There is a slew of ways in which insurers are differentiating the policy wording in their cyber products. Some of these points of differentiation are described below.
- Additional breach response limits. Look for whether, and how much, additional limits are available specifically for handling breach response costs.
- Increasing, or eliminating entirely, sublimits for certain exposures. Fraudulent instruction is one particular exposure for which some insurers may be willing to either increase any available sublimits or remove the restriction of a sublimit entirely.
- “Betterment” coverage. In the aftermath of a data breach, security failure, or other cyber claim, many cyber and privacy insurers are only willing to cover expenses incurred by the insured to get its networks back up to their prior level of adequacy. However, some insurers are willing to offer a degree of “betterment” coverage that allows insureds to work with a third-party vendor to not only restore their systems to their prior adequacy but also set them up with greater security, functionality, capacity, and so on.
- Quality of service providers offered. The quality of third-party service providers (e.g., cyber-forensics specialists) can vary from insurer to insurer, and insureds and their representatives should do their due diligence to review their qualifications.
- Number of service providers offered. Similarly, insureds should be aware of how many options may be at their disposal when selecting an insurer-approved service provider.
- Use of “system failure” coverage trigger. A “system failure” coverage trigger can allow for more coverage for “accidental” exposures (e.g., nonmalicious failures or accidental data deletion), as opposed to a coverage trigger that requires “breach” or “compromise” of data or systems.
- Trigger for regulatory fines and penalties coverage. Relatedly, many coverage triggers pertaining to regulatory fines and penalties insuring agreements may require a “breach.” However, some insurers may not include the breach requirement, potentially opening up coverage for scenarios in which regulators may “come knocking” even without a known data breach.
Keeping these points in mind can help insureds assemble better cyber and privacy insurance protection to complement their management and/or professional liability insurance portfolio.
Contractual liability exclusions are a fact of life in directors and officers (D&O) policy forms. While there is no getting around the existence of the contractual liability exclusion within standard policy wording, insureds can certainly benefit from variations in wording that can carve-back certain elements of coverage. Consider asking the following questions in order to determine potential ways to minimize the impact of the exclusion.
- Is there a carve-back for liability that would have attached even in the absence of a contract or agreement? All policy forms should make this exception.
- Does the exclusion bar coverage for written contracts only? Or does it also apply to oral contracts?
- Does the exclusion only refer to “contracts,” or does it also apply to “agreements,” “warranties,” and/or “guarantees”? Inclusion of these other terms, especially when combined with wording excluding them in their oral forms, can significantly broaden the effect of the exclusion and thus constrict coverage.
- Is there a carve-back for defense costs in the event of claims against insured persons (e.g., Side A defense coverage)?
- Does the exclusion apply to both express and implied contracts? Much like the inclusion of some of the terminology shown above, implied contracts can extend the restrictive impact of the exclusion to a far greater range of the insured’s activities.
- Does the lead-in wording to the exclusion bar coverage for claims “for” contractual liability, or does it bar coverage for claims “based upon, arising out of, or in any way related to” contractual liability? The former is the less common approach but is more favorable for an insured.
- Does the exclusion explicitly state that it also applies to the liability of others that an insured assumes?
- Is there an exception for contractual liability related to “employment claims”? With the blurring of some D&O and employment practices liability (EPL) risks in recent years and the frequency with which officers have employment contracts, this is particularly relevant.
We’re taking a step forward to make it even easier to do business with ABEX with the roll out of ClearPay.
Did you know that every cheque and associated report you send to ABEX actually costs you about $18 to issue and mail to us? On the other hand, ClearPay is integrated into the majority of broker management systems and is an easy digital solution for less than $2 per payment!
Anytime you need to send funds and underlying policy information to us, ClearPay makes electronic payments easy and far cheaper than cheques.
The software is broker-friendly; you follow your existing workflows in generating disbursements and ClearPay automates the gathering of approvals, report and funds delivery. Once and done from your BMS! At a cost of less than $2 per payment, you’ll be saving approximately $15 per transaction that you spend today with cheques and manual reporting. Saved time can be used to devote to more productive customer services. And, most importantly, it’s a digital solution that presents a modern alternative to cheques and helps ensure accurate application to our customers’ policies.
This is just another step towards making it easier to do business with ABEX!
This platform presents mutual benefits and you can learn more by:
- Taking a look at www.clearpaycanada.com
- Scheduling a ClearPay demo on their homepage
- Connecting directly with one of their personnel: