6 Marine Services Risks
Top Five Uninsurable Risks
Whether it’s a Sriracha hot sauce maker being threatened with closure by city council or General Motors fighting for its reputation after recalling more cars than it made in the past three years, companies face a world of complex risks.
And some of those risks cannot be transferred via insurance products.
How well are companies protected, for example, when new regulations get passed — such as the EPA’s proposed restrictions on coal burning plants that may drive some in the energy industry out of business, or the current political drumbeat against tax inversion practices?
What insurance covers a company whose rogue employee sells trade secrets to an outside company? How about when a pandemic shuts down operations?
Risk managers identify their organizational exposures as best they can and then work to manage or eliminate those risks. Sometimes, commercial insurance can be used to remove the bulk of that risk, but we’ve isolated five risks which many experts believe are uninsurable in many respects: For the time being anyway.
“For the most part, the insurance industry rises to the occasion and creates products for emerging risks that evolve over time,” said Carol Laufer, executive vice president, ACE Excess Casualty.
“For insureds, the purchase of products such as employment practices and cyber insurance eventually evolves from a discretionary spend to standard insurance coverage,” she said.
For sure there are other challenging risks — such as weak economic conditions or skilled talent shortages — that also are uninsurable, but we have selected those for which risk managers are able to play an effective role in mitigating the risk.
Part of the problem in transferring such risks is the complexity involved in the exposures. Look at tax inversion — where a U.S. company merges with a foreign company to change their tax jurisdiction and lower their tax burden.
Is that a political risk? A regulatory risk? A reputational risk? It could be any one of them, or all three of them.
“I think it’s almost uncountable the ways that a loss could occur where that loss could be tied back to reputational risk or regulatory risk,” said David White, a national actuarial leader at KPMG.
At the same time, calling a risk uninsurable has nuances to it. Coverage for criminal fines and penalties, for example, are truly uninsurable. The law forbids such coverage, said Patrick Donnelly, chief broking officer, Aon Risk Solutions.
But for other types of risks, there may be various products offered by brokers and underwriters to address some, but not all of the specific exposures faced by a company, he said. Such coverage, however, may be rare or expensive, or corporations may find risk transfer to be an ineffective way of hedging the risk.
“I’m very careful about branding something as truly uninsurable,” Donnelly said.
“It’s not black and white.”
General Motors might be the quintessential example of a company undergoing a reputational hit. It recalled nearly 30 million cars, and faces numerous lawsuits and investigations related to a delayed recall of 2.6 million cars — some manufactured more than a decade ago — with a faulty ignition switch that has been linked to 13 deaths and more than 50 accidents.
Video: As this report from the New York Times indicates, automakers have a long history of trying to maintain their reputations in the face of major recalls.
But every day brings another contender for the throne. One day, it’s American Apparel’s founder being suspended, and possibly eventually fired, for alleged sexual misconduct. Another day, it’s a viral video of a Comcast customer service representative who refuses to let a customer cancel his account.
Or it could be yet another cyber theft of customer information or a celebrity spokesman tweeting out an offensive comment.
While there are insurance products that provide coverage for crisis management/public relations costs and product recall expenses, only a limited market exists for loss of income or net profit for reputational harm, said Emily Freeman, global technology and privacy practice specialist at Lockton.
“You need to be able to wrap your arms around the risk and the value of risk before you can insure it,” said Tom Srail, senior vice president, Willis. “What a company name is worth has long been a risk to the industry.”
Freeman said Lockton has been involved in creating customized solutions for large clients that address specific threats of reputational harm. The client and underwriter negotiate the period of indemnity and loss adjustment, she said.
“The perils are not on an ‘all risk’ basis, but rather categories listed that are relevant to the client, such as disgrace of key persons or breach of sensitive data,” Freeman said.
“In my mind,” said KPMG’s White, “you can’t find policies that cover all types of reputational risk from whatever event that occurred.”
When you think of regulatory risk, many risk managers keep an eye on the rules of the Health Information Portability and Accountability Act (HIPAA), the Dodd-Frank Act or a regulatory agency such as the Food & Drug Administration.
But the threat of regulation is immense and often unpredictable. In just one year, 2012, there were 17,763 changes to laws, rules and regulations affecting the banking and financial sectors alone, according to The Network, a training and compliance company.
“From a risk management or risk mitigation perspective, you can’t really predict regulations. You can prepare for them, but you can’t predict them or price them.” — David White, national actuarial leader, KPMG
Plus, risks can emanate from all sectors of government. One recent example is Huy Fong Foods, the manufacturer of Sriracha hot sauce, which was temporarily shut down by a judge following a lawsuit by the city council of Irwindale, Calif., after four families (one of which was related to a city councilman) complained about odors.
Eventually, the city dropped its lawsuit and its declaration that the factory was a “public nuisance,” but it took months for the situation to resolve itself.
“From a risk management or risk mitigation perspective, you can’t really predict regulations. You can prepare for them, but you can’t predict them or price them,” White said. “Regulatory risk is handled through risk mitigation, not risk transfer.”
“Even in the United States,” Srail said, “a government or state can put an industry or a company, if they want to, out of business or severely restrict their ability to operate.”
Certainly, the energy industry has been facing that threat since 2008 when President Obama noted that coal-powered plants can still be built, but at a steep regulatory cost.
“It’s just that it will bankrupt them because they are going to be charged a huge sum for all that greenhouse gas that’s being emitted,” Obama said.
While a final rule has not yet been issued by the Environmental Protection Agency, the president has recently called on it to enact new emissions regulations. The U.S. Chamber of Commerce estimated the regulations will cost the economy about $50 billion annually.
“There are some creative products underwriters have tried over the years … but there is definitely nothing off the shelf or run of the mill,” Srail said of regulatory risk.
“There’s nothing easy to do.”
Trade Secret Risk
“I find trade secrets to be one of the most dangerous areas,” said attorney Rudy Telscher, a partner at Harness Dickey & Pierce, who recently won a patent infringement case at the U.S. Supreme Court.
“There are no boundaries. It’s such a nebulous area.”
It can include anything from a disgruntled employee taking customer lists or R&D information to his next job, a foreign government stealing trade secrets or a hacker burrowing into a computer system to steal a company’s version of its special sauce.
Globalization and the expanded use of supply chain partners increase the potential exposure. Plus, even when a company is able to pursue trade secret litigation, courts consider whether reasonable precautions had been taken to secure the proprietary information.
“The violation,” said Bob Fletcher, president, Intellectual Property Insurance Services Corp., which offers insurance to litigate intellectual property cases, “is not the use [of a trade secret]. The violation is, ‘How did you get the information?’ ”
In any event, said Aon’s Donnelly, “an organization would have a very difficult time obtaining an insurance policy that adequately protects them against the theft or wrongful disclosure of their trade secrets and the potential damage that could do to the company if that trade secret got out.”
More common than industrial espionage, however, are the run-of-the-mill business discussions that revolve around synergies and potential partnerships between enterprises. Often, the nondisclosure agreements (NDAs) covering such discussions are not specific enough to protect the parties, Telscher said.
It is the party receiving the information that is most at risk, he said. If the discussions dissolve, that party may find itself accused of acting upon trade secrets because the NDA did not specify the information that was to be disclosed and held confidential.
“The more information you receive, the greater the risk there will be a lawsuit if you don’t end up doing a deal and you move forward on your own,” Telscher said.
In this era of globalization, companies establish operations all over the world, and the world is not a stable place.
Upheaval — or the increasing threat of it — is prevalent on just about every continent of the globe. Certainly, the possibilities in the Middle East, Eastern Europe, Asia and Latin America are concerning to risk managers.
While political violence and trade credit coverage is available in the majority of cases, companies continue to face uninsurable exposures.
“It’s definitely tricky,” said Mark Garbowski, a shareholder at Anderson Kill.
“Based on the policies I have seen, there will always be some aspects of it that will be fully outside the scope of what can be covered.”
And only “a minority” of companies actually buy the cover, said John Hegeman, AIG senior vice president, specialty lines-political risk.
“I think the principal reason is most risk managers view it as a self-insured business risk,” he said.
“Pretty much anything an insured thinks is really essential to their operations can be covered, but you have to identify it and understand what it is.”
Often, said Richard Maxwell, chief underwriting officer and global head of political risk and trade credit insurance for XL Group, corporations wait too long in the face of deteriorating conditions and insurers will not accept the risk.
“Buy the cover before the barn is on fire,” he said.
Generally, policies cover a host of risks, including government expropriation of an asset, destruction of an asset due to war or political violence, credit default of trade receivables, and when foreign governments block transfer and convertibility of currency.
Some countries, such as Iran, Iraq, Afghanistan and the like, are not insurable, said Jochen Duemler, CEO and head of Euler Hermes Americas Region, which offers risk coverage in nearly 200 countries.
Argentina is a recurring problem, and as for Venezuela, it’s not uninsurable, he said, “but we would say we pretty much have no exposure there and are very, very reluctant” to offer coverage.
Overall, policies exclude losses that occur when currency is devalued, losses that occur as a result of a nuclear incident and non-payment of premium, or any losses to suppliers or partners as a result of political violence, except for trade receivables.
Policies also require insureds to make certain warranties and representations that are included in the insurance contract.
Policy disputes can arise when property is expropriated or licenses are cancelled due to what a foreign government says are reasonable or legally justified regulatory actions, according to an article on political risk coverage by Robert C. Leventhal, an attorney with Foley and Lardner.
Another area of dispute emerges when assets are jeopardized by “creeping expropriations,” such as a series of actions by the government as opposed to a single act, he said.
Many risk managers aren’t too worried about the Ebola pandemic in West Africa that has already killed more than 900 people. And they probably aren’t all that worried — if they even know — about the four cases of pneumonic plague in Colorado that are life-threatening.
But who among them can forget the H1N1 pandemic influenza virus known as the swine flu, that in 2009 killed more than 250,000 people worldwide, including more than 3,600 in North America.
At one point, the U.S. Centers for Disease Control and Prevention estimated that as many as two in five workers might become infected or have to stay home to care for an ill family member.
Video: Researchers at the Massachusetts Institute of Technology studied the role airports play in spreading disease and pandemics, according to this report by Voice of America.
A pandemic flu is something all risk managers should worry about. And there’s no coverage for it.
“A pandemic is a very difficult exposure to insure in any meaningful way. You can do some work around it, but it’s a very, very difficult risk to insure and no one really insures it,” said John McLaughlin, managing director of the higher education practice at Arthur J. Gallagher & Co.
For schools or universities, his specialty, there may be some loss of tuition coverage available, but “it’s not very cost effective.”
For business, supply-chain insurance may offer some protection, but that coverage still has a limited take-up.
Companies may also be able to craft special wording for property or D&O policies, he said.
“You never say never. There’s always some solution that you can work up,” he said.
But, McLaughlin said, a healthier perspective for a risk manager is to analyze how the risk would impact the organization and to devise solutions that are not insurance-related.
11 Critical Risks Facing the Healthcare Industry
From pandemics to violence in hospitals, alarm fatigue to healthcare-acquired infections, healthcare organizations will be put to the test in the coming months and years.
Added pressure from new regulatory requirements under the Affordable Care Act makes the future even more challenging.
When you factor in the daily demands healthcare organizations face in their quest to provide quality patient care, it’s clear that there are many hurdles that can disrupt facility operations and put employee and patient safety at risk.
”Today’s healthcare landscape is arguably the most difficult ever,” said Diane Doherty, Vice President, ACE Medical Risk Group. “If not managed properly, these critical issues can cause other unwanted outcomes such as an increase in medical malpractice and workers’ comp claims, government fines and penalties, and may negatively impact the organization’s brand and reputation.”
The following are some of the top critical issues facing hospital leadership.
1) Cyber Risk
The healthcare industry’s move to electronic healthcare records has created new patient privacy exposures as records are more easily accessed by consultants, vendors and other third parties for efficient operation, and targeted by cyber criminals. Additionally, healthcare organizations face exposure to cyber risks that could have significant impacts on their operations, including shutting down critical, health-related systems.
Data breaches and network disruptions can jeopardize an organization’s financial stability, security and reputation. Standard general liability policies often do not adequately cover perils associated with cyber and technology related exposures. Cyber liability insurance can address coverage gaps while also enabling companies to transfer risks associated with cyber, such as patient privacy and notification, crisis management, and forensic analysis expenses as well as certain regulatory fines, indemnity payments and legal costs.
“Cyber hacks and data breaches are a major issue facing the healthcare industry today,” said Renee Carino, Vice President and Chief Underwriting Officer, ACE Medical Risk Group. “It’s important now more than ever, that healthcare organizations work closely with their insurance carrier to assess this exposure and develop effective risk management strategies and ensure the proper coverage is in place.”
”Today’s healthcare landscape is arguably the most difficult ever. If not managed properly, these critical issues can cause other unwanted outcomes such as an increase in medical malpractice … and may negatively impact the organization’s brand and reputation.”
— Diane Doherty, Vice President, ACE Medical Risk Group
2) Healthcare Infections
Healthcare-acquired infections (HAIs) cost the U.S. healthcare system billions of dollars each year and lead to the loss of tens of thousands of lives. At any given time, about 1 in 25 hospital patients has at least one such infection, according to the Centers for Disease Control and Prevention. Healthcare-acquired infections also come with a financial price, costing up to $9.8 billion a year, according to research published in 2013 in JAMA Internal Medicine.
Among many solutions, healthcare organizations should ensure all sanitation systems are up to date, operational and ensure that staff understands how to properly use the systems to keep patients safe. They also should continue to remind staff and visitors about basic infection control techniques.
“Basic infection control techniques should be at the forefront of the risk management process,” said Doherty. “For example, it’s critical that medical personnel must wash their hands with antiseptic soap and water every time they treat patients to help reduce the spread of infections.”
Advances in technology, the current physician shortage and the dramatic increase in the number of patients seeking care under the Affordable Care Act have led a growing number of healthcare facilities to expand their use of telemedicine to deliver services to patients in hospitals as well as in remote locations. Over half of all U.S. hospitals now use some form of telemedicine to treat patients.
Telemedicine may also result in allegations of negligence if healthcare providers do not have the proper training, experience and credentials. Currently, there is no federal standard of clinical guidelines for telemedicine.
In developing strategies to mitigate this risk, a few key processes and areas that should be examined include credentialing and peer review, medical staff by-laws and of course, CMS guidelines.
“It’s important now more than ever, that healthcare organizations work closely with their insurance carrier to assess this exposure and develop effective risk management strategies and ensure the proper coverage is in place.”
— Renee Carino, Vice President and Chief Underwriting Officer, ACE Medical Risk Group
4) Violent Incidents in Hospitals
Hospitals may be places of healing, but they also have become the scene of an increasing number of violent incidents. Such incidents not only put patients at risk but also medical professionals, who are often the targets of attacks, harassment, intimidation and other disruptive behavior.
The incidence rate for violence and other injuries in the healthcare and social assistance sector in 2012 was over three times greater than the rate for all private industries. The Joint Commission, meanwhile, reports increasing rates of assault, rape and homicide in healthcare facilities. Perpetrators can include patients, family members, visitors and vendors as well as current and former healthcare employees.
Hospitals and healthcare organizations should enact a zero-tolerance policy, one that states that no form of violence — physical, verbal or psychological — will be tolerated, and that all offenders will be subject to disciplinary action, including termination.
“Healthcare organizations should develop a comprehensive violence prevention program that is specific to their organization and analyzes potential safety hazards and implements strategies to prevent them,” Carino said.
5) Alarm Fatigue
Hospital nurses hear them constantly — the beeps and chirps of alarms on medical devices, such as ventilators, cardiac monitors and pulse oximetry devices. While alarms are designed to draw attention to a potential problem, they can easily be tuned out by overwhelmed medical professionals, who may then fail to respond as they should.
Alarm fatigue is a growing problem for hospitals and the consequences can be fatal. The Joint Commission’s Sentinel Event database includes reports of 98 alarm-related events between January 2009 and June 2012. Of the 98 events, 80 resulted in death, 13 in permanent loss of function and five in unexpected additional care or extended stay. Alarm fatigue was rated a top concern by 19 out of every 20 hospitals in the United States, according to a national survey presented at the annual meeting of the Society for Technology in Anesthesia in 2014.
To reduce the risk of patient harm from alarm fatigue, the Joint Commission, along with the Association for the Advancement of Medical Instrumentation and the ECRI Institute, offered a list of precautions, including ensuring that there is an effective process in place for safe alarm management and response in high-risk areas.
6) Preparedness for Pandemics
7) Healthcare Reform/Physician Integration
8) Disruptive Staff Behavior
9) Environmental Pollutants
10) Emergency Preparedness
11) Obesity Epidemic
Please download the whitepaper, “Critical Risks Facing the Healthcare Industry” to learn more about the additional risks listed above. The paper also provides a deeper perspective on the risks covered in this article as well as additional risk management recommendations.
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with ACE Group. The editorial staff of Risk & Insurance had no role in its preparation.