The landscape for Directors & Officers insurance in Australia is changing. Although it has been considered a must-have for some time, premiums have been historically low and claims rare.
Today, however, new and increased risks, and the higher standards to which directors are being held, have seen a surge in the number of claims. As a consequence, premiums have risen, accompanied by a decrease in insurers’ appetite for risk, making it harder to obtain insurance that adequately protects directors and managers.
New and increased risks across the board
Cyber breaches are increasingly on the radar, especially since the introduction of the Notifiable Breaches Scheme (adopted in February 2018 under the Privacy Act 1988 (Cth)) and the EU’s General Data Protection Regulation (2016). Ultimately, responsibility for secure storage and protection of company data and information falls to the Board.
Likewise, more is expected of Boards and managers worldwide regarding environmental responsibility. Australian courts and regulators have indicated that directors may now be required to consider climate change risks; in fact, consideration of those risks, if they are foreseeable, is part of a director’s duty of care and diligence.
While sexual harassment and discrimination are not new risks, the #metoo movement has seen an increase in D&O claims in this area, coupled with a call for Boards to be accountable for a safe, harassment-free workplace culture. As social media use increases and employees and directors raise their online presence, reputational risks will also continue to increase.
Australia’s active class actions environment is another factor. Increased securities litigation against publicly listed companies has been exacerbated by the emergence of new litigation funders and law firms who not only specialise in class actions but are actively pursuing potential claims. Their scope is not limited to shareholder claims either – safety issues such as cladding and fire prevention are also significant, with plaintiff lawyers taking the view that responsibility for them rests with the Board.
Higher premiums and greater insurer scrutiny
The D&O insurance market is in transition. Where insurer capacity was once abundant, with healthy competition keeping premiums low, claims are now on the rise and insurers are behaving much more selectively.
By 2017 the quantum of claims in Australia was exhausting the available pool of funds. According to AON, a pool of approximately $250 million was met by individual claims of over $100 million.
As a result, premiums have increased and will likely continue to do so, especially for listed companies. Sectors particularly subject to insurer scrutiny include retail, construction, energy and health.
The devil is in the detail
Ensuring sufficient D&O coverage to protect your Board and senior management is critical. Not only is this relevant if a claim is made, it will also help your company attract and retain quality directors.
While it might be painful, you need to focus on the fine print of insurance policies, particularly in regard to exclusions, which can vary widely between insurers. In the event of a claim, the devil will often be in the details, which means every word of the policy is important. Consequently, Board members should be actively involved in D&O insurance discussions, policies should be provided in Board papers, and companies should obtain legal advice to ensure coverage is adequate.
You also need to consider the quality (and independence, if applicable) of your Board members. An individual’s risk profile is important given the risks outlined. Once the Board is in place, then focus on internal controls, reviews and accountability.
Maintaining a healthy culture and training employees is important for managing discrimination, harassment and cyber security risks. Employee awareness can greatly mitigate cyber risks, as attacks are often designed to trick them into giving access to information.
Finally, while reviewing your existing insurance policies can be cost effective, other worthwhile options include diversifying into global markets, which offer more options (although premiums will reflect the sometimes more complex risks in Europe and the United States). Standalone cyber security and reputational risk policies may also be appropriate, if there are exclusions or barriers to obtaining satisfactory protection under a D&O policy.