Is auctioning alcohol at your event breaking the rules?

Ohio has very specific rules when it comes to serving alcohol, but you regularly see fundraising events for not-for-profits across the state — some with open bars, some with drink tickets and some with cash bars.

And more and more, there are cases of wine, or the silent auction gift basket with a bottle of Johnny Walker Blue and a couple of nice crystal glasses, intended for consumption once you leave.

“So the question I asked myself is I know that there are specific rules that allow alcohol to be given away at events, as giving it away means you are not in the alcohol business. But what about when it is sold by the glass? How about the auction for a basket or case of wine or spirits?” says Karl Henley, vice president at SeibertKeck Insurance Agency.

Smart Business spoke with Henley about what you can and can’t do with alcohol at your events, and whether your insurance is covering these activities.

What does the Ohio Revised Code say about consuming alcohol at events?

The answer is simple — the code permits the consumption of drinks by the glass for no charge at events. In general, you don’t need a permit.

But if you have a cash bar, or sell tickets that can be redeemed for drinks, you need a permit.

Will your insurance policy cover this, or do you need to buy a liquor policy?

The evidence here is even less clear. The new industry standards’ liquor liability exclusion on commercial policies leaves some room for interpretation. At first read this 2013 revision seems to say that if someone brings alcohol, and consumes it, for a fee or for free, because they are not in the business of alcohol, the exclusion does not apply.

It certainly would seem to apply to a bring-your-own-beer party to grant what is called host liquor liability. However, there is a lot of room for interpretation of what is considered to be ‘in the business of’ alcohol.

And when things are subject to interpretation — that is usually where the courts come in.

How have the courts recently interpreted the liquor liability exclusion?

In Mustard v. Owner’s Insurance Co. (2014), the essence of the case was that the court found that a not-for-profit American Legion was in the business of alcohol. But the court went one step further.

The court explained that ‘nonprofits engage in various profitable business activities to accomplish their permitted purposes; their corporate status does not act as an ipso facto declaration that the nonprofit cannot be ‘in the business of’ a specified profit oriented activity.’

It asserted you have to look if there is a ‘profit motivation’ in the sale to determine if the not-for-profit is ‘in the business.’

Clearly, a not-for-profit hopes to generate profit from the sale of drinks at special events, and certainly from the auction of alcoholic beverages. Both of these require a permit and are subject to the activities outline by the Ohio Department of Liquor Control. (For more information, visit www.com.ohio.gov/documents/liqr_TempFAQChart.pdf.)

So, what do you recommend that organizations, especially Ohio not-for-profits, do regarding their insurance?

Knowing that the lines are blurry and what the courts have ruled, you might try to follow this litmus test: If you need a liquor permit for your event; you need to buy liquor liability for that same event.

The idea being that if you qualify as a seller that would require a temporary liquor permit under Ohio law, the court will most likely say you are engaged ‘in the business’ of selling alcohol.

Insights Business Insurance is brought to you by SeibertKeck

Why generational differences don’t have to restrict employee dialogue

Companies need to consider the makeup of their employee populations as they develop best practices on their benefits communications, says Karen K. Delaney, GBA, Vice President and Employee Benefits Market Leader at Woodruff-Sawyer & Co.

“Your communication model needs to be part of a long-term strategy that can seamlessly move from one method to another,” Delaney says. “Different generations receive information in different ways. You need a plan that can reach these groups and provide the information that they need to know.”

Employers should maintain a dialogue with their employees using methods that are engaging and varied according to the employee population.

“If people don’t understand the benefits you’re offering, they can’t use them,” Delaney says. “It’s not necessary to communicate a different message to different generations. You just need to package the message in a way that will encourage participation.”

Smart Business spoke with Delaney about the value of talking to employees about benefit plans and why generational differences are not as big of a hurdle as you think.

How does the lack of an effective communication strategy about benefit plans lead to missed opportunities for employees?
There are countless stories of women who didn’t realize they had breast cancer and were only diagnosed because mammograms were part of their company’s wellness program.

You also have employees with high cholesterol or diabetes who are able to be diagnosed and prescribed treatment thanks to regular health screenings. Employees need to recognize the value of these programs and be active participants in them.

How do generational differences affect the way that employees process information?
Preferences are often a product of one’s age or the generation to which they belong. Millenials typically want to receive or access plan information digitally. Online portals, mobile friendly sites and smartphone apps are different ways to communicate benefits information to a younger generation.

Communications don’t end, however, with the method in which they are accessed. Communications that are visual-centric in nature, using infographics, icons and other forms of graphical representation, have more appeal than 50 pages of straight text.

Today’s shortened attention span must be taken into consideration. A series of short videos on your benefits plan is much less overwhelming to process than an hour-long presentation. The more employees understand the materials, the more likely they will be to participate in their plan, which really is the end goal.

But at the end of the day, everyone wants the same thing. The companies that have the strongest cultures have foundations based on inclusiveness, respect and vision with a win-win for everybody, regardless of generation.

Perhaps digital communications work well with your population, but you know that some in-person time with your HR team would add value for those who may have questions and want a live person to talk to. So you incorporate a few open enrollment Q&A sessions into the mix.

How do you develop a strategy that encourages employee participation?
Respect your employees by giving them the opportunity to offer feedback. Utilize employee surveys to identify preferred communication methods you can then use to share details about your comprehensive benefits package.

Are they even aware that these options exist? Show your willingness to take action on feedback that is received and develop a plan that works for everyone.

This isn’t about pressuring your older employees who have been resistant to new technology to change or get left behind.

Demonstrate the advantages and convenience of being able to access information online or on your smartphone. Explain how it benefits the environment to have a brochure about your benefits package available digitally instead of in a 50-page booklet.

Start incorporating aspects of the new methods of communication and gradually phase out the old methods as everybody moves to the new tools. If your people feel respected, there is a better chance they’ll value what you’re offering, allowing you to build a culture of trust. ●

Insights Business Insurance is brought to you by Woodruff-Sawyer & Co.

Pre-work can help you more efficiently manage your claims

Risk managers typically don’t have the capacity to invest large amounts of time preparing for a loss that may never occur.

But when you reserve a reasonable amount of time to prepare for certain losses that could be damaging to your business, the effort can more than pay for itself in the long run, says Zac Overbay, Senior Vice President and Partner at Woodruff-Sawyer & Co.

“Being more prepared for certain losses will not only save you time, it can significantly reduce your stress following a large loss or series of smaller losses,” Overbay says.

Smart Business spoke with Overbay about how pre-work can make your insurance claims process easier to manage.

What are some claim types where pre-claim work may be advantageous?
In the area of property claims, you can establish a relationship with a policyholder forensic accounting firm that will help prepare and submit your loss to the insurance company.

Often times, this process involves interviewing a number of firms. The ability to avoid doing this in the heat of a large property loss is definitely beneficial. Once a firm is selected, you may even seek pre-approval and negotiate the approved rates with your property insurer(s).

You should have your company’s asset registers or other listings of all assets at each location. This may be readily available if it was used to determine a statement of values for business personal property at your locations.

If you or your broker have established an effective working relationship with a third-party administrator (TPA) who is paid to manage claims on behalf of your insurer(s), it’s advisable to endorse them onto the policy so that you are assured of your ability to work with that specific TPA in the event of a property loss.

It’s advisable to pre-designate anytime there is an opportunity to control the quality of the individuals working on a loss.

In the area of Errors & Omissions (E&O), gather key vendor/customer contracts that will be involved in a loss. For example, if your company outsources manufacturing of your product and there is an E&O claim involving one of your products, that manufacturing contract will assuredly be requested as a part of evaluating a claim.

Supply chain and manufacturing schematics are often requested by insurance claims personnel to understand the product manufacturing process and/or overall supply chain.

Investing time to gather or possibly even design basic schematics may be beneficial once a loss actually occurs as you may be distracted with a multitude of other claim-related tasks.

When it comes to auto claims, having ready access to key documents that are routinely requested in auto losses is always helpful, especially if you have frequency in such claims.

Key documents include: updated schedule of owned vehicles, lease and/or fleet management agreements for non-owned autos, company policy on use of personal vehicles on company business, and master auto rental agreements.

This information seems intuitive, and it is, but often times the risk manager who has access to these documents is not the individual managing claims within the organization.

How do you make smart decisions through this process?
A good place to start is to consider pre-claim work on two types of losses: high-frequency losses and high-severity losses.

High-frequency losses require you to supply the same information or documentation over and over again while high-severity losses leave you feeling overwhelmed as you try to manage the claim process, even if it’s only a single claim.

The more you can do in advance to be prepared to deal with these claims, the more time and effort you’ll save.
When dealing with insurance claims, there are always certain requests specific to each loss for which you cannot necessarily prepare in advance.

For example, the insurer may need to meet or interview key personnel that have information critical to the claims evaluation process.

Or there may be specific documentation relevant to a specific event or transaction that will be requested. Take care of the pre-work you know will be a part of the claim process so you can focus your attention on addressing any additional requests for which you cannot prepare. ●

Insights Business Insurance is brought to you by Woodruff-Sawyer & Co.

How Santa Claus could create the right insurance policy this holiday season

’Twas the night before Christmas and Santa was in doubt. He read his insurance policy and wondered what was left out? He sees his agent but once a year, and his policy and coverages are not so clear …

“We are all busy — sometimes too busy — especially around the holidays, and many business owners put off looking at their insurance,” says Andrew Rowles, vice president at SeibertKeck Insurance Agency.

Smart Business spoke with Rowles about insuring a familiar company we all know — Santa Claus, CEO of the North Pole.

How does Santa know if he should purchase a liability insurance policy?

Santa is liable for the products he makes, along with potential property damage from coming down your chimney. To cover this exposure, Santa, just like every other company, should purchase a comprehensive general liability (CGL) policy.

In order to defend against losses, Santa should review this with his agent to determine the appropriate limit specific to his risk management plan, while keeping in mind that exclusions can limit coverage. For example, a policy excludes coverage for ‘your work’ in a typical CGL form.

How does Santa properly insure the North Pole operations facility?

Similar to any large corporation, there are many complexities. Here is a quick overview of how Santa might cover his facilities:

  • North Pole: Since no one owns the location, he must have a tenant betterments and improvements policy to cover the build out of the workshop.
  • Toys: Since Santa ships only by airfreight, he should purchase business personal property off premise or, depending on the contract, an ocean cargo policy to cover the inventory when in transit.
  • Elves’ tools: Santa should have employees’ tools coverage under the property form for the extra equipment his workers bring to the workshop. It’s important to review this because many policies limit the amount provided for theft under the form unless a specific limit is provided.
  • Reindeer insurance: These are expensive livestock that Santa should insure against mortality, loss of use and major medical.
  • The sleigh: This should be on an inland marine form. Like the forklifts that your company sends to multiple locations, Santa uses it all over the world.
  • Workshop interruption: Santa works year-round to get ready for Christmas. Losing one day could make a difference between Dec. 25 and Dec. 26. Business interruption insurance ensures Santa has adequate cash to meet his obligations, can continue to employ the elves and may set up a temporary facility at the South Pole.

Why does Santa need directors and officers insurance?

Santa determines who is ‘naughty’ and ‘nice,’ and business leaders make decisions every day that impact others, just like Santa. Directors and officers liability coverage pays for defense in a lawsuit. If purchased on a duty to defend basis, the insurance will supply expert counsel for a suit not resulting from bodily injury or property damage.

How is cyberspace impacting Santa?

It’s true kids can now email letters to Santa. Most insurance policies don’t cover blogs, emails or electronic messages. Cyber liability coverage would protect Santa from any electronic communications by him, or his elves, that might be the subject of a suit, breach of security or business interruption.

What if the reindeer sued because of who Santa promoted to lead the sleigh?

Employment practices liability insurance (EPLI) is often a missed coverage. EPLI was developed to protect the employer from losses not covered by directors and officers or general liability. This form applies to discrimination, wrongful termination, failure to promote, sexual harassment, wage and hour and whistle-blowers claims. This protects Santa and Mrs. Claus, as well as elves that supervise others.

Unfortunately, the ideal insurance policy isn’t wrapped and waiting under the tree. Business leaders need to invest time with an agent, in order to develop the right risk management plan and coverage to protect your company.

But I heard him exclaim, ere he drove out of sight, Happy Holidays to all, all my coverages are right.

Insights Business Insurance is brought to you by SeibertKeck

FinTech companies need insurance that can cover a variety of exposures

Rapid growth in the financial technology (FinTech) sector is quickly changing how financial services are delivered, creating both opportunities and challenges.

But this growing field is often incongruous with the traditional insurance products that companies turn to for coverage, says Jacob Decker, Vice President and Director of Financial Institutions at Woodruff-Sawyer & Co.

“The exposure of technology services and financial services are much more closely related with some of these new business models,” Decker says.

“But we are not seeing the blending of the errors & omissions (E&O) policies for these two segments with any regularity, which is ideally where the insurance industry would go. Right now, the technology and financial service industries are underwritten by separate specialists within dedicated underwriting groups who bring very different perspectives in terms of how they underwrite.”

Smart Business spoke with Decker about the challenges FinTech companies face and what they can do to protect their interests during this time of transition.

What do these companies need to be concerned about from a liability standpoint?
The challenge arises when you have a technology product or service component and then a regulatory, fiduciary duty or suitability component that is unique to delivering financial services.

You may have investors that rely on your platform to efficiently underwrite credit risk and provide liquidity should they want to exit their investment. If there is a problem with functionality, such as a flaw in your software or lack of availability of a trading platform, that would generally fall under a technology E&O insurance product.

If it’s a matter of your underwriting criteria being applied inappropriately or inadequately to price credit risk, which is in turn relied upon by investors and holders of any notes backed by extensions of credit, that’s more of a financial service E&O matter.

Shocks to the system often stemming from macroeconomic events can lead to significant stresses to financial firms and test the limits of their technology platforms’ ability to respond. Investors, borrowers and regulators tend to bring legal action with the benefit of hindsight, so solid risk management practices and bespoke insurance solutions should be implemented while the sea is calm.

How prepared are FinTech companies to address these issues?
Many companies in this sector are intently focused on the user experience and the technology, but may underappreciate the additional regulatory and consumer protection exposure they take on.

Another concern is they may have the best physical and IT security system that money can buy, but that doesn’t change the fact that their customers and employees are much easier to breach from a login credential and overall security standpoint.

How are you going to deal with fraud that occurs from what appears to be a legitimate customer logging in and conducting a financial transaction? From a reputational standpoint, it will likely be untenable to push that responsibility onto the consumer, even if that is where the fault lies.

How can a business protect its interests?
Review contracts with third-party vendors you use for Web hosting, warehousing, data storage or any other functionality on the back end of your platform so that you understand what, if any indemnification may be available.

Understand that you are the brand that is known to your customer and it’s your responsibility to protect their information, so knowing where sensitive information resides and how it’s protected is crucial. A breach at the cloud provider hosting your platform doesn’t eliminate your legal liability to protect their data.

As the insurance industry adapts, you need a trusted adviser who can walk you through what could go wrong and how your current policies would respond, even if that means you ultimately decide to self-insure a particular exposure.

Make sure you’ve optimized all of the potential policies that could be involved to eliminate or reduce the potential for gaps in coverage.

You’ll likely need to adjust a number of different policies to arrive at the most comprehensive level of coverage. ●

Insights Business Insurance is brought to you by Woodruff-Sawyer & Co.

Why key life insurance should be part of your business continuation plans

Small and midsized business owners are so busy waging the daily battle of business that they often don’t think long term enough. They don’t strategize for various eventualities like losing a key employee.

“Our job as a risk manager is to think about those types of strategies for you,” says Marc McTeague, executive vice president at SeibertKeck Insurance Agency. “I know what it’s like to own a business, and you’re just so busy running it that sometimes you don’t do proper planning. Or, you think, ‘Hey, it will never happen to us.’ But it does.”

Smart Business spoke with McTeague about the benefits of key life insurance.

What is key life insurance?

Key life or key man life is when a business owner takes out a life insurance policy on its key employees, with their permission. Then, if that crucial member of the team dies suddenly and the business suffers an economic loss from not having that institutional knowledge around, the key life bridges the gap. It allows you to find a new person, pay for his or her training, pay for any lost sales opportunities, etc.

The key employee could be a COO or controller who has control of all the banking relationships and finances, a superstar salesperson who is extremely well connected or a plant manager who has a significant role in your manufacturing processes and efficiency.

The great thing about key life insurance is that your agent can be creative with how the policy is written, whether it’s universal life, whole life, term life, blended products, etc. Also, you can do a split beneficiary with the person’s spouse or heirs. So, if you buy a $ 1 million policy — $500,000 goes to the company and $500,000 goes to another beneficiary.

As long as the business doesn’t write off the annual premiums it pays on the policy, then the death benefit is tax-free.

How does this relate to buy-sell agreements?

Buy-sell is when multiple partners or business owners buy life insurance on each other. That way if one dies, the remaining have funds to buy out the shares of stock.

They realize it’s the smartest way to avoid being in business with a spouse or heir they don’t really want to be in business with. Other than the personal traumatic loss of the human being, you don’t want to compound that and destroy the business or destroy relationships because of the inability to fund a buy-out.

However, you also can add key life to the buy-sell, which helps cover the economic loss with your partner gone.

Again, it’s important to have an agent who can help figure out the best way to structure these programs. It comes back to what you’re trying to accomplish. Are you trying to simply purchase the stock through life insurance? Or, are you trying to also fund for the economic loss that you’re going to have with that person not working at the company anymore?

Who should get this type of coverage?

A giant corporation or very large business is more likely to weather the storm of a loss of a key employee, than a smaller privately held organization that doesn’t have the wherewithal to have redundancy in its employee base. They are the ones that are truly at risk. A 500-employee organization is probably going to get along a lot better than somebody who has 50, but the large business is more likely to have this coverage.

Also, companies are more likely to get buy-sell coverage, than key life — even though key employees can have the same impact, or even greater, on the success of an organization than an owner.

People tend to focus on partners and owners, but if they really look at the profile of their employees they’ll see who could be replaced by simply hiring a recruiting firm and taking the time to hire the right candidate, versus those whose shoes they would really struggle to fill.

Actuary tables have become more accurate, life insurance premiums have gone down and life insurance products are more varied and easier to design, so you need to ask your agent about this coverage today.

Insights Business Insurance is brought to you by SeibertKeck

What you need to know to protect your company against regulatory violations

Regulatory risk encompasses a wide range of issues that can create problems for a business, says Chad Follmer, Healthcare Practice Leader at Woodruff-Sawyer & Co. In some cases, regulations are violated maliciously while in other instances, it’s an innocent mistake that gets flagged such as the wrong coding for a health condition.

“Even if you believe you’ve done everything right and been as proactive about regulatory risk as you can be, the odds are pretty good that at some point as a corporate executive, you could face allegations of a regulatory violation,” Follmer says. “In some industries, unfortunately, it’s really not if, it’s when.”

Health care is a particularly tricky realm to navigate. In 2014, the Department of Justice secured $6 billion in settlements and judgments in civil fraud cases with an estimated $3 billion of this sum representing recoveries from health care providers.

“The government’s return on investment is between $8 and $12 for every dollar spent on regulatory enforcement,” Follmer says. “From a political standpoint, people like the idea that their watchdogs are doing their job to recover this money.”

Smart Business spoke with Follmer about how to work with your insurance partners to craft coverage that minimizes your regulatory risk.

What is driving the increased attention on regulatory risk?

Health care qui tam, billing and Stark violations continue to be a focal point, but you also have cyber-related regulatory claims; wage and hour claims; potential violations of the Foreign Corrupt Practices Act; and for publicly owned companies, investigations by the Securities and Exchange Commission (SEC). The risks continue to grow and carriers are adapting their coverage to deal with the new threats.

How prepared are companies to respond to regulatory claims?

You may not be as prepared as you think. A growing number of insurance carriers are carving regulatory risks out of policies and offering clients the opportunity to buy it back via expensive standalone placements. Some carriers don’t see it as that big of an issue, but it’s creating divergence around regulatory risk and the coverage carriers are willing to offer.

Employment practices coverage started out this way as well. It used to be part of either your general liability or your director and officer (D&O) liability insurance. It would protect your business on issues such as discrimination in the workplace. Cyber liability is another area that was historically covered with general liability policies, but has now become an increasingly standard separate coverage.

In some cases, limited coverage can be bought as a policy enhancement on an existing professional liability form.

Review your policy and scour any recent coverage changes that have taken place to make sure you haven’t had any limiting coverages introduced. Talk to your broker or to an expert in regulatory risk about what coverage options might be available to solidify your protection.

In what other ways are insurance carriers changing how they work with clients?

With regulatory risk going up, the insurance industry is taking a more aggressive approach to underwriting risk and giving clients incentive to reduce the odds of a problem occurring. Let’s say you have a $10 million D&O limit. If you have a $100,000 deductible, your carrier might say for a regulatory risk, the deductible is going to change from $100,000 to $1 million.

Now you have more skin in the game to ensure you’re doing everything you can to account for that regulatory risk. Coinsurance is another tactic used by some carriers. You may have a policy for $10 million in coverage, for example, with a provision that you pay 20 percent of every claim all the way up to $10 million.

So if you have a total loss, the carrier will pay out $8 million and you’ll pay $2 million. These are additional reasons why you need to dig deeper into your policy to be clear on what’s covered, what’s not and how much it will cost. Consider bringing in an outside consultant or broker to do an independent evaluation of your policy.

In many cases, the risks your company face today don’t look anything like they used to. Ensure your company is as prepared as it can be.

Insights Business Insurance is brought to you by Woodruff-Sawyer & Co.

Extending privacy and security coverage to portable devices

Who would have thought anybody would take the time to hack  dating site Ashley Madison? But hackers, who have too much time on their hands, can make anyone a target — and release a firestorm in the process.

“If your organization stores personally identifying information, you can’t ignore this exposure,” says Karl Henley, vice president at SeibertKeck Insurance Agency.

Even if you don’t keep customer information or fall under the Health Insurance Portability and Accountability Act, you still have electronic employee files.

“The big one people overlook is their own employees because they always have their personal information,” Henley says. “You have their Social Security number and their bank account numbers for direct deposit.”

In addition, Internet privacy and security coverage, which is becoming broader, goes beyond protecting yourself from someone hacking your website. If companies make the right moves upfront, they can cover lost or stolen portable devices — and protect information from falling into the wrong hands.

Smart Business spoke with Henley about your privacy and security exposures and how to eliminate or minimize them.

What do employers need to know about Internet privacy and security risk?

This needs to be a discussion, in order to determine what your exposures are. Everyone can be a target, including manufacturers who send and receive plans and specs that are protected as proprietary.

Once you understand your exposure, you need to figure out if you can eliminate it. If not, then can it be transferred to another party, such as a payroll company? If you’re transferring the risk, don’t forget that the third-party needs to indemnify you in the agreement for a breach that is caused by them.

If you can’t make a third party responsible, then you need to insure for it. But take time to understand what you’re actually buying, beyond the words ‘cyber’ or ‘Internet.’ There is no standard policy in this space right now. For example, Internet liability coverage is personal advertising injury insurance for electronic media, which just protects against infringement and unauthorized use of advertising material, copyright, slogan, trademark, etc., through the Internet. It has nothing to do with protecting against breaches.

How can companies make sure that their portable devices are covered?

It’s becoming more common for hackers to gain access to your information through portable devices, such as laptops, tablets, removable storage and smartphones. This is partly because more organizations are using cloud-based computing where portable devices have greater access to protected information. At the same time, your employees may be saving their passwords on the device or even using an app that creates a list of passwords.

You can buy an Internet privacy and security policy that includes as a covered cause of loss a lost or stolen laptop or portable device, either as part of the standard policy or as an endorsement. But in order for those devices to fit into the definition of a covered cause of loss, the device has to be password protected and the regulated data has to be encrypted.

A good insurance agent will help you become compliant when you buy the insurance policy. Your internal portable device policy needs to set standards for storing and changing passwords. Your encryption service or platform needs to meet the insurance company’s requirements, and every carrier is different. For instance, standard Apple encryption might qualify but you could need an internal policy that states all mobile devices are Apple and required to be passcode or fingerprint protected.

Make sure you ask your insurance agent if he or she has sample policies with best practices, in order to streamline adopting a compliant internal policy.

Typically when you have a breach, it’s because somebody wasn’t following the rules. But if you don’t set the rules upfront and provide ongoing training and awareness, your claim may be denied — even if you’ve already taken the proactive step of insuring for the risk.

Insights Business Insurance is brought to you by SeibertKeck

Environmental insurance reduces risk when investing in distressed property

A strong real estate market in Northern California has led property owners, businesses and developers to look more closely than ever at environmentally contaminated properties.

“In areas like Silicon Valley, these parcels contain large amounts of acreage with potentially beneficial uses such as new corporate offices/campuses and multi-use residential/commercial developments near transportation,” says Jeremy S. Roberts, Vice President for the Environmental Liability Practice at Woodruff-Sawyer & Co. “But they are within the footprint of large regional contaminated groundwater plumes.”

In some cases, these properties have already been developed to house modern office buildings, but are still in need of long-term remediation/mitigation measures due to residual contamination, Roberts says.

The effort to remediate a distressed property often scares potential investors away.

While there is certainly risk involved, many companies look toward environmental insurance products like Pollution Legal Liability (PLL) to alleviate concern and transfer risks associated with causing or discovering unknown pollution conditions.

Smart Business spoke with Roberts about how a PLL can become a future asset during a subsequent sale of the property.

How does the PLL become a future asset?

These PLL products are often purchased on properties with known contamination where the insured is not the responsible party for the known contamination.

Policies can be used as a risk transfer tool to cover liability claims that could arise from third-party tenants or inhabitants at the site, or for cleanup costs required after the property has been developed and a ‘no further action’ status has been designated.

This becomes valuable should regulatory guidelines change in the future. A properly structured PLL policy can also help you manage the future sale of the property.

You should include proper assignment terms to add a future buyer to the policy or to add future lenders to the policy and protect them in the event any claims arise out of that past contamination.

In many cases, the PLL that is being passed on to a future buyer helps facilitate the transaction and mitigate the business negotiations around the potential diminished property value.

What is the key to negotiating an effective PLL policy?
It’s critical that you look at this product as an option while still in your due diligence period.

The key is not just to focus on transferring as much of the risk as you can that could arise during property development, such as the discovery of unknown contamination and the resulting added cost, but to also look longer term.

These products can provide policy terms for up to 10 years, which gets you past your current risk and allows you to help transfer the policy to a future buyer.

You need to take the time to structure the policy the right way upfront so you have the flexibility to make that future transition and transfer the benefits of the policy toward the future buyer.

Focus on things like correct assignment provisions, insured contracts and indemnity obligations, future named insured provisions, lender additional insured status and waivers of subrogation.

What about environmental indemnities and regulatory comfort letters?

In many cases, a purchaser of a contaminated site may inherit an environmental indemnity being passed down from a prior property owner and/or responsible party.

Other times, the prospective purchaser may negotiate a ‘comfort letter’ from the lead regulatory agency confirming that by practice, the regulatory agency generally does not go after innocent purchasers of contaminated sites for future clean-up obligations.

However, given the litigious environment we live in, it is still worth considering additional risk transfer tools like PLL policies that can protect you as well as future lenders or buyers.

In such approaches where an environmental indemnity or regulatory comfort letter exists to the benefit of the insured, the typical exclusions under a PLL policy for known pollution conditions can be replaced with broader coverage triggers in the event the new buyers get brought into future liability claims for clean up, bodily injury or property damage. ●

Insights Business Insurance is brought to you by Woodruff-Sawyer & Co.

What you need to know to protect your company and its valuable data

An unfortunate fact of life in today’s digital world is that no one, be it an individual consumer of technology or a Fortune 100 business leader, can count on complete protection against becoming the next victim of cybercrime.

“These attacks are not going away. In fact, we are facing an increase in frequency,” says Jared Pelissier, Senior Vice President and Partner at Woodruff-Sawyer & Co.

“While everyone is improving their corporate cybersecurity systems with varying technologies, which will play an important part in proactively defending against breaches and attacks, the basic nature of the matter is that it is nearly impossible to detect or block every threat. You need to be prudent in assessing potential damages and liabilities that a breach could impose on your company. This will help ensure you have adequate insurance coverage in place to best protect your balance sheet.”

Smart Business spoke with Pelissier about how to work with a broker to identify exposures and obtain optimum coverage that protects your business.

Where is a good place to begin to protect your business against cybercrime?

It is all about your company’s risk profile. The best approach is to implement a holistic process.

You need to do more than simply get an insurance policy to protect your business. Partner with an insurance brokerage that has aligned itself with top-notch cyber defense firms to expertly assist with the assortment of cybersecurity services. These cybersecurity firms know exactly what to look for and can assess if a breach has occurred.

One crucial step is performing an assessment to determine if your system has already been compromised. On average, it takes 240 days before a company realizes its system has been breached. Often times the malware is collecting private information undetected and it generally takes five or six months before the IT team realizes the system has been compromised.

You can obtain a full report on where, when and how the compromise happened, as well as how to remedy the situation.

The other piece is penetration testing. As you determine if your systems have already been compromised, you should also gauge how easy or difficult it would be to gain access to your secure data.

Alongside those two tests, create an emergency incident response inclusive of forensic investigation capabilities. You will need a firm that is going to stop an active security incident, evaluate the extent of the attack and then look to remediate the situation and prevent subsequent incidents.

The goal for any risk management team is to create a situation where the company is less likely to have a breach or claim, but should one occur, ensure the company is more defensible in terms of liabilities.

Work with your broker to develop a meaningful process that provides proactive protection against these vulnerabilities. Use the assessment data and improved risk profile to craft custom language into your cyber liability insurance. You have to know who to go to and what to ask for to design the best cyber liability insurance program.

What if your company has already been a victim?

It’s very unsettling to operate under the belief that your company’s data is secure, only to learn that your network was breached six months earlier.

This can be particularly hard on the team you rely on to manage and protect your technology infrastructure.

Unfortunately, you’re not the first and won’t be the last company to feel this vulnerability. In the event of an incident, you need to focus on your data breach response plan and do what is necessary to safeguard your company going forward.

Take an aggressive approach to protect your company and demonstrate to insurance carriers that cybercrime is a threat you take seriously. Educate your employees about their role in keeping your company’s valuable data and assets safe and secure.

Proactive work at all these levels helps reduce your risk of a claim, resulting in better insurance premiums that reflect your improved risk profile. ●

Insights Business Insurance is brought to you by Woodruff-Sawyer & Co.