$102 Million Excluded From Coverage
PNC Financial Services Group Inc. agreed in 2010 and 2012 to pay $102 million to settle six class-action lawsuits that claimed the bank manipulated transactions to increase revenues from overdraft charges.
Following the settlements, PNC sought indemnification from its insurers, Houston Casualty Co., which had issued a $25 million liability policy; and Axis Insurance Co., which issued a $25 million excess policy for claims that exceeded $50 million. PNC self-insured the first $25 million.
Both insurers denied coverage, saying the settlement was a refund of overdraft fees and was excluded as they were “fees, commissions or charges for Professional Services paid or payable to an insured.”
After PNC sued the insurers in 2013, the U.S. District Court for the Western District of Pennsylvania concluded that the Professional Services exclusion applied to the $102 million settlement payment, with the exception of about $30 million for attorneys’ fees, which were covered by the policies.
Houston and PNC settled their dispute in 2015.
On May 2, the U.S. 3rd Circuit Court of Appeals ruled that none of the $102 million was covered by the Axis policy. It noted that the settlement agreements explicitly provided that attorneys’ fees were to be paid from the settlement funds — meaning that PNC was not paying the attorneys, the class-action plaintiffs were.
Scorecard: The insurance company did not have to pay a $102 million claim to PNC.
Takeaway: The Professional Services clause unambiguously excluded third-party losses that constituted fees or charges for professional services.
Lack of Prior Consent Voids Claim
A fatal worksite accident in July 2007 delayed work on a construction project, leading general contractor Mortenson to file suit against Stresscon Corp., a subcontracting concrete company, for the interruption.
Stresscon sought indemnification from Travelers Property Casualty Co. of America.
On Dec. 31, 2008, Mortenson and Stresscon entered into a settlement agreement without consulting Travelers. Stresscon still had not informed Travelers of the settlement when it filed suit in March 2009 against the insurer and others for bad faith in unreasonably delaying or denying its claim.
A Colorado district court awarded Stresscon damages, and that judgment was upheld by an appellate court. Both courts ruled against Travelers’ argument that it had no duty of indemnification because the insurance policy stated that the insured could not assume any obligation or expense “without our consent,” known as the “no voluntary payments provision.”
The courts ruled the insured should have the opportunity to demonstrate that the insurance company was not prejudiced by the late notice. The Colorado Supreme Court disagreed.
On April 25, in a 4-3 opinion, it ruled the issue of whether the insurer was prejudiced by the late notice did not overrule the no-voluntary-payments clause, and it ordered the lower court to direct a verdict in favor of Travelers.
Scorecard: Travelers will not need to indemnify Stresscon for payments the contractor made without its consent.
Takeaway: The ruling may convince more insureds to litigate claims when they can’t convince their insurers to settle a claim.
Insurers Don’t Need to Pay $20 Million
In January and February 2009, King Supply Co. sent about 670,000 faxes to about 143,250 recipients advertising its services.
CE Design Ltd. and Paldo Sign and Display Co. were lead plaintiffs in a federal class-action lawsuit against King, alleging violations of the federal Telephone Consumer Protection Act (TCPA) and violations of the Illinois consumer fraud act.
King sought defense and indemnification from its insurers, National Fire Insurance Co., and Valley Forge Insurance Co., which had issued commercial general liability policies covering those timeframes, and Continental Casualty Co., which had issued an umbrella liability policy. All of the insurers were part of CNA Financial (CNA).
King and the plaintiffs eventually settled the lawsuit for $20.2 million. The agreement called for King to pay $200,000 and its insurers to pay the remaining balance of $20 million.
The insurers denied coverage, citing a policy exclusion for material distribution in “violation of statues.”
CE Design and Paldo filed suit in Lake County, Ill., seeking an order that the insurers had a duty to defend and indemnify King. That court dismissed the case, citing the exclusion. The 2nd District Appellate Court of Illinois upheld that decision on May 2.
The appeals court found the exclusions were properly approved by the Texas Department of Insurance, where the policies were issued. It also rejected a claim by CE Design and Paldo that the faxes were not in violation of the TCPA.
Scorecard: The insurance companies do not have to pay $20 million toward the settlement.
Takeaway: Because the insurers could show that regulators had approved of the “violation of statues” exclusion, they were allowed to deny the claim.
Health, Higher Ed Most Vulnerable to Cyber Attacks
As cyber risk management comes of age, more data and better analysis are leading to new realizations. One is that health care and higher education are the most vulnerable sectors, followed closely by financial services.
Another is that the vast majority of security breaches could be forestalled using simple measures, such as ensuring all updates and patches to software are installed and tested.
However, studies are starting to show that cheap, low-tech email attacks remain stubbornly effective despite expensive, high-tech protections.
All of those ideas were advanced and detailed at a fast-moving panel discussion May 11 in New York, sponsored by brokerage Crystal & Company.
Actuarial data is still thin in cyber, but Christopher Liu, head of cyber risk in the financial institutions group at AIG, said that “institutions in health care and higher education are the most hazardous classes of insureds. That is because they have the most sensitive information and that there is high turnover. Also, they usually do not have big budgets, so security is often not well supported.”
Financial institutions, especially asset managers, are the second-most hazardous class, Liu added.
“They have the same attractive information, plus they have money.”
Mitigating that, they also tend to have better funded and supported security, and they have heavy government regulation. That both keeps them on their toes, and also means greater external surveillance. Several panel members noted that firms became aware of breaches when regulators noticed unusual activity.
“We find that we deal primarily with three areas,” said Austin Berglas, senior managing director at K2 Intelligence.
“Those are: unpatched vulnerabilities in software, misconfiguration of internal systems, and misplaced trust by employees. We get called in to handle a breach, and 99 percent of the time we find the vulnerability is unpatched.”
Berglas explained that the software companies race each other to send out new versions that often are not completely functional or secure. So they send out patches. “Windows does it every week on ‘patch Tuesday.’ But users don’t have any regular schedule or system for installing and testing patches. We find unpatched vulnerabilities dating back as far as 1999.”
“I have been to meetings of the cyber response team, and everyone in the room is introducing themselves. This is the response team. Everyone in the room has to know everyone in the room.” — John F. Mullen, managing partner, Lewis Brisbois Bisgaard & Smith
The challenge of unsecured configurations between systems was dramatically demonstrated with the infamous attack on retailer Target, which came through the air-conditioning vendor. But Berglas emphasized the persistent and pernicious problem of simple phishing.
“It is estimated that 30 percent of individuals within a company will open an email, and 13 percent will click on an attachment, even if they have been warned not to,” Berglas warned.
“You spent half a billion dollars on security systems and firewalls, and one click on one phishing email by someone with elevated system privileges, and the bad guys have just defeated your half-billion-dollar defense. Now they are inside, with credentials, and you can’t detect them.”
The quickest and easiest thing that any company can do, “is to look for unpatched vulnerabilities in public-facing systems,” Berglas urged.
On the same theme, John F. Mullen, managing partner of the law firm Lewis Brisbois Bisgaard & Smith, stressed that “security goes way beyond IT.
“This is not just about the tech guys. Cyber security tends to get pushed downhill.” And that tends to mean lack of coordination on all fronts.
“I have been to meetings of the cyber response team, and everyone in the room is introducing themselves. This is the response team. Everyone in the room has to know everyone in the room.”
Similarly, “insureds have to know the coverage that they have bought. Is there a mandated forensics group? Outside counsel? If so, go meet with them. If you have options, vet them,” Mullen exhorted.
“You spent half a billion dollars on security systems and firewalls, and one click on one phishing e-mail by someone with elevated system privileges, and the bad guys have just defeated your half-billion-dollar defense.” — Austin Berglas, senior managing director, K2 Intelligence
He expects the cyber insurance business to triple or quadruple in the next five years, in terms of premium spending.
Cycling back to the theme of internal responsibility, Paul Miskovich, senior vice president and global practice leader of cyber and technology errors and omissions coverage at Axis, said that 67 percent of cyber claims presented to his firm involved insider activity of some kind: clicking on a phishing email or failing to install a patch or use a firewall. Further, 25 percent of claims involved third parties such as vendors.
For all the focus on the breach itself, Miskovich added that “regulatory costs can be more than the costs of the breach, especially if you don’t have documentation of your security policies and protocols.” That includes documentation that the policies are in place and are rehearsed.
Noting previous comments that many losses are traced to breaches that have gone undetected for years, Miskovich said that a new area within cyber insurance is full coverage for prior acts.
Handling Heavy Equipment Risk with Expertise
What happens to a construction project when a crane gets damaged?
Everything comes to a halt. Cranes are critical tools on the job site, and such heavy equipment is not quickly or easily replaceable. If one goes out of commission, it imperils the project’s timeline and potentially its budget.
Crane values can range from less than $1 million to more than $10 million. Insuring them is challenging not just because of their value, but because of the risks associated with transporting them to the job site.
“Cranes travel on a flatbed truck, and anything can happen on the road, so the exposure is very broad. This complicates coverage for cranes and other pieces of heavy equipment,” said Rich Clarke, Assistant Vice President, Marine Heavy Equipment, Lexington Insurance, a member of AIG.
On the jobsite, operator error is the most common cause of a loss. While employee training is the best way to minimize the risk, all the training in the world can’t prevent every accident.
“Simple mistakes like forgetting to put the outrigger down or setting the load capacity incorrectly can lead to a lot of damage,” Clarke said.
Crane losses can easily top $1 million in physical damage alone, not including the costs of lost business income.
“Many insurers are not comfortable covering a single piece of equipment valued over $1 million,” Clarke said.
A large and complex risk requires a sophisticated claims approach. Lexington Insurance, backed by the resources and capabilities of AIG, has the underwriting and claims expertise to handle such large claims.
“Cranes travel on a flatbed truck, and anything can happen on the road, so the exposure is very broad. This complicates coverage for cranes and other pieces of heavy equipment. Simple mistakes like forgetting to put the outrigger down or setting the load capacity incorrectly can lead to a lot of damage.”
— Rich Clarke, Assistant Vice President, Marine Heavy Equipment, Lexington Insurance
Flexibility in Underwriting and Claims
Treating insureds as partners in the policy-building and claims process helps to fine-tune coverage to fit the risk and gets all parties on the same page.
Internally, a close relationship between underwriting and claims teams facilitates that partnership and results in a smoother claims process for both insurer and insured.
“Our underwriters and claims examiners work together with the broker and insured to gain a better understanding of their risk and their coverage expectations before we even issue a policy,” said Michelle Sipple, Senior Vice President, Property, Lexington Insurance. “This helps us tailor our policies or claims handling to suit their needs.”
“The shared goals and commonality between underwriting and claims help us provide the most for our clients,” Clarke said.
Establishing familiarity and trust between client, claims, and underwriting helps to ensure that policy wording is clear and reflects the expectations of all parties — and that insureds know who to contact in the event of a loss.
Lexington’s claims and underwriting experts who specialize in heavy equipment will meet with a client before they buy coverage, during a claim, or any time in between. It is important for both claims and underwriting to have face time with insured so that everyone is working toward the same goals.
When there is a loss, designated adjusters stay in contact throughout the life of a claim.
Maintaining consistent communication not only meets a high standard of customer service, but also ensures speed and efficiency when a claim arises.
“We try to educate our clients from the get-go about what we will need from them after a loss, so we can initiate the claim and get the ball rolling right away,” Clarke said. “They are much more comfortable knowing who is helping them when they are trying to recover from a loss, and when it comes to heavy equipment, there’s no time to spare.”
“Our underwriters and claims examiners work together with the broker and insured to gain a better understanding of their risk and their coverage expectations before we even issue a policy. This helps us tailor our policies or claims handling to suit their needs.”
— Michelle Sipple, Senior Vice President, Property, Lexington Insurance
Leveraging Industry Expertise
When a claim occurs, independent adjusters and engineers arrive on the scene as quickly as possible to conduct physical inspections of damaged cranes, bringing years of experience and many industry relationships with them.
Lexington has three claims examiners specializing in cranes and heavy equipment. To accommodate time differences among clients’ sites, Lexington’s inland marine operations work out of two central locations on the East and West Coasts – Atlanta, Georgia and Portland, Oregon.
No matter the time zone, examiners can arrive on site quickly.
“Our clients know they need us out there immediately. They know our expertise,” Clarke said. “Our examiners are known as leaders in the industry.”
When a barge crane sustained damage while dismantling an old bridge in the San Francisco Bay that had been cracked by an earthquake, for example, “I got the call at 6 a.m. and we had experts on site by 12 p.m.,” Clarke said.
In addition to educating insureds about the claims process and maintaining open lines of communication, Lexington further facilitates the process through AIG’s IntelliRisk® services – a suite of online tools to help policyholders understand their losses and track their claim’s progress.
“Brokers and clients can log in and see status of their claim and find information on their losses and reserves,” Sipple said.
In some situations, Lexington can also come to the rescue for clients in the form of advance payments. If a crane gets damaged, an examiner can conduct a quick inspection and provide a rough estimate of what the total value of the claim might be.
Lexington can then issue 50 percent of that estimate to the insured immediately to help them get moving on repairs or find a replacement. This helps to mitigate business interruption losses, as it normally takes a few weeks to determine the full and final value of the claim and disburse payment.
Again, the skill of the examiners in projecting accurate loss costs makes this possible.
“This is done on a case-by-case basis,” Clarke said. “There’s no guarantee, but if the circumstances are right, we will always try to get that advance payment out to our insureds to ease their financial burden.”
For project managers stymied by an out-of-service crane, these services help to bring halted work back up to speed.
For more information about Lexington’s inland marine services, interested brokers should visit http://www.lexingtoninsurance.com/home.
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Lexington Insurance. The editorial staff of Risk & Insurance had no role in its preparation.