Assessing Risk in a Post-Pandemic World
INSURANCE: Changes in Coverage for Hybrid Work, Cyber, Disaster Disruptions
Original article published by the San Diego Business Journal.
By: Jeff Clemetson
The pandemic has left a lasting impact on the way business operates – and the way business leaders think about insuring operations.
In the wake of these impacts, companies are assessing how they approach insuring a remote workforce; protecting against increased cyber threats as more business is conducted on the internet connecting those workers; and looking for ways to insure against losses caused by supply chain disruptions.
According to Carrie Conejo, vice president of client services at C3 Risk & Insurance Services, the shift toward remote and hybrid office arrangements has led to “a blurred boundary between personal and professional domains.”
“The overlapping of work and personal life has also introduced a higher risk of HIPAA violations and resignations without notice, which can result in employers being unable to hold employees accountable for their performance,” she added. “To safeguard the integrity of the business, it is advisable to acquire employment practices coverage, in conjunction with strong HR policies.”
Fusco Orsini & Associates CEO Mike Fusco pointed out that as more employees work from home, businesses could lose the ability to manage risks.
“So they must strongly emphasize quality assurance and loss prevention for work-from-home or hybrid employees,” he said. “Regarding insurance protection, businesses must protect against the exposure of third-party liability and work-related injury or illness just as they would with in-office staff.”
Fusco advises businesses to include in their policies lines of insurance for general liability, professional liability and management liability, such as employment practices liability insurance (EPLI) and directors and officers (D&O), which he said are “crucial for adequate protection.”
The area of D&O liability insurance was “extremely challenged during the pandemic,” said Trindl Reeves, chief sales officer at Marsh McLennan Agency. However, the market has begun to return to pre-pandemic pricing levels due to new entrants into the market and more traditional carriers re-entering the market.
“We are also seeing the insurance companies be more creative on the terms and conditions they are offering, which has been a welcome improvement,” she added
Benchmark Commercial Insurance Services Principal Robert Cohen said the most important impact of the work-from-home model is on a company’s workers’ compensation policy, which should reflect “the correct job classification code for telecommuting employees.”
“The rate is very low and should be reflected on the policy. Coverage under all other policies carried by a business are not affected by this structure. All coverage remains in force and effect,” he added.
Reeves said that while most businesses have now “settled into a hybrid work environment” and are successfully managing these work arrangements, it is still important for companies to have a plan to address issues such as common injuries like those caused by repetitive motion as “key to avoid workers compensation claims.”
Another aspect to consider about workers’ compensation insurance is that employment laws vary state by state.
Remote work many workers are not even in the same zip code as their employers, much less the same state,” said Teague Insurance Vice President Tom Geisbush. “Employers need to make sure their WC policy provides protection and benefits for the state in which the employee permanently resides and performs their work. Employers need to get educated or consult with a human resource professional to make sure they ad doing things correctly.”
The increasing share of the workforce taking advantage of hybrid and work-from-home opportunities has also increased the need for companies to invest more into another kind of insurance product.
“Cyber insurance, although an essential consideration in every environment, is probably more important when employees work in remote locations,” Fusco said.
Fusco also pointed out that when companies consider cyber policies, they should understand that they differ from commercial package or a business owners’ policies. A good cyber policy should include first-party coverage insurance, including cyber incident response, business interruption loss, digital data recovery and network extortion insurance. The cyber policy should also have third-party liability insurance that includes cyber, privacy and network security liability; electronic, social and printed media liability; computer fraud; funds transfer fraud; and social engineering fraud.
“You can also protect your business from cyber exposures by security meaningful endorsements, such as reputational harm loss and repair computer replacement,” he said. “And don’t forget to ask your agent about ransomware coverage.
Because of the increasingly regular breaches in cyber, businesses need to invest in internal security controls to protect against cyber threats, Reeves said. And those preemptive measures will have an impact on the cost of insurance policies.
“The cyber insurance market is maturing rapidly, and the coverage has evolved considerably in recent years. Companies with the proper controls in place will be more likely to secure lower premiums and better terms than those who are not prepared,” she said. “Although capacity in the market has improved since the onset of the pandemic, there are still constraints in placing large towers of cyber insurance.”
Cyber threats to businesses have been evolving for several decades, Conejo pointed out, and part of that evolution is a reaction by criminals to the enactment of regulations mandating credit monitoring and notification practices.
“A single cyber breach could result in multimillion-dollar losses within a short span of time,” she said. “Prior to the pandemic, statistics revealed that cyber breaches were typically undetected for over a year on average, leaving vast amounts of data susceptible to unauthorized access and misuse. As we progress into 2023 with a more prevalent hybrid workforce, it is imperative to implement comprehensive cyber coverage and establish internal systems and audits to ensure information security.”
To ensure network security from the use of personal equipment at home, Conejo recommends businesses have “a robust cyber policy” and employers give “due consideration” to mandating the use of VPN and reliable, secure Wi-Fi connections to minimize potential disruptions.
Geisbush pointed out that even if the pandemic never happened, the need for cyber insurance would still exist because of the “amount of commerce that is now conducted over the internet and via emails.”
That need is now also there for smaller businesses, which are increasingly becoming targets of hackers, even though big data breaches at large companies are what the public is most familiar with, he added.
“Smaller businesses have not come to the realization of their exposure, but it is becoming more common in terms of an insurance coverage that is being purchased,” Geisbush said said, adding that small businesses are target because they are “low-hanging fruit” that are “more vulnerable to social engineering” and “often feel they must pay ransoms.”
“Small businesses are sometimes not targeted at all, but are simply collateral damage,” he added. “Small businesses are the gateway to larger organizations.”
Another issue facing businesses big and small that was brought to the forefront during and now after the pandemic is disruptions to the supply chain.
“Supply chain disruption is at the top of the list for insurance considerations today. Most business depend on the supply chain for the ability to generate revenue,” Cohen said, and pointed out the many ways different industries rely on undistributed supplies. “Manufacturers and distributors must depend upon the supply chain for materials, product components or finished goods. Developers and contractors rely on the supply chain for materials, appliances and other products. Real estate owners depend on the supply chain for building materials and components to complete damage repairs and tenant improvement work.
“At Benchmark Commercial Insurance Services, we make sure we ask the right questions regarding the dependency on the supply chains so we can construct the most comprehensive coverage relating to business income,” he continued. “Solid business income protection can allow the business to weather the business income supply-chain-disruption storm.
Geisbush pointed out another insurance issue caused by supply chain disruption – higher costs of materials needed to repair insured property.
“Supply change issues have a significant effect on the cost to replace property that has been damaged. It is now much more critical that insurance agents are having discussions with their clients regarding the replacement cost or actual cash value of their property,” he said, adding that property owners may face penalties if the limits of their property insurance are less than what it costs to replace the property.
While the pandemic is the recent culprit of worldwide supply chain disruption, there are far more serious repercussions to insuring property damage and loss of income due to natural disasters.
“At the present time one of the biggest problems confronting the insurance industry here in California is the catastrophic peril of loss from brush fires,” Geisbush said. “Over the past few years brush fires have caused billions of dollars in losses and many insurance companies have pulled out of California because they cannot charge enough premium.”
Regulatory inaction is also part of the problem, according to Geisbush, who pointed out that the state’s department of insurance must approve rate and premium increases before insurance companies can raise them to cover for the risks. Because rate increases are not being approved, many insurance companies have stopped writing property coverages, which has led to residential and commercial property owners resorting to the state’s CA Fair Plan, which offers “limited coverages.”
“The Fair Plan is not built to write as much coverage as they are now being asked to write,” Geisbush said, adding that the automobile insurance market is “suffering from the same problem.”
“While it is important for the California Department of Insurance to look out for the consumer, they are also charged with keeping a healthy insurance marketplace where insurance companies can thrive. If insurance companies are not making money, they will shut down and or pull out of the marketplace. We are then left with a lack of competition and capacity.”
Brush fires in California are not the only natural disaster disrupting the property insurance market.
Reeves said that the market was “improving dramatically” until Hurricane Ian hit in September 2022, costing the insurance market a projected $60 billion in losses. As insurance companies negotiate reinsurance treaties for properties damaged or destroyed by events like Ian or wildfires, rates will likely be set at much higher levels.
“Employers with significant insurable assets need to closely evaluate the current valuation, or replacement cost, of those assets,” she said. “Insurance companies are looking closely to make sure businesses are insuring at the appropriate value and not trying to reduce premiums by not insuring the proper value of their assets. We recommend starting the renewal process at least 120 days in advance of the renewal date in order to effectively navigate this challenging market.”
For businesses experiencing disruptions due to disasters of a more geopolitical nature, there are not many coverage options available.
“You may notice that geopolitical risks, such as war, are excluded from property insurance policies,” Fusco said. “Coverage for acts of terrorism now falls under TRIA, the Terrorism Risk Insurance Act, which became law post-9/11.”
However, there is a workaround for property damaged by conflict.
“Property policies do not exclude ‘riots,’ so businesses should consider the protection, especially when realizing the benefit of the broad nature of the coverage against most perils,” he said.
In the post-pandemic world, insurance companies are preparing for what new perils may emerge for businesses, as well as new opportunities to offer coverage products. New industries and new technologies offer both potential risks and rewards to insurers.
At the highest level, all insurance companies are for-profit business. As such, they are always looking for new products that could be sold to help increase profits,” Cohen said. “However, that mindset is balanced by the perceived risk of loss. Most insurance companies tread very slowly into new and emerging markets such as crypto, cannabis, etc.”
For example, Cohen pointed to the emergence of artificial intelligence.
“If AI is incorporated into a product or service that has catastrophic loss capability if the AI technology does not perform as intended, the insurance carrier will generally shy away from that risk, or charge high premiums to protect the exposure,” he said.
Conejo also pointed to AI as a possible area that could disrupt business insurance coverage as more businesses turn to the new technology for uses like monitoring metrics, facilitating client communications, and conducting transactions.
“I anticipate that directors and officers insurance, errors and omissions insurance, and cyber insurance carriers will soon begin to exclude and offer tailored coverage for the exposures that are emerging from the implementation of AI,” she said.
Fusco said that the insurance industry is “still waiting to see widespread innovation” of products to cover emerging technologies like AI and the metaverse, but there have been some insurance companies coming to market with crypto coverage to protect against hacks and theft, although he expressed doubt it would provide coverage for a collapse of a crypto exchange such as FTX.
“I think what’s very exciting from both an industry perspective, and for consumers, is advancing technology to support the industry driven by AI, blockchain and more,” he said. “The investment into IndieTech and Insurtech solutions is astronomical and will improve industry efficiency and productivity. These aspects include underwriting, claims, and ratemaking. Insurance consumers will benefit from significant improvements in the customer experience.”