |title=Stoïk — Cyber Insurance |url=https://www.stoik.com/ |publisher=Stoïk |access-date=2026-03-09}}</ref> In Spain, Stoik Iberia, S.L. holds DGSFP authorization as an MGA under administrative key AS0144.<ref name="stoik_spain_terms">{{cite web |title=Terms of Use (Spain) |url=https://www.stoik.com/es-es/terms |publisher=Stoïk |access-date=2026-03-09}}</ref> The French government directory additionally lists STOIK, STOIK FRANCE, and STOIK CERT as distinct entities based in Paris.<ref name="annuaire_entreprises"/>
💰 '''Ownership and funding.''' Stoïk is venture-backed with approximately €70 million raised to date.<ref name="coverager">{{cite web |title=Stoïk raises €20 million |url=https://coverager.com/stoik-raises-e20-million/ |publisher=Coverager |date=2026}}</ref> Key institutional investors include Alven Capital (lead in Seed and Series B), Andreessen Horowitz (lead in Series A), Munich Re Ventures, Opera Tech Ventures (BNP Paribas's venture arm), Anthemis Group, Cyber Integrity Capital (CYBICA), and Impala (the family office of CEO Jules Veyrat's family).<ref name="ffnews_c">{{cite web |title=Stoïk Raises €20m in a Series C to Strengthen Its European Leadership in Cyber Risk |url=https://ffnews.com/newsarticle/insurtech/stoik-raises-e20m-in-a-series-c-to-strengthen-its-european-leadership-in-cyber-risk/ |publisher=FFNews |date=2026-01-20}}</ref><ref name="coverager"/> Tokio Marine HCC International, one of Stoïk's insurance capacity providers, became a strategic investor during the 2024 Series B.<ref name="eu_startups_b">{{cite web |title=Paris-based Stoïk raises €25 million Series B to expand its cyber insurance platform in Europe |url=https://www.eu-startups.com/2024/10/paris-based-stoik-raises-e25-million-series-b-to-expand-its-cyber-insurance-platform-in-europe/ |publisher=EU-Startups |date=October 2024}}</ref> The Series C round (closed January 2026) was co-led by Impala and Opera Tech, reinforcing the Veyrat family's commitment and BNP Paribas's continued support.<ref name="ffnews_c"/> Early angel investors include Henri de Castries (former AXA CEO) and Julian Teicke (wefox CEO), who joined the Series A round.<ref name="sifted_a">{{cite web |title=French insurtech Stoïk wins Andreessen Horowitz's backing in €11m Series A |url=https://sifted.eu/articles/andreessen-horowitz-stoik-insurtech |publisher=Sifted |date=June 2022}}</ref> In 2025, professional footballer Marc-André ter Stegen also became an investor-ambassador.<ref name="linkedin_terstegen">{{cite web |title=Dominic Vieira's Post – Marc ter Stegen joins and invests in Stoïk |url=https://www.linkedin.com/posts/dominicvieira27_marc-ter-stegen-joins-and-invests-in-sto%C3%AFk-activity-7247300835867512835-7JQb |publisher=LinkedIn |date=2025}}</ref>
 
{| class="wikitable sortable" width:100% style="font-size:0.85em"
👥 '''Leadership.''' Stoïk was co-founded by Jules Veyrat (CEO), Alexandre Andreini (Risk Director), Nicolas Sayer (Technical/Product Director), and Philippe Mangematin (Insurance Director).<ref name="ftj">{{cite web |title=French Tech Wire: Stoïk's Plan To Help CISOs Sleep At Night |url=https://www.frenchtechjournal.com/french-tech-wire-stoiks-plan-to-help-cisos-sleep-at-night/ |publisher=French Tech Journal}}</ref><ref name="stoik_about">{{cite web |title=About us |url=https://www.stoik.com/en-us/about |publisher=Stoïk}}</ref> Andreini, a former cybersecurity consultant at Wavestone, leads risk and underwriting; Sayer oversees technology and product, drawing on prior fintech experience; Mangematin, an actuary who previously worked at Swiss Re and co-founded insurer Seyna, heads insurance operations and capacity partnerships.<ref name="stoik_about"/> Franziska Geier joined in 2023 as Country Manager for Germany after a decade at Markel and Allianz in the cyber insurance field.<ref name="stoik_about"/> Following the 2025 CyberContract acquisition, Stef Vermeulen (former CyberContract CEO) serves as Country Manager for Belgium.<ref name="cybercontract">{{cite web |title=CyberContract is acquired by Stoïk, extending cyber insurance possibilities in Belgium |url=https://www.cybercontract.eu/en/cybercontract-is-acquired-by-stoik-extending-cyber-insurance-possibilities-in-belgium |publisher=CyberContract |date=2025-09-02}}</ref>
|+ 📑 Stoïk, entity-level identifiers and registrations
 
! scope="col" style="text-align:center" | Item
📈 '''Scale and footprint.''' As of early 2026, Stoïk protects over 10,000 companies across six countries: France, Germany, Spain, Belgium, Austria, and Luxembourg, and also serves Monaco via passporting.<ref name="ffnews_c"/><ref name="coverager"/> Its distribution network exceeds 2,000 partner brokers, including BNP Paribas's entire French retail banking network, which has distributed Stoïk's cyber insurance since late 2022.<ref name="ffnews_c"/><ref name="bnp">{{cite web |title=#2 Stoïk X BNP Paribas, or how to help SMEs fight against cybercrime |url=https://group.bnpparibas/en/news/2-stoik-x-bnp-paribas-or-how-to-help-smes-fight-against-cybercrime |publisher=BNP Paribas |date=October 2022}}</ref> The workforce has grown from a handful at inception to approximately 130 by early 2026, with a target of 200 within a year.<ref name="ffnews_c"/> Employees are spread among Paris headquarters, regional offices in Cologne, Vienna, and Madrid, and the integrated Brussels-area team from CyberContract.<ref name="cybercontract"/><ref name="alven_de">{{cite web |title=Stoïk raises €10 million and expands to Germany |url=https://alven.co/stoik-raises-e10-million-and-expands-to-germany/ |publisher=Alven |date=September 2023}}</ref><ref name="eu_startups_b"/>
! scope="col" style="text-align:center" | Finding
! scope="col" style="text-align:center" | Source
|-
| Legal name (core group entity) || Simplified joint stock company (SAS), RCS Paris no. 900 293 887, registered at 4 rue Euler, 75008 Paris || <ref name="stoik_terms"/>
|-
| Creation date || 1 June 2021 (Paris) || <ref name="annuaire_entreprises"/>
|-
| Insurance intermediary registration (France) || ORIAS register no. 24000772 || <ref name="stoik_homepage"/>
|-
| Spanish MGA authorization || Stoik Iberia, S.L., DGSFP key AS0144 || <ref name="stoik_spain_terms"/>
|-
| Incident response entity (France) || STOIK CERT, Paris (4 rue Euler) || <ref name="stoik_cert">{{cite web |title=CERT-Stoïk |url=https://www.stoik.com/cert |publisher=Stoïk |access-date=2026-03-09}}</ref>
|-
| Multi-entity structure (France) || STOIK, STOIK FRANCE, and STOIK CERT listed as distinct entities || <ref name="annuaire_entreprises"/>
|}
 
🌍 '''Operating footprint.''' Stoïk is a private company with physical presence and local entities across multiple European markets. The headquarters are in Paris, with additional offices including Stoïk GmbH in Munich and Stoïk Iberia in Madrid, plus an Austrian branch in Vienna.<ref name="stoik_about">{{cite web |title=À propos — Stoïk |url=https://www.stoik.com/a-propos |publisher=Stoïk |access-date=2026-03-09}}</ref> The company's disclosed operating markets span France, Germany, Spain, Austria, Luxembourg, and Belgium, the last entered through the acquisition of CyberContract in September 2025.<ref name="series_c_pr"/><ref name="cybercontract_pr">{{cite web |title=Stoïk — CyberContract Acquisition Press Release |url=https://stoik.cdn.prismic.io/stoik/aLVWkGGNHVfTOeqh_PRStoi%CC%88k-CyberContractacquisitionBelgium.pdf |publisher=Stoïk |date=September 2025}}</ref>
⚖️ '''Legal and regulatory.''' Stoïk SAS's business registration classifies its activity as "holding and services," while operational insurance broking is conducted through Stoïk France (NAF code 66.22Z).<ref name="pappers_france"/> Both entities are subject to French insurance regulations (Code des Assurances) and the EU Insurance Distribution Directive (IDD). Stoïk leverages the EU single market "passport" for insurance intermediaries to operate across borders: its expansion to Germany and Austria in 2023 was done via freedom of services and a local branch rather than seeking separate BaFin licensing.<ref name="alven_de"/> In Belgium, Stoïk acquired the existing broker CyberContract in 2025, instantly meeting local regulatory requirements.<ref name="cybercontract"/> The company also monitors upcoming obligations under the EU NIS2 Directive and France's 2023 LOPMI law requiring policyholders to file a police complaint within 72 hours of a cyber-extortion event to be indemnified.
 
📊 '''Scale indicators.''' Stoïk's January 2026 Series C press release states the company protects more than 10,000 companies, works with over 2,000 broker partners, covers around 600 new companies each month, employs more than 130 specialists, and reached approximately €50 million in gross written premium in 2025.<ref name="series_c_pr"/> A March 2025 cyber claims report references analysis of a portfolio of 5,000 insureds across Europe.<ref name="stoik_claims_report">{{cite web |title=Cyber Claims Report 2024 |url=https://www.stoik.com/sinistres-cyber-rapport-2024 |publisher=Stoïk |date=March 2025}}</ref>
🎯 '''Mission and market position.''' Stoïk's stated mission is "to be the CISO of Europe," acting as the outsourced Chief Information Security Officer for thousands of SMEs that lack in-house cyber expertise.<ref name="stoik_about"/> It is often cited as the first European cyber-insurtech MGA focused on the SME segment.<ref name="cybercontract"/> Competitors include U.S. entrants such as Coalition and At-Bay—models Stoïk explicitly emulates but with an exclusively European focus—as well as incumbent insurers offering cyber coverage.<ref name="tc_2024">{{cite web |title=European cyber insurance startup Stoïk secures $27M |url=https://techcrunch.com/2024/10/14/european-cyber-insurance-startup-stoik-secures-27-million/ |publisher=TechCrunch |date=2024-10-14}}</ref><ref name="tc_2022">{{cite web |title=Stoïk combines cyber insurance products with active security monitoring |url=https://techcrunch.com/2022/01/13/stoik-combines-cyber-insurance-products-with-active-security-monitoring/ |publisher=TechCrunch |date=2022-01-13}}</ref> Stoïk was recognized among the CB Insights Insurtech 50 (2025) and its management asserts that its first-mover advantage, combined with local European regulatory know-how, gives it a durable edge over purely U.S.-based models.<ref name="sifted_a"/>
 
{{Section separator}}
== BusinessFounders modeland leadership ==
 
👥 '''Founding team.''' Stoïk was co-founded by four individuals: Jules Veyrat, Alexandre Andreini, Nicolas Sayer, and Philippe Mangematin.<ref name="conditions_pr_2024">{{cite web |title=Stoïk — Conditions Générales Press Release |url=https://stoik.cdn.prismic.io/stoik/Zn5-VR5LeNNTwnoE_42-11juin2024CPStoikconditionsgenerales-1-.pdf |publisher=Stoïk |date=June 2024}}</ref><ref name="series_a_pr">{{cite web |title=Stoïk Series A Press Release |url=https://stoik.cdn.prismic.io/stoik/ZkdpFyol0Zci9Pu8_8-28juin2022Leve%CC%81edefondsSe%CC%81rieA-1-.pdf |publisher=Stoïk |date=June 2022}}</ref> Alexandre Andreini is a former cybersecurity consultant at Wavestone who oversees risk teams. Nicolas Sayer, with experience in French fintechs, leads technology and product. Philippe Mangematin is an actuary and former Swiss Re professional who co-founded Seyna. Jules Veyrat is an entrepreneur who entered the cyber insurance space in late 2020.<ref name="stoik_about"/>
🔗 '''Integrated cyber risk solution.''' Stoïk's business model blends traditional insurance with technology-driven risk management through three tightly integrated pillars: cyber insurance underwriting, continuous cybersecurity monitoring and prevention, and incident response services.<ref name="ftj"/> By helping clients improve their security, Stoïk reduces claims frequency and underwrites more profitably—an alignment of incentives between insurer and insured.<ref name="tc_2022"/> The model is powered by proprietary technology, including AI-driven agents that automate risk assessment, monitoring, and claims triage.<ref name="ffnews_c"/>
 
🎯 '''Current leadership.''' The published management team roster includes Jules Veyrat as President and CEO, Alexandre Andreini as Risk Director, Nicolas Sayer as Technical Director, and Philippe Mangematin as Insurance Director.<ref name="stoik_about"/> Franziska Geier serves as Managing Director of Stoïk GmbH, bringing a decade of experience at Markel.<ref name="stoik_about"/> Vincent Nguyen holds the role of Director of Cybersecurity and appears as a named spokesperson on product and claims communications.<ref name="stoik_cyber_pro_it">{{cite web |title=Cyber Pro IT |url=https://www.stoik.com/cyber-pro-it |publisher=Stoïk |access-date=2026-03-09}}</ref>
🌍 '''Geographic footprint.''' Stoïk operates in France, Germany, Spain, Belgium, Austria, and Luxembourg, with Monaco served via passporting.<ref name="coverager"/> France, launched in early 2021, remains the largest market. Germany was entered in mid-2023 through the establishment of Stoïk GmbH in Cologne/Munich with a local director.<ref name="alven_de"/> By late 2024, Germany contributed several million euros in premiums via 100-plus local brokers.<ref name="eu_startups_b"/> Austria was launched in 2024 with a Vienna office, Spain and Luxembourg went live in 2024–2025 through EU passporting, and Belgium was added in September 2025 through the CyberContract acquisition, instantly providing 150 Belgian broker partners and approximately 1,000 policyholders.<ref name="ffnews_c"/><ref name="cybercontract"/>
 
🔗 '''AXA connection.''' Henri de Castries, former CEO of AXA, participated as a named business angel in Stoïk's June 2022 Series A round.<ref name="series_a_pr"/> No additional AXA-linked capacity provider relationship, distribution partnership, or executive employment history at AXA is identified in published company materials beyond this business angel participation.
🛡️ '''Insurance coverage.''' Stoïk provides a comprehensive cyber insurance policy tailored for SMEs, bundled with cybersecurity tools and services. The insurance addresses the full spectrum of cyber-incident consequences:<ref name="stoik_insurance">{{cite web |title=Insurance |url=https://www.stoik.com/en-us/insurance |publisher=Stoïk}}</ref>
* '''First-party incident response and crisis management:''' 24/7 incident response assistance, legal and regulatory compliance support, IT forensics and remediation, data recovery, and crisis communication.
* '''First-party financial losses:''' Business interruption, additional operating costs, cyber extortion and ransom negotiation, breach notification expenses, regulatory investigation costs, and cyber fraud coverage including CEO-impostor social engineering.
* '''Third-party liability:''' Data privacy liability (GDPR claims), network security liability, and electronic media liability covering defense and settlement costs.
 
📋 '''Policy scope.''' Stoïk's policy is marketed for its clarity and absence of hidden exclusions—a differentiator in a market where cyber policies can be laden with technical carve-outs.<ref name="stoik_insurance"/> Coverage limits reach up to €10 million per policy (raised from an initial €7.5 million) and eligibility extends to companies with annual revenues up to €1 billion, progressively raised from an initial €50 million threshold.<ref name="stoik_insurance"/><ref name="cybercontract"/><ref name="coverager"/> Following the CyberContract acquisition, Stoïk expanded its Belgian offering to include CEO fraud, cloud overbilling, PCI fines/sanctions, and IT equipment replacement cost guarantees—additions being rolled out across other markets.<ref name="cybercontract"/> All insurance clients automatically receive access to Stoïk's cybersecurity services at no extra charge.<ref name="sifted_a"/>
 
🖥️ '''Cybersecurity platform (Stoïk Protect).''' Every policy includes access to Stoïk Protect, a continuous cyber risk monitoring and prevention SaaS tool. Key capabilities include external attack surface scanning (domain, DNS, IP, and credential-leak detection), internal vulnerability assessments of cloud infrastructure and Active Directory configurations, continuous dark-web and breach-database monitoring with proactive alerts, and user-facing phishing simulation and security awareness resources.<ref name="tc_2022"/><ref name="tc_2024"/><ref name="stoik_insurance"/> Stoïk claims that companies actively using its platform can halve their risk of suffering a cyber incident.<ref name="stoik_insurance"/>
 
🔍 '''Managed detection and response (Stoïk MDR).''' Introduced in April 2024, Stoïk MDR is a managed cybersecurity service providing SMEs the benefits of an outsourced Security Operations Center (SOC), deploying endpoint detection and response agents and actively stopping attacks in their early stages.<ref name="eu_startups_b"/> This offering extends Stoïk into MSSP territory, deepening its value proposition beyond what a typical insurer provides.
 
🚨 '''Incident response (CERT-Stoïk).''' Stoïk's in-house cyber emergency response team provides 24/7 crisis support through immediate triage and containment, technical investigation and recovery (leveraging a network of 700-plus global CERT partners), legal and regulatory guidance for GDPR breach notifications and law enforcement filings, crisis communication support, and coordination of ransom negotiations and payment logistics where sanctioned and agreed.<ref name="stoik_insurance"/><ref name="cybercontract"/><ref name="tc_2024"/> By integrating prevention and response with insurance, Stoïk controls the entire loss lifecycle and feeds incident data back into underwriting improvements.
 
💶 '''Revenue model.''' As an MGA, Stoïk does not carry insurance risk on its balance sheet; it earns a commission on gross written premium (GWP) for each policy underwritten on behalf of licensed carrier partners.<ref name="tc_2024"/> Additional revenue comes from potential profit-sharing (contingent commission) if loss ratios remain below agreed thresholds. The cybersecurity services are bundled with the insurance premium rather than charged separately—Stoïk's CEO has emphasized that the insurance product is the revenue vehicle while protection services align incentives.<ref name="tc_2022"/> French filings show statutory turnover of €621,000 in 2022.<ref name="pappers_stoik"/> By 2025, net revenues grew over 200% year on year, reaching a scale consistent with approximately €50 million in managed GWP.<ref name="ffnews_c"/>
 
🤝 '''Distribution and go-to-market.''' Stoïk's distribution is 100% intermediated—it sells exclusively through insurance brokers and strategic partners rather than direct to consumer.<ref name="bnp"/> By early 2026, over 2,000 brokerage firms distribute Stoïk, up from approximately 200 at mid-2022.<ref name="ffnews_c"/><ref name="sifted_a"/> The partnership with BNP Paribas (announced October 2022) was a defining milestone: the entire BNP French retail banking network distributes Stoïk policies, providing what Stoïk described as an "unrivalled strike force."<ref name="bnp"/> Stoïk's automated broker portal delivers quotes in minutes, replacing traditional multi-day questionnaire processes.<ref name="eu_startups_b"/> Notably, Stoïk initially considered direct sales but pivoted fully to brokers by mid-2022, turning potential competitors into allies.<ref name="tc_2022"/>
 
🏦 '''Capacity and insurance partners.''' Stoïk's underwriting capacity is provided by a panel of high-quality carriers:
* '''Tokio Marine HCC''' – Lead capacity provider and strategic investor since 2024 (rated A+); enables policies for companies up to €750 million revenue with €7.5 million limits.<ref name="stoik_about"/><ref name="eu_startups_b"/>
* '''Swiss Re''' – Global reinsurer (rated AA) supporting Stoïk's growing portfolio; partnership highlighted during the CyberContract integration.<ref name="stoik_about"/><ref name="cybercontract"/>
* '''Axeria''' – French insurer (rated A−) used likely for French-market and SME-segment capacity diversification.<ref name="stoik_about"/>
* '''Acheel''' – French insurtech carrier that may serve as a fronting insurer for certain policies, with reinsurance subsequently ceded to Swiss Re and Tokio Marine.<ref name="insurtech_insights">{{cite web |title=Stoïk Raises $27 Million in Series B Funding |url=https://www.insurtechinsights.com/stoik-raises-27-million-in-series-b-funding/ |publisher=Insurtech Insights |date=2024}}</ref>
* '''Euromex''' – Belgian insurer historically used by CyberContract, now being transitioned to Stoïk's main panel for higher limits and broader coverage.<ref name="cybercontract"/>
 
{{Section separator}}
== PerformanceFunding driversand valuation ==
 
📊 '''Overview.''' Stoïk's performance is best understood through both operating KPIs (premium growth, client count, loss ratios) and qualitative drivers (technology effectiveness, distribution expansion) that underlie them. As a private company, Stoïk does not publish detailed financials publicly, but disclosed metrics and growth indicators reveal its trajectory.<ref name="tc_2024"/>
 
💰 '''Funding history.''' Stoïk has raised approximately €69.8 million in disclosed equity funding across five rounds since January 2022. The investor base blends large generalist venture capital from Andreessen Horowitz, European venture capital from Alven, strategic insurance and reinsurance participation from Munich Re Ventures and Tokio Marine HCC International, and corporate venture capital from Opera Tech Ventures (the corporate VC arm of BNP Paribas).<ref name="series_a_pr"/><ref name="goodwin_law">{{cite web |title=Alven Capital Partners Invests in the €25 Million Series B of Stoïk |url=https://www.goodwinlaw.com/en/news-and-events/news/2024/10/announcements-technology-alven-capital-partners-invests-in-the-25-million |publisher=Goodwin Law |date=October 2024}}</ref>
🚀 '''Growth in premiums and customers.''' GWP has roughly doubled or tripled each year since launch. In 2022, Stoïk had approximately 2,000 policyholders. By October 2024, TechCrunch reported Stoïk was representing €25 million in premiums and on track for 5,000 policyholders by year-end.<ref name="tc_2024"/> By the close of 2025, Stoïk exceeded €50 million GWP with over 10,000 policyholders—a greater-than-200% year-on-year increase—driven by both new-country expansion and deepening French penetration, with approximately 600 new companies insured per month in late 2025.<ref name="ffnews_c"/>
 
{| class="wikitable sortable" width:100% style="text-align:left; font-size:0.85em; background-color:white;"
|+ 💶 Stoïk, equity funding rounds, amounts, and lead investors, Jan 2022 – Jan 2026, EUR
|+ style="text-align:left;" | '''Operating KPIs: Stoïk growth metrics'''<ref name="ffnews_c"/><ref name="tc_2024"/><ref name="pappers_stoik"/><ref name="sifted_a"/>
! scope="col" style="text-align:center" | Round
|- style="background-color:#4472C4; color:white;"
! scope="col" style="text-align:center" | Date
! KPI !! 2021 !! 2022 !! 2023 !! 2024 !! 2025 !! Notes/Drivers
! scope="col" style="text-align:right; width:7em" | Amount raised
! scope="col" style="text-align:center" | Lead investor(s)
! scope="col" style="text-align:center" | Notable co-investors
! scope="col" style="text-align:right; width:7em" | Cumulative funding
|-
| Seed || January 2022 || style="text-align:right" | €3.8M || — || Alven; Anthemis; Kima Ventures || style="text-align:right" | €3.8M<ref name="agefi_2023">{{cite web |title=Stoïk lève 10 millions d'euros et s'installe en Allemagne |url=https://www.agefi.fr/news/tech-finance/stoik-leve-10-millions-deuros-et-sinstalle-en-allemagne |publisher=L'Agefi |date=September 2023}}</ref>
| Gross Written Premium (GWP) || ~€0.1 M¹ || €0.6–0.7 M¹ || Not disclosed || ~€25 M || ~€50 M || Premium under management. Early years low due to late 2021 launch; steep growth from 2023 onward.
|-
| Series A || June 2022 || style="text-align:right" | €11M || Andreessen Horowitz || Alven; Anthemis; business angels incl. Julian Teicke || style="text-align:right" | ~€14.8M<ref name="series_a_pr"/>
| Policyholders (companies insured) || ~50¹ || ~2,000¹ || ~3,000 (est.) || ~5,000 || 10,000+ || Grew via France brokers and new market entries; milestone of 10k reached in 2025.
|-
| Growth round || September 2023 || style="text-align:right" | €10M || — || Munich Re Ventures; Opera Tech Ventures || style="text-align:right" | ~€24.8M<ref name="agefi_2023"/>
| New policyholders per month || – || – || Not disclosed || ~400 (H2 est.) || ~600 || Monthly addition rate increased as distribution widened (e.g. BNP channels).
|-
| Series B || October 2024 || style="text-align:right" | €25M || Alven || Andreessen Horowitz; Munich Re Ventures; Opera Tech Ventures; Anthemis; Cyber Integrity Capital; Tokio Marine HCC International || style="text-align:right" | ~€49.8M<ref name="techcrunch_2024">{{cite web |title=European Cyber Insurance Startup Stoïk Secures $27 Million |url=https://techcrunch.com/2024/10/14/european-cyber-insurance-startup-stoik-secures-27-million/ |publisher=TechCrunch |date=14 October 2024}}</ref>
| Renewal/Retention Rate || – || Not disclosed || Not disclosed || Not disclosed || Not disclosed || Likely high (cyber insurance tends to renew well), but no public data.
|-
| Series C || January 2026 || style="text-align:right" | €20M || Impala; Opera Tech Ventures || Alven; Andreessen Horowitz || style="text-align:right" | ~€69.8M<ref name="series_c_pr"/>
| Gross loss ratio (insurance) || – || Not disclosed || Not disclosed || <50% (indicative) || <50% (indicative) || Stoïk hints at below-industry loss ratios due to prevention (market avg ~50–60%). Portfolio described as "profitable."
|-
| Combined ratio / profitability || – || n/a || n/a || Approaching breakeven || ~Breakeven || Underwriting profit achieved; overall net income negative due to growth investments.
|-
| Average premium per policy || – || Not disclosed || Not disclosed || ~€5k (est.) || ~€5–6k (est.) || Early micro-SME policies €1–4k; average grew as Stoïk moved upmarket.
|-
| Entities monitored (platform) || – || Not disclosed || ~2,000² || ~5,000² || 10,000+² || Roughly equal to policy count; each insured company onboarded to Stoïk Protect.
|-
| Broker partners (signed) || ~5–10 || ~200 (active) || ~1,000 (FR + DE) || 1,000+ || 2,000+ || Grew from a handful in 2021 to virtually the entire French broker market by 2025 plus international brokers.
|-
| Countries of operation || 1 (FR) || 1 (FR) || 3 (FR, DE, AT) || 5 (FR, DE, AT, ES, MC) || 6 (FR, DE, ES, BE, AT, LU) || Germany & Austria launched 2023; Spain, Luxembourg, Monaco in 2024; Belgium via acquisition 2025.
|-
| Employees (FTE) || ~10 || ~30 || ~80 || ~110 || ~130 || Aiming for 200 by end 2026.
|-
| Revenue (commission income) || Minimal || €0.62 M¹ || ~€1.5–2 M (est.) || Not disclosed || Not disclosed || 2022 from filed accounts; >200% YoY growth in 2025 implies >€5 M.
|}
<small>1: Based on French filings (Stoïk SAS comptes 2022) showing 2021 turnover ~€104k and 2022 ~€621k. Figures appear low due to Stoïk SAS acting as holding; part of revenue may flow through Stoïk France from 2023 onward. 2: "Entities monitored" equals number of insureds with access to Stoïk Protect (approximate).</small>
 
📈 '''Growth trajectory.''' The Series C press release signals an intention to expand the workforce from approximately 130 to 200 employees over the subsequent 12 months, reflecting a scale-up in technical, operational, and international capacity devoted to prevention, detection, incident response, and geographic expansion.<ref name="series_c_pr"/> Net revenue growth of over 200 percent year-over-year was reported for 2025, although absolute revenue figures remain undisclosed.<ref name="series_c_pr"/>
📣 '''Premium growth drivers.''' Stoïk's surge in GWP has been fueled by both client volume and upselling higher limits. In 2022–2023, growth came from signing thousands of French small businesses via brokers, many of them first-time cyber insurance buyers. The BNP Paribas partnership provided a significant boost in 2023 by reaching deep into the long tail of small enterprises. In 2024–2025, geographic expansion added new premium: the German book ramped with larger average policy sizes, and the CyberContract acquisition brought an existing €1–2 million GWP from Belgium with projections to triple that in 18 months.<ref name="cybercontract"/> Stoïk also progressively increased its maximum policy limit and target client size (from €150 million to €750 million, now €1 billion revenue), enabling higher-premium mid-market contracts. While the number of clients doubled from roughly 5,000 to 10,000 in 2025, GWP grew over 200%, indicating the average premium increased through bigger clients and more coverage upselling.<ref name="eu_startups_b"/>
 
{{Section separator}}
🏪 '''Broker network and distribution metrics.''' Stoïk's distribution reach expanded from a few hundred brokers to over 2,000 in three years. By end-2024, more than 1,000 brokers were actively placing business, including 100-plus in Germany and 150 in Belgium via CyberContract.<ref name="tc_2024"/><ref name="cybercontract"/><ref name="eu_startups_b"/> The automated quoting system—eliminating traditional cybersecurity questionnaires in favor of scans—dramatically sped up the sales cycle and improved conversion rates.<ref name="tc_2022"/>
== Customer segments and underwriting appetite ==
 
🏭 '''Segment definition.''' Stoïk's underwriting appetite has expanded upward over time from an SME-centric origin to the upper mid-market. The current English homepage states support for companies with turnover up to €1 billion and offers coverage limits up to €10 million.<ref name="stoik_homepage"/> In October 2024, reporting indicated Stoïk covered companies with annual turnover up to €750 million with maximum limits of €7.5 million at that time.<ref name="techcrunch_2024"/> The Belgium expansion materials state that Belgian insurance limits can increase from €3 million to €10 million, with the insurable revenue ceiling rising from €150 million to €1 billion.<ref name="cybercontract_pr"/>
📉 '''Claims and loss performance.''' While detailed loss ratios are not public, Stoïk described its underwriting as "profitable" by late 2024, suggesting a gross loss ratio probably under 50–60% (compared to a market average for SME cyber of 50–70%).<ref name="cybercontract"/> Stoïk attributes this outperformance to risk selection (declining applicants with low security scores until they improve) and risk mitigation (its policyholders suffer fewer severe incidents thanks to proactive alerts).<ref name="tc_2022"/> Its capacity providers have continued to support and increase capacity, signaling acceptable or favorable loss metrics.
 
📦 '''Book composition.''' Policyholder counts and onboarding velocity indicate a broadly distributed SME and mid-market book rather than a small set of large corporate risks: over 10,000 companies protected, around 600 new companies onboarded each month, and more than 2,000 broker partners.<ref name="series_c_pr"/> The distribution strategy, described as broker-centric with self-serve quoting tooling, is structurally consistent with SME and mid-market placements.<ref name="series_a_pr"/>
📐 '''Financial performance highlights.''' On the financial side, Stoïk is still a young company investing heavily in growth. French filings show consolidated net revenue of approximately €621,000 in 2022 and a net loss of €3.01 million that year (up from €238,000 in 2021).<ref name="pappers_stoik"/> Personnel costs were €1.88 million in 2022 versus €173,000 in 2021, reflecting deliberate spending on team expansion.<ref name="pappers_stoik"/> By 2023–2024, revenues ramped into the multi-millions, partially offsetting costs, though the company likely remained EBITDA-negative. The Series C announcement noted a "robust underlying business model," "high level of financial discipline," and that the funding was calibrated not to overshoot needs, pointing toward a path to profitability as scale increases.<ref name="ffnews_c"/>
 
🔍 '''Industry coverage and exclusions.''' Stoïk presents broad sector coverage spanning distribution and e-commerce, consulting, hospitality, real estate and construction, manufacturing, legal professions, and education.<ref name="stoik_insurance">{{cite web |title=Cyber Insurance |url=https://www.stoik.com/en-us/insurance |publisher=Stoïk |access-date=2026-03-09}}</ref> Explicit underwriting screens exclude activities such as weapons, gambling, social networks, cryptocurrency-related activities, airports, and stock markets.<ref name="stoik_terms"/> The pricing page further lists excluded sectors including airlines, public-sector entities, and media-related categories.<ref name="stoik_pricing">{{cite web |title=Prix assurance cyber |url=https://www.stoik.com/prix-assurance-cyber |publisher=Stoïk |access-date=2026-03-09}}</ref>
🔑 '''Key performance themes.'''
* '''Distribution leverage:''' By piggybacking on brokers and banks, Stoïk achieved faster and cheaper premium growth than a direct model would allow; every new broker signed can bring dozens of clients.
* '''Underwriting discipline:''' Stoïk has generally targeted firms meeting minimum security hygiene, sometimes requiring improvements before binding a policy, which keeps loss ratios manageable.<ref name="tc_2022"/>
* '''Market environment:''' Cyber insurance demand in Europe has been a tailwind—only approximately 5% of SMEs had cyber cover in 2021—and Stoïk benefited from an underserved market meeting a capable supplier.<ref name="techdoteu">{{cite web |title=Combining insurance and cyber security software, Stoïk raises €3.8 million |url=https://tech.eu/2022/01/12/combining-insurance-and-cyber-security-software-stoik-raises-e3-8-million/ |publisher=Tech.eu |date=2022-01-12}}</ref>
 
{{Section separator}}
== Product, coverage, and claims ==
== Strategic priorities ==
 
📄 '''Policy structure.''' Stoïk's terms of use reference general insurance conditions drawn up by Stoïk, indicating the company publishes or controls core policy and contract conditions.<ref name="stoik_terms"/> The company publicly emphasizes backing by major insurance actors and displays carrier and reinsurer partners, though binder form details, quota share structures, and per-carrier line allocations are not publicly disclosed.<ref name="stoik_homepage"/>
🌐 '''Pan-European expansion.''' Stoïk aims to become the de facto cyber insurance provider for SMEs across Europe, entering new markets at a rate of about one per year.<ref name="tc_2024"/> The focus is on Central and Southern Europe, with likely targets including Italy, the Netherlands, and Scandinavia.<ref name="ffnews_c"/> The CyberContract acquisition provided a successful template for buy-and-build market entry.<ref name="cybercontract"/> A strategic goal is to achieve EU-wide coverage as an early defensive moat against U.S. competitors like Coalition expanding into Europe.
 
🛡️ '''Coverage scope.''' Publicly listed coverage buckets include assistance and crisis management (incident response, legal assistance, crisis communication, IT remediation, and data recovery), first-party damages and losses (business interruption, additional operating costs, cyber ransom, notification costs, monitoring and surveillance costs, investigation and sanctions costs, and cyber fraud), and third-party liability (data leakage, media, and virus transmission).<ref name="stoik_insurance"/>
📡 '''Scaling distribution and partnerships.''' In France, the goal shifts from broker acquisition to increasing share of wallet among existing partners. In new markets, Stoïk will prioritize signing leading broker networks quickly. The company aims to replicate the BNP Paribas bancassurance model with banks in other countries, leveraging Opera Tech Ventures' connections within BNP's international network. Potential future distribution avenues include telcos, IT service providers, and API-driven embedded insurance in SME software platforms.<ref name="bnp"/>
 
🔄 '''Coverage evolution.''' In June 2024, Stoïk announced significant expansions to its general conditions. New covered event triggers were added beyond malicious intrusion, including human errors, social engineering fraud, and malicious acts by employees. New guarantees were introduced covering administrative investigations and sanctions (including those linked to PCI DSS) and IT system improvement costs following a cyberattack to prevent recurrence.<ref name="conditions_pr_2024"/> A 25 percent deductible reduction was introduced for insureds using the Stoïk Protect prevention platform, creating a pricing incentive tied to security posture.<ref name="conditions_pr_2024"/> The Belgium market entry expanded the proposition further with coverage for CEO fraud, cloud overbilling, PCI penalties, IT equipment replacement costs, and facilitated international subsidiary coverage.<ref name="cybercontract_pr"/>
🧩 '''Product portfolio expansion.''' Stoïk is expanding from its single core product into adjacent offerings. Stoïk MDR (launched 2024) may eventually be offered as a standalone subscription to non-insurance customers.<ref name="eu_startups_b"/> Professional Indemnity (E&O) coverage for certain sectors has been introduced as an add-on.<ref name="eu_startups_b"/> New coverages added in 2025—CEO fraud, cloud overbilling, PCI fines, and IT equipment replacement—demonstrate responsiveness to real-world claim scenarios.<ref name="cybercontract"/> Longer-term, Stoïk's "CISO of Europe" ambition implies rolling out compliance advisory, cyber awareness training modules, and phishing simulation platforms.
 
🚨 '''Breach response model.''' Stoïk emphasizes an in-house, end-to-end claims handling model. The claims page describes a 24/7 intervention capability encompassing investigation and defense, IT remediation, valuation, and compensation.<ref name="stoik_sinistres">{{cite web |title=Sinistres |url=https://www.stoik.com/sinistres |publisher=Stoïk |access-date=2026-03-09}}</ref> A "removal of doubt" procedure is not subject to deductible, and no fees are retained in case of a false alarm.<ref name="stoik_sinistres"/> CERT-Stoïk documentation states the incident response mission includes prevention, response, and recovery, with reactive and proactive services available 24/7 for its constituency.<ref name="cert_rfc2350">{{cite web |title=RFC 2350 — CERT-Stoïk |url=https://stoik.cdn.prismic.io/stoik/Z_zEYevxEdbNO_iz_RFC2350-CERTStoi%CC%88k.pdf |publisher=Stoïk |access-date=2026-03-09}}</ref>
🤖 '''AI and technology investment.''' Series C funds are explicitly earmarked to invest further in proprietary AI agents underpinning prevention, detection, and response.<ref name="ffnews_c"/> This includes AI-automated risk scoring, incident triage, underwriting decision support, and claims pattern analysis across 10,000-plus incidents. Stoïk also plans to improve its broker and client platforms with multi-language support, API integrations with broker management systems, and expanded monitoring capabilities covering new threat vectors.
 
🏗️ '''Capacity and reinsurance strategy.''' As Stoïk grows, it will diversify capacity further to avoid dependency on any single carrier. Possible future partners include Lloyd's syndicates, SCOR, Allianz, and possibly Munich Re's reinsurance parent.<ref name="eu_startups_b"/> Stoïk may negotiate multi-year capacity agreements for stability and continue offering equity stakes to critical partners (as done with Tokio Marine) to secure long-term commitment. Eventually Stoïk could contemplate creating its own risk-bearing entity to participate in underwriting profits.
 
👷 '''Operational scaling and talent.''' The plan to grow from 130 to 200 employees in 2026 means aggressive hiring in engineering (especially AI and platform developers), cybersecurity analysts (to staff the growing CERT and MDR services across time zones), and experienced underwriters for the larger-client segment.<ref name="ffnews_c"/> Regional leadership structures will be established, and expanding 24/7 incident response capacity across languages is a priority.
 
📚 '''Customer engagement and education.''' Stoïk publishes an annual Cyber Claims Report analyzing incidents across its portfolio, positioning itself as a knowledge leader.<ref name="stoik_resources">{{cite web |title=Resources |url=https://www.stoik.com/en-us/resources |publisher=Stoïk}}</ref> The company participates in industry bodies and is monitoring potential government initiatives around mandated cyber coverage or subsidized insurance that could accelerate demand.
 
🏰 '''Long-term vision.''' All strategic priorities ladder up to Stoïk's overarching aim of becoming an indispensable cyber risk management platform for every European SME—evolving from an MGA into a default infrastructure layer for cyber safety, analogous to how businesses rely on standard accounting or payroll platforms.
 
{{Section separator}}
== Cybersecurity services and technology ==
== P&L trends ==
 
🔐 '''Stoïk Protect.''' The prevention platform is described as included in the insurance contract and reserved for policyholders. Publicly described modules include external scanning (weekly audit of external attack surface), internal scanning (cloud and Active Directory configuration analysis), and phishing simulation with ongoing training content.<ref name="stoik_prevention">{{cite web |title=Prevention |url=https://www.stoik.com/prevention |publisher=Stoïk |access-date=2026-03-09}}</ref> Stoïk discloses operational metrics such as vulnerabilities detected through external scanning across insureds and stated responsiveness targets for critical vulnerabilities.<ref name="stoik_prevention"/>
📝 '''Revenue recognition.''' Stoïk's revenues consist of commissions and fees earned on policies, not the full insurance premiums. In 2025, GWP was approximately €50 million, but Stoïk's own revenue would be a fraction of that depending on commission rates.<ref name="ffnews_c"/> Statutory accounts for 2022 show turnover (chiffre d'affaires) of €621,000 and 2021 turnover of €104,000.<ref name="pappers_stoik"/> With greater than 200% year-on-year revenue growth confirmed for 2025, net revenue likely reached the range of €12–15 million.<ref name="ffnews_c"/>
 
🖥️ '''Managed detection and response.''' Stoïk MDR combines endpoint detection and response technology with continuous monitoring by cyber experts. The service draws on the EDR solution of CrowdStrike.<ref name="stoik_mdr_pr">{{cite web |title=MDR Offer Press Release |url=https://www.stoik.com/en-us/pr-mdr-offer |publisher=Stoïk |access-date=2026-03-09}}</ref> Implementation of Stoïk MDR or another MDR solution validated by Stoïk yields a 15 percent reduction on the insurance premium, positioning MDR as both a risk mitigation tool and a pricing lever.<ref name="stoik_mdr">{{cite web |title=MDR |url=https://www.stoik.com/mdr |publisher=Stoïk |access-date=2026-03-09}}</ref>
💼 '''Expense structure.''' Personnel costs dominated early spending: €1.88 million in 2022 (over 300% of that year's revenue), growing to an estimated €8–10 million by 2025 as headcount reached approximately 130.<ref name="pappers_stoik"/> Other significant costs include broker commissions (roughly 15–20% of GWP passed to retail brokers), cloud hosting and data licenses, office costs, and professional services. The Pappers data showed a negative "valeur ajoutée" of −€1.06 million in 2022, confirming that operating expenses far exceeded the small initial revenue.<ref name="pappers_stoik"/> Stoïk appears to have expensed most development costs directly rather than capitalizing them—a conservative accounting approach.
 
🏥 '''CERT operations.''' CERT-Stoïk's charter encompasses both reactive and proactive services. Reactive services include defined triage, coordination, and resolution activities available 24/7. Proactive services include vulnerability scanning of exposed assets, Active Directory, and cloud services, phishing campaign management, and EDR management.<ref name="cert_rfc2350"/> The CERT documentation notes incident response may be conducted with the support of trusted partners if necessary.<ref name="cert_rfc2350"/>
📉 '''Profitability and bottom line.''' Stoïk has operated at a net loss as expected for a high-growth startup. The net loss was €238,000 in 2021 and deepened to €3.01 million in 2022; the operating result (résultat d'exploitation) for 2022 was −€3.13 million, nearly identical to the net result since financial income/expense was negligible.<ref name="pappers_stoik"/> EBITDA was −€3.09 million in 2022, indicating minimal depreciation and amortization consistent with little capitalized development.<ref name="pappers_stoik"/> Losses likely peaked in absolute terms around 2023–2024 and began narrowing in 2025 as revenue outpaced expenses. Stoïk's strategy aims to reach operational breakeven within two to three years by growing revenue faster than the largely fixed cost base.
 
⚙️ '''Technology infrastructure.''' Published terms and policies disclose a number of infrastructure dependencies: website hosting on Webflow, server and infrastructure hosting in Amazon Web Services and Google Cloud Platform in EU regions in Frankfurt, and operational tools including Stripe, GoCardless, HelloSign, and Firebase.<ref name="stoik_terms"/><ref name="stoik_spain_terms"/><ref name="stoik_cookies">{{cite web |title=Cookie Policy |url=https://www.stoik.com/cookies |publisher=Stoïk |access-date=2026-03-09}}</ref> The platform architecture is mixed: Stoïk describes proprietary prevention and monitoring platforms while MDR explicitly leverages CrowdStrike EDR.<ref name="stoik_prevention"/>
{| class="wikitable" style="text-align:left; font-size:0.85em; background-color:white;"
|+ style="text-align:left;" | '''Income statement (€) – Stoïk SAS (consolidated) – Selected years'''<ref name="pappers_stoik"/><ref name="ffnews_c"/>
|- style="background-color:#4472C4; color:white;"
! Metric !! 2021 !! 2022 !! 2023 (est.) !! 2024 (est.) !! 2025 (est.) !! Notes
|-
| Gross Written Premium (managed) || €100k (est.) || ~€3–4M (est.) || ~€10M (est.) || ~€25M || ~€50M || Not in P&L (reference only). Rapid growth each year.
|-
| Net Revenue (Commission & fees) || €0 || €621k || ~€1.5M (est.) || ~€5M (est.) || ~€15M (est.) || 2021 negligible. 2022 per accounts. ~200% YoY growth 2025.
|-
| colspan="7" | '''Operating Expenses'''
|-
| – Personnel (wages & social charges) || €173k || €1.88M || ~€4M (est.) || ~€6–7M (est.) || ~€10M (est.) || Headcount grew from ~10 to 130. Includes security, tech, sales.
|-
| – Commission to distribution (brokers) || n/a || n/a (netted) || ~€1M (est.) || ~€3M (est.) || ~€6M (est.) || ~15–20% of GWP passed to brokers. Likely netted from revenue in accounts.
|-
| – Other OPEX (IT, marketing, admin) || €182k¹ || €1.04M¹ || ~€2M (est.) || ~€3M (est.) || ~€5M (est.) || Cloud, office, professional services, travel, events.
|-
| EBITDA || -€250k (est.) || -€3.09M || -€5M? || -€4M? || -€1M? || 2022 EBE −€3.09M. Loss peaked ~2023, narrowing by 2025.
|-
| Depreciation & Amortization || minimal || minimal || ~€0.1M || ~€0.3M || ~€0.5M || Could increase if capitalized software or goodwill from 2025.
|-
| Operating Profit (EBIT) || -€253k || -€3.13M || -€5.1M? || -€4.3M? || -€1.5M? || 2021/22 per accounts. 2023–25 illustrative trend.
|-
| Financial income/expense (net) || ~€15k || +€118k² || ~€0 || ~€0 || ~€0 || Small interest from cash; negligible impact.
|-
| Net Profit (Loss) || -€238k || -€3.01M || -€5M to -€6M? || -€4M? || -€1M? || Net loss widened then improved. Stoïk likely still net-loss in 2025 but closer to breakeven.
|}
<small>1: 2021/2022 other external charges from Pappers summary. 2: 2022 had €118k financial income, possibly FX or interest on cash, and €700k financial debt (likely convertible loan) but low interest cost.</small>
 
🔄 '''Quality of earnings.''' Stoïk's revenue is recurring in nature, as policies renew annually and commission recurs. The retention rate, though undisclosed, likely ensures a growing base of renewal commissions each year that builds on the in-force book. If Stoïk ever unbundled its technology offerings as a standalone service, that could introduce a new revenue line. Stoïk's financial discipline—not over-hiring beyond growth needs and raising only what is needed—has been noted by investors as evidence the company is calibrating spend to maintain sufficient runway.<ref name="ffnews_c"/>
 
{{Section separator}}
== Distribution, geography, and partnerships ==
== Balance sheet ==
 
🤝 '''Broker-centric distribution.''' Stoïk operates a broker-centric distribution model with over 2,000 broker partners as of early 2026.<ref name="series_c_pr"/> The Series A press release described the company as a wholesale broker with a fully digital broker platform ("Espace courtier") to facilitate sales and policy tracking.<ref name="series_a_pr"/> Platform capabilities include online quoting and underwriting, policy tracking and management, and broker performance monitoring.<ref name="stoik_courtiers">{{cite web |title=Courtiers |url=https://www.stoik.com/courtiers |publisher=Stoïk |access-date=2026-03-09}}</ref>
💵 '''Assets.''' Cash is the dominant balance sheet item, fueled by equity raises. At end-2022, Stoïk held €13.4 million in cash, up from €3.6 million at end-2021.<ref name="pappers_stoik"/> By end-2023, after the €10 million extension round, cash likely stood around €20 million. Following the 2024 Series B (€25 million), and accounting for the CyberContract acquisition outlay, cash probably reached approximately €30–35 million by early 2025 before the Series C added €20 million in January 2026. Receivables (premiums and commissions from brokers and insurers) grow with volume but remained manageable; 2022 showed minimal receivables given early-stage volumes. Intangible assets were immaterial through 2022, but from 2025 onward include goodwill from the CyberContract acquisition. Stoïk may also hold French CIR (research tax credit) receivables from the state given its significant R&D activities.
 
🗺️ '''Geographic expansion.''' Stoïk's market rollout began in France as its core domicile. Germany followed, including an office in Cologne established in 2023 with local broker activity, and Stoïk GmbH based in Munich.<ref name="agefi_2023"/><ref name="stoik_about"/> Austria, Spain, and Luxembourg were added progressively, with Spain conducted through Stoik Iberia, S.L. under DGSFP authorization.<ref name="stoik_spain_terms"/><ref name="cybercontract_pr"/> Belgium was entered through the acquisition of CyberContract in September 2025, described as Stoïk's first external growth operation.<ref name="cybercontract_pr"/>
📊 '''Liabilities.''' Stoïk's liabilities are small relative to total assets, as it does not bear insurance risk. Financial debt stood at €2.2 million in 2022 (up from €700,000 in 2021), likely a convertible loan or venture debt facility.<ref name="pappers_stoik"/> The debt-to-equity ratio was approximately 0.2 in 2022. Premium and insurer payables grow with premium volume but are short-term in nature. Working capital was strongly positive at end-2022: €12.8 million net working capital with a negative BFR (besoin en fonds de roulement), meaning current liabilities were smaller than current assets due to the cash injection.<ref name="pappers_stoik"/>
 
🏦 '''Capacity providers.''' Stoïk's website lists backing by major insurance actors including Tokio Marine Europe S.A. (rated A+ by S&P), Axeria IARD (rated A- by AM Best), and Swiss Re.<ref name="stoik_about"/> Tokio Marine HCC International joined Stoïk as a Series B equity investor in October 2024, having already served as a risk carrier partner.<ref name="tech_eu_2024">{{cite web |title=French Cyber Insurance Leader Stoïk Secures €25M Series B |url=https://tech.eu/2024/10/15/french-cyber-insurance-leader-stoik-secures-eur25m-series-b/ |publisher=Tech.eu |date=15 October 2024}}</ref> The Cyber Pro IT product page shows additional partnership support from Tokio Marine HCC and AXIS.<ref name="stoik_cyber_pro_it"/>
🏦 '''Equity.''' At end-2022, shareholders' equity was €10.9 million, up from €2.93 million in 2021, reflecting the €11 million Series A minus accumulated losses.<ref name="pappers_stoik"/> Share capital itself was small (€125,000 by 2025), with the bulk in additional paid-in capital (share premium).<ref name="pappers_stoik"/> Financial autonomy was approximately 78% in 2022 (equity as a percentage of total balance sheet).<ref name="pappers_stoik"/> After Series B and CyberContract share issuances, equity reached an estimated €40 million by end-2025, rising further to approximately €55 million after the Series C.
 
{| class="wikitable" style="text-align:left; font-size:0.85em; background-color:white;"
|+ style="text-align:left;" | '''Balance sheet (€) – Stoïk SAS (consolidated) – Key figures'''<ref name="pappers_stoik"/>
|- style="background-color:#4472C4; color:white;"
! Category !! 2021 !! 2022 !! 2023 (est.) !! 2024 (est.) !! 2025 (est.) !! Notes
|-
| Total Assets || €3.8M || €14.3M || ~€22M || ~€40M || ~€50M || Driven by cash from funding. 2025 includes goodwill from acquisition.
|-
| – Cash & Equivalents || €3.6M || €13.4M || ~€20M || ~€30M || ~€25M || High post-funding; drawn down by ops and acquisition. Series C adds back early 2026.
|-
| – Receivables (trade) || €0.1M¹ || €0.5M¹ || ~€2M || ~€4M || ~€8M || Premiums/commissions receivable grows with volume.
|-
| – Intangibles (incl. goodwill) || €0 || €0 (immaterial) || ~€0.5M (dev) || ~€1M (dev) || ~€5M (incl. goodwill) || Goodwill from CyberContract (~€3–4M); plus capitalized software.
|-
| – Other assets (prepaids, deposits) || €0.1M || €0.4M || ~€0.5M || ~€1M || ~€1M || Research tax credit, prepaid expenses, etc.
|-
| Total Liabilities || €0.9M || €3.4M || ~€5M || ~€6M || ~€10M || Low due to no insurance reserves; mainly payables and debt.
|-
| – Financial Debt || €0.7M || €2.2M || ~€2.2M || ~€1M || ~€1M || Convertible note or venture debt. Likely partly converted by 2024.
|-
| – Premium/Insurer Payables || €0.0M || €0.3M¹ || ~€1M || ~€2M || ~€4M || Amount owed to carriers for premiums. Grows with volume.
|-
| – Accounts Payable (trade) || €0.1M¹ || €0.4M¹ || ~€1M || ~€1.5M || ~€3M || Payables to suppliers, accrued expenses, etc.
|-
| – Other Liabilities (social, tax) || €0.1M¹ || €0.5M¹ || ~€0.8M || ~€1M || ~€2M || Salaries payable, social security, VAT, etc.
|-
| Shareholders' Equity || €2.93M || €10.9M || ~€17M || ~€34M || ~€40M || Built from funding minus losses. 2025 includes Series B injection and CyberContract share issuance.
|-
| – Issued Capital || €45k || €79k || €80k+ || €80k+ || €125.9k || Nominal capital low; bulk in share premium.
|-
| – Share Premium & Reserves || €3.1M || €13.8M || ~€23M || ~€49M || ~€59M || Invested capital grew with each raise.
|-
| – Accumulated Profit/Loss || -€0.2M || -€3.3M || ~-€8.3M || ~-€12.3M || ~-€13.3M || Retained earnings negative. Offset by capital raises in total equity.
|}
<small>1: 2021–2022 breakdown of current assets/liabilities is aggregated in available data; figures approximate from Pappers. 2022 had €0.53M negative "BFR exploitation" (working capital requirement), implying receivables exceeded payables by that amount.</small>
 
🛡️ '''Balance sheet strength.''' Stoïk's balance sheet is highly liquid (majority cash) and minimally leveraged, providing resilience against short-term shocks. The main financial risk would be inability to secure further funding once current cash runs out before revenues cover expenses; however, with the Series C, Stoïk has an estimated two-plus years of runway to reach breakeven. As a broker/MGA, Stoïk does not face Solvency II capital requirements, though it must maintain ORIAS financial guarantee requirements for brokers handling client funds.
 
{{Section separator}}
== CashCompetitive flowpositioning and liquidityfinancials ==
 
🔴 '''Operating cash flow.''' Operating cash flow has been negative each year due to net losses. In 2022, the Pappers data showed a negative capacité d'autofinancement of −€2.98 million, aligning with the net loss.<ref name="pappers_stoik"/> A small working capital benefit of approximately €0.6 million from negative BFR partially offset the outflow. Operating cash outflows likely increased in 2023 (estimated −€5 million) before gradually improving in 2024–2025 as revenue ramped. Stoïk's goal is to reach operating cash-flow breakeven, potentially by 2026.
 
💳 '''Working capital dynamics.''' As an MGA handling premium cash flows, Stoïk temporarily holds some premiums before remitting to carriers. In 2022, days payable to insurers averaged 44.5 days, while days receivable from clients averaged 242 days—the latter possibly reflecting installment payment arrangements or a concentration of late-year policy issuances collected in 2023.<ref name="pappers_stoik"/> In practice, Stoïk's commission is deducted from collected premiums before forwarding the net amount, producing roughly matched inflows and outflows.
 
⚔️ '''Market positioning.''' Stoïk sits in the integrated cyber MGA cluster, combining underwriting-led insurance distribution via brokers with embedded prevention and managed response. Reporting has explicitly compared Stoïk's thesis to the U.S. market trajectory of Coalition and At-Bay, while noting Stoïk's exclusive European focus.<ref name="techcrunch_2024"/> The closest strategic analogs by model are Coalition and At-Bay, with Stoïk differentiated by its continental European regulatory and distribution footprint.<ref name="techcrunch_2024"/>
🔧 '''Investing cash flow.''' Stoïk is not capital-intensive; physical capex (laptops, offices) is trivial. The major investing outflow was the CyberContract acquisition in 2025, whose founders joined Stoïk's cap table as co-shareholders (suggesting the deal was partly equity-based, conserving Stoïk's cash).<ref name="cybercontract"/> Through 2024, investing cash flows were negligible given that most R&D was expensed.
 
🏰 '''Competitive moat.''' Several evidence-based elements support a competitive moat. Stoïk's prevention and CERT documents describe ongoing vulnerability scanning and phishing management, implying ownership of continuous security posture signals that can feed underwriting and risk selection.<ref name="stoik_prevention"/> The formalization of an internal CERT with 24/7 availability and defined triage, coordination, and resolution services is operationally non-trivial to replicate at SME scale.<ref name="cert_rfc2350"/> Tokio Marine HCC International's dual role as risk carrier partner and equity investor is consistent with a capacity-plus-strategic-alignment advantage.<ref name="goodwin_law"/>
💸 '''Financing cash flow.''' Stoïk's growth has been financed by successive equity injections: the €3.8 million seed (early 2022), the €11 million Series A (mid-2022), the €10 million extension (late 2023), and the €25 million Series B (late 2024). The Series C (€20 million, January 2026) adds further capital. In 2022, financing cash flow was approximately €14.8 million from the seed and Series A combined.<ref name="pappers_stoik"/>
 
{| class="wikitable sortable" width:100% style="text-align:left; font-size:0.85em; background-color:white;"
|+ 📊 Stoïk, key performance indicators, 2025–early 2026
|+ style="text-align:left;" | '''Cash flow summary (€) – Indicative, based on funding and estimated burn'''<ref name="pappers_stoik"/>
! scope="col" style="text-align:center" | KPI
|- style="background-color:#4472C4; color:white;"
! scope="col" style="text-align:right; width:9em" | Most recent figure
! Metric !! 2021 !! 2022 !! 2023 !! 2024 !! 2025 !! Notes
! scope="col" style="text-align:right; width:9em" | Prior period
|-
| Gross written premium (GWP) || style="text-align:right" | ~€50M (2025) || style="text-align:right" | —
| Operating Cash Flow || -€200k¹ || -€3.0M² || ~-€5M || ~-€4M || ~-€2M || 2022 actual CFO ≈ −€3M. Improving by 2025 as revenue grows.
|-
| Net revenue growth (YoY) || style="text-align:right" | >200% (2025) || style="text-align:right" | —
| Investing Cash Flow (capex, acq.) || ~€0 || -€0.1M || -€0.2M (dev) || -€0.3M (dev) || -€3M (acq.) || Minor capex until 2025. 2025 includes CyberContract cash portion.
|-
| Policy count (in force) || style="text-align:right" | >10,000 (early 2026) || style="text-align:right" | >7,000 (September 2025)
| Free Cash Flow (Op + Inv) || -€200k || -€3.1M || ~-€5.2M || ~-€4.3M || ~-€5M || Negative FCF each year; could become neutral by 2026.
|-
| Headcount || style="text-align:right" | >130 (early 2026) || style="text-align:right" | —
| Financing Cash Flow (equity/debt) || €500k¹ || +€14.8M³ || +€10M || +€25M || +€0M || Cash from funding rounds. 2025 none (Series C in Jan 2026).
|-
| style="background:#f8f9fa" | '''Source''' || style="background:#f8f9fa; text-align:right" | '''Series C PR'''<ref name="series_c_pr"/> || style="background:#f8f9fa; text-align:right" | '''CyberContract PR'''<ref name="cybercontract_pr"/>
| Net Cash Change || +€300k || +€11.7M || +€4.8M || +€20.7M || -€5M || Dipped slightly in 2025 due to acquisition and burn.
|-
| Ending Cash Balance || €3.6M || €15.3M || ~€20M || ~€40.7M || ~€35.7M || 2025 est. ~€30–35M before Series C.
|}
<small>1: 2021 rough; company founded mid-year, small burn, possibly a bridge loan of €0.7M in financing. 2: 2022 Op CF per capacité d'autofinancement −€2.98M; plus small WC changes ≈ −€3.0M. 3: 2022 financing: €3.8M + €11M raises = €14.8M gross; net ~€11.7M increase after burn.</small>
 
🏧 '''Liquidity position and runway.''' At end-2025, Stoïk's cash (including Series B proceeds) was approximately €25–30 million. With the €20 million Series C added in January 2026, cash could be approximately €45–50 million. Annual burn by 2025 is estimated at €1–2 million (if near breakeven), providing several years of runway without further capital. The Series C press release noted Stoïk raised "without exceeding our actual needs," signaling confidence in reaching milestones with current resources and minimizing dilution.<ref name="ffnews_c"/> Stoïk's liquidity planning also accounts for maintaining the ORIAS-required financial guarantee (approximately €600,000) for brokers handling client funds, typically provided as a bank or insurer guarantee rather than restricted cash.
 
{{Section separator}}
== Risk and compliancefactors ==
 
⚠️ '''Capacity dependency.''' Stoïk's model relies on backing by partner insurers and reinsurers. If capacity is concentrated among a small number of carriers, the company would face renewal and pricing leverage risk from capacity providers. The degree of concentration is undisclosed.<ref name="goodwin_law"/>
⚠️ '''Underwriting and insurance risk.''' Stoïk's foremost insurance risk is underwriting quality: cyber risk is dynamic and potentially systemic. A single cyber event—such as a widespread ransomware worm or a major cloud provider outage—could hit many insureds simultaneously. Stoïk mitigates accumulation risk by monitoring portfolio concentration across sectors and technologies, working closely with reinsurers to model catastrophic scenarios, and capping per-risk exposure (many SME policies have €100,000–€1 million limits).<ref name="tc_2024"/> The panel of top-rated reinsurers ensures that catastrophic losses are borne by well-capitalized carriers rather than Stoïk. Jules Veyrat has noted that underwriting decisions such as whether to accept a company with no offline backups are daily considerations, indicating a disciplined risk appetite calibrated to moderate-risk SMEs.<ref name="tc_2024"/>
 
🌐 '''Systemic aggregation.''' The model targets thousands of SMEs and mid-sized firms and positions cyber risk as systemic, raising stress-event correlation risk from widespread ransomware waves or software supply-chain incidents.<ref name="series_c_pr"/>
🔐 '''Cybersecurity and data risk.''' Stoïk itself handles sensitive data (vulnerability reports, incident forensics) and must be an exemplar of cybersecurity. A breach of Stoïk's own systems could compromise client data and severely damage credibility. Additional risks include GDPR compliance (Stoïk processes personal data as both controller and processor), AI reliability (automated underwriting or incident triage must avoid biased or erroneous decisions), and dependency on third-party threat intelligence feeds and cloud infrastructure.
 
🏛️ '''Regulatory execution.''' Stoïk is active across multiple European jurisdictions with varying distribution and underwriting authorization frameworks. Only French ORIAS and Spanish DGSFP identifiers are explicitly disclosed in reviewed sources.<ref name="stoik_homepage"/>
📜 '''Regulatory compliance risk.''' Stoïk navigates multiple overlapping frameworks:
* '''Insurance intermediary regulation:''' ORIAS registration, Code des Assurances compliance, IDD conduct rules (know-your-customer, remuneration disclosure), mandatory professional indemnity insurance and financial guarantee. EU passporting enables cross-border operations, supplemented by local entities (Stoïk GmbH in Germany, CyberContract in Belgium via FSMA approval).<ref name="pappers_stoik"/>
* '''ACPR oversight:''' As a funds-handling intermediary, Stoïk segregates client premiums in dedicated accounts and forwards timely to maintain compliance. No public issues have surfaced.<ref name="pappers_stoik"/>
* '''Financial crime compliance:''' AML/CFT obligations including KYC procedures and sanctions screening, particularly critical when ransomware payments are involved (U.S. Treasury has fined companies for facilitating payments to sanctioned cybercriminal groups).
* '''NIS2 Directive:''' As a provider of MDR and incident response, Stoïk may be classified as a Managed Security Service Provider under NIS2 (effective 2024–2025), potentially requiring specific security measures, incident reporting to national authorities, and formal registration.
* '''DORA:''' The Digital Operational Resilience Act covers critical ICT third-party providers to the financial sector; Stoïk's partnerships with institutions like BNP Paribas require robust business continuity and cyber resilience.
* '''GDPR:''' Stoïk maintains Data Processing Agreements with clients, designates a Data Protection Officer, and adheres to strict data handling protocols for scanning and incident response activities.
 
📈 '''Operational scaling.''' Maintaining in-house CERT service levels while onboarding approximately 600 new companies per month creates staffing, process, and vendor-management risk. The planned headcount expansion from 130 to 200 employees across multiple countries may also increase burn rate and execution risk.<ref name="series_c_pr"/>
🔗 '''Capacity partnership risk.''' Stoïk's reliance on a small panel of key carriers (Tokio Marine HCC, Swiss Re, Axeria) means that the withdrawal or failure of any one could disrupt business continuity. Mitigation strategies include maintaining multiple partners, securing equity-for-capacity alignment (Tokio Marine invested in the Series B), and demonstrating profitable underwriting results to retain commitment through market cycles.<ref name="eu_startups_b"/>
 
👤 '''Key-person dependency.''' Stoïk is founder-led and publicly represented by Jules Veyrat across multiple press releases. Governance and succession structures are not publicly disclosed.<ref name="series_c_pr"/>
🏬 '''Distribution and competition risk.''' Stoïk's dependence on brokers—particularly BNP Paribas—creates concentration risk in distribution. If BNP discontinued the partnership, a significant pipeline of new business could be lost. Stoïk mitigates this through diversification across 2,000-plus brokers and strong relationship management with key partners. Competition is intensifying as U.S. MGAs (Coalition, Resilience, Cowbell) eye Europe and traditional insurers improve their SME cyber offerings. Stoïk's defenses include local knowledge, established broker relationships, first-mover advantage, and a multi-country entrenchment strategy.
 
👤 '''Operational and talent risk.''' Key-man risk exists around founders, especially Jules Veyrat and Alexandre Andreini. The CERT team requires highly skilled cybersecurity responders who are in short supply industry-wide. Rapid scaling to 200 employees introduces risks of culture dilution and coordination challenges.
 
⚡ '''Geopolitical and macro risks.''' An economic recession could cause SMEs to cut discretionary expenses such as cyber insurance. Nation-state cyberattacks raise complex war-exclusion questions in coverage, as demonstrated by the NotPetya litigation. French legislators also enacted requirements under LOPMI in 2023 conditioning ransom-payment indemnification on filing a police complaint within 72 hours.
 
🔀 '''Integration risk (CyberContract).''' The 2025 acquisition introduces typical integration challenges: aligning culture and processes, migrating clients to Stoïk's platform and policy forms, transitioning from Euromex capacity to the Stoïk panel (enabling higher limits), and retaining Belgian broker relationships under new ownership.<ref name="cybercontract"/>
 
{{Section separator}}
== GovernanceStrategy and ESGoutlook ==
 
🚀 '''European expansion.''' Stoïk's disclosed strategic priorities include continued European expansion with emphasis on Central and Southern Europe, building on its six-country footprint established through organic entry and the CyberContract acquisition in Belgium.<ref name="series_c_pr"/>
🏛️ '''Corporate governance.''' Stoïk is incorporated as a French SAS, offering governance flexibility. The board of directors includes representatives from major investors: Thomas Cuvelier (Alven), a representative from a16z (Seema Amble provided public commentary on the investment), Ben Bergsma (Munich Re Ventures), and likely Marinus Oosterbeek (Opera Tech Ventures) following the Series C co-lead.<ref name="eu_startups_b"/><ref name="ffnews_c"/><ref name="insurtech_insights"/> The introduction of Impala (Veyrat family office) as Series C co-lead adds an interesting dynamic, with the CEO's family fund now aligned as a major investor.<ref name="ffnews_c"/> Henri de Castries (former AXA CEO) serves as an angel-level advisor, providing informal industry guidance.<ref name="sifted_a"/> Governance processes include regular board meetings to review financials, strategy, and major risks; investor terms likely replicate SA-like protections including veto rights on certain decisions.
 
🤖 '''AI investment.''' The company has signaled increased investment in proprietary AI capabilities and AI agents supporting prevention, detection, and incident response workflows.<ref name="series_c_pr"/>
💎 '''Management incentives.''' Founders and employees are incentivized through equity via BSPCE (Bon de Souscription de Parts de Créateur d'Entreprise), France's favorable stock-option regime for startups. Founders combined likely hold 20–30% at this stage; with Impala's investment, the Veyrat family's effective interest has increased, potentially consolidating strategic influence. No secondary sales by founders have been reported, indicating full commitment to long-term value creation.
 
🧩 '''Product adjacencies.''' Stoïk is pursuing product diversification beyond standalone cyber insurance, including combined professional liability plus cyber for IT-sector firms (the Cyber Pro IT product) and MDR expansion distributed through the broker channel.<ref name="stoik_cyber_pro_it"/><ref name="stoik_mdr"/>
🌱 '''ESG profile.''' Stoïk's primary ESG contributions are social and governance-oriented. On the social dimension, Stoïk's core mission produces positive externalities: by protecting SMEs from cyberattacks, it "strengthens Europe's economic fabric" and prevents bankruptcies (the company cites statistics that 60% of attacked SMEs go bankrupt).<ref name="cybercontract"/><ref name="bnp"/> The democratization of advanced cyber protection for small firms that otherwise could not afford a CISO or enterprise-grade security tools is a socially beneficial outcome. On governance, Stoïk benefits from above-average startup governance due to its regulated-industry context and top-tier investor oversight; it has external audits (Emergence Audit from late 2024), board-level compliance scrutiny, and careful handling of ethically sensitive areas such as ransom payments (aligned with legal frameworks requiring law enforcement filing).<ref name="pappers_stoik"/> Environmental impact is minimal given the digital-services nature of the business, though Stoïk's paperless model and cloud-hosted operations inherently reduce physical footprint. The company may formalize ESG reporting as it approaches CSRD thresholds (250 employees projected by end-2026).
 
🏗️ '''Market consolidation.''' The September 2025 acquisition of CyberContract was framed as a step toward consolidating the European cyber insurance market, suggesting an appetite for further inorganic growth.<ref name="cybercontract_pr"/>
🤝 '''Industry engagement.''' Stoïk participates in La French Tech and was represented at the WEF Davos 2023 with the French delegation.<ref name="ftj"/> The company engages with cybersecurity communities, publishes its annual Cyber Claims Report, and likely collaborates informally with France's ANSSI on cyber awareness. CERT-Stoïk may participate in the FIRST network (Forum of Incident Response Teams) for global threat intelligence sharing. These activities position Stoïk as a thought leader and responsible industry actor.
 
{{Section separator}}
== CapitalCompany actionstimeline ==
 
{| class="wikitable" width:100% style="font-size:0.85em"
📋 '''Funding history.''' Stoïk has raised approximately €70 million in venture funding across multiple rounds from 2021 through 2026.<ref name="coverager"/> The timeline of major fundraises is as follows:
|+ 📅 Stoïk, corporate milestones, Jun 2021 – Jan 2026
 
! scope="col" style="text-align:center; width:8em" | Date
* '''Seed Round (January 2022):''' €3.8 million led by Alven with participation from Anthemis Group and Kima Ventures (Xavier Niel's fund), plus angels including Raphaël Vullierme (Luko CEO), Emmanuel Schalit (ex-Dashlane CEO), and Henry Kravis (KKR co-founder).<ref name="techdoteu"/>
! scope="col" style="text-align:center" | Event
* '''Series A (June 2022):''' €11 million led by Andreessen Horowitz (a16z)—making Stoïk one of the few European insurtechs backed by a16z (their fourth European fintech bet)—with Alven, Anthemis, and angels Henri de Castries and Julian Teicke.<ref name="sifted_a"/>
|-
* '''Bridge/Extension (September 2023):''' €10 million led by Munich Re Ventures and Opera Tech Ventures, with continued participation from a16z and Alven, to accelerate entry into Germany.<ref name="alven_de"/>
| 1 June 2021 || STOIK created as a SAS in France.<ref name="annuaire_entreprises"/>
* '''Series B (October 2024):''' €25 million led by Alven (returning to lead), with all major existing investors plus Tokio Marine HCC International (new strategic investor) and CYBICA.<ref name="eu_startups_b"/><ref name="techfunding">{{cite web |title=First French cyber insurtech Stoïk grabs €25M from Andreessen … |url=https://techfundingnews.com/first-french-cyber-insurtech-startup-stoik-cements-from-e25m-andreessen-horowitz-and-others/ |publisher=TechFundingNews |date=2024}}</ref>
|-
* '''Series C (January 2026):''' €20 million co-led by Impala (Veyrat family office) and Opera Tech Ventures, with Alven and a16z participating. Described as a needs-based raise to avoid undue dilution, earmarked for AI development, hiring to 200 staff, and continued European expansion.<ref name="ffnews_c"/>
| January 2022 || Seed round of €3.8M with Alven, Anthemis, and Kima Ventures.<ref name="agefi_2023"/>
 
|-
🏢 '''Acquisition: CyberContract (September 2025).''' Stoïk's first M&A move was the purchase of CyberContract BV, a Belgian cyber MGA founded in 2014 by Katrien Dom, with 1,000 policyholders and 150 broker partners covering SMEs up to €150 million revenue with €3 million policy limits.<ref name="cybercontract"/> The acquisition instantly extended Stoïk's Belgian footprint and enabled Belgian clients to access Stoïk's broader capacity panel (Tokio Marine, Swiss Re) for up to €10 million coverage with additional guarantees. CyberContract's founders took an equity stake in Stoïk and remained operationally involved, indicating a largely equity-based deal that conserved Stoïk's cash and signaled belief in Stoïk's future value. Stoïk expects to triple the Belgian portfolio within 18 months.<ref name="cybercontract"/>
| 28 June 2022 || Series A of €11M led by Andreessen Horowitz; business angels include Henri de Castries (former AXA CEO) and Julian Teicke.<ref name="series_a_pr"/>
 
|-
🔮 '''Future capital needs and exit.''' With approximately €70 million raised and improving unit economics, Stoïk may not need much more private funding if it nears profitability. Plausible future scenarios include an IPO (possibly around 2027–2028 on Euronext Paris or a global exchange if reaching greater-than-€100 million GWP with continued growth) or a strategic acquisition by a partner such as Tokio Marine or Munich Re seeking a dedicated European cyber specialist. Jules Veyrat has mentioned a potential U.S. entry in three to five years (from approximately 2025), which would likely require a significant additional capital raise. No major investors have exited to date, and all rounds have been primary capital (no secondary sales), reflecting continued conviction in the growth trajectory.
| September 2023 || €10M growth round disclosed; entry into Germany with a Cologne office; Munich Re Ventures and Opera Tech Ventures participate.<ref name="agefi_2023"/>
 
|-
📌 '''Summary of capital actions:'''
| 11 June 2024 || Product conditions evolution: expanded triggers (human error, social engineering fraud, malicious insider acts) and new guarantees (administrative investigations and PCI DSS sanctions; IT system improvement costs).<ref name="conditions_pr_2024"/>
* Total raised approximately €70 million, confirming strong investor backing in an environment where some insurtechs struggled.
|-
* Cap table includes top-tier VC (Andreessen Horowitz) and strategic investors (global insurers).
| 14 October 2024 || Series B of €25M reported; turnover ceiling of €750M and coverage limit of €7.5M described.<ref name="techcrunch_2024"/>
* Funding has been measured and non-hyped: Stoïk avoided over-raising and unnecessary dilution, indicating good capital discipline.<ref name="ffnews_c"/>
|-
* One tuck-in acquisition executed to extend reach (Belgium); CyberContract founders' decision to become Stoïk co-shareholders signals confidence in the combined entity.
| 2 September 2025 || Acquisition of CyberContract (Belgium) announced as first acquisition; portfolio exceeds 7,000 policyholders across Europe.<ref name="cybercontract_pr"/>
* The involvement of the Veyrat family office in Series C suggests patient capital giving Stoïk freedom to pursue its long-term "CISO of Europe" vision without premature exit pressure.
|-
| 20 January 2026 || Series C of €20M announced; over 10,000 companies protected, over 2,000 broker partners, ~€50M GWP in 2025, headcount plan of 130 to 200.<ref name="series_c_pr"/>
|}
 
{{Section separator}}
== KeySee timelinealso ==
* [[Cyber insurtech MGAs and underwriting agencies]]
 
* '''Late 2020:''' Jules Veyrat conceives Stoïk, observing that SMEs are deeply vulnerable to cyberattacks yet underserved by insurance or security solutions, and assembles co-founders Andreini, Sayer, and Mangematin.<ref name="ftj"/>
* '''Q2 2021:''' Stoïk SAS incorporated (June 2021) in Paris; initial platform development and insurer partnerships begin.<ref name="pappers_stoik"/>
* '''Late 2021:''' First pilot policies underwritten; small revenue of approximately €104,000 recorded for the year.<ref name="pappers_stoik"/>
* '''January 2022:''' Public launch and €3.8 million seed round announcement.<ref name="techdoteu"/>
* '''H1 2022:''' Rapid traction in France with approximately 200 broker partners and headcount growing from 12 to 28; Series A (€11 million) closed in June, led by a16z.<ref name="sifted_a"/>
* '''October 2022:''' BNP Paribas partnership announced, rolling out Stoïk's cyber insurance across its entire French retail banking network.<ref name="bnp"/>
* '''Late 2022:''' Approximately €621,000 revenue on estimated €3–4 million GWP, roughly 2,000 insureds, broker count nearing 1,000.<ref name="pappers_stoik"/>
* '''April 2023:''' Stoïk France SAS and Stoïk GmbH created for internal reorganization and German expansion.<ref name="pappers_france"/>
* '''September 2023:''' €10 million extension round announced alongside Germany expansion; Franziska Geier appointed Country Manager from Cologne.<ref name="alven_de"/>
* '''Q4 2023:''' Austria entered (Vienna office); Monaco quietly added via French license.<ref name="eu_startups_b"/><ref name="cybercontract"/>
* '''April 2024:''' Stoïk MDR (Managed Detection & Response) launched.<ref name="eu_startups_b"/>
* '''October 2024:''' Series B (€25 million) raised; Professional Indemnity add-on introduced; Tokio Marine HCC becomes strategic investor; Stoïk on track for 5,000 policyholders and €25 million GWP.<ref name="eu_startups_b"/>
* '''April 2025:''' Marc-André ter Stegen invests in and becomes brand ambassador for Stoïk.<ref name="linkedin_terstegen"/>
* '''September 2025:''' CyberContract acquired in Belgium, bringing country count to six.<ref name="cybercontract"/>
* '''Late 2025:''' Year closes with 10,000-plus insured companies, approximately €50 million GWP, greater-than-200% net revenue growth, and approximately 130 employees.<ref name="ffnews_c"/>
* '''January 2026:''' Series C (€20 million) announced, co-led by Impala and Opera Tech Ventures; hiring target of 200 and continued Central/Southern European expansion confirmed.<ref name="ffnews_c"/>
 
{{Section separator}}
Retrieved from "https://insurerbrain.mediawiki.site/wiki/Stoïk"