The best articles from around the web and R&I, handpicked by R&I editors.
Workers' Comp news and insights as well as columns and features from R&I.
Update on new scenarios as well as upcoming Risk Scenarios Live! events.

Risk Insider: Mike Rozembajgier

Recall Mitigation Relies on Risk Managers

By: | July 18, 2014 • 2 min read
Mike Rozembajgier is vice president at Stericycle, where he has held multiple management positions. Prior to joining Stericycle, Mike held various management positions at Guidant Corp. (now Boston Scientific) and at Deloitte in their Strategic Consulting practice. He can be reached at

This is turning out to be a record year for auto-related recalls and, with the astronomical costs associated with them, insurance companies that offer accidental contamination or malicious product tampering policies are on alert.

This type of insurance is primarily used by food manufacturers, distributors, retailers and auto parts suppliers to cover business expenses related to a recall. And in light of recent events, you can be sure that parts suppliers are working closely with their insurers to see what losses are covered and what the damage will be to their bottom line.

Those with insurance are the lucky ones, as the costs associated with a recall can be significant, but even for those organizations, the results of the recall and subsequent insurance coverage rely heavily on the assessments of risk managers.

One of the key concerns for risk managers is cost containment.

Typically, an insurance company becomes engaged with the manufacturer when the recall is about to happen or has just happened. To get started on remediation, the insurer must determine the total loss of product and what services are needed.

Then, the insurer will pull impacted lots and have them tested by an independent company to confirm that a full recall is necessary. Risk managers must ensure that lot sizes and distribution channels are optimized to minimize the impact on the bottom line depending on the likelihood of a recall.

Throughout a recall event, a lack of effective risk management can cause manufacturers to make missteps that cost millions of dollars and negatively impact insurers.

For example, if organizations don’t have the ability to identify and isolate contaminated products from safe ones, they may end up crediting a retailer for the full lot and not just the impacted products – resulting in a cash loss.

Also, manufacturers may incur compliance fines as they scramble to meet all of the regulatory requirements surrounding recalls. Lastly, the complex logistics involved in a recall may prolong the process and expose the brand to greater risk.

Here are some best practices for risk managers to consider when faced with a recall:

• Ensure access to good data and tracking on impacted products, including information on where it is located and what the value of lost product is.

• If the origin of the recall is known, contact the source to see what damages they will pay and determine if legal action is needed.

• Encourage the organization to be recall-ready with a designated recall team and plan, and an understanding of the supply chain partners’ recall protocol.

As the global supply chain continues to become more complex, risk managers need to be vigilant when preparing for internal and supplier issues.

And for companies of all sizes, product contamination is a loss exposure that cannot be ignored. It’s occurring with alarming frequency in the U.S. and globally catching many organizations by surprise.

Companies that fall victim to these incidents often incur staggering costs in damage control and significant lag time in restoration of profits and reputation.

Share this article:

Professional Liability

Uptick in Severity of Claims

Conflicts of interest are the leading cause of legal malpractice claims.
By: | July 15, 2014 • 4 min read

Law firm malpractice claims may be down, but the sting in them is spiking.

In its fourth annual survey of lawyers’ professional liability claims, insurance broker Ames & Gough found that the severity of claims has increased over the past year for eight of the insurers that provide such coverage.

Four insurers either paid or participated in paying a claim of $100 million or greater; two others had a payment between $50 million and $100 million. Moreover, six of the eight insurers surveyed reported having more claims with reserves of $500,000 or greater in 2013 than 2012.


The carriers participating in the Ames & Gough survey were AIG/Lexington Insurance, AXIS Capital Holdings, BRIT Insurance, CNA Financial, Catlin Group, Ironshore, Markel Corp., and Swiss Re.

While the frequency of claims has begun to level off, the significant uptick in severity is due to the “double-whammy” of the longer development pattern of post-recession claims coupled with soaring defense costs, said Eileen Garczynski, partner and senior vice president of Ames & Gough in Washington, D.C.

On top of that, attorneys are switching firms now more than ever before, which has led to more conflict of interest claims, she said.

Six of the eight insurers surveyed cite conflicts of interest as the leading cause of malpractice claims. Such claims may arise when hiring firms don’t thoroughly determine if newly hired attorneys represented any client competitors or other adversarial parties of clients at their previous firms, Garczynski said.

“The obvious example of a conflict is when someone represents Exxon but also Greenpeace, but conflicts can be more complicated than that,” she said.

For example, an attorney could have represented a subsidiary of a pharmaceutical company and is now representing a competitor of the parent company, Garczynski said. The parent could sue the new firm, claiming the attorney is now divulging product secrets to its competitor.

There are many “gray areas” of representation that can lead to conflicts of interest, said Todd Hampton, vice president of claims for both Monitor Liability Managers and Berkley Select in Chicago.

For example, when a deal sours, the two parties involved in the relationship may become adversarial, Hampton said. If a law firm is representing both parties at the outset of the deal, it would be prudent to get them to sign a conflict of interest waiver.


“Or just get out altogether,” he said.

Michael Furlong, vice president, underwriting at CNA Insurance in Kansas City, Mo., said that most small law firms do not adequately protect themselves.

In the majority of malpractice claims, CNA found that most small law firms did not use “engagement letters” to spell out the limits of representation or thought that a letter explaining their fee structure to clients would suffice, Furlong said.

“Not so,” he said. “A well-documented letter is very important when trying to defend the claim.”

Engagement letters should include the identity of the client, the scope of representations and limits to that scope, fees and billing statements, expenses and file retention procedures. Clients should sign the letter, agreeing to such terms, at the outset of representation, as well as when any documented changes occur in the scope of the work, he said.

Law firms should also take extra precautions when agreeing to represent unknown new clients, particularly for commercial transactions, Furlong said.

If those clients have engaged in illegal or fraudulent activities, their attorneys could be sued for malpractice. A glaring red flag would be if the potential client has switched law firms multiple times within a short span of time.

Law firms also need to establish a “risk management culture” that includes letting the attorneys on the front lines know that they won’t get into trouble if they spot signs of trouble and immediately communicate it to the supervising partners, general counsel or other risk management staff, said Uri Gutfreund, a professional liability broker at Singer Nelson Charlmers in New York.

If they are faced with a malpractice claim, law firms should thoroughly document what happened and what they’ve subsequently done to minimize such occurrences in the future, including any risk management procedures they’ve since put in place, Gutfreund said. Such documentation can help law firms avoid being severely penalized during their subsequent renewals.

Law firms should also report to their carriers any claims they pay, even well before they exceed their retentions, he said.

“Even if they think that they may be able to make a claim go away for less than their retention, it’s really important to report it, so if the claim blows up, they won’t be fighting for coverage later with the carrier,” Gutfreund said.


As severity of claims rise, so do insurance premiums, Garczynski said.

“In order to keep premiums low, firms have to conduct appropriate due diligence to make sure they have the right risk management steps in place,” she said.

Katie Kuehner-Hebert is a freelance writer based in California. She has more than two decades of journalism experience and expertise in financial writing. She can be reached at
Share this article:

Sponsored Content by ACE Group

5 & 5: Rewards and Risks of Cloud Computing

As cloud computing threats loom, it's important to understand the benefits and risks.
By: | June 2, 2014 • 4 min read

Cloud computing lowers costs, increases capacity and provides security that companies would be hard-pressed to deliver on their own. Utilizing the cloud allows companies to “rent” hardware and software as a service and store data on a series of servers with unlimited availability and space. But the risks loom large, such as unforgiving contracts, hidden fees and sophisticated criminal attacks.

ACE’s recently published whitepaper, “Cloud Computing: Is Your Company Weighing Both Benefits and Risks?”, focuses on educating risk managers about the risks and rewards of this ever-evolving technology. Key issues raised in the paper include:

5 benefits of cloud computing

1. Lower infrastructure costs
The days of investing in standalone servers are over. For far less investment, a company can store data in the cloud with much greater capacity. Cloud technology reduces or eliminates management costs associated with IT personnel, data storage and real estate. Cloud providers can also absorb the expenses of software upgrades, hardware upgrades and the replacement of obsolete network and security devices.

2. Capacity when you need it … not when you don’t
Cloud computing enables businesses to ramp up their capacity during peak times, then ramp back down during the year, rather than wastefully buying capacity they don’t need. Take the retail sector, for example. During the holiday season, online traffic increases substantially as consumers shop for gifts. Now, companies in the retail sector can pay for the capacity they need only when they need it.


3. Security and speed increase
Cloud providers invest big dollars in securing data with the latest technology — striving for cutting-edge speed and security. In fact, they provide redundancy data that’s replicated and encrypted so it can be delivered quickly and securely. Companies that utilize the cloud would find it difficult to get such results on their own.

4. Anything, anytime, anywhere
With cloud technology, companies can access data from anywhere, at any time. Take Dropbox for example. Its popularity has grown because people want to share large files that exceed the capacity of their email inboxes. Now it’s expanded the way we share data. As time goes on, other cloud companies will surely be looking to improve upon that technology.

5. Regulatory compliance comes more easily
The data security and technology that regulators require typically come standard from cloud providers. They routinely test their networks and systems. They provide data backups and power redundancy. Some even overtly assist customers with regulatory compliance such as the Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry Data Security Standard (PCI DSS).

SponsoredContent_ACE5 risks of cloud computing

1. Cloud contracts are unforgiving
Typically, risk managers and legal departments create contracts that mitigate losses caused by service providers. But cloud providers decline such stringent contracts, saying they hinder their ability to keep prices down. Instead, cloud contracts don’t include traditional indemnification or limitations of liability, particularly pertaining to privacy and data security. If a cloud provider suffers a data breach of customer information or sustains a network outage, risk managers are less likely to have the same contractual protection they are accustomed to seeing from traditional service providers.

2. Control is lost
In the cloud, companies are often forced to give up control of data and network availability. This can make staying compliant with regulations a challenge. For example cloud providers use data warehouses located in multiple jurisdictions, often transferring data across servers globally. While a company would be compliant in one location, it could be non-compliant when that data is transferred to a different location — and worst of all, the company may have no idea that it even happened.

3. High-level security threats loom
Higher levels of security attract sophisticated hackers. While a data thief may not be interested in your company’s information by itself, a large collection of data is a prime target. Advanced Persistent Threat (APT) attacks by highly skilled criminals continue to increase — putting your data at increased risk.


4. Hidden costs can hurt
Nobody can dispute the up-front cost savings provided by the cloud. But moving from one cloud to another can be expensive. Plus, one cloud is often not enough because of congestion and outages. More cloud providers equals more cost. Also, regulatory compliance again becomes a challenge since you can never outsource the risk to a third party. That leaves the burden of conducting vendor due diligence in a company’s hands.

5. Data security is actually your responsibility
Yes, security in the cloud is often more sophisticated than what a company can provide on its own. However, many organizations fail to realize that it’s their responsibility to secure their data before sending it to the cloud. In fact, cloud providers often won’t ensure the security of the data in their clouds and, legally, most jurisdictions hold the data owner accountable for security.

The takeaway

Risk managers can’t just take cloud computing at face value. Yes, it’s a great alternative for cost, speed and security, but hidden fees and unexpected threats can make utilization much riskier than anticipated.

Managing the risks requires a deeper understanding of the technology, careful due diligence and constant vigilance — and ACE can help guide an organization through the process.

To learn more about how to manage cloud risks, read the ACE whitepaper: Cloud Computing: Is Your Company Weighing Both Benefits and Risks?

This article was produced by ACE Group and not the Risk & Insurance® editorial team.

With operations in 54 countries, ACE Group is one of the largest multiline property and casualty insurance companies in the world.
Share this article: