Improving your cover

  • Date:01 Oct 2013
  • Type:Company Director Magazine
As the risks and threats to Australian directors and their companies grow, Domini Stuart examines some of the latest trends in the insurance market.

For the board, the world is a riskier place today than five, or even three, years ago.

“Legislative changes coming through in Australia are extremely significant for most directors,” says Mark Lingafelter, managing director of the Chubb Insurance Company of Australia.

“There are proposed changes to privacy legislation, changes in the Australian Securities and Investments Commission’s approach to reporting obligations, the always present obligations around continuous disclosure and changes in the area of employment practices, which means directors are operating in a very fluid legal and regulatory environment.

“We’re also seeing an increase in litigation in general and a particular increase in litigation against directors. All of these factors have combined to create an increased risk profile for Australian companies of all sizes.”

The nature of the threats directors are facing is also changing.

“At the end of 2011, after a spate of natural disasters that included earthquakes in Japan and New Zealand, floods in Thailand and floods, bushfires and cyclones in Australia, directors were paying a great deal of attention to their business continuity cover, their emergency responses and how exposed they were to bottlenecks in their production operation,” continues Lingafelter.

“Two years later, every time you open a newspaper, there seems to be a headline about cyber attacks on governments and big business, so cyber crime is now a major point of focus. Disasters aren’t any less of a threat, but it is human nature to look in the rear-view mirror and concentrate on the events that are closest.”

A decade ago, only the very largest organisations had cyber insurance on their radar. Now the directors of much smaller companies are realising they’re similarly exposed. 

“Whether the criminals are stealing payment or card details, using so-called ransomware to freeze your computer systems or hacking into your system in a nuisance attack, they’re targeting companies of all sizes,” says Lingafelter.

“All of these activities can trigger exposures such as business interruption and the cost of communicating with individuals whose data has been compromised. This is still an emerging area, but we’ve already handled a number of claims.”

Personal liability
At their peak, Australian directors were at the mercy of more than 700 separate pieces of legislation that imposed personal liability on them. Add this to the perceptible trend towards making directors personally responsible for the failings of a company and it is little wonder they are feeling increasingly vulnerable. 

If directors are accused of wrongful acts while carrying out this role, a directors’ and officers’ (D&O) insurance policy could be all that stands between them and financial ruin. But many directors don’t have the cover they need.

Sometimes there isn’t enough insurance to go around, which can end in a fight for defence costs and claims cover. Class actions are also continuing to drive losses under the company securities cover, which is known as “side C”.

“These class actions can exhaust the policy limit, leaving the directors bare,” says Michael Pryce, AIG Australasia regional manager of financial lines.

“We have seen many examples where all the proceeds of the insurance policy were spent on funding the company’s defence costs so the directors were left with no insurance protection at all. Separate company securities cover can insure against disasters of this kind.”

Making the right choice
Risk oversight is, of course, one of a board’s primary functions.

“Directors are responsible for ensuring that, in the event of a loss, disruption to the business and the subsequent effect on profit is minimised,” says Richard Coloretti, CEO of Edgewise Insurance Brokers.

“Insurance is a key part of a company’s risk-management plan and the board needs to be sure the type and level of insurance it purchases provides adequate and appropriate risk protection.”

Pryce recommends that boards complement a top-down approach to risk management with a bottom-up assessment process.

Directors would also be well advised to pay close attention to people within the organisation and corporate culture.

“Companies with a clear moral compass and a well-established culture of compliance will be best placed to handle the plethora of corporate governance and regulation requirements,” says Pryce.

Brad Russell, a partner in the insurance and corporate risk group of McCullough Robertson (Twitter: @MCRlaw), is concerned that some directors underestimate their responsibilities and, as a consequence, can be too quick to delegate.

“Sadly, many boards rely on someone else in the organisation to arrange the insurance without ever assessing its quality and appropriateness for themselves,” he says.

“The most common mistake used to be under-insuring. Now, as the risk landscape is growing more varied and complex, we’re finding companies are as likely to have the wrong insurance as having too little.”

A good board positions the business to defend and guard.

“This starts with a very broad scan of risks the company faces,” says Lingafelter.

“The board should then take positive steps to ensure management has embodied a robust process to identify risk, prioritise risk, mitigate risk and, in the final analysis, accept risk.

“Boards need to communicate with management to ensure the right processes are in place and that management is thinking about the effects of risks.

“They should also be asking about controls, which operational risks should be transferred, which should be held and the mitigation strategies they’re enacting.

“Then, once all of this has been established, the board can step back into a less proactive role, monitoring progress and ensuring the management team is executing the agreed strategies.”

Finding the best cover
With any commercial insurance policy, the first consideration must be the breadth and clarity of cover.

“You need to understand what the reach of the policy is and to be sure it meets all of your requirements,” says Pryce.

The quality of the team who will handle any claims should also be a priority, particularly in relation to D&O insurance.

“Every D&O claim is unique and they can be extremely complex,” continues Pryce.

“Directors should look very closely at the experience and track records of the insurer’s claims team to satisfy themselves that, if they should ever need it, they will receive the highest level of support.”

Claims philosophy is a major differentiator in the insurance market and Jonathan Mead, the UK-based regional client and distribution leader, Asia Pacific, for XL Insurance, advises directors to be very clear about the approach favoured by their insurer.

He also recommends taking a close look at what they’re offering in terms of risk engineering.

“Qualified and experienced risk engineers can significantly improve a company’s risk profile, making it a more attractive risk to its insurer and helping it to avoid a claim,” he says.

Tracking down the right insurer isn’t easy.

“Most clients are at a disadvantage because they don’t know how to compare the various insurers’ policies or their response to claims,” says Russell.

Good advice from an independent professional is crucial.

The starting point is forging a strong relationship with an insurance broker who understands the nature of the organisation, its risk profile and its culture.

“Companies will always get the best from the market if they’re transparent, engage in early dialogue and have a desire to work in partnership with their broker rather than treating insurance as just another commodity to be purchased,” says Mead. 

Keeping costs to a minimum
While cost will always be a major consideration, it is just one aspect of the overall value.

“Australia is a sophisticated and mature market,” says Lingafelter.

“The HIH collapse also gave Australian directors first-hand experience of the fact that insurance is about a lot more than just price.”

Some risks are so expensive to insure that the cost outweighs the benefits and, in certain cases, no cover is available at all.

Where self-insurance is the only option, some very large enterprises set up a captive insurance company to provide insurance solely for their organisation.

This enables them to retain risk at a comfortable level and also to smooth out the way the risk is distributed so that their costs are more predictable.

Many smaller companies also self-insure to some degree, though in much less complex ways. For example, they might decide to retain certain risks themselves or agree to pay a higher excess on some policies.

“Every organisation has a certain level of risk tolerance,” says Coloretti.

“As long as the board fully understands the risks and how much it will cost to transfer them to an insurer, it can make an informed decision about how much of the risk it is prepared to carry or self-insure.”

While self-insurance can be a valid strategy for many types of risk, it may not provide adequate personal protection for a director.

“Many clients have elected to self-insure company securities exposure and to ring-fence their D&O insurance for the benefits of the directors only,” says Pryce.

“But, as a company can’t indemnify the individual for every claim, directors can use D&O insurance to provide a safety net. And, again, if they should have to defend a claim, the support of an experienced claims team could be crucial.”

A good broker with a deep understanding of the company’s risks can help minimise costs by fine-tuning the amount of cover and the details of each policy.

A good claims history will also work in your favour and there can sometimes be an opportunity to create tension between competing insurers.

But, as Russell reiterates, in the scope of coverage of insurance, the quality of the insurer should always come first.

As he says: “If a ‘cheap’ policy doesn’t respond to your needs, it’s nothing more than a very expensive waste of money.”

Twitter: @DominiStuart

What’s new that directors need to know?
Jonathan Mead: There is still a lot of new capacity coming into the market and existing international carriers are deploying more capacity as they get more “comfortable in their own skin”. By this I mean insurers’ models in the region are getting more sophisticated. Their use of analytics is also improving – they are now capturing aggregations, understanding contingency risk and developing frequency loss profiles.

Michael Pryce
: One recent innovation is an “evergreen” feature within a management insurance policy. This provides the organisation with cover that will automatically continue year after year without a time-consuming annual renewal process. It also provides security for the client that its policy is locked in.

Mark Lingafelter
: Cyber insurance is an increasingly sought-after form of liability insurance designed to protect commercial businesses of all kinds against a wide range of first-party and third-party liability cyber exposures that arise when their customer information is breached or stolen.

Richard Coloretti
: While most companies purchase insurance to cover their property and liability exposures, their corporate risks are often ignored. This is changing as society becomes more litigious and the incidence of claims increases. Employee-related claims for unfair dismissal or sexual harassment, employee fraud, fines for breaches of workplace health and safety legislation – all directors should consider insuring against these and related exposures as part their risk-management strategy.