A few years back, we created our Insurance and Risk Management Checklist to outline steps companies should take to evaluate their insurance and risk management programs, and to plan for the year ahead. Now more than ever, it is vital for companies to stay on top of these critical functions. Last year saw a rise in weather-related and other natural disasters, such as devastating wildfires, and as climate change continues, we can only expect such events to occur with more frequency, and businesses need to be prepared. In addition, we see more news reports every day regarding cyberattacks – from hacking into corporate networks, political parties, and individual email accounts, to attempts to infiltrate and do harm to our nation’s power grid and internet-connected products, such as home appliances, automobiles, and even medical devices. We also have seen a greater increase in ransomware attacks. Thus, while there continue to be substantial risks around data breaches, other cyber risks loom even larger, and cyberattacks may lead to substantial business interruption, property damage, and even loss of life or severe bodily injuries. Of course, we also are in the midst of a global pandemic creating even greater risks to individuals and businesses, making insurance and risk management of greater importance. Companies, both public and private, also face a more aggressive plaintiffs’ bar looking for new areas of attack; we also might anticipate a more stringent regulatory environment from the federal government. A holistic approach to insurance and risk management is needed in these evolving and uncertain times. So, here is an updated Insurance and Risk Management Checklist for 2021:
1. Identify all significant risks
- What are your physical risks?
- Is your building more susceptible to fire or explosions?
- Does your building contain hazardous materials that could spill or leak?
- Have you taken measures to prevent the spread of disease in the workplace?
- If your building is out of commission for an extended period of time, how would that impact your business?
- Do you have added risks from employees working in offsite locations?
- What are your location risks?
- Is your business in or near a location that is susceptible to fire, storm damage, or natural disasters (i.e., floods, hurricanes, tornados, or earthquakes)?
- What are your personnel risks?
- Do your employees have access to products, information, or money that is susceptible to embezzlement, theft, or fraud?
- Do your employees drive company cars and/or utilize their own vehicles for company business?
- What are your technology risks?
- Would you be crippled by a power outage?
- Do you or your vendors store Personally Identifiable Information and/or medical information?
- Do third parties have access to your computer systems?
- Do your employees have mobile devices and/or remote access to your systems?
- Are you managing your data and network security risks in the new remote working environment?
2. Take inventory of all of your coverages
Do you have all the insurance you need to cover your significant risks? Are your coverage limits adequate to protect the business?
- General liability insurance
- Errors & omissions liability insurance
- Directors’ & officers’ liability insurance
- Employment practices liability insurance
- Employee benefits liability insurance
- Fiduciary liability insurance
- Cyberliability and data privacy insurance
- Property and business interruption insurance
- Fidelity & crime insurance
- Terrorism insurance
- Insurance for the spread of communicable disease
- Are you comfortable with your deductibles or self-insured retentions?
- Are all of your affiliates insured?
- Are your officers, directors, and employees adequately insured?
- Do you anticipate any upcoming purchases, sales, and/or mergers or acquisitions?
- Do emerging risks such as global climate change, pandemic diseases, terrorism, and data and systems security need to be addressed in your planning?
- Did your risks change as a result of the pandemic?
3. Plan for your policy renewals
- When do each of your policies expire?
- Plan ahead for renewals – don’t wait until the last minute. This is especially important in today’s marketplace, where premiums have skyrocketed and “shopping around” could result in significant savings.
- What are you trying to accomplish with your renewals?Did you consider that your insurance company may not want to renew with you (especially if you filed a claim last year)? Are you prepared if that happens?
- Increase coverage limits
- Broaden coverage
- Obtain better pricing
- Change insurance carriers
- Review policies that afford the right to provide a notice of circumstances that may lead to a claim to assess the pros and cons of providing such notice in the current policy period.
4. Analyze the substantive terms of your policies
- Do they cover all significant risks your company faces at adequate levels?
- Do they really cover what you think they cover?
- Carefully review coverage provisions, endorsements, and exclusions
- Has your coverage grown with your business?
- Don’t rely on just carrying your coverage over from one year to the next
- When your business changes and expands, your coverage must change and expand with it
5. Put systems in place for administering your policies
- Know what the notice requirements are in each of your policies and have systems in place for providing notice
- Know what constitutes a claim that must be reported under the terms of your policies
- Know what your policies require regarding submitting proofs of loss, and the timing of such submissions
- Know what your policies require regarding cooperation and insurance company consent before incurring expenses and settling claims
- Do you have systems in place so that those responsible for providing notice to insurers are aware of claims or potential claims that must be reported?
6. Review your broker agreements
- Are they one-sided boilerplate agreements provided by the broker?
- Do they clearly spell out each side’s respective responsibilities?
- Do they clearly spell out the compensation to be paid to the broker and for what services?
- Do they permit the broker to obtain contingent compensation from insurance companies?
- Are the termination provisions clear and sufficient?
- What will you owe the broker if the agreement is terminated?
- Do they contain provisions regarding data protection, data breaches, and protection of private information and trade secrets?
- Are there provisions limiting the broker’s liability and addressing how disputes are to be resolved?
7. Review your vendor agreements
- Do they contain sufficient indemnification provisions?
- Do they contain adequate insurance requirements?Do they contain provisions regarding data protection, data breaches, and protection of private information and trade secrets?
- Are vendor policies primary and non-contributory with respect to your own insurance policies?
- Do you have systems in place to ensure compliance with insurance requirements?
- How are disputes to be resolved?
Reed Smith’s Insurance Recovery Group is uniquely equipped to assist clients in performing coverage reviews designed to identify significant potential coverage issues or exposures under all forms of insurance policies, and to obtain the broadest commercially available coverage to avoid such issues and reduce risk. We work with our clients to determine which risks are most important and are most in need of insurance coverage, and then review the potentially applicable policies with an eye toward maximizing coverage availability for those risks. We work with our clients and our clients’ insurance brokers to help maximize coverage and develop appropriate policy wording. If you would like assistance with reviewing your current insurance program or purchasing or renewing insurance, or if you need assistance submitting a claim for insurance coverage, please contact the authors of this Alert; the Reed Smith Insurance Recovery Group’s global practice group leader, David M. Halbreich, or any of the Reed Smith attorneys with whom you routinely work.
In-depth 2021-046