Noona Barlow in Insurance Day
Directors and officers have their work cut out to keep up with the threats both they and their companies face. Yet against this backdrop of evolving risks, an AIG survey of risk managers conducted with AIRMIC revealed a sharp disconnect between rising liabilities and boardroom awareness.
Only 18% of respondents believe that their leaders are aware of the personal liabilities they face and just 14% have read and understood their D&O insurance policy.
So, where on the horizon should directors be looking in term of liabilities?
In terms of traditional D&O claims, AIG data show that the largest volume of claims in the UK/Europe still comes from insolvencies, although this number has been decreasing as we get farther away from the 2008 global financial crisis.. However, given the spate of high-profile businesses going into administration in recent months, and the ongoing uncertainty around Brexit, there is the distinct possibility – in the UK at least – that more company leaders will be in the spotlight should their businesses come under increasing financial pressure and ultimately be unable to continue trading.
The cost of D&O claims continues to rise as legal fees increase sharply, with partner rates in some cases reaching $1500 an hour. In 2018, defence costs for bribery and corruption claims accounted for approximately one third of the most expensive claims paid by AIG in UK/Europe. We are also seeing the continued growth of collective shareholder actions in non-US courts, as well as a significant increase in US shareholder class actions being brought against foreign firms. A case involving Japanese company Toshiba, which is not listed on a US stock exchange , is noteworthy. Following an accounting scandal in Japan, a number of the company's senior leaders were fined and dismissed. A US securities class action was brought but was dismissed, given the lack of connection to the US. However,that decision was overturned on appeal, which could set an important precedent
Company boards also have to keep track of an emerging type of claims, which is known as event-driven litigation. These can stem from a variety of sources. For example, there has been a spike in claims resulting from the #metoo movement, where it is alleged that directors and officers allowed a toxic culture to take hold and endure within their companies. Elsewhere, where the wildfires in California were blamed on downed power lines, this has resulted in D&O claims being brought against utility companies. Other areas where we may see event driven litigation include energy companies for climate change related issues and pharmaceutical companies in the wake of the opiod crisis.
It is cyber, however, that is probably the most high-profile category of financial lines claims – with significant movements both in frequency of claims and their causes. AIG data showed a 58% increase in European cyber claims in 2018, and a dramatic shift in the cause of loss with business email compromise accounting for a quarter of all data breaches. Somewhat worryingly, employee negligence levels have doubled, and we continue to see social engineering fraud as a cause of loss. The type of industry in the firing line has remainded quite consistent. Professional services companies account for the highest number of claims with 22%, behind financial services with 15%. But the biggest shift has been in the increasing cost of claims and . insurance buyers need to make sure they understand the risks they face, as well as the costs, and that they have sufficient limits not to leave themselves and their business financially exposed in the event of a breach.
GDPR is also having an impact, helping to drive up the cost of claims with companies being overly cautious in their reporting. The Information Commissioner’s Office (ICO) has said that a third of incidents reported do not meet the threshold. While there were around 800 notifications to the ICO in the first year under GDPR, fewer than 10 fines were issued, but this should not be a signal for complacency and an uptick in fines under GDPR in the coming year would come as no surprise.
Looking ahead, with risks associated with geopolitical tensions, digital transformation, climate and environmental disruption expected to become harder to manage over the next three years, company directors need to maintain a 360-degree view of both established and emerging threats. Failure to do so could lead to severe operational, reputational and financial implications for them and their companies.
This article first appeared in Insurance Day.