Category Archives: Specialty Coverage

Marijuana in the Workplace: What Happens When Business Managers in Legal-Use States “Just Say ‘No’”?

By James Ballot, I.I.I. senior advisor, special content projects

The conversation about marijuana use has evolved. Once, in the not too distant past, we (meaning our appointed civic leaders, parents and other authority figures) had the luxury of taking an absolutist stance about weed. Fast-forward to today, and the discussion is mostly a constructive exchange between or among parties invested in positive outcomes, and willing to embrace wide-ranging points of view.

Marijuana users—particularly persons permitted lawful therapeutic use of cannabis—are both empowered and motivated to pursue legal protection from discrimination potentially caused by employer “zero tolerance” policies.

So, what’s an employer to do? In “Marijuana, the Workplace and EPLI – Clearing the Haze,” Mindy Pollack, J.D., Product Specialist and Vice President in Gen Re’s Treaty department, lays out a few hypotheticals to clarify the situation (i.e., legal use of cannabis by new hires and employees). She also identifies solutions like EPLI policies that offer coverage against claims, as well as guidance for how employers can tailor conduct bylaws to better fit the new realities as legal marijuana use becomes the norm.

In short, the courts are split on discrimination claims related to marijuana use. That leaves employers with no single answer when the marijuana question comes up. Add to that the variations in state laws and workplace scenarios, and you have even less clarity.

Small business and cyber insurance

Risk management services are an important way cyber insurance adds value for small businesses, according to a new I.I.I. paper.

In Protecting Against #Cyberfail: Small Business and Cyber Insurance, I.I.I. co-authors James Lynch and Claire Wilkinson say:

“The provision of these types of services is considered a growth area in the cyber market for SMBs, where price may be a barrier to insurance coverage in the first place. For larger companies, cyber-related risk management services may be offered at a discount or for free.

“For SMBs in particular, offering a risk management or training solution where they can learn more and keep themselves up-to-date on current threats is perhaps most valuable.”

Also heard at the Advisen Cyber Risk Insights Conference in NYC last week: part of the value proposition for SMBs is that cyber policies offer solutions, not just coverage.

Andy Lea, vice president underwriting for E&O, Cyber and Media, CNA, told the conference: “The value proposition is more prominent with SME and middle market companies that just don’t have resources available in-house to manage risks. This is an opportunity for brokers and carriers to add value.”

What cybersecurity measures do businesses have in place?

In the third week of National Cyber Security Awareness Month, Insurtech Insights newsletter by CB Insights gives a timely update on the cyber insurance market, and where startups are playing in this growing industry.

It notes the “tremendous opportunity” to sell cyber insurance to small businesses.

A recent Better Business Bureau study estimates that 15 percent of small businesses have cyber insurance. BBB Accredited Businesses are almost three times as likely to include cybersecurity insurance.

Fortunately, about nine out of 10 businesses reported to the BBB they have some cybersecurity measures in place, with the most common ones: antivirus; firewall; and employee education:

How to protect employees against harassment

What are companies doing to protect employees against harassment? This question has added weight after the October 8 firing of Harvey Weinstein by the board of Weinstein Co. following reports of sexual harassment complaints against him. Earlier firings at Fox News and Uber have also brought the issue into focus.

From MarketWatch: “Companies are increasingly buying insurance, including employment practices insurance to cover costs associated with employment lawsuits,” said David Yamada, a professor of law and the director of the New Workplace Institute at Suffolk University.”

Some insurers are also providing training materials for companies to teach their employees about sexual harassment in hope of avoiding it, Yamada added.

Per this 2016 Betterley report, more insurers are partnering with vendors to offer risk management services, such as training and education, consultation and outreach to insureds:

“EPLI value-added services remain an important part of the product when done right, offering employers access to tools that can truly make a difference in the frequency and the severity of claims—as well as the bad feelings that accompany employee/ employer disputes.”

Gross written premium for employment practices liability insurance (EPLI) increased to $2.1 billion in 2015, according to MarketStance data.

I.I.I. information on EPLI coverage is available here.

A first look at the Equifax cyber loss

$125 million. That’s the first estimate of the insurance industry loss due to the Equifax cyber breach published by Property Claim Services (PCS).

Per Artemis blog:

“PCS’ initial estimate of the insurance market impact due to the Equifax hack attack is $125 million, however the firm said that the economic impact to the credit giant is expected to be much larger.

“PCS noted that there are outstanding coverage issues which could reduce the likelihood of the Equifax cyber insurance loss reaching the $125 million estimate, so it could be revised down it would appear.”

Equifax’s specific cyber insurance policy could provide as much as $150 million of coverage, according to Artemis.

Launched in early September, the PCS Global Cyber service provides industry loss estimates for cyber risk loss events of at least $20 million worldwide. The Equifax hack was its first designated event and PCS has since designated its second global cyber loss event, the impact of the Petya/non-Petya malware attack on pharmaceutical giant Merck & Co in June.

Why music festivals are among the hardest risks to insure

Headed to a music festival this summer? It’s the insurance for these events, rather than the music, that is drawing the headlines.

From Bloomberg, via Claims Journal:

“Big events, those the caliber of Coachella and Bonnaroo, typically take on at least five kinds of insurance policies: cancellation, including terrorism coverage, general liability, umbrella policies, workers’ compensation, and business auto coverage.”

FiveThirtyEight asks: what’s the typical cost of cancellation insurance for a music festival? Bloomberg has the answer:

“Cancellation insurance will typically cost 1 percent to 1.5 percent of the overall cost of an event, as much as $150,000 for a $10 million festival.”

Unpredictable weather, the threat of terrorism, and the demographics of festival attendees, are some of the factors that make music festivals one of the hardest risks to insure.

From the Argo Global blog, a post by David Boyle, contingency class underwriter, offers this perspective on why: Without intervention, festivals are likely to disappear from insurers’ books:

“Festivals, which sometimes include dozens of acts, can’t often be rescheduled in the event of inclement weather unlike concerts or other live performances.”


“Threats to festivals are not isolated to the increasingly unpredictable weather. Terrorism is now a very real threat to high profile events which often lack the security procedures of more permanent crowded places.”

Key takeaway:

“In our view, if the festival insurance market is to return to profitability, then intervention will have to come in the form of significantly increased pricing and, particularly for smaller events, improved risk mitigation processes.”

How do ransomware attacks impact cyber insurance loss ratios?

Another global ransomware attack, dubbed Petya, has disrupted operations at major firms across Europe and the United States.

More than 100 companies and organizations across various industries were affected, including shipping and transport firm AP Moller-Maersk, advertising firm WPP, law firm DLA Piper, Russian steel and oil firms Evraz and Rosneft, French construction materials company Saint-Gobain, food company Mondelez, drug giant Merck & Co, and Pennsylvania healthcare systems provider Heritage Valley Health System.

Today’s Insurance Information Institute Daily, via The Wall Street Journal, reports that the attack has exposed previously unknown weaknesses in computer systems widely used in the West.

The U.S. cyber insurance market grew by 35 percent from 2015 to 2016, based on recent reports.

From A.M. Best: U.S. property/casualty insurers wrote $1.35 billion in direct written premium for cyber insurance in 2016.

Overall, cyber insurance for the majority of companies was profitable and the direct loss ratio decreased by 4.5 percentage points to 46.9 percent in 2016, from 51.4 percent in 2015.

Ransomware attacks are part of the reason for the decline in the loss ratio, A.M. Best explains:

“The decline in direct loss ratio for 2016 is partially attributed to the majority of reported cyber-attacks being related to ransomware heists. In almost all ransomware cases, the losses were well below the deductible and a simple backup recovery resolved and remedied any negative long-term effect of the attacks.”

Read our earlier post on insurance for ransomware attacks.

Ransomware: Does Cyber Insurance Make Sense?

As organizations look to recover from the disruption caused by Friday’s massive global ransomware cyberattack, the value of cyber insurance, and other cybersecurity tools, just multiplied exponentially.

Security researchers at Kaspersky Lab recorded more than 45,000 attacks in 74 countries including the UK, Russia, Ukraine, India, China and Italy, the Guardian reports.

The UK’s National Health Service, French car manufacturer Renault, and Spain’s telecommunications giant Telefonica were among those hit by the so-called WannaCry ransomware, which locks up computer systems until the victims pay a ransom.

Cyber risk modeling firm Cyence estimates the average individual ransom cost from the attacks at $300, and the total economic costs from interruption to business at $4 billion, according to this Reuters report.

Kevin Kalinich, global head of Aon’s cyber risk practice, told Reuters:

“If you’re a hospital that turned away patients, if you’re a global delivery company that can’t send a package, or a telecom company in Spain, Russia or China, the financial statement impact from the business interruption is much larger than the $300 ransomware.”

Insurance coverage for ransomware (see earlier post), and other forms of extortion, is available under cyber insurance policies, or other types of policies that specifically cover cyber extortion.

An insured’s ransom payment following an attack is typically covered, subject to individual policy terms and conditions, according to this I.I.I. white paper.

Cyber policies also provide coverage for the costs of forensic investigation, restoring lost or corrupted data, legal expenses and business interruption.

Here are some of the considerations that go into the decision to purchase coverage.

A Recovered Rockwell And The Art Of Coverage

Artwork and other valuable items like antiques and jewelry are often targets of theft which is why it’s important to have them properly appraised and insured.

Take this story of the Norman Rockwell painting “Boy Asleep with Hoe” (pictured below) which has been returned to the family of its original owners in Philadelphia more than 40 years after its theft.

In today’s I.I.I. Daily: the painting was taken in 1976 from a family home in Cherry Hill, New Jersey. The family then filed a claim to their insurer, Chubb. Chubb insured the painting, paid the claim and acquired the painting’s title.

As Antiques and the Arts reports, the 40-year art mystery was solved when a lawyer contacted the FBI’s art crimes division in October that a client had a painting that didn’t belong to him that he wished to return.

The estimated value of the recovered painting is put at between $600,000 and $1 million, significantly more than its value at the time of theft.

The family returned the 1970s claims payment to Chubb in exchange for the painting. Chubb will donate the funds to Norman Rockwell Museum in Stockbridge, Massachusetts.

I.I.I. tip: A standard homeowners policy offers only limited coverage for high value items. If you have belongings that exceed these limits, you should consider supplementing your policy with a floater, a separate policy that provides additional insurance. Before purchasing a floater, the items covered must be professionally appraised. Don’t forget to add these belongings to your home inventory.

Flaming Insurance

No, we’re not talking insurance for damage or loss to property because of fire. This type of flaming insurance helps businesses recover when unflattering information that hurts their brand or image goes viral online.

Asia Insurance Review reports that Sompo Japan has started selling “enjo” insurance (flaming insurance) coverage to compensate a target of “enjo” (widespread flaming of a target due to negative rumors or scandals.)

Sompo’s new product – a first of its kind in Japan – will compensate any target of “enjo” whether or not the rumors are groundless or based on fact.

In the event of a viral outbreak, Sompo will cover expenses for a positive media campaign, research into why the negativity began, and the cost of public apologies if needed.

Coverage could be useful for businesses suddenly the target of unwanted social media attention. For example, as RocketNews24 reports, McDonald’s Japan had to deal with a long-burning enjo after a tainted chicken scandal.

What’s the cost of this coverage? Premiums will run from JPY500,000 to JPY600,000 ($4,343-$5,213).