Tag Archives: Outlook

Outlook for Business Interruption Litigation

The first COVID-19 business interruption claim met defeat in a Michigan courtroom three months ago. Since then, courts throughout the country have wrestled with similar motions to dismiss filed by insurance companies.

As summarized in the attached chart, 11 courts have ordered a dismissal. while four court orders have denied the insurance company’s motion and allowed the policyholder to proceed to the discovery phase.

Summary of COVID-19 Business Interruption Rulings (Sept. 30, 2020) from Jason Schupp

These 15 rulings fall into three general categories.

1. The Policyholder Alleges COVID-19 Did Not Cause Physical Damage

Direct physical loss or damage is a prerequisite to recovery under standard business interruption coverage. Nine courts have dismissed complaints where the policyholder pointed to a state or local government’s lockdown order – not the virus – as the cause of its loss. In all but one of these cases, the policyholder had been trying to avoid the policy’s virus exclusion.
So far, this argument has only worked in a state court in Hackensack, NJ. In Optical Services v. Franklin Mutual, the court saw “an interesting argument … that physical damage occurs where a policyholder loses functionality of their property and by operation of civil authority such as the entry of an executive order results in a change to the property.” While characterizing the argument as a “novel theory of insurance coverage,” the court found the policyholder should be given the opportunity to develop a factual record to support its argument. Certainly not a ringing endorsement of the approach, but a chance to keep moving forward for now.

2. The Policyholder Alleges COVID-19 Caused Physical Damage

A more successful strategy is to allege COVID-19 causes property damage. The same federal judge in Missouri has twice found allegations that “COVID-19 attached itself” to property as sufficient to survive a motion to dismiss. To keep their cases alive, policyholders must still convince a judge or jury that COVID-19 really did attach to property and that the resulting damage caused a suspension of business operations. Significantly, the policies in both cases did not contain a virus exclusion.

See also: COVID-19: Implications for Business Models

3. The Policyholder Attacks the Virus Exclusion

Three cases have taken the virus exclusion head-on — two have lost. Federal judges in Florida and California both found the policy’s virus exclusion clearly applies to bar the claim. Another federal judge in Florida was not so sure.

In Urogynecology Specialists v. Sentinel Ins., the court seemed uncomfortable with a virus exclusion applying to “fungi, wet rot, dry rot, bacteria or virus.” Specifically, “COVID-19 … does not logically align with the grouping of the virus exclusion with other pollutants.” Accordingly, the policyholder has been permitted to proceed into the discovery phase. Two days earlier, the California court in Franklin EWC v. Hartford found this same language to be plain and unambiguous.

Importantly, the other Florida finding that the virus exclusion is unambiguous looked at a different formulation of wording. In Martinez v. Allied Insurance, the court considered an exclusion applying to “”[a]ny virus, bacterium or other microorganism that induces or is capable of inducing physical distress, illness or disease.”

So, what do we know about COVID-19 business interruption claims?

  • The most reliable formula to survive a motion to dismiss seems to be a policy unencumbered by a virus exclusion coupled with an allegation that COVID-19 itself caused property damage. The hard work follows as the insurer and policyholder litigate the science of the virus and the precise reason the business shut down.
  • Prospects to survive a motion to dismiss appear far less promising if the policy contains a virus exclusion. Two doors have recently cracked open just a sliver. First, the policyholder can launch a frontal assault on the virus exclusion as unclear or ambiguous. The argument almost always fails – decisively – but some wording variations may lead a judge to at least pause. Second, the policyholder can point to the lockdown order (not the virus) as the cause of “property damage.” This tactic draws attention away from the virus exclusion but invariably runs into a wall of deep judicial skepticism — except when it doesn’t.
  • More than 1,000 COVID-19 business interruption lawsuits remain pending in court throughout the U.S. At this point, no court of appeals has yet to touch a COVID-19 business interruption case. While we can start to see some edges of the litigation landscape, we are a long, long way from having a clear picture of how COVID-19 business interruption claims will ultimately resolve.

Focus Areas for Insurers in 2019

No or slow growth in revenues. Intense profit pressures. Constant flux from technology advancements and rising customer expectations. That’s what insurers have experienced in the recent past. Without bold action now, they risk seeing more of the same in 2019 and beyond.

Yet a lot is possible for insurance — better ways of working, a clearer sense of purpose, more effective use of emerging technologies and ecosystems as well as our industry’s unique ability to promote financial wellness, provide protection and enable insurance customers to better manage risks.

Here’s where insurance leaders should focus to take advantage of opportunities in 2019:

The Life Market

The Americas life insurance market has remained weak for years, though recent developments look promising. Improved financial markets, an uptick in growth, rising interest rates and aging populations are expected to drive demand for life insurance products.

See also: ‘Organic Insurance’: Back to Basics  

Life insurers should not simply wait for these fundamentals to work in their favor as they have in the past. To make the most of the growth opportunities, they must drive the agenda, develop the long-term resilience and “futurize” the organization. The focus must be on:

  1. Developing comprehensive new value propositions for holistic financial wellness that are aligned to evolving customer expectations and the needs of aging populations across the region
  2. Improving distribution through direct channels and empowered agents
  3. Collaborating with insurtechs, new entrants and other incumbents on ecosystems
  4. Optimizing value chain “basics” to promote sustainability

To achieve these ambitious goals, successful insurers will need to undertake digital transformation. In these transformation journeys, life insurers should seek to optimize the policyholder life cycle by catering to specific needs for specific types of customers, such as overall wellness for aging populations and rewarding experiences for millennials. By meeting these customers’ needs, insurers will enhance their own bottom lines by reducing costs, improving conversion rates and retaining more customers.

Property Casualty

Low, single-digit growth has been the rule in the non-life sector, thanks to a mix of favorable and adverse trends. Improved pricing in motor and health in North America has been largely offset by weak economic growth in Latin America. Of greater concern is falling profitability for the region’s P&C insurers. The causes include higher underwriting losses and weak pricing environment in commercial lines.

To manage through this low-growth, low-profitability conundrum, non-life insurers have focused on innovation and disruption, demonstrating a strong interest in new technological developments including telematics, the Internet of Things (IoT) and blockchain. To demonstrate the value of these investments, insurers must move the needle on business outcomes. The focus must be on:

  1. Driving cost efficiencies to fund continuing investment in digital transformation
  2. Strengthening direct channels to gradually reduce dependency on agents and brokers, particularly in personal and small commercial lines
  3. Preparing for the market entry of tech giants
  4. Exploring insurtech partnerships and acquisitions to leverage relevant capabilities
  5. Accelerating time-to-market to take advantage of new opportunities

With improved economic conditions in the U.S. buoying their growth prospects, P&C carriers must launch multiple change initiatives so that they establish long-term sustainable operating models.

See also: How AI Is Redefining Insurance Industry  

What’s Next

The world’s largest insurance market, like most developed markets, has seen tepid growth in recent years. Life insurance lost favor with U.S. consumers due to low interest rates and heightened competition. P&C insurance has grown at low single-digit rates, fueled largely by auto lines. Health has continued to grow. The commercial sector struggles with a weak pricing environment and persistently low margins. Despite these challenges, insurers can reignite and sustain growth by strengthening the core value propositions and embracing new technology.

See the full report for more.

The New Cyberthreat You Face at Work

The latest greatest swindlers in the cybercrime racket know you’re onto their digital three-card monte, and they’ve made a few adjustments, putting yet another wrinkle in the corporate-hacking game by targeting top-level employees for major profits.

These hackers appear to be based in North America or Western Europe, and they know a great deal about the companies and industries they’ve been cracking. They could be “white-collar hackers” or just good studies of character. It really doesn’t matter. Here’s what counts: They are hatching cyberthreats so nuanced you may not see the hack that takes out your company ’til the smoke clears.

These hackers may have worked for your company, or one like it. They are going to know how your teams communicate. They’ll use the lingo and shorthand that you see every day. Emails may be super simple, like, “I need another pair of eyes on this spreadsheet about [term of art only people in your business would know].” They may know what you are likely to be talking about after certain kinds of industry news releases, and they’ll have a good idea of what times of day get busy for you so that you are more distracted and less likely to think before you click.

“The attacks are becoming much more sophisticated than anything we’ve seen before,” says Jen Weedon, a threat intelligence officer at the Silicon Valley-based cybersecurity firm FireEye.

The New York Times reported about one such group of hackers targeting senior executives at biotech companies with a goal of garnering insider information to game the stock market.

FireEye has been tracking the group, which the company calls Fin4, for a year and a half. (The “Fin” designation is assigned by the company to indicate groups where the main goal is to monetize proprietary information.)

“Fin4 has reached a threshold of capability that sets them apart,” Weedon told me during a phone conversation. “They are very thoughtful about who they target. They go after specific companies and are a lot more scoped in their approach.”

Attacks of this kind may start with the studied e-impersonation of trusted colleagues, business associates or anyone from a constellation of contacts—compliance officers, regulators, legal or financial advisers—with the single purpose of getting someone in a senior position to personally, unwittingly hand over the keys to the castle. Once Fin 4 is in, sensitive—potentially lucrative—information can be accessed and put to use.

“They will send a very convincing phishing email,” Weedon said. “It may prompt a link that looks just like Outlook.” The target enters her credentials to see the attachment, not realizing that she was not in Outlook at all. There may even be a legitimate document on the other side of that fake login page, but it’s a trap. Once the hacker gets into a key person’s inbox, Outlook settings have been reset to send any messages containing the words “hacked” or “malware” directly to the user’s trash folder, thereby giving the cyber-ninja more time in the system to collect information about mergers and acquisitions, compliance issues, press releases, non-public market-moving information—anything that can be used to make a smarter stock market trade.

According to Weedon, the group has been able to infiltrate email accounts at the CEO level.

Once they’ve gained access, the hackers may simply collect everything in the CEO’s inbox or take an attachment found there and plant malware that then spreads throughout the company, thereby exposing still more information. The difference here is that the hack relies on legitimate credentials to gain access, so it’s a much lighter touch with potentially much more information being compromised. If the hackers forgo malware, there aren’t necessarily any traces at all of the compromise.

The “old” way these breaches worked—one still very much practiced by Chinese and Russian groups—involved the use of general information, kinda-sorta knowledge of the target’s business and hit-or-miss English. Because there is often less specificity and more variables in these kinds of softer attacks, the dodge is easier to spot. It’s more likely to find a lower-level employee falling for it. In most cases, these targets don’t have the kind of access to information that can cause major damage. Having gained whatever access is possible through their mark, old-school hackers move laterally into the organization’s environment, whether by recording keystrokes to exploit privileged employee credentials or blasting a hole in the company firewall. They might as well be Bonnie and Clyde robbing a bank. The goal is to siphon off information that can be turned into an easy profit, but the process leaves traces.

What’s so worrisome about Fin4 is that the hackers can come and go—gaining access to everything and anything pertaining to your company—and you may never know it. For the numerous healthcare and biotech companies that they targeted, the only real-life consequence could be an advantageous trade that somehow anticipated the announcement of a new drug, or shorted a stock associated with a failed drug trial.

If you are the target of choice, you will have to be exceptionally well trained by a cutting-edge information security professional and completely tuned in to the subtleties of your workflow to avoid getting got. These fraudsters will have at their fingertips the kinds of information that only an insider should know, and the bait they dangle in front of you will be convincing.

While the art is very different, the basic mechanism is the same. Company-killing compromises require human error. While more common hacks rely on a weakest link that can be exploited, the more hackers evolve, the more we all must evolve with them.