Email
Newsletters
R&I ONE®
(weekly)
The best articles from around the web and R&I, handpicked by R&I editors.
WORKERSCOMP FORUM
(weekly)
Workers' Comp news and insights as well as columns and features from R&I.
RISK SCENARIOS
(monthly)
Update on new scenarios as well as upcoming Risk Scenarios Live! events.

Risk Scenario + Webinar

The Curse of the Black Adder

A supposed data breach sends a regional grocer scrambling to do damage control.
By: | December 11, 2013 • 8 min read
Risk Scenarios are created by Risk & Insurance editors along with leading industry partners. The hypothetical, yet realistic stories, showcase emerging risks that can result in significant losses if not properly addressed.

Disclaimer: The events depicted in this scenario are fictitious. Any similarity to any corporation or person, living or dead, is merely coincidental.

One Fine Fall Day

Aaron Scott watched with pride as his German shorthaired pointer Sadie bulled her way through the switchgrass. Sadie was six, an age when most hunting dogs started to show signs of aging. But Sadie was as heavy in the chest and shoulders as some males, and just as tough.

Scenario_BlackAdder

Then suddenly Sadie was on point, her stub of a tail twitching frenetically. Seconds later, the male bird exploded out of the brush. Aaron swung his grandfather’s over and under Remington up and dropped the bird cleanly. Aaron smiled. It didn’t get any better than this.

Then his phone rang. He had to get it. As the CFO for Pinecrest Food Markets, which had 44 stores in four states, it was part of his job to take calls, all calls.

“This is Aaron,” he said.

“Aaron, it’s Christine.” Christine was Aaron’s older sister and the CEO of the company. Aaron knew that tone in her voice. The news wasn’t good.

“We just got a letter from Spendex that they’ve been hit by malware. It looks like we may have lost credit card numbers for about 600,000 customers.”

Aaron paused and again looked at the scenery and savored the diminishing scent of spent gunpowder. He wished he could turn back the clock to one minute ago, but all that was gone.

“You there?” Christine said.

“I’m here,” Aaron said.

“Can you please get those dogs in the truck and get back to the office? We got work to do.”

Christine preferred jumping horses to bird-hunting. On a fox hunt, she could ride with anyone in the state.

Aaron loved his sister, but he also bore a scar over his right eyebrow where she’d clocked him with a rock when they were preteens.

“I’m comin’. Be there in 30,” Aaron said.

Pinecrest had been founded by Aaron’s grandfather William in an 800-square-foot shop in Johnstown, Pa. It had grown to where it had stores in eastern Ohio, its native western Pennsylvania, West Virginia and the Maryland panhandle.

Scenario Partner

Scenario Partner

Aaron and Christine ran it now. The phrase “three generations — shirt sleeves to shirt sleeves,” was how old-timers described how quickly an inherited family business could fall apart. Aaron and Christine had vowed they would prove that old saying wrong.

Back at the office, Aaron read the letter from the credit card transaction processing vendor Spendex. Spendex was reporting that as many as 26 of its regional retail customers lost credit card numbers to The Black Adder, a malware that strips names, credit card numbers and expiration dates from the magnetic stripes of credit cards.

“Now what?” said Christine.

“Well, we’ve got to tell every affected customer what happened and we need to do it soon,” Aaron said.

“How much is that going to cost?” Christine said.

“Quite a bit, but we’ve got insurance for it,” Aaron said as calmly as he could as he looked down at his iPhone and started scrolling through his contacts.

Aaron was playing possum with his cool tone. He was the family peacekeeper and he knew that his role at times like these was to keep a lid on the much more volatile Christine.

Christine exhaled, and Aaron kept his eyes on his iPhone.

Poll Question

Do you currently carry cyber coverage in the event of a data breach?

View Results

Loading ... Loading ...

False Start

Part of the Pinecrest brand came from where it was based and who founded it.

Based as it was in a state that was home to almost a million military veterans, Pinecrest aligned itself with traditional values like patriotism, community, faith and family.

There was a picture of a local veteran who had given his life in armed conflict in every Pinecrest store.

Scenario_BlackAdder

So when it came to the data breach notification, Christine Scott — in what she felt was full alignment with the brand — didn’t shrink from responsibility.

In addition to letters and emails sent to Pinecrest’s 600,000 affected customers, Christine called local news stations to broadcast news of the breach and her promises to make good. She didn’t bother to ask Aaron whether he thought that was a good idea.

“Every one of our customers will be reimbursed for their time and trouble, including a year’s worth of multi-bureau credit monitoring services,” Christine said while the TV cameras recorded her.

“Well that’s what the policy says, doesn’t it?” Christine said when Aaron told her later that she probably shouldn’t have said that on television.

The very next day, a phone call from Pinecrest’s insurance broker was the second bad call Aaron got that month.

“Multi-bureau? No. The policy will cover services from a single credit monitoring bureau,” the broker, Robert Franz, told Aaron.

As Aaron spoke with Robert, he was multitasking and monitoring his emails. He saw an email marked “urgent” from Spendex. It was about the data breach.

“Hey Robert, can I call you back in a few minutes? I’ve got something hopping here,” Aaron said.

“Sure,“ Robert said, but in a tone that implied, “What could be more important than this?”

As it turned out, the email from Spendex was plenty important.

The notice from Spendex explained that although it was obligated to inform all of its customers that there had been a breach, in reality, only 14 of its 26 retail customers had been impacted. The clincher? Pinecrest wasn’t one of them.

Aaron pushed back from his desk and ran his hands through his hair.

“What the … ?” he said as loudly as he would say anything.

“What is it?” said Christine, popping her head into his office. She knew from the volume of Aaron’s voice that it was something big.

“We didn’t lose any data. We didn’t lose any data at all,” Aaron said.

“Great,” Christine said.

“No, not great,” Aaron said. “We just told about a million people that we did.”

“Now what do we do?” Christine asked.

Aaron felt that Christine had burned him before by going on television without seeking his counsel. That experience caused him to dig in his heels with Christine over what to do next.

“Slow down, just slow down,” Aaron said when the siblings met to go over strategy.

“I don’t know that we need to come out with an announcement just yet.”

Aaron’s reaction to his sister’s outspokenness had caused him to miscalculate. A full week went by until Pinecrest announced on its website and with another email blast that its customers had, after all, not been impacted by the Black Adder strike.

The company’s pause in making that announcement was as toxic as a rattlesnake bite.

The local media reacted negatively to the company’s week-long silence. News that the company sat on the knowledge that customers hadn’t lost data made the front pages of the Johnstown Tribune-Democrat and the Wheeling News-Register.

Poll Question

If you do carry cyber coverage, do you know if your coverage will pay for multi-bureau credit reporting?

View Results

Loading ... Loading ...

Pinecrest’s Pain

For the first time in its history, Pinecrest was dealing with the full brunt of a hit to its reputation.

Scenario_BlackAdder

The traditional print media was one thing, and no small thing in the markets Pinecrest served. But online commentary, ungoverned by journalistic ethics, pulled no punches. Commentators ridiculed the company for banking on the military sacrifices of previous generations, when it “didn’t have the guts,” in one poster’s vernacular, to tell people the truth.

The company’s broker, Robert Franz, phoned Aaron with even more bad news.

“You’re not covered for any of your breach notification expenses, or for any credit monitoring services,” Robert told Aaron.

“Please tell me why,” Aaron said, keeping his voice low because he was just not in the mood for any spontaneous crisis communications with his older sister.

“Under your policy, you’re only covered for notification and credit monitoring if there was an actual breach,” Robert said.

“No breach, no coverage,” he said.

“So we’re out about a million dollars,” Aaron said flatly. In the regional grocery business, where margins could sometimes be measured in the low single digits, a million dollars was a very big hit.

“I’m afraid so,” Robert said.

Sales at Pinecrest Food Markets were down around 10 percent in all four states that it operated in.

“Might as well shop at Supermart,”a grizzled Korean War veteran told Channel 11 in Charles Town, West Virginia.

With the company down a million out of pocket and with revenue hamstrung, Christine Scott and the rest of the Pinecrest team had some very difficult and expensive decisions to make.

Should they sue Spendex for its shoddy forensics? And what coverage did they have for the costs of that?

Rumors began to circulate in several state capitals that class action lawsuits were being prepared on behalf of the tens of thousands of Pinecrest customers who felt they were caused needless expense and worry because of the bad information Pinecrest put out to begin with.

Grandstanding attorneys general were probably not far behind. Pinecrest was possibly facing legal action on several fronts and it was unclear whether it had the coverage to pay for its defense.

*****

With the world seemingly against them, Christine and Aaron took a day in late November and went to their grandfather’s hunting cabin in Somerset County.

The grouse were out there, but the two of them just sat staring at the fire in the cabin’s stone fireplace, with Aaron’s two bird dogs stretched out in front of the fireplace.

Sadie looked up hopefully as Aaron got up to throw another log on the fire.

“No huntin’ today, Sadie girl. Daddy is not in the mood,” Aaron said as Christine nursed a bottle of local craft-distilled rye.

“May I have some of that, please?” Aaron asked.

“Get your own bottle,” said Christine.

Poll Question

Does your company have a crisis response plan in the event of a cyber breach?

View Results

Loading ... Loading ...

Summary

A regional grocery chain gets into hot water after it loses customer financial data. Making matters worse is that the company does not have a good grasp on the language in its cyber coverage policy. The company also suffers reputational damage when it notifies customers based on bad information.

1. Know your partners: Pinecrest sees its problems go from bad to worse because the company it uses to process credit card transactions has shoddy forensics and reports data breaches for customers that in the end had no data breach.

2. Know your coverage: Pinecrest suffers needless losses because key executives don’t understand its insurance policy when it comes to services available under the coverage for data breach notification and credit monitoring.

3. Be as transparent as possible: When it comes to notifying customers of substantial issues that could impact their expenditures, getting out quickly with the best information is extremely important. Pinecrest actually has good news to report midway through this story, but sits on it due to internal friction. The good of the team must clearly win out here.

4. Create realistic expectations: Coverage existed for Pinecrest officials to put together a reasonable response when customer data was lost. But a key executive broadcast inflated statements about what Pinecrest would be able to do, creating equally inflated expectations.

5. Hold vendors accountable: Given the volatile expansion of cyber risk, it makes good sense to require vendors contractually to indemnify you if they lose your crucial customer data.

The Webinar

The issues covered in this scenario center around crisis management and insurance pitfalls associated with loss from a cyber breach. This follow-up webinar focused on specific loss trends and cyber exposures, as well as presented steps to take to strengthen your crisis risk management program.

Presenters

Webinar_Data_Breach_Aon

Download a copy of the slide presentation here.

Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at dreynolds@lrp.com.
Share this article:

Risk Scenario

Caught Out

A typhoon exposes the inadequacies of a U.S. pharmacy company's local insurance policies and hinders its move to Asia.
By: | October 1, 2014 • 9 min read
Risk Scenarios are created by Risk & Insurance editors along with leading industry partners. The hypothetical, yet realistic stories, showcase emerging risks that can result in significant losses if not properly addressed.

Disclaimer: The events depicted in this scenario are fictitious. Any similarity to any corporation or person, living or dead, is merely coincidental.

Good Morning Shah Alam

From his perspective in the third row, John Treme could make out the colorful costumes and motions of the dancers below him.

RiskScenario_CaughtOut

Treme, the risk manager for Vitalex, a pharmaceutical manufacturer based in Pennsylvania, was attending a performance of Joget Lambak, a traditional dance of Malaysia. The occasion was the grand opening of a Vitalex factory in Shah Alam, one of Malaysia’s manufacturing cities.

Normally, Treme wouldn’t be at an event like this. But he’d been conducting some business with a local insurance partner and happened to be in country on the event date: In other words, the timing was right for him to get a ticket.

Treme might’ve been feeling kind of lucky — but he didn’t.

To a focused, open observer, the movements of the assembled dancers and the music of their accompanying musicians were mesmerizing. John Treme, however, was a man easily distracted by his vivid imagination, combined with a razor-sharp memory that wouldn’t leave him alone.

Scenario Partner

Scenario Partner

As Treme watched the dancers, a strong, steady breeze, laden with moisture, passed through the performance space.

“Breeze … storm … tropical storm … typhoon.” Treme’s overactive mind skipped through the severity escalations unbidden. It was just what his brain did.

His brain also harassed him with the memory of his instructions from treasury when he’d been sent to bind the property coverage for the factory in Shah Alam.

“Just get us some basic property coverage with a local partner, we’ll let the global master property program handle the overflow if there ever is any,” the company treasurer told Treme at the time.

That put Treme in a tough spot. It went against his nature to not do as he was bidden. Still, the idea of “basic” coverage in typhoon country gave him the willy-nillies.

“What if something happens?” he asked himself when he couldn’t sleep at night.

“What if we get hit?”

“What are we doing in Malaysia in the first place?” he asked himself in his weaker moments.

He very well knew what Vitalex was doing in Malaysia.

The company had the right specialty with its focus on products in oncological medicine.

Pharmaceutical products in that area were high-growth. But sales in the mature markets like the U.S. and Europe were flat. If Vitalex was going to succeed in the highly competitive world of global pharmacy sales, it needed to move aggressively into high-growth markets like Asia and Southeast Asia.

It also needed to keep costs down, hence the treasurers’ concerns about what he perceived as duplicative or redundant insurance coverages.

A colorful flourish by one of the dancers and a particularly loud sequence from the Malaysian drummers brought Treme back into the moment; somewhat. He reassured himself by counting the offshore layers of reinsurance that Vitalex had on its master global program.

“We’re going to be okay,” he said softly, but still out loud. One of his co-executives looked over at him with concern.

As it turned out, John Treme’s worries were justified. It was really just a matter of time.

Eighteen months after the Vitalex factory in Shah Alam began production, Typhoon Ahayan roared up the Straits of Johor, packing wind speeds of more than 100 miles per hour. The typhoon slammed directly into Shah Alam, causing substantial wind and water damage to Vitalex’s new factory.

“How bad is it?” John Treme asked the plant’s manager, when power was restored sufficiently for phone service, two days after the storm.

“You better get over here,” said Smitty Fields, the plant manager.

A Mortal Blow

Due to a nice run of luck, Vitalex thought of themselves as the chosen ones due to their long string of uninterrupted business with no major property losses.

Scenario_CaughtOut

In placing the coverage for the Shah Alam factory, John Treme engaged in some fairly tense discussions with Terra Firma Ltd., a U.S.-based carrier with an A + rating, which had been on Vitalex’s program for years, long before John Treme came to work for the company.

The Vitalex facility in Shah Alam cost $250 million to build. Against some rather stiff resistance from the underwriters with Terra Firma and Vitalex’s broker, Treme prevailed in placing a $5 million property policy to cover the facility.

The reasoning from the Vitalex C-suite was that the company’s layers of reinsurance on its master global program were robust enough to pick up any slack should the Shah Alam factory suffer a sizable loss. And there was that aforementioned shield of good fortune the company deluded themselves into thinking would last forever.

John Treme was two hours back in country and in his hotel, preparing to visit the typhoon-ravaged Shah Alam factory when he got a disturbing text message.

“Please get here ASAP, I have bureaucrats on my back.”

It was from Smitty Fields.

When Treme got to the factory, the damage the facility suffered was clearly visible. Siding was torn off three quarters of the manufacturing space and parts of the roof appeared to be missing. And that was just on a cursory glimpse. Happily, or perhaps unhappily, some of the office space appeared to be functional.




There were two matching black SUV’s parked conspicuously near the front entrance. When Treme got to Smitty Field’s office, the men who drove those SUV’s were waiting.

“The cavalry’s here,” Smitty said with something resembling a smile when John walked into the office.

John barely had time to shoot Smitty a questioning look before Mr. Yei spoke.

“You are Mr. Treme, correct?” Mr. Yei said.

“Yes, I am,” Treme said. “How can I help you gentlemen?”

Mr. Razak consulted a file briefly before speaking.

“We work for Bank Negara Malaysia, the insurance regulator in this country,” Mr. Razak said. “We have questions about your coverage of this factory.”

“Like what?” Treme said, again shooting Smitty a look, which Smitty ducked.

“Who is your local carrier?” Yei said.

“Ungku Assurance,” Treme said.

“And your carrier in the United States?” Mr. Yei said.

“Terra Firma Ltd.,” John Treme said.

“If I may, gentleman, may I ask what’s going on here? We’ve got a severely damaged factory here and I need to get to work on the assessment and claims process,” Treme said.

“Yes, we think that is highly advisable,” Mr Razak said.

“We only have one question of substance for you today,” Mr. Yei said. “Although I think we are going to have more later,” he said unsmilingly.

“And that is …” Treme began.

“And that is …” Mr. Razak continued for him, holding out a document.

“Why did you arrange for only $5 million in coverage for a $250 million operation, that is, if your valuations can be believed,” Mr. Razak said.

“Gentlemen, we are very well capitalized company with substantial reinsurance protection on our global program,” Treme said.

“I don’t think there’s going to be a problem drawing down from our reinsurers to get this plant back up, if that’s what your concern is,” Treme said.

“I hope that’s the case because it’s of great concern that you have a gap in the tens of millions in your local coverage in all probability,” Mr. Yei said.

Mr. Razak jerked his head in the direction of the factory.

“The good people and the government of Shah Alam trusted that your company came here with good intentions, to do business and create local jobs,” Mr. Razak said.

“Your company’s failure to place adequate local coverage brings that premise substantially into question,” he said.

Minutes later, Treme stood with Smitty Fields, watching the two black SUVs wheel out of the storm-damaged parking lot.

“What do you think all of this means?” Smitty said to Treme.

“I’m not sure, I’m not sure,” Treme said. “I don’t want to think it, but we might be a little bit screwed,” he said.

Busted

Six months later, John Treme was on a conference call with his broker, Fred Tallex, and a vice president with Terra Firma, Suzette Pines.

Scenario_CaughtOut

“Okay Fred, do you want to take us through this?” John said to start things off.

“Sure,” Fred said, sounding like he was already mentally finished with the topic.

“Bank Negara Malaysia informed us yesterday that we are free to draw down the $40 million from Vitalex’s reinsurers to complete the factory restoration,” Fred said. “That’s the good news.”

“You all saw the email this morning,” Fred continued.

“Yes,” said Suzette Pines, somewhat tersely.

John didn’t say anything, yet.

“No one got fined, but the local regulators have got our brokerage and Terra Firma in their cross-hairs now,” Fred said.

“Sure looks like it,” Suzette said.

There was a long, awkward pause, which John attempted to fill.

“Well, we’ve only got a month or two to firm up the coverage on the renovated plant,” Treme said. “Can we get going on that?”

“Who’s we?” Suzette Pines said.

“Well, you’re our carrier in Asia,” Treme said.

“John, not any more we’re not. We have lost our appetite for this risk. A regulator that’s going to be in our grill all day long now will do that.”

“So you’re not …” Treme began.

“Sorry John, sorry but no way,” Suzette said. “No way if I want to keep my job and I do want to keep my job, such as it is,” she said ruefully.

“Guys, I’ve got to go, I need to pick up another call,” Suzette said.

“ ‘Bye Suzette,” Fred said.

Treme was too nonplussed to say goodbye.

“Now what?” Treme said to Fred after Suzette hung up.

“I really don’t know,” Fred said. “This project has so much stink on it I don’t know who we’re going to find and that’s not even bringing up price.”

“Well, can you …” Treme began.

“Yep, I’ll get started today John. You know we got reprimanded too,” Fred said, barely veiling his impatience.

“I know Fred, I know,” John said.

The business restoration delays suffered by Vitalex in getting the reinsurance draw down amidst the ongoing distraction of the investigation by Malaysian insurance regulators had severe impacts on Vitalex’s ambitions in Asia.

Vitalex suffered 14 months of business interruption due to the storm damage and the time needed to jump through regulatory hoops while trying to get the plant rebuilt.

A Munich-based competitor, Mayer Corp., which has a nimble, efficient manufacturing facility in Vietnam, was successful in taking substantial portions of the Asian oncology drug market that Vitalex was counting on as a difference maker.

Other markets might pay out like Asia had the potential too, but it would be years before Vitalex would be in a position to take advantage of them.

Bar-Lessons-Learned---Partner's-Content-V1b

Risk & Insurance® partnered with FM Global to produce this scenario. Below are FM Global’s recommendations on how to prevent the losses presented in the scenario. These “Lessons Learned” are not the editorial opinion of Risk & Insurance®.

Six Dimensions of a Successful Global Risk Management Program

1. Breadth and depth of a network: Risk managers want a consistent level of products and hands-on services delivered as well as the ability to offer broad, compliant, on-the-ground coverage. They need to settle claims locally and they want their carrier to offer consistent performance in terms of policy documentation and contract certainty.

2. State-of-the-art global master form combined with broad “standard” local underlyers: The ideal global program matches local coverage and master coverage as closely as possible. This maximizes coverage in the local territory and the local loss payment. Should a loss occur, it can be paid with certainty at the local level.

3. Balanced global and local service: Most risk managers value consistency when it comes to certain important aspects of their program, including capacity, coverage, claims and the level and quality of key services they choose. Yet keeping local constituencies and decision-makers engaged (and happy) can be an equally important element of a successful global program.

4. Consistent loss prevention engineering service, protocols and deliverables: As companies expand their footprints overseas, they often find the challenges they face in understanding hazards and managing risks grow disproportionately.

Companies often discover the prevailing standards of protection and construction differ significantly from what they may be used to at home. Local codes may be lax or non-existent, often in regions that may be more prone to natural hazards.

5. Claims control and settlement via in-house claims adjustment network: One way of ensuring prompt claims service anywhere in the world, is by insurers recruiting, training and retaining well-qualified claims professionals with on-the-spot authority, who are located around the globe.

6. Success in the global arena: A successful risk management plan depends on a concerted effort from numerous parties, including underwriters, engineers, brokers, contractors and countless others who are integral to its success. Taking that same simple plan “global” means that extended communication lines, cultural differences, language barriers and time zones must be added to the list of challenges.



Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at dreynolds@lrp.com.
Share this article:

Sponsored: Liberty International Underwriters

A Renaissance In U.S. Energy

Resurgence in the U.S. energy industry comes with unexpected risks and calls for a new approach.
By: | October 15, 2014 • 5 min read

SponsoredContent_LIU
America’s energy resurgence is one of the biggest economic game-changers in modern global history. Current technologies are extracting more oil and gas from shale, oil sands and beneath the ocean floor.

Domestic manufacturers once clamoring for more affordable fuels now have them. Breaking from its past role as a hungry energy importer, the U.S. is moving toward potentially becoming a major energy exporter.

“As the surge in domestic energy production becomes a game-changer, it’s time to change the game when it comes to both midstream and downstream energy risk management and risk transfer,” said Rob Rokicki, a New York-based senior vice president with Liberty International Underwriters (LIU) with 25 years of experience underwriting energy property risks around the globe.

Given the domino effect, whereby critical issues impact each other, today’s businesses and insurers can no longer look at challenges in isolation one issue at a time. A holistic, collaborative and integrated approach to minimizing risk and improving outcomes is called for instead.

Aging Infrastructure, Aging Personnel

SponsoredContent_LIU

Robert Rokicki, Senior Vice President, Liberty International Underwriters

The irony of the domestic energy surge is that just as the industry is poised to capitalize on the bonanza, its infrastructure is in serious need of improvement. Ten years ago, the domestic refining industry was declining, with much of the industry moving overseas. That decline was exacerbated by the Great Recession, meaning even less investment went into the domestic energy infrastructure, which is now facing a sudden upsurge in the volume of gas and oil it’s being called on to handle and process.

“We are in a renaissance for energy’s midstream and downstream business leading us to a critical point that no one predicted,” Rokicki said. “Plants that were once stranded assets have become diamonds based on their location. Plus, there was not a lot of new talent coming into the industry during that fallow period.”

In fact, according to a 2014 Manpower Inc. study, an aging workforce along with a lack of new talent and skills coming in is one of the largest threats facing the energy sector today. Other estimates show that during the next decade, approximately 50 percent of those working in the energy industry will be retiring. “So risk managers can now add concerns about an aging workforce to concerns about the aging infrastructure,” he said.

Increasing Frequency of Severity

SponsoredContent_LIUCurrent financial factors have also contributed to a marked increase in frequency of severity losses in both the midstream and downstream energy sector. The costs associated with upgrades, debottlenecking and replacement of equipment, have increased significantly,” Rokicki said. For example, a small loss 10 years ago in the $1 million to $5 million ranges, is now increasing rapidly and could readily develop into a $20 million to $30 million loss.

Man-made disasters, such as fires and explosions that are linked to aging infrastructure and the decrease in experienced staff due to the aging workforce, play a big part. The location of energy midstream and downstream facilities has added to the underwriting risk.

“When you look at energy plants, they tend to be located around rivers, near ports, or near a harbor. These assets are susceptible to flood and storm surge exposure from a natural catastrophe standpoint. We are seeing greater concentrations of assets located in areas that are highly exposed to natural catastrophe perils,” Rokicki explained.

“A hurricane thirty years ago would affect fewer installations then a storm does today. This increases aggregation and the magnitude for potential loss.”

Buyer Beware

On its own, the domestic energy bonanza presents complex risk management challenges.

However, gradual changes to insurance coverage for both midstream and downstream energy have complicated the situation further. Broadening coverage over the decades by downstream energy carriers has led to greater uncertainty in adjusting claims.

A combination of the downturn in domestic energy production, the recession and soft insurance market cycles meant greatly increased competition from carriers and resulted in the writing of untested policy language.

SponsoredContent_LIU

In effect, the industry went from an environment of tested policy language and structure to vague and ambiguous policy language.

Keep in mind that no one carrier has the capacity to underwrite a $3 billion oil refinery. Each insurance program has many carriers that subscribe and share the risk, with each carrier potentially participating on differential terms.

“Achieving clarity in the policy language is getting very complicated and potentially detrimental,” Rokicki said.

Back to Basics

SponsoredContent_LIUHas the time come for a reset?

Rokicki proposes getting back to basics with both midstream and downstream energy risk management and risk transfer.

He recommends that the insured, the broker, and the carrier’s underwriter, engineer and claims executive sit down and make sure they are all on the same page about coverage terms and conditions.

It’s something the industry used to do and got away from, but needs to get back to.

“Having a claims person involved with policy wording before a loss is of the utmost importance,” Rokicki said, “because that claims executive can best explain to the insured what they can expect from policy coverage prior to any loss, eliminating the frustration of interpreting today’s policy wording.”

As well, having an engineer and underwriter working on the team with dual accountability and responsibility can be invaluable, often leading to innovative coverage solutions for clients as a result of close collaboration.

According to Rokicki, the best time to have this collaborative discussion is at the mid-point in a policy year. For a property policy that runs from July 1 through June 30, for example, the meeting should happen in December or January. If underwriters try to discuss policy-wording concerns during the renewal period on their own, the process tends to get overshadowed by the negotiations centered around premiums.

After a loss occurs is not the best time to find out everyone was thinking differently about the coverage,” he said.

Changes in both the energy and insurance markets require a new approach to minimizing risk. A more holistic, less siloed approach is called for in today’s climate. Carriers need to conduct more complex analysis across multiple measures and have in-depth conversations with brokers and insureds to create a better understanding and collectively develop the best solutions. LIU’s integrated business approach utilizing underwriters, engineers and claims executives provides a solid platform for realizing success in this new and ever-changing energy environment.

SponsoredContent

BrandStudioLogo

This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Liberty International Underwriters. The editorial staff of Risk & Insurance had no role in its preparation.


LIU is part of the Global Specialty Division of Liberty Mutual Insurance.
Share this article: