Risk managers and executives do not have to look far to see that executive and management liability exposures are increasing. Almost daily, headlines report cyberattacks and data breaches, lawsuits against corporate directors and officers, litigation over employee benefit plan issues, and criminal activity committed by company insiders. Businesses are also under greater scrutiny from regulators, legislators, customers, employees, investors and others. As D&O and fiduciary liability exposures grow in this dynamic legal and regulatory landscape, risk managers have a lot to monitor and guard against in order to keep up with market changes and ever-evolving coverage needs.
Research has determined that many business owners or managers are not doing enough to protect their companies. A 2013 RIMS survey found that only two out of three companies purchased D&O liability coverage, and only four in 10 companies purchased employment practice liability coverage. In this complex and litigious business environment, owners and managers need expert guidance, which creates considerable opportunities for risk managers.
Too many small or mid-sized business owners and managers think only larger public companies have significant management liability exposures. What many do not realize is that cyber privacy and security risks, crime, and employee litigation represent real threats to midsize, privately held businesses.
A review of recent claims revealed losses near or exceeding six figures for midsize companies and nonprofits across the country. All of the organizations had fewer than 200 employees. In one of the cases, resolved for $150,000, the employee had worked for the company for more than 20 years as a manager. Each organization thought it was making the right business decisions but instead ended up being exposed to costly liability. Without the proper management liability coverage in place, any one of these organizations could have ceased to exist.
A common misconception is that all management liability policies are alike, but the truth is there are important differences. Management liability products have been around for a while, and some carriers have continually invested in and updated their products, but others have not. Given this varyingly dynamic environment, it is important to stay abreast of the new and enhanced products available to address management liability.
It is also important to understand exclusionary endorsements. These endorsements can fundamentally change the coverage that an organization buys. For example, an exclusion for major shareholders or family members could remove coverage that an organization needs to operate.
As a risk manager, there are some important policy features to evaluate to ensure a business has appropriate protection, including, but not limited to:
- Multiple coverage parts. Management liability insurance products should make available robust coverages for exposures including D&O liability, employment practices liability, fiduciary liability, fidelity and crime, and cyber privacy and security.
- Duty to defend. For many small and mid-sized organizations, defense costs can be a significant financial burden. Even frivolous claims can exceed $50,000, making the duty to defend one of the most valuable elements of a management liability policy. Look for a strong and experienced claims team to provide peace of mind that the business is being protected.
- Broad definition of claim. This includes claims arising from monetary and non-monetary relief, judicial, civil, administrative, regulatory, alternative dispute or arbitration proceedings.
- Broad definition of insured. This should include past, present or future directors, officers, trustees or in-house general counsel, members of committees and employees. As a rule of thumb, broader is generally better.
The most successful risk managers proactively assess their risks and consult with experts about how to best address them. Even “business as usual” is important to discuss with an agent or broker to ensure that the right risk management strategies are in place.
Among the questions that risk managers should be asking business owners and executives are:
- What would you do if your business had a data breach?
- Can you afford the defense and indemnity costs if you are served with a lawsuit from an angry employee?
- How might bad publicity over a company decision hurt your reputation and would it damage your ability to serve customers?
Small and mid-sized businesses in all industries often have complex risk profiles, and they may lack adequate coverage for their exposures or resources to manage those risks effectively. As management liability risks become more complex, it is increasingly important that risk managers get good advice and work with strong partners to help manage these risks. By adopting a big-picture approach, risk managers can help grow and sustain long-term business success.