The pandemic has caused many predictions for 2020 to be spectacularly wrong. One exception is that data privacy and compliance will become even more important, specifically because of the introduction of the California Consumer Privacy Act (CCPA). 

For carriers that work with consumers in California, the legislation created a list of compliance considerations. Californians now have the right to know what information companies have, request that it not be sold and request that it be deleted unless it is in conflict with another law (very important to note that last piece for our highly regulated industry). Businesses must also provide a link that says, “Do Not Sell My Information,” which enables the consumers to make their opt-out request. 

Let’s take a look at three of the many concerns related to CCPA:

• Data Breaches: Protecting a consumer’s private and sensitive information should be a top priority, as data breaches have become more common and have resulted in damaging headlines and expensive settlements. Given the nature of our industry and the amount of personal information exchanged, insurers are a prime target for cyber attacks, and we will certainly see them fall victim to data breaches.
• Identify Theft: Insurers need to be certain that they are not responding to these consumer requests without reasonable verification that the consumer making the request is the actual consumer in question and not a bad actor trying to steal consumer information.  
• Compliance: Carriers should consider hiring a compliance vendor or outside counsel well-informed on CCPA to make these situations more navigable. These partners act as a referee, offering valuable third-party input to verify that a safe and compliant process is in place. This partnership can provide a paper trail (if needed) to document that the required data usage and privacy notices were communicated to consumers. If trouble arises, it can be advantageous to have an independent third party defending you.

See also: CCPA: First of Many Painful Privacy Laws  

Working With Technology Partners

Since CCPA’s initial rollout on Jan. 1, insurance carriers that conduct business with Californians have been trying to reach full compliance before enforcement actions are scheduled to begin on July 1. For most, working with a technology partner, especially a data-as-a-service (DaaS) company, can be monumental in navigating the ins and outs of the new compliance standards. Here at Jornaya, we recently extended our compliance product suite to assist companies in meeting the requirements of the CCPA, as well as potential future state and federal regulations.

As CCPA goes into effect, plenty of other states are looking to it as a blueprint for creating their own data privacy laws. Nevada, New York, Texas and Washington are just a few states where legislators are starting to follow California’s lead by introducing privacy bills.

Creating Better Customer Experience

These laws are trying to provide transparency about what data is being collected on a consumer and how it is being collected and allowing the consumer to be in the driver's seat as to how that data is going to be used. 

Privacy regulations, like the CCPA, are simply about doing the right thing for the consumer. And the consequences of not paying attention and not doing the right thing by consumers with regard to their privacy can be devastating, not only in terms of potential legal action but also in the loss of consumer trust and associated sales. 

Disclaimer: Any and all content provided (material, information, graphics, etc.), and any other versions and variations of the content (e.g. in .pdf via email or otherwise) is provided only for general information. It is not intended to serve as, or as a substitute for, legal or compliance recommendations; to advise or infer to be used in any particular way by you or your company, and not intended to be used as a basis for making business/commercial decisions.

Cyber insurance is probably the single most rapidly evolving insurance product on the market, and understandably so. It’s still a fairly young product, and cyber criminals are constantly changing their tactics. As a result, insurers are constantly adapting their policy forms. With constant changes, it can be difficult to know what coverages, you (as a policyholder or broker) may be missing out on. Here are some of the newer enhancements we’re regularly seeing from insurers.

• Utility Fraud Coverage: Sometimes the damages related to cyber-attacks can be entirely unexpected, like a hefty electric bill. Cyber criminals are now employing two newer hacks that can significantly affect a company’s utility costs. The first such attack is crypto-jacking, in which hackers fraudulently use computer systems to mine crypto-assets. For those unaware of what “mining” means, for every bitcoin transaction a verification is required and a ledger is added to the blockchain. Those processing these transactions can earn cryptocurrency in return. To maximize that return, however, cyber criminals are now taking over the computers systems of others, to process large blocks of transactions. This results in computer systems running at near full capacity, which can generate a significant increase in electricity costs for the victims. Despite the fact that many may be unfamiliar with this type of attack, they are extremely popular and growing. Last year, IBM reported that many hackers had actually abandoned ransomware attacks in favor of crypto-jacking, with an increase of 450% from the prior year. The other utility-related fraud is telecom fraud, in which cyber criminals access VOIP systems to route long-distance calls, often on a large scale. Trend Micro has a nice illustration here of exactly how those frauds are carried out. In response, many insurers have begun providing “utility fraud endorsements,” which provide coverage for any resulting increase in utility costs stemming from these unauthorized acts. 

• Bricking Coverage: Almost all cyber insurance policies contain broad bodily injury and property damage exclusions. These can be particularly problematic for companies operating in certain sectors. They can also be problematic for specific claims, such as those attacks that effectively cripple (also known as “bricking”) a company’s computer systems. Crypto-jacking attacks can not only result in significant utility costs but can overwhelm a company’s computer network, effectively destroying any affected computers. Imagine a mid-sized company with 150 affected computers, having to replace each system at a cost of $2,000. That’s a cyber-attack with a $300,000 price tag. Luckily, many carriers today now provide “bricking coverage endorsements,” which specifically cover the costs to repair or replace computer systems that may be destroyed from cyber attacks. 

• System Failure Coverage: Generally speaking, if computer system failures are caused by cyber intrusions, coverage for any resulting lost income would be triggered under the “lost income” insuring agreement within a cyber policy. Many companies today have taken this coverage one step further by including specific “system failure endorsements” that provide coverage for lost income resulting from any unintentional/unplanned system failures. The broadest versions of these endorsements also often extend coverage to include lost income resulting from system failures that affect dependent third parties.

See also: Coronavirus Boosts Cyber Risk

• Coverage for Reputational Loss: Cyber intrusions can generate considerable media attention and inflict significant reputational harm. Almost all cyber policies include some form of crisis management coverage for the costs associated with hiring a PR firm to minimize reputational harm, but coverage for any resulting lost income is often absent. In an effort to mitigate the risk of lost income stemming from negative PR following a cyber event, policyholders should ensure their policies contain an appropriate endorsement for “reputational loss.” It’s also important that insureds review these endorsements carefully - coverage can often be severely sub-limited, and more restrictive endorsements may specify that the loss must be the direct result of a publication. Because such a direct relationship will likely be difficult to establish, insureds should favor endorsements that have no “direct” requirement to trigger coverage. 

• Coverage for GDPR/CCPA Violations: The passage of recent privacy regulations such as GDPR and CCPA now subject companies and their directors to regulatory scrutiny (and hefty fines) for privacy-related violations. To complicate matters, many companies are unfamiliar with their compliance requirements and obligations. While the majority of insurers already include regulatory coverage within their cyber policies, there are often considerable gaps in those insuring agreements. To broaden policy terms and clarify the scope of coverage for violations of these regulations, some companies have begun to include specific GDPR and CCPA endorsements that provide coverage for costs associated with violations of these laws, stemming from “privacy wrongful acts” such as: misuse of protected information, improper collection of protected information, failure to correctly safeguard or manage protected information or failure to inform individuals regarding the collection of protection of information. 

• Bodily Injury and Property Damage Carve-Backs: As briefly mentioned above, almost all insurers include broad bodily injury and property damage exclusions within their policy forms. The intent is to push those claims to respective general liability policies, where they belong. However, insureds are left without coverage in circumstances where the cyber intrusion itself results in bodily injury or property damage (a topic we visited in depth in our prior article). This coverage gap is often identified when working with an experienced cyber broker, who will attempt to negotiate improved wording at the time of purchase. However, it appears a growing number of insurers are slowly realizing the need for improved policy language and automatically including appropriate carve-backs, which will preserve coverage for such claims. 

With the dramatic shifts in the business world due to the pandemic, it seems that every aspect of tech and insurance is being scrutinized. After speaking with dozens of tech companies over the last two weeks – including incumbents, insurtechs and other companies of all sizes, I've seen a theme has emerged. To borrow from Charles Dickens, “It was the best of times. It was the worst of times.” And it all has to do with digital capabilities.

Insurers have adapted remarkably well to the new norm – if there is a norm. Most insurers rapidly shifted employees to work-from-home mode and continued business as usual, producing quotes, handling claims, processing renewals and working with distributors and external parties. The volume and nature of the business have made some dramatic shifts. Fewer people and businesses are buying new vehicles or properties. Claims are way down in some sectors and up in others. But, generally, the industry has adapted. At the same time, big gaps have been exposed. Much of the challenge has been related to manual, paper-based processes – inbound mail that needs to be scanned and ingested into workflows and outbound documents such as printed policies and checks. Suddenly, the need for a fully digital enterprise has become crystal clear.

All of this has significant implications for tech vendors. To put it simply, those that have digital solutions that address the gaps are quite busy. Those that have solutions in other areas are not. Companies that are especially agile at quickly standing up digital capabilities have their phones ringing off the hook. (One tech company told me that an insurance CEO called and asked if a solution could be operational in two weeks!)

See also: Will COVID-19 Disrupt Insurtech?  

On the other hand, there are many tech firms that have solutions of high value to insurers – but they may be in areas that enhance current capabilities and are suddenly lower in priority. They don’t necessarily provide digital self-service or digitize processes that get workers out of the office. Where existing projects are underway in these areas, insurers are moving forward so they do not lose momentum. But there is a reluctance to start new projects in the short term if they don’t address the digital gaps that are most acute during this period. 

This is a unique point in time. All manner of tech solutions are required for insurers to advance their digital transformation. But the phase we are in has put a spotlight on the specific capabilities that are needed now. When the current crisis has passed, the world will be forever changed. Digital expectations will be different. It is likely that the digital transformation of insurance will accelerate, and there will be new and renewed demands for tech solutions of every kind. But for now, there is one category of tech solution providers that is experiencing high demand for new solutions and another class that is finding it to be a difficult time to generate new leads and sales.

We are living through extraordinary times, the first truly worldwide pandemic in our lifetimes, which has effectively halted economies and introduced the concepts of #socialdistancing and #flatteningthecurve into the vernacular (not to mention #PPE). Beyond the horrific infection rate and loss of life, coronavirus’ impact on travel, retail, hospitality and other industries has been so profound that it may take years to recover. However, it has had at least one positive impact -- the pandemic has forced people to confront their mortality in a way that larger threats (heart disease, car accidents, diabetes) haven’t over the last 10 years. 

Life insurance penetration (the percent of adults who have at least one policy) stands at only 57%, down from 63% in 2011. Half are underinsured relative to replacing their income for their family, as the role of life insurance is to replace the current and future income of the person insured (as a rule of thumb, coverage should be at least 10-12 times the insured person's annual income).

Demand is at the highest level in 10 years

COVID-19 seems to have created a “wake up” moment, raising awareness of the need to protect families and loved ones if something was to happen. Demand for life insurance has spiked and is at its highest since 2011, according to Google Trends, which tracks the relative interest of keywords (in this case “life insurance” as a phrase) over time (100 means the highest interest over the period covered):

This trend has been echoed in numerous discussions with carriers and reinsurers, and this interest will likely continue for a time even after the virus is brought under control. 

Macro trends of direct-to-consumer policy originations and automated underwriting will accelerate

With shelter at home, people can’t meet with an agent or have a physical exam when applying for life insurance. This has accelerated a trend toward automated/virtual underwriting and originating policies directly with consumers by carriers (Mobile/Online applications were up 24% in March, according to one study). The need for electronic data, delivered in real time as part of an online underwriting process, has risen as carriers and reinsurers are looking for tools to replace the paramed exam, where someone comes to your home or office to draw fluids and collect other medical data. While current automated data sources (Rx, Lexus-Nexus, MIB, MVR) have been used for several years for both full and accelerated underwriting, there is an opportunity to leverage new sources such as oral health to provide more robust information to assist with underwriting.

In addition, agents can’t have clients come to their offices (or go to their homes), so consumers are searching online and finding a host of carriers and insurtech companies, not to mention marketplaces, where they can get quotes and apply/get covered without leaving their homes.

COVID-19 has, however, created problems for underwriters and actuaries, who are having a lot of sleepless nights trying to figure out how to account for COVID-19 as part of the application process.

See also: Pulse of Insurance Shopping During Crisis

Despite COVID-19, net mortality rates may actually decline

While coronavirus is difficult to screen for, carriers have developed tele-exams and questions to at least reduce the risk of underwriting someone with the virus. Even more significantly, it’s possible overall mortality rates could fall due to shelter-at-home orders affecting 97% of the country. 

Based on CDC data, almost 170,000 people die from accidents each year, 40,000 of those in car accidents. With driving down so significantly that auto insurers are giving rebates to customers, and other activity curtailed, data from the CDC indicates that deaths may actually be down over the same period as last year. Regardless, because the highest mortality rates are older individuals who are less likely to get term insurance (91% of COVID-19 deaths to date are 55 or older, with 78% 65 or older), it is possible that lower accidental death rates would more than offset the mortality risk of coronavirus for 25- to 54-year-olds (who are the prime target for term life insurance).

While the COVID-19 pandemic is a terrible crisis, one small benefit is that it’s raised awareness of the need for life insurance in families throughout the U.S. (which isn’t in the top 10 countries in terms of coverage). Finding ways to originate and underwrite remotely (including leveraging new forms of data delivered in real time) can help meet this need and perhaps reverse a multi-decade decline in life insurance coverage.

Since the world went on lockdown to stop the spread of the novel coronavirus (COVID-19), satellite images from NASA have captured an unlikely view of planet Earth. Pictures from space showed a dramatic drop in pollution over Wuhan after the central Chinese city implemented coronavirus-related restrictions.

You don’t have to circumnavigate the globe from a spaceship to witness the effects the current pandemic is having on our planet. Urban waterways have cleared up in the absence of human activity. Vapor trails from passenger planes no longer streak the skies above us. Rush hour traffic is nonexistent—it’s like driving to work on a holiday.

The natural world is getting a much-welcomed reprieve from human activity. With national parks closed to tourists, the animals in those parks have begun to move freely about areas that would otherwise be populated by humans taking photographs. At Yosemite National Park in California, rangers have witnessed black bears walking in the middle of the road. And at South Africa’s Kruger National Park, a pride of lions was seen sleeping on a paved roadway that was devoid of motor traffic or any human activity.

Earth is also taking a breather from the constant onslaught of pollutants that humans have been pumping into the atmosphere and dumping on the ground and into the waterways in increasing levels since the industrial revolution.

If there’s a lesson to be learned (and there will be many, when all is said and done), it may be that a deadly and catastrophic pandemic has, in just a few months, noticeably curbed our contribution to climate change.

Let me be clear—a global pandemic is not the path to a sustainable future. But the current crisis has helped shed light on the herculean effort needed to turn the tide if we hope to save our planet for future generations.

Climate change

There are countless ways the current crisis has led to a significant reduction in the emission of greenhouse gasses.

Travel of all kinds has come to a standstill. Very few people are driving to work—or anywhere—right now. Nonessential businesses have closed, and those who can work from home are doing so. Conferences have been canceled. Business trips have been postponed. Vacations have been put on hold. And for the time being, there are no concerts, sporting events, in-person weddings or graduations to attend. According to the Intergovernmental Panel on Climate Change, transportation was responsible for 14% of all global carbon emissions in 2014.

See also: COVID-19: Stark Choices Amid Structural Change  

In addition, power plants and factories in China and around the globe have reduced output. Millions are now wearing face masks in public to avoid contracting or spreading the virus. Ironically, the threat of COVID-19 means they’re also breathing cleaner air when they venture outside.

It’s not just cleaner air; even the water is cleaner in some parts of the world. In Venice, locals say the water in the city’s canals has never been clearer, due to the dramatic drop in tourists.

Future of work

The current pandemic has done nothing less than create a worldwide work-at-home experiment.

Normally, when we talk about the future of work, or work sustainability, we talk about reskilling and preparing today’s workers for tomorrow’s jobs.

But overnight, millions of employees who commuted daily to offices or traveled for sales jobs were forced to stay at home and continue working. For many white-collar employees, their work experience may never again be the same when the health crisis is over.

Companies that provide collaborative technology, like videoconferencing, will benefit from the evolution of work life. Ultimately, that’s good news for the planet and those on the front lines of the climate change battle. Working from home requires less travel, less paper usage and less heating and cooling of office buildings.

For those employees who can best manage their time working in isolation, the hours that used to be spent stuck in traffic can now be applied to personal endeavors, like physical fitness, hobbies or family gatherings. Still, others will struggle with knowing when to shut down their computers and stop working. As such, employers will need to keep their remote workers engaged and ensure they don’t feel isolated or unappreciated.

Many companies, like Zurich, have already introduced flexible work schedules, allowing employees to work out of the office some days or adjust their hours to accommodate their personal lives. These companies are ahead of the curve, and their early action is paying off now.

Digital safety

In today’s digital world, trust depends on cyber security and data stewardship. Many businesses today need to collect customer data to provide goods and services. Protecting that data is important to maintain trust.

Since the spread of COVID-19 was declared a pandemic, there has been a dramatic increase in the number of coronavirus-themed cyber attacks. According to cyber security firm CYE, cybercriminals have been increasingly exploiting the new situation caused by the global pandemic, citing a fivefold increase in cases.

At Zurich, we promise to never sell our customers’ personal data or share it without being transparent about it, and to keep it safe and secure as we put it to work so we can deliver better services. Other companies have made similar promises, but with so many employees working from home on networks that may not be as secure as those in the office, it is becoming harder to protect data.

Remote work on the scale we’re experiencing now heightens digital perils like never before. For financial, healthcare and other businesses, as well as federal and state agencies that deal with sensitive data, there’s little room for cracks in cyber security systems.

There is an increased likelihood of employees using unsecure networks to retrieve sensitive information when working from home or in remote locations. As quarantines become more prevalent and more people are authorized to work remotely, businesses will need to ensure they’re maintaining proper controls to protect customer data.

See also: 10 Moments of Truth From COVID-19  

ESG investing

Environmental, social and governance (ESG) is at the core of how Zurich interacts with its customers, brokers and communities at large, and is also reflected in our portfolio management. We work with stakeholders to ensure responsible and sustainable business practices and to protect reputations while promoting best practices in managing ESG risks. While global financial markets whiplash from daily record gains and to record losses, ESG investing is playing the long game.

Investing in ESG funds is on the rise, according to Morningstar. The Wall Street Journal reports that the coronavirus outbreak has given rise to a number of factors that are important to ESG investors, including disaster preparedness, continuity planning and the treatment of employees through benefits such as paid sick leave and work flexibility.

Sustainability

For many, “sustainability” is the catch phrase of our time. For Zurich, the time is now to stand behind the promises we’ve made to support a sustainable future for our business, our customers and our communities.

In 2019, Zurich signed up as the first insurer to the Business Ambition for 1.5°C Pledge, which is aimed at limiting average global temperature increases to 1.5°C above pre-industrial levels by 2030. We’ve also committed to using 100% renewable power in all global operations by the end of 2022.

In addition, we are preparing today’s workers for the challenges of tomorrow, protecting the personal data our customers entrust with us, and investing in businesses that make the world a better place to live.

As insurance carriers and agencies continue to adjust to new ways of working due to COVID-19, we are working with them to better understand the challenges and opportunities they are facing, including how:

• consumer behavior is trending; 
• advertising is changing; 
• carrier and agent personnel are distributed; 
• digital capabilities are doing more of the heavy lifting; and
• product development and innovation are advancing. 

Carriers want to stay well informed, and we’re providing an additional, broader perspective to help guide their marketing activities and campaigns with greater levels of confidence. We would like to take this opportunity to provide a high-level overview on the pulse of insurance. 

Trends by Segment 

Overall, the current state of insurance online shopping activity remains strong and has trended higher than normal (for this time of year). Providers have reacted quickly and are still aiming to achieve or surpass their 2020 growth plans and, in most cases, leaning into the performance marketing ecosystem to capture more mid-funnel prospects to fill excess capacity. Consumers are home and in a “money-saving” mode, and reports are that they are more responsive to inquiries (e.g., contact rates are up).  

Here is a look by segment:

P&C

P&C entered the pandemic from a position of strength. We expect consumers on the preferred end of the risk spectrum are shopping more than usual for auto and home insurance. Non-standard consumers face difficult financial decisions on where to cut expenses (expect less shopping activity and higher than average churn). Overall, even with the discounts—refunds and relaxed payment requirements that carriers have announced—shopping levels are above what we typically see this time of year. Carriers are spending less on traditional advertising campaigns and, consequently, seeing fewer organic inbound inquiries; therefore, many are spending more on leads, clicks and calls. Most disruption will be in commercial lines because of increased claims and difficult coverage decisions in the business interruption, event cancellation, workers' comp and travel insurance policies. Overall, P&C remains strong and stable.

See also: COVID-19: Stark Choices Amid Structural Change  

Life

Carriers are navigating through a revised process or product mix to fulfill demand, investing in resources to fulfill underwriting or shift to “automated underwritten” products. Consumer demand is high. Never has there been more unsolicited interest in acquiring life insurance, particularly in younger age segments. Fulfillment is hard because critical underwriting data, such as that gleaned from medical exams, are paused. Carriers are driving higher-volume policy sales with lower face amounts or shorter-term products with simplified issues and no medical exams. We expect carriers and agencies are reducing or pausing direct mail where the economics are not supported by policies that have a lower lifetime value.

Health

We’ve seen similar increases in shopping activity across health insurance. In the under-65 market, record unemployment is driving shopping, as those without coverage investigate COBRA and other options. Additionally, reduced-hour workers are much more sensitive to what once were manageable premiums. Eligible consumers are considering STM (short-term medical) plans as a viable alternative, now that federal regulations permit plans as long as 364 days in some states. In the senior market, the Center for Medicare and Medicaid Services has relaxed regulations that govern out-of-network costs for Medicare Advantage. Increased uncertainty about what Medicare does and does not cover regarding COVID-19 has driven seniors to educate themselves. Rapid changes in the economy, uncertainty about the future and research about the current state are causing marked increases in online shopping activity in the health space.

Adjustments Carriers Are Making

We’re also seeing brands contend with the obvious sensitivities of marketing during this time. It’s a fine needle to thread as consumers want help and guidance from a trusted source. Insurers have the opportunity now to build trust and improve the customer experience with thoughtful, well-timed, engaging conversations.

See also: Business Continuity During COVID-19

Insurers can lead with data to better understand how behavior drives decisions so they know where to focus their time and dollars. Now more than ever, it’s critical for marketers to be thoughtful. It’s important to understand where consumers are in their buying journey to send the right message at the right time while mitigating compliance risk all along the way. 

We often get called into corporate calamities where “heavy water” is starting to overwhelm the bilge pump of the corporate yacht. Especially in situations like today, where the markets are stuck in bear market territory, where the oil markets have collapsed, where the coronavirus rampages through the U.S. and where gross uncertainty exists regarding our transportation system and supply chain. We have lived through the financial crisis, regulatory messes and, most importantly, situations where organizations have simply lost the faith of the customers and investors.

Often, directors and officer who have to figure out what to do to “save the ship” must at the very same time try to figure out if they have enough directors and officers (“D&O”) liability insurance to weather the storm and protect them from plaintiffs’ lawyers circling the sinking ship.

Nautical allusions aside, figuring out if your D&O insurance is good enough when you are about to enter stormy seas is not ideal. First, there may be no time to tinker with the D&O coverage. Second, and more importantly, if there is a problem with your coverage, or there is not enough of it, many carriers are reluctant to modify policy wording (to potentially “enhance” coverage), or they add limits of liability when a company is having financial difficulty because the carrier is worried about its potential exposure to directors and officers claims (whether they might be lawsuits or regulatory investigations). To many less-forward thinking carriers, doubling down (in some respect, even if it serves to protect their insureds) sometimes makes no sense.

Finally, despite years of heavy claim activity and many large frauds, bankruptcies and regulatory investigations, we often still see the same problems with policies and towers of insurance. Why? We honestly cannot say. Sometimes corporations and their boards do not focus enough on D&O insurance issues because they are frankly too busy with other issues. Sometimes D&O insurance decisions are based not on “substance” issues but on cost issues, which is generally not the right answer for many reasons. Much of the literature dealing with D&O insurance tends not to be broadly disseminated to the folks who need the information most, like corporate directors and officers. Instead, decisions are often left to risk managers and brokers who do not have much experience dealing with D&O issues at troubled companies.

Our goal in this piece is to place front and center the most important issues relating to such issues. This will allow directors and officers to understand what they need to know and what to ask when questioning management on D&O coverage. These are not the only issues that should be addressed when considering the scope and breadth of D&O coverage, but certainly are ones that should be at the top of any director’s and officer’s list. Truth be told, this advice should hold true for all companies and boards, not just troubled ones. The best time to fix D&O issues is when the sailing is smooth, not when the corporate yacht is about to sink.

Will Your Carrier Hang Tough With You When Things Go Bad?

D&O insurance is frequently purchased in a “stack” or a “tower” of insurance, led by a primary carrier and multiple excess carriers. The excess policies are usually written in “follow form” nature. This means, in most cases, they follow the terms and conditions of the primary carrier. For larger companies, there is both a traditional Side A, B and C tower (covering the entity and individuals) and a Side A tower, covering the directors and officers for non-indemnifiable loss.

Because neither insurance policy forms nor D&O carriers are fungible commodities, it is very important to understand who is the company’s primary D&O carrier, what coverage the carrier offers and whether the carrier “pays claims.” In many ways, the primary D&O carrier is like a critical vendor or business partner that the company cannot do without. The primary D&O carrier can sometimes be the most important business partner (and friend) a company and a director or officer can have. The hope is that, when the seas are rough, like in an insolvency or restructuring scenario, the primary carrier will be there to respond to claims and ultimately protect the personal assets of the directors and officers involved – even in times where indemnification or advancement is unavailable or refused by the corporation.

 A few points to consider:

1. What is the carrier’s claims handling and claims paying reputation? Is it business-friendly and coverage-friendly, or is the carrier known to try to find “outs” to coverage? Does the carrier have a free-standing claims department, or does it farm out claims to hyper-aggressive coverage counsel? And, if the company has multiple offices overseas, how does the D&O carrier handle cross-border claims or investigations? Through a bit of investigation, one can often learn from others (such as defense counsel or experienced D&O brokers) information that might indicate which way a carrier leans on these important questions. Obviously, the best carrier is one that will hang with the directors and officers even in the worst of times, and will not “run and hide” behind coverage defenses so it does not have to pay.

2. What is the carrier’s underwriting response to questions and potential modifications? What is the carrier’s responsiveness to requests to enhance coverage for the insureds? These questions relate to the prior question. Directors, officers, and companies want a business partner in their primary carrier, not a “silent partner.” Many of the better carriers often will consider (and implement) policy changes even days or weeks before a bankruptcy filing to clarify policy language for the potential benefit of the insureds. Those are the types of carriers that a director or officer wants on his or her side.

3. Do you have enough coverage? This can be the most worrisome aspect to any director or officer caught up in a corporate storm. Unfortunately, this is also an area that is confusing because there are often no clear or “right” answers as to what limits should be purchased.

The most important thing a director or officer can do in this regard is ask many questions of management. For a public company with $2 billion of annual revenue, $30 million of D&O insurance likely does not make sense. Similarly, for companies with substantial debt and perhaps not a lot of cash on hand, a low D&O limit also would not make sense. Very often, an experienced D&O broker can provide benchmarking, showing what D&O insurance is purchased by similarly situated companies. Thus, a company can look to a competitor in its space, or at its size, to determine what type and level of D&O insurance comparable companies have purchased. Finally, many larger companies with public debt or equity exposure can perform “mock” damages analyses to understand what a potential securities claim against them might look like from the perspective of damages and defense costs. The variable here is that the cost of a simultaneous regulatory or criminal investigation, as discussed below, can vastly skew those amounts.

Can a company increase the limits of its D&O coverage midterm, or even after bad news surfaces? This is a common question. The answer is that it depends on the facts and the circumstances of the particular situation. Sometimes the circumstances a company faces are not so dire, and carriers will cooperate with the company’s desire to protect its directors and officers by agreeing to increase the limits of its tower (for a price, of course). Other times, the situation may be so severe that a request to increase limits will be politely declined. The later polite declination proves our point. Directors and officers should ask questions up front regarding coverage amounts. They should not wait until the corporate ship starts to heel over to request higher amounts. By then it might be too late.

See also: What Effective Leaders Do in Tough Times  

Coverage for Regulatory and Criminal Investigations

Troubled companies often encounter a regulatory or criminal investigation (SEC/DOJ) at the same time they are facing civil litigation. This is the potential “double whammy” of defense costs, which often can run into the millions of dollars. Thus, directors and officers need to know what sort of coverage their D&O insurance provides for such investigations because, to the extent such investigation constitutes covered loss under the D&O policy, every dollar spent on investigations will generally reduce the overall limits available to ultimately settle the underlying litigation.

The rules of the road are well established in this area. Directors and officers are generally covered under the company’s directors and officers insurance for formal regulatory and criminal investigations and inquiries as well as “a formal criminal, administrative, or regulatory investigation against an Insured Person when such Insured Person receives a Wells Notice or target letter in connection with such investigations.” 

Corporations are generally not covered for their involvement in such situations, unless individual directors or officers are also simultaneously named in the investigation (these rules of the road are often different in the private equity space, which is beyond the scope of this article). Specialized policies in the D&O marketplace exist to cover regulatory and criminal investigations in those situations where only the company is named, though those policies are reported to be expensive. All other things being equal, a director or officer should ensure that he or she is covered for regulatory and criminal investigations and inquiries. These can be very expensive to litigate and defend, and the last thing the company and its board needs at the time is a loose cannon on deck.

Why Does the Insured Versus Insured Clause (and Its Carve-outs) Really Matter?

The insured versus insured clause has been included in D&O policies for a long time. It finds its genesis in a carrier’s need to guard against collusive lawsuits brought by one insured (say, for instance, the company) against another insured (like a director or officer), solely designed to get to the proceeds of the company’s D&O policy.

Indeed, carriers may have valid reasons for not wanting to cover these types of lawsuits. But there are other types of potential “insured versus insured” lawsuits that should be covered (and thus “carved out” of the insured versus insured exclusion) because they generally would not be collusive (and normally are just as hotly contested as suits brought by traditional third parties). Here is a list of certain types of lawsuits that we believe should be explicitly covered under the D&O policy (i.e., carved out) to protect the interests of the directors and officers.

1. Shareholder derivative actions

2. Suits that generally arise in bankruptcy when bankruptcy-formed constituencies, such as creditors’ committees, bondholder committees or equity committees, bring an action derivatively on behalf of a bankrupt company for alleged breaches of fiduciary duty by the company’s directors and officers.

3. Similarly, suits by trustees, liquidators and receivers against directors and officers. As we have seen from high-profile suits involving companies like Tribune, Extended Stay and BearingPoint, bankruptcy-formed constituencies and trustees have become much more aggressive and litigious over the years, and the threat of such suits simply cannot be ignored.

4. Whistleblower suits brought under the provisions of either Sarbanes-Oxley or Dodd-Frank.

What is Non-Rescindable Side A Coverage?

There are two general coverage sides to a D&O policy (leaving for another day the concept of outside director coverage). Coverage “Side A” is for non-indemnifiable loss, meaning loss for which a company cannot indemnify or is financially unable to indemnify. Under this side, the directors and officers are the insureds. Coverage “Side B,” on the other hand, is for indemnifiable loss. Under Coverage C, the company is insured for securities claims.

Side A covers a range of different scenarios. For example, under Delaware law (where many corporations are incorporated), a company cannot indemnify its directors and officers for the settlement of a shareholder derivative action. And in bankruptcy, a company often will be unable to advance defense costs and to indemnify its directors and officers for claims. Indemnification claims by directors and officers against the company may be treated as unsecured claims that get pennies on the dollar, or may even be subordinated in certain circumstances.

As several of the noteworthy “financial fraud”-related bankruptcies have taught us, having “non-rescindable” Side A coverage is very important. “Non-rescindable” Side A coverage means what it says. Even in cases where a carrier may challenge as false statements made by a potentially complicit CEO or CFO in the company’s insurance application for D&O coverage (attaching to such application, for example, financial statements that later need to be restated), non-rescindable Side A coverage generally cannot be rescinded for any reason, which should allow the directors and officers to sleep better at night. Directors and officers should know that non-rescindable Side A coverage is generally standard in today’s D&O marketplace, and thus primary policies that do not have such coverage should be immediately updated.

What is Side A Excess Difference in Conditions Coverage (and Why Is It So Important)?

As noted above, having non-rescindable Side A D&O coverage is critically important. Having “Side A Excess Difference in Conditions” D&O coverage can be even more important. Why? This coverage reacts in two different, wonderful ways to protect directors and senior management.

First, it acts as “excess” Side A D&O insurance, meaning, in English, that it sits above the company’s traditional tower of insurance and will pay Side A non-indemnifiable claims when the traditional tower is exhausted by either traditional indemnifiable claims or non-indemnifiable claims. For example, a company may have $50 million in traditional D&O coverage and $25 million of Side A excess difference on conditions coverage, where $45 million of that insurance has already been exhausted by the settlement of a simultaneously commenced securities class action and SEC investigation. In such a case, the directors and officers would still have $30 million of Side A insurance to deal with, for example, the settlement of shareholder derivative action.

Second, most Side A excess difference in conditions D&O insurance has something called a “drop down” feature, meaning that if, for example, an underlying excess carrier refused to pay its limit of insurance for some coverage-related reason, the Side A excess difference in condition carrier might have the contractual obligation to “drop down” and fill that layer. Thus, it is a critically important feature that potentially will help fill potential gaps in coverage. Also, note that most Side A excess difference in conditions policies have very few exclusions (e.g., most do not have an insured versus insured exclusion), so they can be particularly helpful to directors and officers.

See also: COVID-19: Moral Imperative for the Insurance Industry  

Does My Corporation Have Enough Side A Coverage?

In the olden days of D&O (meaning 10 years ago), it was pretty rare to have a large Side A tower of insurance. Companies may have had a large primary tower of insurance, but Side A towers over $100 million were a rarity.

Since the settlement of several large financial crisis cases, we have seen a steady rise in the settlement values of shareholder derivative actions. However, in the last three years alone, the value of these cases has skyrocketed in nine-figure territory on a regular basis. Why? Reasons vary from severity, to regulatory fines and penalties, to the opioid crisis to enormous cybersecurity breaches. One of the major factors in all tends to be a really bad event that caused both a stock-price plunge, along with a large fine or penalty. The resulting litigation is called event-driven.

Event-driven litigation puts pressure on the primary tower of insurance, which quickly gets exhausted, and puts an equal amount of pressure on the Side A tower, which will need to respond to the shareholder derivative action. We would strongly recommend that companies entering troubled water re-evaluate their Side A coverage before the bad event happens. Afterward, it may be way too late.

What is the Priority of Payments Clause, and Why Is It Important?

A priority of payments clause specifies how a carrier should handle competing claims on a policy’s proceeds. For example, most such clauses (some carriers call them “order of payments” clauses) specify that Side A claims get paid first, and then traditional Side B company reimbursement and indemnity claims get paid. Obviously, this approach is tremendously important to directors and officers who may need to defend themselves in securities class actions or bankruptcy-related or inspired litigation.

Some priority of payments clauses give the right to the company or a company officer (like a CEO or CFO) to “withhold” or “delay” payments made under Side B of a D&O policy until those payments are properly designated by the appropriate party. This type of discretion is potentially not a good thing. Why? Giving such potential discretion to the company or a company officer to withhold or direct payments under Side B of a D&O policy might be creatively viewed by some as giving the debtor in bankruptcy “a say” or “control” over the proceeds of the D&O policy. That situation could be used by a creditor or other bankruptcy constituency to control or delay payments to the directors and officers under Side A of the policy, again potentially leaving them without resources to pay their counsel. Varriers are very able to make policy reimbursement calls in bankruptcy settings, and the order of payments under a D&O policy should be left to them, not others.  

Making a Better D&O “Mousetrap”

Admittedly, some of the above items are a bit difficult to understand conceptually for the non-insurance professional, and, admittedly, directors and officers often have more pressing issues to deal with when trying to help their companies navigate through troubled waters. But, as we have seen time and time again in our practice, very often D&O insurance becomes the lifeline for directors and officers when companies face trouble.

How can a director or officer stay on top of these issues in the most efficient manner possible? Here are a few suggestions:

1. Ask the right questions to the right people, like the company’s risk manager, CFO or general counsel, as to what is covered and what is not, and ask about the above limits of liability issues to make sure you are comfortable that at least these points are properly covered. Again, common sense often prevails here, and, if a director or officer does not like the answers he or she is getting, then corrective action should be demanded before it is too late to act.
2. Make D&O insurance issues a board topic at least twice a year so that board members can stay abreast of coverage developments, options and modifications.
3. Make sure management sends out the company’s D&O program and tower of insurance at least once a year for a “tune-up.” In this area, coverage options often change, and better coverage can often be obtained so long as the right diagnosis is made by qualified persons such as an experienced D&O broker or, sometimes, experienced outside counsel.

My dad often said he'd rather be lucky than good. Now that it's becoming clear that the coronavirus shutdown will cause a longer and deeper economic slump than many initially thought and will likely lead to permanent, structural change in the economy, it seems to me that those are the two options for insurance companies: You can be lucky, or you can be good. (Or, like my dear old dad was, you can be both.)

To me, lucky looks like Michael Dell at the dawn of the internet age. I know that the official origin story is that he was simply too good: He supposedly saw, in the 1980s, the opportunity for a hyperefficient personal computer business that was based on direct sales and manufacturing only after receiving payment from buyers. This, even though every major manufacturer was producing millions of machines on spec and selling through stores. But the real story is rather different.

I know because I interviewed him in 1986, when as a 21-year-old he had already built an impressive mail order business around his PC's Limited computers and desperately wanted to break into mass-market retail outlets alongside the three major brands (IBM, Compaq and HP). If he had succeeded, you might never have heard of him. He would have been entangled in the same inefficiencies that crushed the IBM brand and bedeviled the other two. Instead, when the internet came along in the mid-1990s, he had the best brand not tied to the retail channel, and he quickly turned his mail-order model into a business that dominated online.

So, kudos to Dell. He built a strong company from the get-go and capitalized on his opportunity in a huge way. But the positioning for the internet occurred because of no particular strategic insight. He was lucky.

Lucky is lovely. No need to apologize for luck. You just need to exploit the luck the way Dell did.

In the insurance world, the lucky ones include those companies that were already well on their way to digitizing when the coronavirus shut the world down. Because the economy may open only in fits and starts until a vaccine arrives in 2021 (let's hope), highly digital companies have some time to exploit their advantages in selling, in providing customer service, in processing claims, etc. Those that have updated core systems should be more agile than those that haven't. (It pains me to see states having to advertise for programmers who can use Cobol or even Fortran and can update systems, such as for unemployment insurance, that have been largely untouched since the 1960s and 1970s; some states need people who can program in machine language, to update systems written in the 1950s.)

Companies that sell usage-based insurance (UBI) also have a leg up because premiums are ratcheting down precisely and automatically; while many other insurers are (I'm happy to see) rebating premiums to customers, they have to make those determinations at a macro level and can't serve customers as well as the UBI companies are.

Health insurers will be lucky at least in the short run. While costs for treating coronavirus will obviously soar, governments will cover many of those expenses. In the meantime, people who would otherwise seek treatment, schedule elective surgeries, etc. are staying away from hospitals, sharply reducing claims for insurers.

And so on. If you're lucky, you surely know that by now and can be trying to figure out ways to entrench your advantage, as Dell did.

But what if you have to be good?

I've already written about some ways you can be rethinking your business to prepare for the world that comes after COVID-19: reimagining risk management services; exploring "reverse innovation"; and using the economic shutdown as a "natural experiment." An earlier piece on how to rethink an industry once it becomes digital also seems relevant, given how the virus is accelerating the transition for insurance.

But "good" insurers will go well beyond internal issues and start exploring scenarios for clients, whose worlds are being turned upside-down, too, and whose insurance needs will change as a result.

Health insurance, for instance, could change drastically. About half of Americans get their health insurance through jobs, and 22 million have lost those jobs just in the past few weeks. Might there be new pressure to separate health insurance from employment — a connection that prevails only in the U.S.? Some suggest that healthcare providers will want to switch away from a fee-for-service model, given that the coronavirus has scared so many people away from seeking any service that would get them near those who are possibly infected and that they don't absolutely need.

I'm not convinced that health insurers will change much — the immediate problems will be that they will generate such huge profits, in the absence of claims, that they'll have to dampen public outcry and will have to return premiums because of Obamacare's limits on their profit margins. But the health insurers need to be at least considering how the medical system may change, and lots of other types of insurers will surely find their customers in new environments.

If many of us continue to work from home, what does that do to commercial office space? Will people be healthier if they stay home, or will we all add what a friend calls "the COVID-19 19" pounds? If workdays are staggered to limit the times employees interact with each other, how does that change the risks in workers' comp? If supply chains are realigned to reduce reliance on other countries, and certain types of manufacturing resume in the U.S., what does that do? But what if most of the "workers" are robots? What happens to the living situation for retirees, as long as retirement/nursing homes have turned out to be Petri dishes for infections?

Those questions are just the start, of course. You can ask similar questions about transportation, our food supply, education and a host of other areas. The point is that lots of what we've taken for granted is now up for grabs.

While it may be many months, or even years, before we start to settle into a new normal, it's not too soon to start exploring with clients how their worlds are changing, so you can serve their new needs as well as you've served their old ones to date. Even if you haven't been lucky, there's still time to be good.

Stay safe.

Paul Carroll

Editor-in-Chief

P.S. How was my dad both lucky and good? Glad you asked. Among many other things, he got a job taking sports scores over the phone for the Des Moines Register as a 16-year-old in 1943 because all the older boys were already in the military. That credential with a metropolitan daily, slim as it was, tipped the balance in his favor when he later ran for election as editor of the paper at the University of Iowa. That, in turn, helped him launch a career in journalism, where talent kicked in and he worked his way up to a reporting job at the New York Herald Tribune and then had a 30-year career as the chief spokesman for Westinghouse.

Oh, and he met my mom on a blind date, arranged by a friend of my dad's who happened to meet her on a plane.

Over the past several weeks, there have been numerous aerial photos of some of the nation’s largest highway systems – devoid of vehicles. The sight of tens of miles of ramps, junctions and straightaways with no visible cars is startling, almost a made-for-Hollywood view. But COVID-19 has taken a huge percentage of people out of their vehicles, leaving their cars idle in driveways and garages. Given that vehicle usage is a fundamental and historical rating factor – a predictor of accident frequency – one could conjecture that telematics might be heading toward a new and shining position within the industry.

There are several points for insurers to consider.

• A huge percentage of businesses that have never had a home-based workforce have been compelled to have one due to stay-at-home advisories. Published interviews indicate that company executives across all industries believe the experience with COVID-19 will change the nature of work even faster than anticipated. More workers will be home-based either permanently or part-time. Will a greater percentage of consumers see the value of usage-based, telematics-driven insurance, given that their vehicles will be idle for greater periods? Insurers need to be prepared for this outcome.
• Insurers that have yet to commit to telematics programs may well be feeling the strain of not doing so. Many of the largest auto insurers have announced they will refund portions of automobile premiums due to the precipitous decline in miles driven. In particular, Allstate knows, through its telematics programs, that driving has declined by 35% to 50% in terms of miles. This makes the company's refund program much more fact-based. Clearly, there is significant customer goodwill value in making refunds voluntarily. But what if regulators require insurers to do this across the board? Without telematics data, determining refunds is much more of a guess. And no insurer likes guessing. For the long term, telematics data can facilitate a smooth communication process between insurers and regulators on a number of levels, and this is a good thing.
• From a claims perspective, adjusting losses in a time where staying home is the norm is a huge challenge. There are a number of technologies that insurers are using to compensate, most prominently DIY photo-estimating. In some cases, insurers are rolling out technologies that were in limited tests to cover the gap in face-to-face adjusting practices. However, sophisticated telematics devices can detect crash damage and relay crash information automatically, eliminating the DIY step and improving accuracy. While there is a fervent hope that we never again have to self-quarantine due to a pandemic, there is significant value in getting sensor-based, telematics crash information directly from point of impact.

See also: 10 Moments of Truth From COVID-19  

To date, telematics adoption has settled in as a segment. Projections that telematics would be the dominant base for all auto programs have not materialized. There are many reasons, but maybe the COVID-19 pandemic will be the impetus that consumers and insurers need to up adoption rates. In the not-too-distant future, the highways will again fill up with more than medical professionals, first responders and retail workers. Why waste the opportunity to use actual data to improve insurance outcomes? Telematics can make the connections!

The nation’s immediate strategy to support businesses affected by the COVID-19 pandemic has now formed around a portfolio of emergency federal loan and grant programs authorized by the Coronavirus Aid, Relief, and Economic Security (CARES) Act. As these programs become operational, policymakers are turning their attention to the risk of future pandemics.

When confronting the “new” risk of terrorism nearly two decades ago, policymakers forged the Terrorism Risk Insurance Act (TRIA) as a public-private partnership with shared financial responsibility for terrorism losses but heavily relying on the commercial property and casualty insurance industry’s product design, operational and claims administration capabilities.

Naturally, TRIA has emerged as a leading model for a future pandemic program – generally referred to as the Pandemic Risk Insurance Act (PRIA). While a reasonable starting point, TRIA is far from an off-the-shelf catastrophe risk program.

Congress designed TRIA to progressively recede from the terrorism insurance marketplace until expiring three years later. This temporary program is now in its fourth extension, guaranteeing a total program life of at least 25 years. Not a single dollar has been paid out from the federal backstop -- owing more to the success of the U.S. law enforcement, defense and intelligence communities than to any beneficial feature of the program itself. While TRIA may offer the reassurance of longevity, this model remains (thankfully) wholly untested, such that any underlying design flaws only become visible on careful inspection.

We can test the efficacy of PRIA by answering three questions related to our current experience with the loan and grant programs authorized by the CARES Act:

• Which businesses should be entitled to claim benefits under the program?
• What benefits should be available?
• Who has the infrastructural capabilities to deliver the necessary benefits?

Eligible Businesses

CARES Act loan or grant programs are available to nearly all businesses that meet the size requirements. An otherwise eligible business must certify merely a general need for financial relief as a result of the pandemic such as that “[c]urrent economic uncertainty makes this loan request necessary to support the ongoing operations of the applicant.”

PRIA would reach far fewer businesses. Under that program, insurers must first offer a policy of commercial property insurance without a virus or pandemic exclusion. No business is required by law to purchase it. In fact, under TRIA, only half of all businesses pay a premium for the removal of the terrorism exclusion. According to data released by the U.S. Treasury, 29% are informed that there is no additional charge for removal of the terrorism exclusion and the rest simply opt not to pay the average 2.5% additional premium.

We do not know how much insurers would charge to remove a virus or pandemic exclusion as required by PRIA. However, it is likely to be much more than the current charge to remove terrorism exclusions. As a rough benchmark, it takes the insurance industry about 10 years to charge enough terrorism premium to equal the amount of commercial property insurance losses from Sept. 11. It would take 125 years to collect enough premium just to equal the initial round of funding for the CARES Act’s Paycheck Protection Program.

See also: Rethinking Risk Management in a COVID-19 World  

Take-up rates for policies without virus or pandemic exclusions under PRIA will certainly be somewhere far less than 100%. Even if three-quarters of policyholders pay for the removal of the exclusion, many U.S. businesses would be left with no economic support in the event of another pandemic. If the cost of coverage is more than a couple of percent of total policy premium, take-up rates would be even lower, leaving vast amounts of the U.S. economy “willingly” exposed.   

Covered Losses

CARES Act programs are largely aimed at encouraging businesses to keep employees on the payroll. For example, Payroll Protection Program loans can only be used to cover expenses for payroll, rent, mortgage interest and utilities. If at least 75% of the loan proceeds are spent on payroll (subject to caps on high earners) during the first eight weeks, the entire loan is forgiven.

Business income coverage under a standard commercial property insurance policy also covers the expense of continued payroll, rent and utilities. However, insurance also covers the profits a business would have made and the full amount of salaries, including those paid to high-earning executives. While those benefits are more generous while they last, Civil Authority Coverage typically only extends to the first four weeks of a government-ordered shutdown (half the time period of the Paycheck Protection Program).

Of course, not every policyholder purchases a typical policy. Under TRIA (and therefore our hypothetical PRIA), captive insurance companies are full-fledged participants in the program. A captive is an insurance company set up and owned by its policyholder, typically a large corporation. Hundreds of large corporations (including the New York Times, Credit Suisse and the New York Stock Exchange) have established captives, allowing access to TRIA on far more favorable terms than those available via the traditional insurance market. For example, while small businesses are effectively shut out of property insurance coverage for terrorist attacks using nuclear or radiological weapons, a large corporation can negotiate with its insurance subsidiary for hundreds of millions or even billions of dollars of such protection, with 80% of the losses picked up by the federal backstop.

Large corporations would surely deploy these same strategies to maximize the value of PRIA. While a small business may be lucky to afford the standard four weeks of Civil Authority Coverage, a big business could ask its captive to provide coverage for 40 weeks or even 400. Certainly, the captive would not impose on its corporate parent restrictions on share buybacks, dividends or executive bonuses such as those demanded by the CARES Act’s Main Street Lending Program. 

Claims Administration Capacity

TRIA contemplates that insurance companies possess the claims administration capacity to manage up to $100 billion of shared industry and federal losses. Hurricane Katrina was the largest property insurance event in U.S. industry’s history, resulting in about half that amount in paid claims.

Under the CARES Act, U.S. lenders have been called on to administer $349 billion in loans through the Paycheck Protection Program and a further $600 billion through the Main Street Loan Facilities. Just the initial funding of the Paycheck Protection Program is the equivalent of insurance companies facing down claims from Hurricanes Katrina, Maria, Irma, Andrew, Harvey, Ike and Wilma, Sept. 11 and the Northridge earthquake all at the same time, together with 10 years of National Flood Insurance Program and National Crop Insurance Program claims. The insurance industry is simply not designed to operate at that scale.

See also: 10 Moments of Truth From COVID-19  

A Path Forward

While there are other “glitches” in the Terrorism Risk Insurance Act that should give us pause before expanding the model to include pandemics, the three points explored here should be enough to warrant a thoughtful debate about the objectives of any proposed pandemic risk management program and how best to implement it.  

For example, we may find insurance companies can make available policies without virus or pandemic exclusions, but small businesses are unwilling to bear the consequent cost. A program with low take-up rates is worse than no program at all. Today, we can extend loans and grants to businesses that did not have the choice whether to buy insurance coverage. Once we have PRIA, we cannot. 

Similarly, we may find the business income loss benefits made available to small businesses are modest and difficult to trigger compared with loan forgiveness under the Paycheck Protection Program. Meanwhile, large corporations can use their captive insurance companies to engineer bailouts that make the terms of the airlines’ $25 billion Payroll Support Program look stingy.

Finally, we may conclude business income coverages in standard commercial property insurance policies are too complex to quickly administer during a pandemic. We may also come to believe insurance companies should invest more heavily into maintaining robust catastrophe claims management capabilities.

If we do not get to the bottom of these challenges before committing to a new pandemic program, we will surely struggle with them when we most desperately need the program to work.