As we start a new year, it is important to evaluate your company’s insurance and risk management program and plan for the year. Following up on our 2016 checklist, we have updated steps to take and things to consider for your insurance and risk management program as you move into 2017.

At the start of 2016, we created an Insurance and Risk Management Checklist to outline steps companies should take to evaluate their insurance and risk management programs, and to plan for the year ahead. Now more than ever, it is vital for companies to stay on top of these critical functions. Last year saw a rise in weather-related and other natural disasters, and as climate change continues, we can only expect these events to occur with more frequency, and businesses need to be prepared. In addition, we see more news reports every day regarding cyber-attacks – from hacking into corporate networks, political parties, individual email accounts, and attempts to infiltrate and do harm to our nation’s power grid and internet-connected products, such as home appliances, automobiles and even medical devices. Thus, while there continues to be substantial risks around data breaches, other cyber risks loom even larger, and cyber-attacks may lead to substantial business interruption, property damage, and even loss of life or severe bodily injuries. Companies, both public and private, also face a more aggressive plaintiffs’ bar looking for new areas of attack; and while we might anticipate a more lenient regulatory environment from the federal government, we can expect plaintiffs’ lawyers and state and local agencies to fill the breach. A holistic approach to insurance and risk management is needed in these evolving and uncertain times. So, here is an updated Insurance and Risk Management Checklist for 2017:

1. Identify all significant risks

  • What are your physical risks?
    • Is your building more susceptible to fire or explosions?
    • Does your building contain hazardous materials that could spill or leak?
    • If your building is out of commission for an extended period of time, how would that impact your business?
  • What are your location risks?
    • Is your business in or near a location that is susceptible to fire, storm damage, or a natural disaster (i.e., floods, hurricanes, tornados, or earthquakes)?
  • What are your personnel risks?
    • Do your employees have access to products, information or money that is susceptible to embezzlement, theft or fraud?
    • Do your employees drive company cars and/or utilize their own vehicles for company business
  • What are your technology risks?
    • Would you be crippled by a power outage?
    • Do you or your vendors store Personally Identifiable Information and/or medical information?
    • Do third parties have access to your computer systems?
    • Do your employees have mobile devices and/or remote access to your systems?

2. Take inventory of all of your coverages

  • Do you have all the insurance you need to cover your significant risks?
    • General liability insurance
    • Errors & Omissions liability insurance
    • Directors' & Officers' liability insurance
    • Employment Practices liability insurance
    • Employee Benefits liability insurance
    • Fiduciary liability insurance
    • Cyberliability and Data Privacy insurance
    • Property and Business Interruption insurance
    • Fidelity & Crime insurance
    • Terrorism insurance
  • Are your coverage limits adequate to protect the business?
  • Are you comfortable with your deductibles or self-insured retentions?
  • Are all of your affiliates insured?
  • Are your officers, directors and employees adequately insured?
  • Do you anticipate any upcoming purchases, sales, and/or mergers or acquisitions?
  • Do emerging risks such as global climate change, terrorism, and data and systems security need to be addressed in your planning?

3. Plan for your policy renewals

  • When do each of your policies expire?
  • Plan ahead for renewals—don’t wait for the last minute
  • What are you trying to accomplish with your renewals?
    • Increase coverage limits
    • Broaden coverage
    • Obtain better pricing
    • Change insurance carriers
  • Review policies that afford the right to provide a notice of circumstances that may lead to a claim to assess pros/cons of providing such notice in the current policy period

4. Analyze the substantive terms of your policies

  • Do they cover all significant risks your company faces at adequate levels?
  • Do they really cover what you think they cover?
    • Carefully review coverage provisions, endorsements and exclusions
  • Has your coverage grown with your business?
    • Don’t rely on just carrying your coverage over from one year to the next
    • When your business changes and expands, your coverage must change and expand with it

5. Put systems in place for administering your policies

  • Know what the notice requirements are in each of your policies and have systems in place for providing notice
  • Know what constitutes a claim that must be reported under the terms of your policies
  • Know what your policies require regarding submitting proofs of loss, and the timing of such submissions
  • Know what your policies require regarding cooperation and insurance company consent before incurring expenses and settling claims
  • Do you have systems in place so that those responsible for providing notice to insurers are aware of claims or potential claims that must be reported?

6. Review your broker agreements

  • Are they one-sided boilerplate agreements provided by the broker?
  • Do they clearly spell out each side’s respective responsibilities?
  • Do they clearly spell out the compensation to be paid to the broker and for what services?
    • Do they permit the broker to obtain contingent compensation from insurance companies?
  • Are the termination provisions clear and sufficient?
  • What will you owe the broker if the agreement is terminated?
  • Do they contain provisions regarding data protection, data breaches, and protection of private information and trade secrets?
  • Are there provisions limiting the broker’s liability and addressing how disputes are to be resolved?

7. Review your vendor agreements

  • Do they contain sufficient indemnification provisions?
  • Do they contain adequate insurance requirements?
    • Are vendor policies primary and non-contributory with respect to your own insurance policies?
    • Do you have systems in place to ensure compliance with insurance requirements?
  • Do they contain provisions regarding data protection, data breaches, and protection of private information and trade secrets?
  • How are disputes to be resolved?