Corporate Culture, Cyber Risk Are Top of Mind for D&O Underwriters

By | January 21, 2019

Transparency and culture awareness were the key takeaways from a panel discussion on top directors and officers’ claims trends that took place at this year’s Professional Liability Underwriting Society (PLUS) annual conference in San Diego.

An audience poll at the start of the session set the tone for the discussion. The top three topics chosen by attendees included the #MeToo movement and data breach and privacy-related D&O claims.

Public, private firms and non-profits all face these new risks, said Kevin LaCroix, executive vice president of RT Specialty and the moderator of the discussion. Publicly-traded companies, including 21st Century Fox, Wynn Resorts, National Beverage, CBS and Papa John’s have all faced D&O lawsuits arising from sexual misconduct allegations. Private firms, like The Weinstein Co., aren’t immune to these types of suits either.

According to Cathy Padalino, senior vice president of Aon’s National Products Group, there has been a 12 percent increase in Equal Employment Opportunity Commission (EEOC) charges related sexual harassment.

Claims of sexual harassment will gradually widen to pay equity and gender inequality, the panelists said. Broader allegations will place the focus on management.

For example, LaCroix noted that a class action lawsuit filed against Nike didn’t involve allegations of inappropriate sexual conduct; rather, it focused on gender issues with allegations of a boys’ club promoting a hostile work environment and pay disparity. Such allegations have a lower threshold of proof than allegations of pervasive sexual harassment.

“While the board of directors is not going to be involved in every HR complaint or termination … the things that will bubble up to them really is more of the culture of the organization,” said Padalino.

Does a firm’s board of directors review the website Glassdoor to get a feel of the tone of the organization? Does the board conduct proactive “wellness checks” to evaluate its exposure? Padalino added that it can be an issue of talent retention and a feeling a firm can’t terminate a problem employee because the person’s skills are too valuable to let go.

Nora McGee, vice president at AIG, highlighted the issue of timing when reporting these claims. These may be decades old issues. Sometimes, senior officers are the ones involved in the claims; however, when the claim comes in it is covered under the D&O policy through prior notice coverage.

“The timing issue is concerning because is that something that should have been noticed ten years ago, because it was a covered claim under the policy and now you have a late notice issue,” said McGee.

Workplace harassment allegations can straddle several policy years, said Padalino.

“We continue to look at #MeToo as sort of a business issue for our companies. Pay Equity is going to continue to evolve, and continue to be a board level issue, as is talent. Retention and attraction of talent and making sure that their work force is free of workplace harassment in order to support their mission to really retain the best and attract the best talent,” said Padalino.

There are concerns of unintended consequences of some policy exclusions, she added.

“If there’s an absolute employment practices exclusion on a private company D&O policy because it’s supposed to be covered somewhere else, under EPL, are we taking away the D&O coverage that really is supposed to be afforded under those products,” said Padalino.

Cyber a D&O Issue

High profile data breaches have spawned multiple lawsuits and have begun to impact boards, panelists said. In January, Yahoo settled a securities lawsuit stemming from two 2016 data breaches for $80 million.

“Today, cyber risk is D&O risk,” said Padalino. “It’s not just an issue of…breaches against the organization and the IT department. It really has become a management issue. It’s a board level issue.”

According to McGee, there is concern from the derivatives lawsuit perspective. In addition, insider trading can fuel D&O allegations, the panel said.

For example, the SEC charged a former chief information officer at Equifax with insider trading when he unloaded shares of the company prior to the September 2017 announcement about a massive data breach.

Disclosure to shareholders, management oversight and responsibility are important in mitigating cyber risk, said Cathy Padalino.

“The challenge with Equifax is that timing of the disclosure piece. When did they disclose it…what did the board know about it and did they respond from a disclosure perspective,” said McGee.

A major issue with cyber is that many companies still don’t purchase insurance to cover their risk.

According to Padalino, D&O limit adequacy is a concern if a firm chooses to forgo cyber insurance. In addition, the lack of cyber coverage could prompt a mismanagement claim.

There’s also the issue of privacy and how collected data is used. The General Data Protection Regulation passed in Europe this year will impact American companies and how and when they report data breaches.

Every product has cyber exposure, said McGee. Because there’s a disclosure obligation, the focus will remain on directors and officers.

About Denise Johnson

Denise Johnson is editor of claimsjournal.com. More from Denise Johnson

Was this article valuable?

Here are more articles you may enjoy.