Most management liabilities policies have prior notice exclusions built into the coverage form. This means if it is reported to the incumbent it would not be covered by the next carrier regardless of whether or not the new carrier adds a specific exclusion to the policy. The larger question is does the "incident" constitute what may trigger the definition of claim under the incumbent policy? If it does then you can safely report the claim and the carrier can not discriminate its claim handling because the renewal policy was moved. Therefore, any claim should be reported and perhaps it would be in the best interest of the insured to remain with the carrier until the matter is resolved. On the other hand, if the wrongful act or "incident" may only give rise to a claim but does not yet meet the definition of claim, then the insured has more flexibility as to whether or not such should be reported as a claim. If this was to happen and the wrongful act or incident was not reported to the incumbent, the coverage was moved, and it later "gave rise" to a claim the new carrier would have to handle the matter as long as the insured did not sign a warranty, and has continuity in prior acts and pending or prior litigation dates.
If the insured had prior fiduciary coverage under a stand alone policy the insured should not sign a new warranty when combining coverage with an existing D&O policy since this would cause a continuity gap. To this end, the bigger is to make sure than the fiduciary endorsement offers the same quality of coverage as the monoline policy particularly in the definitions of wrongful act, fiduciary claims, loss and exclusions.
As respects D&O, first, even if the presenter was a contracted employee or staff, typically a fraud exclusion would apply. Second, even if there is any coverage for the insured being named in a suit, there would be an allocation to the presenter probably in the 95%-100% range! In conclusion, perhaps the carrier would only pay some defense costs IF there were to be coverage, which there is probably not. The insured should require the presenter or speaker to carry E&O coverage which should be verified and consider having a contract with the presenter that indemnifies the insured and holds the insured harmless if named.
When moving claims-made coverage to a new carrier there are three major issues that must be addressed in order for the new policy to provide full continuity:

1. Warranty statement is waived. Warranty statements are typically found in new business applications. The warranty requires that the insured sign a statement regarding their “knowledge” of any matters or circumstances that could give rise to a claim. If the insured renewed coverage with the incumbent market they would not need to sign such a statement since the carrier would have already been notified of such claim and would be “on-risk” anyway. On renewal business, carriers will require a warranty if the loss history is poor, loss runs are not recent/non-descript or if the insured has had a lapse in coverage. If a warranty is required, we recommend that the person signing the application “poll” all of the other directors and officers to confirm that there are no matters or circumstances that they are aware of that would give rise to a claim. This is a very important step as some claims-made applications and policies will impute the “knowledge” of one person to all other insured persons and, therefore, exclude a claim in its entirety. Of course, none of the foregoing applies to first time insurance buyers where a warranty is always required.

2. Prior Acts date is as expiring. A Prior Acts Exclusion negates coverage for any wrongful acts which occurred prior to the date listed on the policy declarations or in the prior acts exclusion. It is important that these dates match when moving coverage so as to eliminate any gaps in coverage. This is the most important requirement as respects continuity.

3. The Pending or Prior Litigation date is as expiring. A Pending or Prior Litigation Exclusion negates coverage for any claims/litigation/arbitration actually filed or in the process of being filed as of the date of binding coverage. This concept is equivalent to a property underwriter not wanting to provide insurance to a building that is on fire.

The following examples are provided for illustrative purposes only to explain how the aforementioned requirements for continuity interplay; they are ranked in the order of most preferred renewal scenarios:

Best: No Warranty + PPL date as X + Prior Acts as X = FULL Continuity
Better: No Warranty + PPL date Inc + Prior Acts as X = Partial Continuity
Marginal: Warranty + PPL date as X + Prior Acts as X = Partial Continuity
Not Great: No Warranty + PPL date as X + Prior Acts as Inc = Partial Continuity
Worse: Warranty + PPL date Inc + Prior Acts Inc = No Continuity

Please read examine the quote provided carefully. If you have any further questions regarding the continuity of coverage provided by this quote please contact your underwriter or wholesale broker.

With the average cost of notification being in the $20 -$30 range per record (depending on the company) here is an easy formula:

Total number of records * average cost to notify per record = minimum notification limit

Some cyber policies covers the insureds liability for the use of third parties, but in most cases the policy has a subrogation clause which states that if a breach is caused by a third party they can subrogate. Generally this is not that much of an issue for underwriters because insureds usually require indemnification and require their contractors to carry insurance – but if they are not doing that, underwriters may be comfortable knowing that the insured is picking up the liability of these contractors, without being able to underwrite them.
The carrier may pay for the Hacker damage caused by the attackers. This would be the cost to reconstitute the data, repair hardware or get new hardware to get the insured up and running (1st party). The carrier could also pay a business interruption claim if the hackers had taken the systems down for longer than the policy waiting period (1st party). The carrier could have also paid the pr and crisis management costs if the local press found out about the authorized access and caused reputation damage in the marketplace (1st party). The policy might also pay for the forensic and computer experts to determine what happened and how to stop it (1st party). The 42k that was lost would not be covered by anyone's cyber policy.

Without knowing more about the incident, there could also be additional covered loss:

1. If the hackers gained access to client or vendor data and eventually those guys get hit with a similar hack, then there would be liability to our insured and the privacy module would provide defense costs and pay damages where our systems caused harm to another (3rd party).

2. The above could trigger a need to notify vendors and clients that there was a hack. The insured would need to hire a privacy lawyer to properly notify each record holder and the state attorney general's office. This would be covered under the breach notification costs of the policy (1st Party).

3. Customarily, they would then need to offer each record holder credit monitoring which would be paid for by the policy (1st party). The attorney general could bring action and levy fines per record and penalties for failing to protect private data and these costs would be picked up by the policy (3rd party).

So, as you can see any infiltration can trigger multiple parts of the policy. The only coverage modules that may not be triggered in this scenario are Multimedia and Extortion.

This is probably not a claim yet. Also most policies would have professional services exclusion issues.
These situations are becoming more common – the typical situation is that the client is a fraudfeasor and the lawyer goes along with it or doesn’t stop it – when it is uncovered the victims can’t sue the fraudfeasor as he is flown the coop or insolvent and they want to go after the law firm. The lawyers professional policy will only cover defense up until admission/final adjudication/no contest plea/etc for fraud but perhaps the “Innocent Insured” provision may still cover those other Insureds if the firm if unaware of such fraud.
Ask Question

Your email address will not be published. Required fields are marked *