Did managing your company’s insurance program (or parts of it) unexpectedly land on your desk? Ouch. But help is here: In this week’s blog my colleague Lenin Lopez offers practical steps you can take if you become responsible for their company’s insurance program.
– Priya Huskins
Unless you're a risk manager or naturally play in the insurance space, the prospect of being anointed as the one who oversees your company’s insurance program, or aspects thereof, may not be the growth opportunity you are searching for. This article is for individuals who find themselves in this situation, especially those who have little to no experience managing corporate insurance programs.
This article will:
- Briefly explain the importance of insurance
- Provide an overview of the fundamentals of corporate insurance
- Share strategies to efficiently assess your company’s existing insurance program
- Explain the relevance and importance in understanding your company’s risk profile and risk tolerance
- Outline ways to develop and maintain a comprehensive insurance management strategy
Why Insurance Matters (To You)
Why does insurance matter? Let me count [some] ways:
- Financial Protection: Insurance can protect the corporation financially against unforeseen events and risks. This includes helping to mitigate the financial impact of securities lawsuits, cybersecurity breaches, natural disasters, product liability claims, or other adverse events.
- Legal Compliance: There are certain industries, regions, customers, or partners, among others, that may require a certain degree of insurance coverage. This may include situations like the state your business operates in requiring workers’ compensation insurance, or a customer contract requiring you to carry a certain amount of cyber insurance. Failing to secure insurance coverage in these cases can result in fines, penalties, contract breaches, and lost business.
- Personal Liability Protection: Insurance can also protect directors, officers, and others within the organization in the case they become subject to an investigation or are named in litigation. Directors and officers (D&O) insurance, discussed more below, is one such example.
Getting insurance wrong can have significant adverse effects for the company and its directors, officers, shareholders, even the individual responsible for insurance management. Yes, that includes you, the new manager of corporate insurance. Let me explain it this way: insurance doesn’t matter in most minds within an organization until something goes wrong. If a risk materializes, like the company not having adequate coverage for a cyber breach, the company can face adverse financial impacts, damaged reputation, and expose its directors and officers to personal liability. If adequate coverage hasn’t been purchased or the company believes that something is covered and it isn’t, it’s likely that the first stop for inquiry will be the individual responsible for insurance management.
All to say: congratulations on being responsible for your corporation’s insurance program.
Insurance: The Basics
At its core, insurance transfers risk from one party to another in exchange for a premium. Understanding key terms like premium, deductible, self-insured retention, coverage limits, as well as the different types of policies will help you effectively assess your company’s insurance program and manage it. A great reference for key insurance terms is the National Association of Insurance Commissioners’ glossary of insurance terms and definitions. In practice, many of the insurance terms that you need to be familiar with will be defined in each insurance policy. In that spirit, what follows is a short list of common types of insurance policies that companies may have in place at any given time:
- Directors & Officers Liability: This coverage responds when directors and officers are accused in civil or criminal court of acting in a way that violates their duties to the stockholders or the law, especially federal securities law. See this article for a detailed overview of D&O insurance.
- Cyber/Privacy Liability: Provides financial protection against data breaches, cyberattacks, and privacy violations, including expenses for forensic investigation, legal defense, and customer notification. Read more for an expansive explanation of cyber liability insurance.
- Property: Covers damage or loss to physical assets like buildings, equipment, and inventory caused by certain events, like fire, theft, or natural disasters. Check out this this webinar to learn more about property insurance.
- Casualty: Protects against liability for third-party bodily injury or property damage, including coverage for legal costs and settlements. Watch this webinar that discusses casualty insurance in detail.
- General Liability: Offers companies broad protection against claims of bodily injury, property damage, or personal injury arising from their operations, products, or premises. Watch this webinar that discusses general liability insurance.
- Workers’ Compensation: Ensures employees receive benefits for work-related injuries or illnesses, covering medical expenses, lost wages, and rehabilitation costs while shielding employers from lawsuits. Discover more about casualty insurance through this webinar that discusses worker’s’ compensation.
The above list is basically the greatest hits or the A-side tracks of insurance policies. The reality is that there are several other types of insurance policies that a company may have in place at any given time, including representation and warranties, kidnap and ransom, clinical trials, and fiduciary liability.
With the above in mind, the next step is diving into your company’s insurance program.
Understanding Your Current Insurance Program
A comprehensive review of your insurance program helps you to keep the [insurance] trains running on time. As you familiarize yourself with your company’s insurance program, it will become clear that there are a significant number of moving parts that need to be tracked and monitored. This is on top of the ongoing assessment of the adequacy of current coverage.
In seeking to understand your current insurance program, you may be inclined to rely on the summaries or records that your predecessor(s) may have left. While helpful, don’t rely on these summaries as gospel. Rather, any internal summaries or records related to your insurance program may be best viewed as supplemental materials to help guide your discussions with the oracles of your insurance program: your insurance brokers.
Your insurance brokers should be able to provide you with a summary of your policies, coverages, policy limits, historical/open claims, and renewal dates. The last two on that list deserve a mention.
Historical/Open Claims
There are several ways to leverage historical claims information as you look to understand your company’s insurance program. Your company’s claims history can serve as a window into the types of risks that have materialized. Additionally, any increase in similar claims, as well as the severity of claims, may indicate a need to reassess current coverage limits and, in some cases, work with others in the organization to consider enhancing risk management strategies.
It’s also important to evaluate open claims and identify who, if anyone, within the company is working with your insurance broker to shepherd that process along. For instance, if your company is tapping into insurance to cover defense costs associated with a product liability claim, it would be important to identify those in the organization who are involved in the matter. Those individuals will likely be able to provide a deeper level of insight into the matter than what your broker might be able to provide. They may also be able to provide feedback on your brokers’ claims handling to date.
Renewal Dates
These are important to wrap your mind around sooner rather than later because the annual insurance renewal process requires a high degree of internal coordination. In many cases, you may be managing through multiple insurance renewals through the year, so it’s best to anticipate and calendar those dates early. Getting the required underwriting information, the right parties to participate in insurance carrier diligence, and the relevant parties to sign off on key decisions will take time. Also, in some cases, you may need the involvement of the company’s senior management and even the board of directors.
Understanding Your Company's Risk Profile and Risk Tolerance
Understanding your company’s risk profile and risk tolerance is a critical element in assessing the adequacy of your company’s current insurance coverage. There are a couple of ways to quickly get your bearings here.
First, in terms of gaining an understanding of your company’s risk profile, if your company has an enterprise risk management function, consider yourself lucky. You may just want to start there. That function will be able to share more risks than you can shake a stick at, which is a result of likely already having conducted an enterprise-wide risk assessment. That process generally involves interviewing different functions within the organization, like internal audit, legal, treasury, regulatory, compliance, facilities, and human resources, to help identify significant company risks. If your company doesn’t have an enterprise risk management function, don’t fret, there are other ways to get what you need.
If your company is publicly traded, it’s worthwhile to look at the risk factors section included in the most recent annual report filed on Form 10-K or Form 20-F with the US Securities and Exchange Commission (SEC). You can easily find this on your company’s website, typically in the investors section. Notably, while the risks identified in this section aren’t comprehensive, they do include the significant risks that make an investment in the company speculative or risky. To round out your view, consider connecting with the individuals who were responsible for drafting the risk factors section, most likely someone on your legal team.
Your company’s risk tolerance is another important data point as you manage the insurance program, including in helping to tailor an insurance program that strikes the right balance between protection and affordability. Risk tolerance isn’t always easy to quantify; it’s typically a hodgepodge of several factors, including budgetary constraints, business objectives, and general risk appetite. For example, some companies may be more risk-averse and prefer comprehensive insurance coverage to minimize potential losses, while others may be willing to accept higher levels of risk in exchange for lower insurance premiums. Your company’s risk tolerance will also vary between risks. Rather than attempting the herculean task of determining the company’s risk tolerance for all risks at once, one approach may be to incorporate an annual risk tolerance assessment in connection with your insurance renewal processes and strategy. Talk about a segue…
Maintain a Comprehensive Insurance Management Strategy
Implementing a comprehensive insurance management strategy will go a long way to helping to ensure that your company’s insurance program is optimized to suit your company’s needs and that things don’t fall through the cracks.
Below are five key elements to consider including in an insurance management strategy.
-
Annual Review of Existing Coverage
At a high level this strategy should include an annual review of your existing coverage, likely timed in connection with your policy renewals, identifying any changing business dynamics, and adjusting insurance accordingly. Notably, it isn’t always the case that insurance policies renew at the same time. If that’s the case for your company, you may want to ask your insurance broker(s) what can be done to align those renewals over time. Alignment of renewals can help alleviate the administrative burden on you and others in the organization, as well as the distraction that staggered insurance renewals can sometimes pose. For example, it is likely that your management team would prefer to anticipate one season of insurance-related activity versus engaging in insurance renewals all year long.
-
Engaging Others Within the Company and Solicit Feedback
The annual review of your existing coverage ideally also includes engaging with others within the company to solicit feedback on the current insurance program, discuss the current state and anticipated state of the business, as well as the current risk landscape. For example, let’s consider your company’s cyber insurance policy. In advance of that policy being up for renewal, it would be a good idea to involve your company’s chief information security officer, or the person that manages cyber risk, in the renewal process with your insurance broker. This will provide a more complete understanding as to the company’s current cyber risk profile and whether there are any anticipated changes over the next policy period. Giving this person input into the process and insurance outcome is also likely to yield more cooperation when it comes to providing you with the information you need to complete the insurance application.
-
Effective Methods to Communicate with the Board, Management, and Employees
A well-designed strategy will also include methods to inform the board, management, and employees about insurance matters, policy changes, and risk management initiatives. However, information isn’t just going one way. This strategy should also contemplate ensuring that that everyone is aware of their roles and responsibilities in helping you to manage the company’s insurance program.
For instance—and most importantly—there should be a clear understanding within the organization as to how events, claims, investigations, or other potential events that may trigger insurance coverage or reporting requirements need to be noticed and/or reported. All of your work putting together a robust insurance program will have been for naught if claims are not reported in a timely manner.
-
Staying Informed of Legal and Regulatory Changes
Whether it’s new rules that the SEC adopts, developments in Delaware corporate law, or even in how insurance carriers may react in response to those things, the constant is that the risk landscape is everchanging. For that reason, it’s important to align yourself with knowledgeable advisors who can help to keep you well-informed of any changes that may be relevant to your company and your insurance program. As examples of the types of resources that may prove helpful in this regard is Woodruff Sawyer’s 2024 D&O Looking Ahead Guide and 2024 Cyber Insurance Trends.
-
Regular Communication with Your Insurance Brokers
A strong relationship with a knowledgeable insurance broker is a must if you want a properly structured insurance program and want to ensure that you are adequately protected against potential risks. Ideally you and your insurance broker(s) communicate periodically throughout the year and not just at the time of renewal or when you need to report a claim. For example, if your company is considering acquiring another company, there may be risks that your company is assuming that will significantly impact your insurability profile in the eyes of insurance carriers. While these types of issues would rarely be reason to hold up a deal, they could impact how the company views the deal economics.
Parting Thoughts
Assuming responsibility for a company's insurance program, or aspects thereof, without prior experience can feel like a daunting task. As discussed, your insurance broker(s) should be in a position to help you acclimate. However, if you do find yourself in a position where you find it necessary to explore other broker options, read this resource for practical approaches to finding a broker that best fits your company’s needs. Ultimately, by taking the steps outlined in this article, you will be well positioned to ensure that your company’s insurance program is tailored to meet the needs of the business.
