Changing Landscape

Traditionally, chief financial officers (CFOs) and their staff members would approach annual insurance renewals as a more-or-less routine process. It was important to have the right coverages in place, but the risks fell into familiar categories: property, casualty, workers compensation, general liability and automobile liability insurance. Actuaries had years of experience as the basis for calculating risk levels. And appropriate coverages could be negotiated with confidence from reliable carriers.

Recently, however, risk management has become much more challenging. The twin culprits are industry consolidation and technology.

Consolidation and Technology

A number of factors, including tax reform and regulation, have put the pressure on insurance carriers and agencies to scale up in order to remain competitive. Consolidation and buyouts are the preferred strategies for increasing market share. According to a 2018 Deloitte & Touche report, mergers and acquisitions in the insurance space have increased 12% year over year and are expected to continue that trajectory in 2018. But it’s questionable whether these bulked-up organizations are capable of the same level of attention to detail and service as their more nimble predecessors.

At the same time, information technology has been embraced by virtually every functional area of today’s businesses. Systems mean data – and data attracts hackers. The problem isn’t just that there’s cybercrime; it’s that there are so many different types of it. It’s a risk manager’s nightmare, and the insurance industry’s efforts to create cybercrime solutions for businesses are still in the early days of development.

So how can risk managers create comprehensive coverage goals in today’s complex marketplace?

Disciplined risk management review process

Discipline is the key to identifying the unique set of risks that each business faces. It takes experience to recognize all of the facets of an organization where losses could potentially emerge. Effective risk management, like chess, requires the ability to think several moves ahead.

First, when examining existing coverages, begin with the typical loss drivers for each of the basic coverages. Loss drivers will be specific to your industry, but examples include fire or theft for property and casualty insurance; slips and falls for workers compensation; and collisions for automobile liability.
Your consultant can advise you on the steps you can take to mitigate these risks. For example, upgrading your alarm and monitoring systems can reduce your vulnerability to fire or theft, and thus reduce your annual premiums. Employee training programs can have a measurable impact in reducing Workers Compensation and Automobile liability claims.

General liability coverage requires you to think beyond your direct exposures: In addition to the property you own, there’s also exposure from leased real estate. Similarly, your liabilities extend beyond your direct operations and employee population; third-party relationships are also potential sources of risk.

The second step in the process is a review of existing insurance policies and applicable vendor contracts. Do they really perform their intended objective, which is transferring selected business risks to the insurance carrier? This is where it pays to have a consultant who can provide top-to-bottom analysis of your strategy based on risk appetite.

Finally, it’s important to review your carrier and broker effectiveness. As mentioned above, this is a bigger issue today than ever before. As John Rumschik, vice chairman at M&T Insurance Agency, noted recently, “Over the past three years, the number of carriers has declined markedly. At the same time, agency acquisitions have resulted in situations where coverages have not been kept up to date or have been placed with new carriers that offer similar-sounding policies—with very different provisions.”

The recent shifts in the marketplace mean that substantial research is required to ensure that coverages are up to date and meet your expectations. Services such as M&T Insurance Agency’s due diligence review process can help support your efforts.

Cybersecurity, Privacy, and Crime Insurance

Hacking, phishing, social engineering, denial of service… this relatively new and evolving category of computer-related crimes has endless permutations. We know that even the largest, most resourceful organizations are vulnerable. Government agencies such as the NSA and the State Department have had highly classified information compromised and major companies’ defenses—even in the software industry—have been inadequate. For example, Microsoft was a notable victim of a “ransomware” attack. And the Equifax hack resulted in the exposure of the names, dates of birth and Social Security numbers of more than 145 million people.

It isn’t just enterprise-level organizations that are targeted. The Ponemon Institute reported that year-over-year, the number of small- and medium-sized businesses that describe their cyber attacks as ransomware has gone up from 2% in 2016 to 52% in 2017.

Fortunately, coverages are evolving to meet business’s needs. However, these protections are not included in existing general liability, Errors & Omission or umbrella liability policies. Most likely, you will need both Crime Insurance and a Cybersecurity & Privacy policy to be fully covered. What’s the difference?

Crime Insurance covers first-party losses due to criminal acts. These include employee theft, computer fraud, funds transfer fraud and forgery. A crime policy can also include third-party exposures if your business acts as an escrow agent or a custodian of client property, data, money or securities.

Cybersecurity & Privacy Insurance is more data focused. It covers data breaches, whether they result from a team of hackers in a basement in the Ukraine or an employee accidentally leaving an unsecured company laptop in a restaurant. A good Cybersecurity & Privacy policy will reimburse your company from the costs of notifying affected parties and providing enhanced credit monitoring for them. It will also insure against loss of business, lawsuits and customer subrogation actions.

Damage to your company’s reputation, or that of key executives, is another risk that must be considered. Competitive information and frank discussions in internal emails can be taken out of context. Or, bad actors may engage in outright defamation setting off a need for Employment Practices Liability coverage. In these cases, public relations and crisis management programs may be contracted to an outside agency—an expensive proposition. There’s also infringement of copyrights and trademarks to consider.

To protect against these new, quickly evolving sources of risk, it’s critical to have a team of specialists that can guide you to the right coverages for your potential exposures.

A Consultative Experience Grounded in Trust

With so many coverage issues to consider, it’s critical that your company’s relationship with its insurance agency must be based on understanding and trust. The stakes are high, and premiums need to be effective. To get full value from your insurance program, you need an agent that is:

  • Experience in the industry to understand your risk profile 
  • Willing to invest the time needed to understand the character of your enterprise and its unique vulnerabilities
  • Objective in dealing with competing carriers that are vying for your business
  • Transparent in creating an insurance program that addresses your risks and is cost effective

Your job is to successfully run your business. That’s why you need an insurance partner that acts as an extension of your staff, offering proactive guidance, personalized attention, and a holistic risk management solution. Call us today at 1-800-716-8314.


MTIA is a wholly owned subsidiary of M&T Bank.

​This article is for informational purposes only and is not intended as an offer or solicitation for the sale of any financial product or service. It is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. If professional advice is needed, the services of a professional advisor should be sought.


Share this page

If you are interested in sending this page to a friend or relative, please enter the following:

* Indicates required fields
+ Add another

No personal information (including e-mail addresses) about you or your friend will be collected from this e-mail notification feature offered by M&T Bank.

Please Note:

By clicking "ok" below, you will leave and enter a Third-Party Website.

Please note that:

  • The Third-Party Website is governed by a different set of terms and conditions and privacy policy than and you should review those terms, conditions and privacy policy prior to reviewing the content of the Third-Party Website
  • M&T is providing a link to the Third-Party Website as a convenience and does not necessarily control the content of, or endorse, the Third-Party Website, it's owner/operator or any information, products or services that are made available on or through it
  • M&T makes no representations or warranties regarding the information, products or services provided through the Third-Party Website

Such Third-Party Website's owner/operator may be regulated by governmental entities and laws that are different than those that regulate M&T.