Predictions regarding the problems that will arise from the "Year 2000 Problem" (or "Y2K") range from the trivial to the apocalyptic. Yet, while the scope and magnitude of Y2K may be the subject of debate, there is one aspect of Y2K on which almost everyone agrees: costs relating to Y2K will likely reach billions of dollars. In today’s bottomline business world, savvy corporate risk managers, CFOs and the like already have begun to consider various collateral sources of funds that may be accessed to defray these Y2K-related costs. One such source is insurance.

Why think of insurance as a collateral source of funds to offset or defray costs associated with the Year 2000 Problem? Before answering that question, a brief primer on insurance is in order.

It is helpful to think of insurance in terms of "first party" and "third party" coverages. First party insurance coverages are designed to protect the policyholder’s business and property from certain specified risks. Typical first party coverages include flood insurance policies and business interruption policies. Thus, for example, in the event that a flood would cause damage to a manufacturing facility, the policyholder would submit a claim to its insurer for the loss(es) that the policyholder has incurred as a result of the flood.

Third party insurance coverages are designed to protect the policyholder from claims that its business activities have caused injury or damage to a third party. Third party coverages are often described or thought of as "liability insurance," i.e., such coverages respond where a third party asserts and/or establishes liability against the policyholder. In most third party coverages, the insurer undertakes both to defend and indemnify the policyholder. Thus, if a third party brings a lawsuit against the policyholder, the policyholder can look to its liability insurer to pay the costs of defending the lawsuit, including the payment of attorneys’ fees, and to indemnify the policyholder for any amounts paid to the third party in satisfaction or settlement of the alleged liability. Typical third party coverages include comprehensive general liability policies, error and omission policies, and directors and officers liability policies.

With these simple principles in mind, the attractiveness of insurance as a collateral source of funds to offset or defray Y2K-related costs becomes clear. In the first party context, policyholders whose business or property has been damaged by a failure attributable to Y2K could look to their insurers for reimbursement of lost profits, as well as repair or replacement of damaged equipment or machinery. Likewise, policyholders against whom Y2K-related liability claims have been asserted may call upon their insurers to honor the defense and indemnification obligations undertaken in third party coverages. Accordingly, many companies are having their insurance coverages reviewed by counsel to determine the extent to which their insurance may defray expected Y2K-related costs.

Sensing that its members are becoming increasingly attractive targets of collateral funds, the insurance industry has staked out an aggressive position on the Year 2000 problem. The Insurance Services Office ("ISO"), which comprises representatives from insurance companies across the country and is responsible for drafting standardized policy language, has reported that 40 states, including Pennsylvania, and the District of Columbia have formally approved exclusionary language for Year 2000-related problems in general liability and commercial policies. Some insurers have publicly declared that they will not honor Y2K-related claims. Others have adopted a more cautious "wait-and-see" approach, apparently hoping that the Year 2000 problem will somehow resolve itself without requiring insurers to make public pronouncements that are antagonistic to their policyholders.

Regardless of whether a given insurer has made its intentions known, however, the sheer magnitude of Y2K-related costs invariably will lead to substantial disputes and litigation between policyholders and insurers over whether various coverages that are common to businesses will be available to offset or defray these costs. The coverages around which the disputes are most likely to center include the following:

Perhaps the most widely anticipated scenario for Y2K problems involves some form of interruption to the policyholder’s own business operations due to a failure of its own computer system. Business interruption coverage generally covers profits lost during a business interruption that is caused by direct physical loss of or damage to tangible property.

Insurers may contend that Y2K problems are not covered by business interruption policies because such problems do not cause direct physical loss of or damage to tangible property. They may argue that no direct physical loss or damage to their policyholders’ computers has resulted as the physical hardware has remained in tact. Policyholders may, however, argue that while the hardware appears to have remained in tact, physical transformations through erroneous computations and data manipulations have, indeed, taken place and caused physical damage to their computer systems.

Aside from the basic business interruption coverage provided, the existence of exclusions related to computer-related problems can affect coverage. Many business interruption policies already exclude coverage for computer-related problems. With the year 2000 approaching, the use of such general computer-related exclusions -- as well as more specific Y2K exclusions -- is increasing. Companies should, as a result, have proposed policy renewals carefully reviewed by counsel to ensure that the expected coverage is being provided.

Providers of computer goods or services that cause a third party to experience Y2K problems may be covered under comprehensive general liability (CGL) insurance policies. Such policies generally provide coverage for, among other things, bodily injury or property damage to third parties that is caused by an "occurrence" that takes place during the policy period.

Insurers may be expected to argue that "property damage" is narrowly defined to only include physical damage to tangible property and that Y2K problems are not covered because they do not physically damage tangible property. As discussed above, policyholders may argue that the erroneous computation and manipulation of data arising out of Y2K problems causes physical damage to their computer systems. To date, some courts have reasoned that computer programs consist of both tangible and intangible property. Moreover, since the definition of "property damage" in many CGL policies includes loss of use of property that is not physically damaged, coverage arguably should be available for a policyholder where the policyholder’s computer products or services damage or cause the shutdown of a third party’s facilities.

CGL policies commonly contain numerous exclusions to the basic coverage provided. Again, these exclusions need to be carefully reviewed to determine whether coverage for Y2K problems is available. For example, CGL policies require that there be an "occurrence" during the policy period for coverage to be available. Under the definitions used in most CGL policies, an event of loss is not an "occurrence" if it was expected or intended by the policyholder. Insurers likely will argue that, given the widespread proliferation of information regarding potential Y2K problems, the Y2K problems experienced by policyholders were expected or intended and, therefore, are not covered. On the other hand, a policyholder may persuasively argue that a general awareness of the broad range of potential Y2K problems does not mean that the policyholder expected or intended the particular property damage or personal injury that resulted from a Y2K problem. Evidence that a policyholder took reasonable steps to avoid Y2K problems, yet still may be liable for having caused property damage or personal injury through a specific, unanticipated manifestation of a Y2K problem, may go a long way in proving that the resulting loss was neither expected nor intended.

CGL policies also commonly exclude coverage for liability for property damage or personal injury that a policyholder assumes by contract and would not have absent the contract. As such, a policyholder’s CGL policy is unlikely to provide coverage if the policyholder’s responsibility for another’s Y2K problem is solely based on contract.

Many CGL policies contain exclusions that bar coverage for damage to the policyholder’s "work" or "product." While these types of exclusions may eliminate coverage for damage to a computer product made by the policyholder, they should not eliminate coverage for the many types of potential losses of property not made by the policyholder. In other words, although there may be no coverage for replacement of a defective computer made by the policyholder, there may well be coverage for the losses sustained by the purchaser as the result of production line shutdowns, resulting manufacturing defects or the like.

CGL policies can contain numerous other potentially applicable exclusions which must be subjected to a careful and educated review before a determination regarding coverage for Y2K problems can be made.

Directors and officers of companies with Y2K issues face myriad potential liabilities for, among other things: (1) failure to report Y2K problems to shareholders, the SEC and/or other regulatory authorities; (2) failure to take reasonable steps to determine whether the company has Y2K problems; and (3) failure to remedy Y2K problems.

Directors and Officers (D&O) insurance policies are likely to give directors and officers at least some welcome comfort, principally because D&O policies have been readily available, are likely to have been purchased and often provide a broad grant of coverage for losses that arise out of the "wrongful acts" of directors and officers. The potential Y2K liabilities of directors and officers (i.e., failure to report and failure to investigate and correct problems) are likely to fall within the expansive definition of "wrongful acts" in most D&O policies.

Nevertheless, with the year 2000 approaching, many insurers are specifically excluding coverage in D&O policies for Y2K problems or, at a minimum, requiring policyholders to complete applications designed to disclose whether Y2K problems have been investigated and are being remedied. Like the CGL policies discussed above, D&O policies can contain numerous other potentially applicable exclusions, each of which must be analyzed to determine whether coverage for Y2K problems is available.

While arguing that none of the traditional coverages apply to Y2K-related liabilities, a select number of insurers have begun to aggressively market a new product specifically designed to address Y2K problems. Both American International Group and Johnson & Higgins Marsh & McClennan have developed Y2K insurance policies. The policies are designed to cover losses suffered by third parties because of the policyholder’s Y2K computer problems, losses suffered by the policyholder because of its own Y2K computer problems and losses resulting from data supplied by another company’s computers. The policies will not be issued without an extensive (and expensive) pre-issuance audit of the risk posed by the prospective policyholder’s operations (the cost of which is borne by the policyholder) and will carry a stiff premium (reportedly in the area of 60 percent to 80 percent of limits). Thus, as a practical matter, such Y2K policies are unlikely to be available to those companies that most need their coverage.

Although it is too early to tell exactly how widespread Y2K losses will be and what business sectors will be most affected, it is certain that those facing Y2K losses will be attempting to shift their losses to others, thus creating a flood of legal claims. As the year 2000 looms, companies must assess their Y2K risk, determine their insurance needs and make an educated examination of their past coverage and the policies currently being offered by their insurers to assess whether those policies will address the risk they face as a result of Y2K. In light of the increasing number of states that have now approved specific exclusions for Y2K related losses, policyholders can no longer assume that coverage provided in past years is being provided in their insurer’s latest renewals but, instead, should have those renewals carefully reviewed.