THE WAY courts have interpreted a California law – the Private Attorneys General Act (PAGA), which has been on the books for 18 years – has led to an explosion of lawsuits against employers during the last few years.

The law has generated more than 20,000 lawsuits since 2017 at an average cost of $1.1 million per case, according to one study.

PAGA permits employees to sue for civil penalties on behalf of themselves, fellow workers and the state for alleged labor code violations. If a suit is successful, the state receives 75% of the damages with the employee receiving the balance.
As a result, California employers face increasing litigation uncertainty that traditional insurance may do little to mitigate.
The employee in essence acts as the state’s watchdog; he or she need not suffer any actual harm from an alleged violation in order to file a lawsuit. One employee has the ability to file a suit alleging multiple labor code violations.
The result? An average of 15 PAGA notice letters arrive at the California Labor and Workforce Development Agency daily.

How did we get here?

The law was enacted in 2004 to improve California Labor Code enforcement by empowering employees to pursue violations when the state has insuffi cient resources to pursue them.
The growth in litigation started after a California Supreme Court decision in 2009, holding that PAGA suits did not have to meet the certification requirements that apply to class-action lawsuits.
Litigation activity jumped significantly again in 2014 after the state Supreme Court held that employees could not waive their rights to fi le PAGA claims when they reach arbitration agreements in disputes with their employers.
Three years later, the court ruled that employees were generally entitled to request and receive large amounts of information from employers early in the litigation.
The high cost of providing the information gives employers an incentive to settle claims quickly.
Finally, an appellate court ruling in 2018 gave employees the right to sue over alleged violations that do not directly affect them, so long as at least one violation does.

What’s being claimed?

 

PAGA claims can also involve allegations of discrimination, retaliation and failure to protect the health and safety of employees. There are even COVID-19-related claims. One allegation triggers multiple other ones related to the first, such as failure to pay all earned wages, failure to pay wages in a timely manner, and so on. One potential bright spot: In December 2021, the U.S. Supreme Court agreed to consider whether California employers may enter voluntary agreements with employees in which the employee agrees to pursue only their individual claim and
not bring a PAGA claim. A decision is expected this summer.

Insurance implications

One issue for employers is that employment practices liability insurance typically won’t cover wage and hour disputes or signifi cantly sublimit the amount of coverage available for defense costs only.
Also, EPLI policies usually carve out coverage for wage and hour claims under PAGA representative actions.

Directors and officers liability policies exclude wage and hour claims.
One option is wage and hour insurance, which most likely would provide defense and indemnity coverage for PAGA claims that allege violations of wage and hour laws and regulations.
However, these policies are expensive and usually have quite high retentions, which could price out most smaller employers.

ONE OF the biggest challenges construction businesses face is preventing subcontractors’ and suppliers’ poor or non-existent safety practices from denting their own safety program.
While you may consider a number of factors when vetting a new subcontractor or vendor, one area that is often overlooked is their workplace safety practices.
This mistake can cost you dearly if one of their workers causes an incident at your worksite. In addition to an injury to one of your own employees, you could get a visit from an Occupational Safety and Health Administration inspector.

The National Safety Council’s Campbell Institute recently conducted a study of organizations with excellent safety records to identify the best practices for subcontractor and vendor safety.

As part of the study it identified five steps during a contractor or vendor relationship when it’s incumbent on a hiring company to evaluate the workplace safety habits of their business partners.

Prequalification

The institute recommends looking at more than just a company’s experience modifi cation rate. It says safety-minded fi rms assess subcontractors in multiple areas, such as their total recordable incident rate, fatality rate, days away from work for injured workers, restricted or transferred rate, and other OSHA recordables for the last three years.

Many firms also ask for environmental reports, written safety programs, permits, licenses, and continuous improvement programs.

Pre-job task and risk assessment

Before a subcontractor begins work, institute members recommend having a method for evaluating the risk of the work that is to be performed. Doing this can help you understand the scope of the work and give you a chance to put into place a new written safety program if the risk is deemed high.
Most importantly, subcontractors should be required to adhere to the same safety standards as your company.

Training and orientation

You should require safety orientation and skills training for subcontractors before they step onto your jobsite. Also, if they are doing highly specifi c work, you should ensure they have any required permits or special training. Some of the jobs that fit into that category are confi ned-space entry, electrical work, hot work, energy control, forklifts, and elevated work.

Job monitoring

Many safety-minded companies monitor work with daily checklists, pre-shift tailgate or safety meetings and weekly walkthrough inspections. Some of the companies surveyed for the study also require contract employees to submit a certain amount of safety observations and utilize mobile applications to report non-compliance or unsafe conditions. Also, you need to keep up-to-date incident logs, as this is crucial to monitoring subcontractor safety during a project.

Post-job evaluation

Conduct a post-job evaluation. During this phase look at safety, customer service and the quality of the fi nished work, and use those factors in determining the subcontractor’s eligibility for future contracts.

WHILE RANSOMWARE is making the headlines as the major cyber threat, small and mid-sized businesses are increasingly being targeted by lower fraud that dupes them into wiring criminals funds, according to a new report.

These funds transfer fraud crimes involve hackers gaining access to a firm’s mailbox and extracting payments that go into their accounts. Companies should have in place proper systems safeguards to combat these attacks, and that includes regularly training staff on how to identify these attempts to steal funds.

How it works

Criminals will often try to penetrate your servers by sending “spearphishing” e-mails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. They may also send malicious e-mails in the hope that an employee clicks on a bogus link. The link then releases malicious software that infi ltrates company networks and gains
access to legitimate e-mail threads about billing and invoices.
Once the criminals have access to your business mailbox, they can manipulate your contacts and modify payment instructions. They may also use their access to your systems to send e-mails that appear to come from a known source making a legitimate request.

 

 

 

Insurance options

The best option for coverage is a commercial crime insurance policy. Most of these policies cover acts like:
• Employee dishonesty
• Computer and funds transfer fraud
• Forgery or alteration
• Money and securities theft
• Theft of client’s property.

Some policies may exclude funds transfer fraud, or they may have lower sublimits for such acts. In such cases you may need to get a policy extension to cover the risk. There is also cyber liability insurance, which covers direct losses resulting from cyber crime. But these policies will often exclude coverage for social engineering attacks, which are the kinds that the criminals behind funds transfer fraud use. You may be able to purchase a rider to your cyber liability policy that would cover these crimes.

COMMERCIAL PROPERTY insurance rates are continuing to climb, as the segment faces a number of headwinds that have pushed claims costs to new heights.
A number of factors are affecting rates, including the frequency and severity of extreme weather claims. the cost of rebuilding, rates for commercial properties not keeping pace with claims costs, and more.
The end result has been a steady increase in property rates across the board, but businesses with operations in areas that are more susceptible to natural disasters are seeing the highest
increases.
As a business owner with commercial property, you’ve probably already seen rates increase, and you should be prepared for further rate hikes in the coming year. Here are the main drivers of these increases.

 

Mounting natural catastrophes

The number of natural catastrophes hitting the U.S. continues increasing as does the cost of those disasters, which are affecting more properties around the country.
Depending on the part of the nation a property is located it can be exposed to hurricanes, wildfires, tornadoes, hail, flooding and more.
There has also been an increase in civil unrest, which often results in property damage to businesses.
Insured property losses in the U.S. hit $74.4 billion in 2020, the second-most expensive year on record.
Also, last year set the record for the most major natural catastrophe events to hit the U.S. in a single year (22 of them).
Five of the 10 most expensive catastrophe years for the insurance industry have occurred since 2011.

 

Reconstruction costs

Reconstruction costs have skyrocketed during the past five years, averaging 5% a year, according to the Associated Builders and Contractors analysis of Bureau of Labor Statistics data.
Lumber prices rose by 73% between April 2020 and July 2021, greatly increasing rebuilding costs. On top of that, iron and steel products jumped 15% in price during the same period, and steel mill products by nearly 7%.

 

Construction labor shortage

The construction industry faces a serious labor crunch. And many firms have backlogs that stretch out more than six months.
According to the U.S. Chamber of Commerce Commercial Construction Index, this shortage is leading to real-world setbacks for contractors:

• 68% of contractors say they are asking workers to do more work.
• 56% report a challenge in meeting project schedules.
• 50% of contractors are putting in higher bids.
• Over a third (35%) report turning down work due to skilled labor shortages.

 

Property rates are inadequate

Despite the fact that rates have been increasing for the last five years, insurers are still struggling to keep up with the rapidly rising cost of claims as well as the number of claims they are seeing.
Those factors have made it difficult for the industry to peg pricing at the right level, resulting in a string of losses in property insurance for most carriers.
As the industry struggles to get back to profitability, insurers will have to continue boosting rates.

 

Reinsurance rates

A portion of the property insurance rate gains can be attributed to insurance companies dealing with higher reinsurance costs.
Insurers buy reinsurance to pass on claims costs from catastrophic events, in order to reduce their overall risk.

 

The takeaway

There are some steps that businesses can take to try to affect their premiums.
If you have an older building, you can replace your mechanical, electrical and plumbing systems with newer, code-compliant variants.
Safeguard your building against location-specific hazards (for example, creating a defensible space and using fire-resistant roofing in wildfire areas and upgraded cladding in hurricane areas).
Also, electrical fires are the number-one cause of property damage, so you should consider installing fire-protection systems such as sprinklers and fire hose cabinets.

EVERY YEAR starts with a flurry of new laws and regulations that California employers have to contend with.
And 2022 is no different as the California legislature had a busy year and the stresses of the COVID-19 pandemic resulted in more activity. The end result is another round of new laws that employers need to stay on top of so they don’t run afoul of them.
With no further ado, here are the top regulations and laws affecting California businesses.

 

1. Big change to Cal/OSHA citations

SB 606 adds two new Cal/OSHA violation categories for purposes of citations and abatement orders: “enterprisewide” and “egregious” violations. Cal/OSHA can issue an enterprise-wide citation that would require abating the violation at all locations. And the employer can face a maximum penalty of $124,709 per violation.
The law also authorizes the agency to issue a citation for an egregious violation if it believes that an employer has “willfully and egregiously” violated a standard or order. Each instance of employee exposure to that violation will be considered a separate violation and fined accordingly.

 

2. Permanent COVID standard

On Sept. 17, 2021, Cal/OSHA released a draft text for proposed permanent COVID-19 regulations, which if adopted would be subject to renewal or expiration after two years and would replace the current emergency temporary standard, which is set to expire Jan. 14, 2022.
Adoption is expected in the spring of 2022. Here’s some of what the draft standard would do:

CDPH rules – It would require that employers follow California Department of Public Health COVID-19 prevention orders.
Masks for unvaxxed staff – Unvaccinated staff must wear masks. Employers must provide masks when the CDPH requires them.
Outbreak rules – During an outbreak in the workplace, all staff would be required to wear face coverings regardless of vaccination status. Employers would need to provide respirators during major outbreaks to all employees.

 

3. COVID exposure notification

On Oct. 5, 2021, AB 654 took effect, updating requirements for what an employer must do if there is an outbreak of COVID-19 cases at its worksites.
This law somewhat curtailed earlier outbreak-reporting requirements as well as other required notifications for certain employers, and updated several provisions of the 2020 outbreak notification law, AB 685.
Here are some highlights:

• Employers have one business day or 48 hours, whichever is later, to report a workplace COVID-19 outbreak to Cal/OSHA and local health authorities.
• Employers do not need to issue these notices on weekends and holidays.
• When an employer has multiple worksites, it only needs to notify employees who work at the same worksite as an employee who tests positive for  coronavirus.
• The new definition of “worksites” for the purposes of the law has been changed to exclude telework.

 

4. Expansion of the California Family Rights Act

AB 1033 expands the CFRA to allow employees to take family and medical leave to care for a parent-in-law with a serious health condition.
More importantly, it adds a requirement that mediation is a prerequisite if a small employer (one with between five and 19 workers) is the subject of a civil complaint filed by one of its employees.

 

5. Workplace settlement agreements and NDCs

A new law took effect Jan. 1 that bars employers from requiring non-disclosure clauses in settlement agreements involving workplace harassment or discrimination claims of all types. This builds on prior law that barred NDCs only in cases of sex discrimination or sexual harassment.
The new law expands that prohibition to all protected classes, such as: race, religion, disability, gender, age, and more.
One important note: While employees can’t be prohibited from discussing the facts of the case, employers can still use clauses that prohibit the disclosure of the amount paid to settle a claim.

 

6. OSHA vaccine mandate

As of this writing, Fed-OSHA’s new emergency COVID-19 standard was set to take effect on Jan. 1, with the most contentious part of the rule mandating that employees who work for employers with 100 or more staff be vaccinated or submit to weekly testing.
Unvaccinated workers would also be required to wear masks while on the job under the new rules, which have faced fierce challenges in courts.
The U.S. Court of Appeals for the Sixth District recently reversed a stay of the order as challenges to it are litigated, meaning the order can take effect as scheduled as the legal process challenging the rule proceeds.
The U.S. Supreme Court will hear expedited arguments Jan. 8 on the U.S. Court of Appeals for the Sixth Circuit’s decision to lift the Fifth Circuit’s stay.

 

7. Wage theft penalties

AB 1003, which took effect Jan. 1, added a new penalty to the California Penal Code: Grand Theft of Wages. The new law makes an employer’s intentional theft of wages (including tips) of more than $950 from one employee, or $2,350 for two or more workers, punishable as grand theft.
The law, which also applies to wage theft from independent contractors, allows for recovery of wages through a civil action.
As a result, employers (and potentially managers and business owners) would be exposed to both criminal and civil liability for wage and hour violations like failing to pay staff accurately and in a timely manner.
Review your compensation policies and practices to make sure you are in compliance with current wage and hour laws.

 

8. COVID cases may be included in X-Mods

The Workers’ Compensation Insurance Rating Bureau of California has proposed plans to start requiring COVID-19 claims to be included when calculating employers’ X-Mods.
The proposal, which would have to be approved by the state insurance commissioner, would bring to an end current rules that exclude the impact of COVID-19 workers’ compensation claims on X-Mods.
If approved, the new rule would take effect on Sept. 1, 2022. That means that employers will be held accountable for COVID19-related workers’ compensation claims and, if any employee needs treatment or dies from the coronavirus, it could result in higher premiums in the future.

 

9. Notices can be e-mailed

A new state law authorizes employers to distribute required posters and notices to employees via e-mail. SB 657 adds e-mail as a delivery option to the list of acceptable notification methods, which also includes mail.
Required posters and notices will still need to be physically posted in the workplace.

 

10. Warehouse quota rules

A new law that took effect Jan. 1 makes California the first (and only) state to regulate quotas used by warehouse employers.
While the bill was written with Amazon Inc. in mind, it affects all warehouses with 100 or more workers, and violations of the new law can be costly for an employer.
Under AB 701, warehouse employees must be provided with a written description of the quotas to which they are subject within 30 days of hire. Common quotas include the number of tasks the employee is required to perform, the materials to be produced or handled, and any adverse employment action that may result from a failure to meet the quota.

 

While employers may still implement quotas, employees are not required to meet a quota if it:

• Prevents them from taking required meal or rest periods,
• Prevents them from using the bathroom (including the time it takes to walk to and from the toilet), or
• Contravenes occupational health and safety laws. The law also bars employers from discriminating, retaliating or taking other adverse action against an employee who:
• Initiates a request for information about a quota or personal work-speed data, or
• Files a complaint alleging a quota violated the Labor Code.

 

AS THE CONSTRUCTION industry booms, contractors face evolving risks that, left unchecked, can leave their operation exposed to new liabilities.
If you already operate a construction firm, you know that there is a labor shortage that has made it difficult to find experienced workers and that hiring entities are asking builders to take on more of the design function, as well.
Your liability picture has also likely changed with the increasing use of wrap-ups and, if you’re using technology in your operation, you now have rising cyber-security risks, too.

Lack of qualified workers

The bottom fell out of the construction industry in the U.S. during the first few months of the COVID-19 pandemic, and many worksites were idled. Now that the industry has found its footing, it’s been dealing with a severe labor shortage.
As construction firms struggle to find workers, the ones who are on the job are having to take on larger workloads, which can put them at risk of injury or making mistakes.
Also, many contractors are having to take on younger, less-seasoned laborers, who may lack the experience to identify and avoid hazards, which puts them and others at risk of injury. Those injuries in turn affect your workers’ comp
premiums.
A lack of workers coupled with inexperienced new ones on sites can also end up drawing out projects, forcing contractors to miss deadlines.

Professional liability risks

As more project owners want an all-in-one job with the lead contractor designing and building the project, contractors now face a new type of risk: professional liability.

But the typical contractor’s insurance policy doesn’t provide protection for any design work you take on.
Courts have ruled that:

• Designers who perform “builder activities” lose limitation of liability typically enjoyed by design professionals.
• Builders who perform “design activities” assume responsibility for design deficiencies.

Wrap-ups more prevalent

Many construction projects are now covered under one general liability policy to cover the work of the general contractor, as well as of all the subs. More lenders are requiring that liability is set up in one all-encompassing policy.
A properly assembled general liability wrap-up should provide coverage not only during the construction period, but also up to 10 years after the work is completed.  These policies often reduce the cost of coverage.

More cyber-security risks

Like all industries, the construction sector has grown increasingly reliant on technology to get the job done. That exposes contractors to a variety of cyber risks, including keeping project designs, client records and employee records confidential.
Many building contracts today include clauses requiring the contractor to be responsible for potential cyber breaches.
Given the increasing popularity of practices such as “building information modeling,” “integrated project delivery,” and file-sharing between participants in a construction project, contractors may be at increased risk of liability in the event of a data breach.

SOME BUSINESSES are finding fewer insurers willing to write their policies for certain types of coverage that are seeing rapidly rising claims costs, particularly in liability lines as well as property insurance in areas with exposure to natural catastrophes.
When no insurers that are licensed in California are willing to write a policy, we as your agent have to go to another market made up of insurance companies that are not licensed or regulated by the state.
It’s called the surplus lines (or “non-admitted”) market, and it can be a valuable alternative for insurance buyers.
As insurers get more selective writing some risks, it’s important for you as an insurance buyer to understand this market.

Why use a non-admitted carrier?

The most well-known non-admitted insurer is Lloyd’s of London, famous for insuring insurance companies and celebrities’ or sports figures’ body parts and global sporting events. Often non-admitted insurance companies are located in other states or domiciled abroad, like Bermuda or another tax-haven country.
Unlike licensed insurance companies, non-admitted companies do not have to obtain approval from state regulators for the policy forms they use or the rates they charge.

 

 

Since they are not regulated by the state, non-admitted insurers can offer creative coverage options and they can quickly and easily introduce new types of insurance that businesses need.
Some types of policies that are standard today, such as cyber insurance and employment practices liability insurance, got their start in the non-admitted market.
State laws typically permit a broker to obtain coverage from a non-admitted insurer only if at least a few standard insurance companies refuse to offer coverage. However, most also have coverage options that are not available in the standard market.
When someone needs one of the latter coverages, no rejections from licensed companies are required. An example might be liability insurance for contractors who demolish buildings.

Risks

There are risks to purchasing insurance in the non-admitted market. Policies may provide less coverage than do standard policies, or there may be restrictions on when coverage applies. Policies should be reviewed carefully. Also, because the insurers can charge whatever they feel is appropriate, premiums can be higher than you may expect. The policies may also be exempt from state laws regarding notices of cancellation and non-renewal.
Also, in every state but one (New Jersey), non-admitted policies are not backed by a guaranty fund. Guaranty funds cover claims left unpaid when an insurer is unable to pay for them. If a non-admitted company becomes insolvent, the policyholder has no recourse.

The takeaway

Despite the risks, the non-admitted market serves an important function, giving buyers a place to get needed coverage that would be otherwise unavailable.
Those who think they may need to tap this market should consult with us to find the right coverage at an acceptable price.

INSURANCE RATES are rising rapidly for contractors, particularly for builder’s risk and excess liability policies as the cost of claims continues to increase dramatically.
While rates for builder’s risk have been averaging 10 to 20%, pricing for excess liability and umbrella coverage has in some cases doubled from the year prior.
Both lines of insurance have seen steep and unexpected losses in recent years, resulting in some insurers leaving the market and others becoming stricter in their underwriting and choosier about which builders they are willing to extend coverage to.
If you’ve been in the market for these lines of insurance, you know that it’s become more difficult to secure similar policies to those you may have had in years past. Here’s a look at what’s going on.

Builder’s risk

According to Construction Executive magazine, rates are going up between 10% and 20% for builder’s risk policies. There are a number of factors affecting rates:
• The cost of claims has increased, primarily because of the cost of rebuilding after a loss event due to the rapidly rising cost of materials, in particular lumber, the prices of which have tripled in the last year.
• The increasing cost and frequency of natural disasters. Projects that are near areas at high risk for natural catastrophes like brush fires, hurricanes, tornadoes or flooding, are all seeing higher rates and/or difficulty in securing coverage.
• Some insurers have also left the market, leaving fewer players willing to write this risk, which has driven up pricing.

Insurers are tightening eligibility guidelines and restricting how much they will cover. Some insurers are getting more selective and demanding that their insureds take extra precautions before they are willing to bind a policy.

Some of the more common demands include requiring:
• Video surveillance systems on worksites.
• Guards to patrol worksites at night.
• The installation of fencing and lighting.

One of the biggest pinch points is policy extensions, which are needed when projects go beyond the time expected to complete them.

Due to the issues mentioned in the bullet points above, policy extensions for ongoing projects have been difficult to secure, according to a report by WillisTowersWatson. The problem has been exacerbated by the COVID-19 pandemic, which disrupted many construction projects across the country and required more companies to seek out extensions for their builder’s risk policies.

Excess liability

Renewals for excess liability and umbrella insurance have been running 50 to 100% higher than in 2020, according to a recent report by Marsh LLC. Excess liability and umbrella coverage kick in after a claim breaches the limits of a primary general liability policy or auto liability.

The drivers: Increasingly large jury awards and the spiraling cost of liability claims, particularly for commercial vehicle accidents. Commercial auto insurance rates have also been climbing as the cost of auto injury and property claims continue to rise due to the increasing cost of repairs and medical costs for injured third parties…

Those claims are covered by primary auto and general liability insurers, but because more claims are exceeding limits, excess liability carriers are increasingly on the hook for those high-dollar claims. Like in the builder’s risk segment, this has resulted in fewer insurers willing to write new policies.

Those that are willing to write new business or renew policies have imposed stricter underwriting terms on the policies they are willing to accept.
Additionally, according to Marsh, primary and excess insurers are limiting the overall capacity extended to an individual buyer by capping per-project aggregate limits.

The takeaway

With the volatility in the marketplace, we recommend that you reach out to us early – and months before your policy is coming up for renewal – so we can work with you to make sure we can secure the coverage you need.

BESIDES THE health and economic devastation that the COVID-19 pandemic has left in its wake, it has also caused supply chain disruptions that have affected a number of industries.

The fallout for companies of all types illustrates the fragility of most businesses’ supply chains. The pandemic has left retailers with half-empty shelf space because product manufacturers couldn’t keep operations going due to raw material or personnel shortages, while a number of carmakers and other manufacturers have had to suspend operations because of a global semiconductor shortage.

But it’s not only large companies that suffer, and small businesses are especially vulnerable. That’s why it’s important that you have in place a solid plan for averting and dealing with disruptions to your supply chain if you rely on materials and inputs from outside vendors.

Here’s what you can do to manage this growing risk.

Understand your supply chain

Start by identifying risks in your supply chain and develop ways to mitigate them.

FOUR MAIN EXTERNAL SUPPLY CHAIN RISKS

• Flow interruptions – Problems with the movement of goods and materials.
• Environmental risks – Economic, social, political, terrorism threat and weather-related factors that affect facilities and infrastructure. The pandemic falls into this category.
• Business risks – Problems caused by factors like a supplier’s poor financial or general stability, or the purchase or sale of supplier companies by other entities.
• Physical plant risks – Problems at a supplier’s facility. For example, a key supplier could have a machinery breakdown and/or regulators may shut the facility down.

 

Develop a plan

The best way to manage a supply chain disruption is to prepare for it. Start by undertaking a business impact analysis to prepare your company.

Form a team of key personnel to:

• Identify alternatives to key suppliers. One option is to contract with an alternative vendor in advance, so you can certify them and ensure they can ramp up if you lose a critical supplier.
• Model the impact of disruptions on your production and inventory for the four supply chain risks listed to the left. Think about how non-delivery of a key item
  would affect your operations.

Using that information, you can build contingencies for supply chain failures:

• Plan for how you would respond to all “what if” scenarios that could affect your operations. Be realistic about assessing your capacity to respond to these scenarios.
• Create a contingency plan for failure of any supply chain pillars. Identify the points at which you would need to execute risk-mitigating measures, like sourcing from other vendors or using new distribution channels.
• In advance, amass a contingency management team that will bridge the divide between your departments during disruptions. This team must include senior
  staff who are influential with top company decision-makers.
• Make sure your supply chain is flexible enough to deal with risks. Look at opportunities to address current supply chain bottlenecks; investigate alternative transportation network configurations or production systems.

 

The final backstop: insurance

You can address supply chain risks with business interruption insurance or contingent business interruption insurance.

Business interruption insurance.
This coverage, which is often included in a commercial property policy, covers lost profits after a company’s own facility is damaged by an insured peril.

Contingent business interruption insurance. This is often a policy rider that you can purchase. It covers lost profits if an insured peril shuts down a critical supplier, part of the transportation or distribution chain, or a major customer.

This coverage is triggered if there is:
1. Damage to property that prevents one of your suppliers from making products or delivering them.
2. Damage to property that prevents your customers from receiving your products.

CYBER INSURANCE rates are going to increase dramatically in 2021, driven by more frequent and more severe insured losses, according to a recent industry study.

The report by global insurance firm Aon plc predicted that rates would jump by 20% to 50% this year due to two main factors:

 

1. Cyber attacks are becoming more frequent

While publicly disclosed data breach/privacy incidents are actually occurring less often, ransomware attacks are exploding in frequency.

Ransomware incident rates rose 486% from the first quarter of 2018 to the fourth quarter of 2020. The comparable rate for data breach incidents fell 57% during the same period. The incident rates for the two types of events combined rose 300% over the trailing two years.

 

2. The costs of these attacks are growing

The average dollar loss increased in every quarter of 2020. Ransomware attacks were particularly severe – many of them resulted in eight-figure losses. Others may grow to that level as business interruption losses are adjusted and lawsuits against insured organizations proceed.

The combination of more frequent and more costly losses is a
recipe for higher rates.

Cyber insurance rates continued increasing in 2020, with rises of between 6% and 16% in the last four months of the year. In January 2021, most of the top 12 cyber insurance companies told Aon they were planning more drastic rate hikes. Nearly 60% reported that they would be seeking rate increases of 30% or more during the second quarter. None of them expected increases less than 10%.

 

New underwriting criteria

When insurers evaluate cyber insurance applicants, they will be particularly concerned with the organization’s overall cyber risk profile, its cyber governance and access control practices, and its network and data security. Prior loss history will be less important because the frequency of attacks is growing so quickly.

Some insurers may also cap how much they will pay for ransomware losses, or even exclude them entirely. They may also increase the waiting periods before coverage begins to apply.

 

WHAT BUSINESSES CAN DO

To improve your chances of getting more favorable pricing and coverage, the report recommends that you focus on:

• Reducing the risk of cyber losses.
• Measures to keep data private.
• Building an internal culture of cybersecurity.
• Preparing for ransomware attacks and disaster recovery planning.
• How your contracts and insurance will respond to a supply chain security breach.
• Understanding primary and excess coverage terms and
  communicating primary terms to excess insurers.