Traditionally, chief financial officers (CFOs) and their staff members would approach annual insurance renewals as a more-or-less routine process. It was important to have the right coverages in place, but the risks fell into familiar categories: property, casualty, workers compensation, general liability and automobile liability insurance. Actuaries had years of experience as the basis for calculating risk levels. And appropriate coverages could be negotiated with confidence from reliable carriers.
Recently, however, risk management has become much more challenging. The twin culprits are industry consolidation and technology.
Consolidation and Technology
A number of factors, including tax reform and regulation, have put the pressure on insurance carriers and agencies to scale up in order to remain competitive. Consolidation and buyouts are the preferred strategies for increasing market share. According to a 2018 Deloitte & Touche report, mergers and acquisitions in the insurance space have increased 12% year over year and are expected to continue that trajectory in 2018. But it’s questionable whether these bulked-up organizations are capable of the same level of attention to detail and service as their more nimble predecessors.
At the same time, information technology has been embraced by virtually every functional area of today’s businesses. Systems mean data – and data attracts hackers. The problem isn’t just that there’s cybercrime; it’s that there are so many different types of it. It’s a risk manager’s nightmare, and the insurance industry’s efforts to create cybercrime solutions for businesses are still in the early days of development.
So how can risk managers create comprehensive coverage goals in today’s complex marketplace?
Disciplined risk management review process
Discipline is the key to identifying the unique set of risks that each business faces. It takes experience to recognize all of the facets of an organization where losses could potentially emerge. Effective risk management, like chess, requires the ability to think several moves ahead.
First, when examining existing coverages, begin with the typical loss drivers for each of the basic coverages. Loss drivers will be specific to your industry, but examples include fire or theft for property and casualty insurance; slips and falls for workers compensation; and collisions for automobile liability.
Your consultant can advise you on the steps you can take to mitigate these risks. For example, upgrading your alarm and monitoring systems can reduce your vulnerability to fire or theft, and thus reduce your annual premiums. Employee training programs can have a measurable impact in reducing Workers Compensation and Automobile liability claims.
General liability coverage requires you to think beyond your direct exposures: In addition to the property you own, there’s also exposure from leased real estate. Similarly, your liabilities extend beyond your direct operations and employee population; third-party relationships are also potential sources of risk.
The second step in the process is a review of existing insurance policies and applicable vendor contracts. Do they really perform their intended objective, which is transferring selected business risks to the insurance carrier? This is where it pays to have a consultant who can provide top-to-bottom analysis of your strategy based on risk appetite.
Finally, it’s important to review your carrier and broker effectiveness. As mentioned above, this is a bigger issue today than ever before. As John Rumschik, vice chairman at M&T Insurance Agency, noted recently, “Over the past three years, the number of carriers has declined markedly. At the same time, agency acquisitions have resulted in situations where coverages have not been kept up to date or have been placed with new carriers that offer similar-sounding policies—with very different provisions.”
The recent shifts in the marketplace mean that substantial research is required to ensure that coverages are up to date and meet your expectations. Services such as M&T Insurance Agency’s due diligence review process can help support your efforts.
Cybersecurity, Privacy, and Crime Insurance
Hacking, phishing, social engineering, denial of service… this relatively new and evolving category of computer-related crimes has endless permutations. We know that even the largest, most resourceful organizations are vulnerable. Government agencies such as the NSA and the State Department have had highly classified information compromised and major companies’ defenses—even in the software industry—have been inadequate. For example, Microsoft was a notable victim of a “ransomware” attack. And the Equifax hack resulted in the exposure of the names, dates of birth and Social Security numbers of more than 145 million people.
It isn’t just enterprise-level organizations that are targeted. The Ponemon Institute reported that year-over-year, the number of small- and medium-sized businesses that describe their cyber attacks as ransomware has gone up from 2% in 2016 to 52% in 2017.
Crime Insurance covers first-party losses due to criminal acts. These include employee theft, computer fraud, funds transfer fraud and forgery. A crime policy can also include third-party exposures if your business acts as an escrow agent or a custodian of client property, data, money or securities.
Damage to your company’s reputation, or that of key executives, is another risk that must be considered. Competitive information and frank discussions in internal emails can be taken out of context. Or, bad actors may engage in outright defamation setting off a need for Employment Practices Liability coverage. In these cases, public relations and crisis management programs may be contracted to an outside agency—an expensive proposition. There’s also infringement of copyrights and trademarks to consider.
To protect against these new, quickly evolving sources of risk, it’s critical to have a team of specialists that can guide you to the right coverages for your potential exposures.
A Consultative Experience Grounded in Trust
With so many coverage issues to consider, it’s critical that your company’s relationship with its insurance agency must be based on understanding and trust. The stakes are high, and premiums need to be effective. To get full value from your insurance program, you need an agent that is:
- Experience in the industry to understand your risk profile
- Willing to invest the time needed to understand the character of your enterprise and its unique vulnerabilities
- Objective in dealing with competing carriers that are vying for your business
- Transparent in creating an insurance program that addresses your risks and is cost effective
Your job is to successfully run your business. That’s why you need an insurance partner that acts as an extension of your staff, offering proactive guidance, personalized attention, and a holistic risk management solution. Call us today at 1-800-716-8314.
MTIA is a wholly owned subsidiary of M&T Bank.
This article is for informational purposes only and is not intended as an offer or solicitation for the sale of any financial product or service. It is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. If professional advice is needed, the services of a professional advisor should be sought.