This autumn, the Court of Appeal of England and Wales handed down judgment in UnipolSai Assicurazioni SpA v Covéa Insurance Plc [2024] EWCA Civ 1110. This was an appeal of an Award made in a reinsurance arbitration under section 69 of the Arbitration Act 1996. UnipolSai’s challenge was at first instance before (and dismissed by) Mr Justice Foxton in the Commercial Court. The Court, at both first instance and appeal, considered the recoverability of business Covid-19 interruption losses under a reinsurance policy, and in particular two key issues:

  1. Whether the Covid-19 losses for which Covéa sought indemnity under the Reinsurance Policy arose out of and were directly occasioned by one ‘catastrophe’ on the proper construction of the Reinsurance Policy.
  2. Whether the effect of the “Hours Clause” in the Reinsurance Policy, which confined the right to indemnity to “individual losses” within a set period, had the effect that the reinsurance only responded to payments in respect of the closure of the insured’s premises during the stipulated period.

At first instance, Foxton J decided both issues in favor of the reinsured, Covéa (you can read his judgment here). The Court of Appeal upheld Foxton J’s decision.

Following a string of policy-holder friendly decisions by the Courts (you can read our most recent update here) this will be welcome news to insurers, albeit to the detriment of their reinsurers, and not original policyholders.

Background

The original insureds were operators of children’s nurseries and related childcare facilities. They purchased insurance from Covéa for various property-related perils, including non-physical damage business interruption cover. Covéa, in turn, purchased reinsurance from UnipolSai in the form of a Property Catastrophe Excess of Loss Reinsurance policy (the “Reinsurance Policy”).

As a result of the onset of the Covid-19 pandemic, and the consequent closure of nurseries, schools, and colleges, Covéa paid out significant sums under the insurance, and sought an indemnity under the Reinsurance Policy.

Issue in Appeal

UnipolSai raised two objections in refusing to pay the indemnity. First, it argued that Covid-19 losses did not arise out of and were not directly occasioned by a ‘catastrophe’.

Secondly, it contended that, for the purposes of aggregation, the ‘Hours Clause’ in the Reinsurance Policy had the effect of limiting any recovery of Covid-19 business interruption losses to payments in respect of the closure of insured premises during a stipulated period of 168 hours (on the basis that no “individual loss” which occurs outside that period could be included).

Application of “Catastrophe”

First, the Court of Appeal held that the underlying Tribunal’s conclusion on this issue was “evaluative” in nature, and did not involve an error of law. As a result, it was not open to UnipolSai to appeal the Tribunal’s decision.  

However, potentially of more interest, is the Court of Appeal’s additional finding that the Covid-19 pandemic was, in any event, capable of being a ‘catastrophe’. As the Reinsurance Policy did not define “catastrophe”, and in the absence of a market definition, the Tribunal considered the ordinary meaning of the word by reference to dictionary definitions and expert evidence. It decided that there was no applicable law or market practice that would limit the meaning of “catastrophe”.

UnipolSai, in the Court of Appeal, argued there were three aspects of the word “catastrophe” that the arbitral tribunal had failed to recognise:

  1. That it must be an event or species of event, whereas Covid-19 was a state of affairs. The Court of Appeal rejected this, upholding the Tribunal’s determination that a “catastrophe” was not limited by a requirement that it is a species of event since neither the word “event” nor “occurrence” appeared in the Reinsurance Policy [paras 105 and 132-137].
  2. That it must be a sudden and violent event. This was also rejected, with the appeal judges agreeing with the Tribunal’s finding that “it is evident that the exponential increase in Covid-19 infections in the UK during the first three weeks of March 2020 did amount to a disaster of sudden onset such as to qualify as a catastrophe” [paras 138-139]
  3. That it must cause or be capable of causing physical damage. This too was rejected, with a finding that UnipolSai’s attempt to rely on the ejusdem generis principle (i.e., where general words follow particular and specific words, the general words must be confined to things of the same kind as those specifically mentioned) was misconceived [paras 140-143]

The Court of Appeal therefore rejected all of UnipolSai’s arguments and concluded that the Covid-19 outbreak did constitute a ‘catastrophe’ under the terms of the Reinsurance Policy.

The “Hours Clause”

The key issue considered by the Court was identifying when the “individual loss” incurred by the original policy holder(s) occurred – if the individual loss occurred outside the relevant period of hours (in this case, 168 hours), it could not be included in the “Loss Occurrence” (as per the wording in the Hours Clause).

The Tribunal found that an “individual loss” occurred for the purpose of the “Hours Clause” when the nurseries were closed on 20 March 2020. This was despite the fact that the business interruption continued until the nurseries were allowed to re-open when the first lockdown restrictions were lifted, that being when ” indemnifiable business interruption loss within a nominated 168 hour period” [PARA REF.]. It followed that the loss which the insured continued to sustain afterwards would be aggregated with the loss sustained during the 168 hour period.

The Court again agreed with the Tribunal’s analysis, finding that “individual loss” first occurs when a covered peril strikes or affects insured property. Further, when the covered peril which strikes the property is the loss of the ability to use it (whether through damage to other property or premises or through a closure order as in this case) the individual loss occurs at the same point. The Court also considered it immaterial for these purposes how precisely the property is affected and by what type of peril occurs. The “individual loss” encompasses the entirety of the loss caused by the relevant peril (or to use the wording in the Reinsurance Policy in this case, the relevant catastrophe).

Finally, the Court held that “occur” in this case meant “first occur” so that what can be aggregated is individual losses which first occur during the relevant period here (the 168 hours or one week) even if the financial loss in question continues to develop over time after the 168 hours has expired.

Conclusion

Following a string of policyholder victories since Financial Conduct Authority v Arch Insurance (UK) Ltd & others, some insurers will no doubt breathe a sigh of relief following the Court of Appeal’s decision in this case. It is equally helpful that reinsured’s will be able to rely on a public judgment, given that reinsurance disputes are often resolved in confidential arbitrations.

Insurers are expected to pay an estimated £2bn in Covid-19 business interruption claims, in part as a result of the Courts’ various decisions on business interruption cover. But now that the Court has curtailed reinsurers’ chances of challenging claims paid by their cedants, it may relieve some of the potentially heavy financial exposures faced by paying insurers.

Today, generative AI (“Gen AI”) is one of the world’s fastest growing technologies, with businesses around the globe developing, adopting and incorporating machine-learning and AI technologies into their business models. The very nature of this fast-paced and novel technology brings unique risks that can implicate various lines of insurance coverage including, among others, Cyber, Professional Liability, Media Liability, IP Liability and Errors and Omissions. Moreover, an expanding regulatory landscape aimed at protecting shareholders and consumers creates financial and reputational challenges for businesses utilizing AI technology. As is often the case with emerging technological risks, the insurance market is struggling to keep up. In particular, the cyber liability insurance market has been slow to offer products aimed at covering the different Gen AI risks that policyholders face, whether those policyholders are incorporating existing generative AI products or developing their own Gen AI.

Where traditional AI is known for analyzing and automating data that the system receives, Gen AI is broadly defined as any AI system that generates creative content. Gen AI models are now being used across various industries to create content, initiate and execute computer code, summarize complex data, track equipment performance or maintenance and improve supply chain management. When this concept is overlaid to policyholder risks, one of the most nascent risks is the use (or misuse) of Gen AI. 

Policyholders adopting Gen AI as a form of cybersecurity face a double-edged sword, in terms of risk. On the one hand, Gen AI can enhance the function of cyber security by analyzing a vast network of data in real time to identify anomalies that might indicate a security breach. On the other, AI vulnerabilities, along with an increase in the use of large language models (LLMs), may open a whole new frontier of cybercrime.

Policyholders developing Gen AI models face different cyber risks. Those risks include: (a) data poisoning, where attackers manipulate input data in order to compromise the output of the AI model; (b) infringement, where the AI model incorporates copyrighted or otherwise protected intellectual property into its content creation; and (c) regulatory violations, including violations of laws intended to regulate the development and deployment of AI systems. 

Whether policyholders are adopting Gen AI as part of a comprehensive cybersecurity program or developing their own Gen AI product, it is imperative to adequately insure against these cyber- and AI-related risks. 

Like other evolving technology risks before it, the cyber liability insurance market has not kept pace with AI technology. But options are available to tailor coverage to a policyholders’ particular needs. For example, in early 2024, cyber liability insurer Coalition introduced a policy endorsement aimed to cover risks pertaining to security breaches resulting from actors using Gen AI. 

For developers of Gen AI, traditional cyber insurance policies have excluded risks associated with the development of Gen AI models because the risks associated therewith are both novel and potentially catastrophic. However, as more businesses invest in the development of Gen AI technology to streamline operations and improve the customer experience, the insurance market is, and will continue to be, forced to adapt. 

In late October 2024, global insurance company AXA XL became one of the first to introduce an insurance product designed to protect against the specific risks faced by companies investing in or creating Gen AI models. AXA’s new endorsement expands cyber coverage to address data poisoning, infringement and usage and regulatory violations (particularly the European Union’s AI Act). This new coverage can be purchased as an add-on to their traditional cyber insurance policy and helps to fill the existing gaps in cyber coverage for policyholders investing in and developing Gen AI technology. Other insurance carriers will likely follow suit. 

For policyholders that are either currently developing or considering developing a Gen AI model to streamline their business, additional coverage may be needed to adequately protect against the potential risks of developing a model. Accordingly, policyholders should consult with coverage counsel to review existing coverage and ensure that future coverage is designed to protect against and mitigate the specific risks associated with their business.      

The insurance sector in the UK is subject to a complex and dynamic regulatory framework, which aims to ensure the protection of policyholders, the stability of the financial system and the promotion of fair and effective competition.

The main sources of regulation in the UK come from legislation, the rules and guidance of the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA). Underpinning these sources are the common law and contractual principles that govern the relationship between insurers and insureds.

In this blog, we will take a quick look at some of the key regulatory frameworks that players in the market need to be aware of.

Solvency and capital requirements for Insurers

The Solvency Capital Requirements (SCR) set out that insurers must maintain adequate financial resources to ensure they can meet their liabilities and withstand difficult situations and periods.

The SCR are set out in the Solvency II Directive and prescribe certain levels of capital that an insurer is expected to hold to pay claims as they fall due. In calculating the level of capital required, a diverse range of risks are taken into account with the requirement being that the SCR is calculated at a “value at risk” subject to a 99.5% confidence level.

This effectively means that the SCR levels should allow for an insurer to be able to withstand all but the most extreme risks without the depletion of its capital.

The SCR functions alongside the Minimum Capital Requirement (MCR) which is a lower threshold to establish the absolute minimum level of capital an insurer should maintain. The PRA, as the regulatory arm of the Bank of England, oversees this regime and should an insurer’s capital fall below the SCR the PRA is able to intervene in the management and operation of the insurer. If the level of capital falls below the MCR then the PRA is able to withdraw authorisation and prevent the insurer from taking on new business.

These protections offer peace of mind to insureds taking out insurance, which is often increasingly expensive.

Regulation of consumer insurance

The UK’s financial regulator, the FCA, maintains a specific set of insurance-focused conduct of business rules (ICOBS) alongside its more general conduct of business rules (COBS).

These rules focus on consumer protection and set out that an insurer and its intermediaries must treat their customers fairly and conduct themselves in a way that is clear, fair and not misleading. The rules cover the entire lifecycle of an insurance product from design and governance to distribution and sales, claims handling and complaints and customer communications.

While these provisions are high-level, the FCA has the ability to impose fines, bans or other measures where they determine the rules have been breached. In September 2023, for example, a Final Notice was published against the insurer Direct Line for a breach of ICOBS rules relating to pricing structures where existing home and motor insurance customers were charged more for their renewals than new customers.

In a similar theme of consumer protection, the FCA has spearheaded the introduction of new consumer duty rules aimed at improving the standard of communication and consumer protection across financial services, including insurance. The stated core principle of these rules is that firms must act to deliver good outcomes for retail customers. The duty came into effect for new sales from 31 July 2023 with this being expanded to cover existing sales from 31 July 2024. The duty includes requirements for firms to:

  • Make it as easy to switch or cancel products as it was to take them out. 
  • Provide helpful and accessible customer support. 
  • Provide timely, clear and understandable information about products and services so that people can make good financial decisions. 
  • Provide products and services that are right for their customers. 
  • Focus on the real and diverse needs of customers, including those in vulnerable circumstances.

The duty does not regulate what an insurer may charge for product-specific features such as premiums paid by installments, administrative charges and mid-term cancellation fees. Insurers will, however, need to demonstrate that any charges are reasonable and that they meet the price and value outcome.

The FCA completed a thematic review of the regulations in August 2024 and explicitly referenced insurers when reporting on the outcome of the review, stating that insurers were failing to meet the new requirements, particularly in relation to demonstrating to consumers how products offer fair value and outcomes.

Regulation of commercial insurance

The FCA Handbook applies different regulatory rules to the provision of commercial insurance where a contract of insurance fits the definition of a “contract of large risks”. This includes insurance relating to:

  1. railway rolling stock, aircraft, ships (sea, lake, river and canal vessels), goods in transit, aircraft liability and liability of ships (sea, lake, river and canal vessels);
  2. credit and suretyship, where the policyholder is engaged professionally in an industrial or commercial activity or in one of the liberal professions, and the risks relate to such activity;
  3. land vehicles (other than railway rolling stock), fire and natural forces, other damage to property, motor vehicle liability, general liability and miscellaneous financial loss, in so far as the policyholder exceeds the limits of at least two of the following three criteria:
    • balance sheet total: €6.2 million;
    • net turnover: €12.8 million;
    • average number of employees during the financial year: 250

Where an insurance contract falls into the above definition, the majority of the ICOBS rules do not apply and aspects of the “PROD 4” regime relating to product governance are also not applicable, creating a looser framework of regulation for commercial insurance.

However, in July 2024 the FCA published its discussion paper DP24/1 which identified issues with the current regime and stated its aim to potentially amend definitions to distinguish small and medium enterprises (SMEs) from larger business customers, bringing SMEs more in line with consumer regulation, and ultimately offering them greater regulatory protection.

All too often it is only when there is a major incident that businesses think about the terms of their insurance. However, it is important that businesses understand their insurance coverage obligations ahead of crises to ensure they don’t inadvertently lose the ability to recoup any future losses through insurance when an incident does occur.

The Need to Notify

One important obligation that insureds must understand is notification. Many policies list notification obligations as a condition precedent to coverage, meaning that if they are not complied with, insurers may have a right not to cover an insured’s claim.

In this blog we set out the common components of notification provisions that can be found in insurance policies, which should be considered when there is any possibility of a claim.

Notification requirements serve several purposes. As an insured, notifying your insurer promptly can help you:

  • Preserve your rights and benefits under the policy
  • Obtain advice and assistance from your insurer
  • Avoid disputes and delays in the claim process
  • Comply with any legal or contractual obligations

Claim or Circumstance?

The first step to understanding your notification obligations is to determine whether the policy requires you to notify a claim, a potential claim, and/or a circumstance.

In addition to needing to notify known claims or potential claims, your policy may allow for or, indeed, require, notification of a “circumstance” which could lead to a claim. A “circumstance” may or may not be defined in the policy. Normally, a “circumstance” is a known matter that could indicate a potential for future claims. Failure to notify a “circumstance”, when required, could result in insurers refusing to cover claims found to be arising out of that circumstance.

Awareness is Key

Only if an insured is aware of a claim or a circumstance can it be notified to insurers. Therefore, practically, the risk manager or individual/team charged with the management of your company’s insurance suite must monitor the company’s risk exposure on a regular basis and have a reliable pipeline of information from the business to ensure it is capturing claims, and also possible “circumstances” that could give rise to a claim.

Threshold for Notification

In respect of notifying circumstances, you should also be aware of the threshold for notification required under your company’s insurance policies. You may need to notify circumstances that are “likely” or “may/might” or “are reasonably expected” to give rise to a claim. Determining the threshold required for notification is important to ensure the ability to bring a claim related to the circumstances is preserved.

Making a Notification

Once you determine that either a claim or a circumstance needs to be notified to insurers under your policy, notification will need to be made to insurers.

The best way to notify your insurer is to follow the instructions and procedures outlined in your policy document or contact your insurance agent or broker. You may need to provide written notice, verbal notice, or both, depending on the nature and urgency of the matter. You may also need to provide supporting documents, evidence, or information to substantiate your notification.

You should keep a record of your notification, including the date, time, method, and content of your communication, and the name and contact details of the person you spoke to or corresponded with. You should also keep a copy of any correspondence or documents you send or receive from your insurer.

We also note that insureds are often required to notify any change or development in a notified claim or circumstance. Accordingly, you should liaise with your broker to ensure insurers are kept updated as a notified claim/circumstance develops.

Timing of Notification

Your company’s policy may contain specific wording as to how long your company has to notify insurers of a claim and/or circumstance. If the policy is unclear or silent as to timing, it is recommended that notification is made to insurers as soon as possible.

Notification of a Claim Against Insurers

Not only does your company have to notify insurers of a claim in accordance with the terms of the policy, but your company should also check to see if there is a clause in the policy providing that legal proceedings against insurers must be commenced within a specific period (the period specified can sometimes be shorter period than the usual six-year limitation period for contractual or tortious claims under English law).

Considerations when Negotiating Policy Terms

Insureds should be familiar with the notification obligations in their insurance policies to ensure that opportunities for indemnification for claims and potential future claims are not lost.

When it comes to renewing or placing a new policy, insureds might want to attempt to negotiate the notification wording. The wording of the notification clause should be clear and unambiguous to ensure that the insured knows exactly what to do when it comes to notifying insurers of a claim/potential claim or circumstances that could give rise to a claim.

Under the Insurance Act 2015, the insured must disclose every material circumstance that they know or ought to know or give the insurer sufficient information to put a prudent insurer on notice of the need to make further enquiries. The insured is deemed to know what is known by its senior management and those responsible for arranging the insurance, as well as what should reasonably have been revealed by a reasonable search of information available to the insured. It is typically preferable to seek to limit the knowledge to specific individuals in the insurance team, or the risk manager at the company.

Key takeaway: Compliance with notification requirements under an insurance policy is important. It will preserve your rights and benefits under the policy and ultimately avoid disputes and delays in the claim process.

Earlier this year, in Gregory v. Safeco Insurance Co., the Supreme Court of Colorado addressed the question whether, under Colorado law, the notice-prejudice rule should apply to first-party property insurance claims under occurrence-based, homeowners’ insurance policies. 545 P.3d 942 (Colo. 2024). In a thoughtful and lengthy opinion, the Supreme Court adopted the rule by at 4-3 vote. Id. at 961. The facts and holding are discussed in several articles.[1] Rather than retread those details, this blog highlights three other important takeaways from the opinion.

1. Stare decisis remains vital

Stare decisis, the court in Gregory explained, “is a judicially created doctrine under which courts follow preexisting rules of law.” Gregory, 545 P.3d at 950. This bedrock principle of Anglo-American jurisprudence, which has gone through some rough times of late, remains strong in Colorado. In applying the doctrine, the court in Gregory thoroughly walked through its past decisions on late notice, tracing its own jurisprudence back one hundred and fifteen years, to its decision in Barclay v. London Guarantee & Accident Co., 105 P. 865 (Colo. 1909). The court then methodically plotted a course forward, to the present day and the embracing of the notice-prejudice rule in the context of occurrence-based, first-party homeowners’ property insurance policies.

Although it is self-evidently anachronistic and lowercase “c” conservative – asking lawyers and judges to look backwards, with the express purposes of adhering to precedent (history and “tradition”), fostering stability and predictability,[2] and curbing judicial activism[3]stare decisis is nonetheless a pillar (if imperfect) of our judicial system. The Gregory decision is a wonderful example of the application of this seminal principle.

2. Insurance law is a creature of state law and it must be mined carefully and comprehensively

Just as stare decisis is a foundational tenet of Anglo-American jurisprudence, so, too, is the notice-prejudice rule a universally adopted rule of American insurance law, at least for occurrence-based policies. Or, almost, as it is, apparently, a near-universal rule of several states. Indeed, for many years, it was a matter of insurance law dictum that everywhere adhered to the notice-prejudice rule for occurrence policies, except New York, and that was changed by the New York legislature more than fifteen years ago.[4]

But the broader point is that Colorado law on notice was, and is, different from the law of other states. Even different within Colorado depending on the type of insurance policy. And this is not uncommon. Unlike most businesses in the United States, the business of insurance is subject to regulation by the individual states.[5] Likewise, there is no national or federal body of insurance law. Courts in all states are bound only by the precedents of their own state appellate courts. Thus, one of the first steps to take in any insurance case is to determine what state’s law might apply to the interpretation of the insurance policy at issue, and then how that state or those states have ruled (or might rule) on the important questions and defenses to the claim.

3. Policyholders should always identify and comply with deadlines in their insurance policies

Although listed third, this might be the most important lesson to take from Gregory – policyholders should always pore over their policies to ensure they know of and comply with any deadlines in them. In Gregory, the policyholders were required to give notice within one year of the date of the loss. Other policies might require proofs of loss to be provided 60 or 90 days from the date of loss or the date they are requested by the insurance company; still others might require that a lawsuit be brough within one, two, or even three years from the date of loss. Adding to the difficulty is that different states might apply different rules to these deadlines – some might require strict compliance, while others have put in place various equitable rules, such as requiring prejudice or equitable tolling, which might blunt the otherwise draconian impact of some of these provisions. But it all starts with the policy language. A policyholder must look at that first, hopefully at or not long after the time of the loss, and do as much as it can to comply with any deadlines.

[1]  See, e.g., ACCC_Articles_COSupCrtPrejAndPropClaims_Law360_20240312.pdf; https://www.cohenziffer.com/law360-insurance-authority-the-top-property-insurance-decisions-of-2024-so-far/https://cl.cobar.org/from-the-courts/gregory-v-safeco-insurance-co-of-america-runkel-v-owners-insurance-co/; https://www.insurancebusinessmag.com/us/news/legal-insights/can-an-insurance-carrier-reject-a-homeowners-claim-if-it-is-late-481599.aspx;

[2]  Lindquist and Cross, Stability, Predictability and the Rule of Law:  Stare Decisis as Reciprocity Norm, Univ. of Tex. Rule of Law Conf., 2010.

[3]  Federalist No. 78.

[4]  “Chapter 388 of the Laws of 2008 (“Chapter 388”), which amends Insurance Law §§2601 and 3420” and “bring[s] New York into the mainstream with respect to establishing a “prejudice” standard applicable to the late notice of claims.  The law t[ook] effect on January 17, 2009 (180 days after it was signed by the Governor on July 21, 2008).”  https://www.dfs.ny.gov/industry_guidance/circular_letters/cl2008_26.

[5]  In the United States, the McCarran-Ferguson Insurance Regulation Act, 15 U.S.C.A. §§ 1011-1015, statutorily prohibits the federal government from regulating the insurance industry. This regulatory authority is left solely to the individual states.        

This article provides an update to a post published on July 23, 2024 by Mark Pring, Andy Moss, and Cristina Shea, which can be found here.

It has now been over a month since cybersecurity technology company CrowdStrike rolled out a defective software update that rendered over 8 million computers around the globe temporarily inoperable. The outage affected airlines, government agencies, banks and financial services companies, hospitals, manufacturers, retail stores, and broadcasting companies, among many others. While some computer systems were able to be restored in a relatively short time, the fallout from the CrowdStrike outage is ongoing.

Litigation Has Begun But the Outcome of Those Cases Remains Uncertain

Following the July 19, 2024 outage, various plaintiff groups have filed or are planning to file class action lawsuits against CrowdStrike. Shareholders have alleged that the company made false and/or misleading statements to investors regarding its internal controls and testing, resulting in substantial financial, legal, and reputational harm to the company.[1] Airline travelers have filed proposed class action lawsuits against CrowdStrike for harms and losses resulting from cancellations and delays.[2] Some of CrowdStrike’s customers are also reportedly preparing to file suit against the company due to alleged financial and reputational damage to their businesses because of the outage.[3] Further, some of CrowdStrike’s customers are reportedly being investigated by the U.S. Government over their response to the outage.[4] 

All of this goes to show that what may start as a singular IT event can ripple across the economy, causing a variety of different losses and implicating a variety of different insurance coverages, including cyber (for system failure and/or business interruption loss), CGL (for third party lawsuits), and D&O (for government investigations).

Losses Are Still Being Calculated

Global insured losses related to the CrowdStrike outage are estimated to range between $400 million and $1.5 billion, potentially making it one of the largest cyber insurance losses ever. Given the unique nature of the occurrence and the different types of policies at play, it is still too early to accurately estimate the extent to which total losses will be covered by insurance.

Some Losses Are Expected to Be Covered by Insurance

For companies that have cyber insurance coverage and suffered a loss from the CrowdStrike outage, the claims process should be straightforward. As an executive from one of the largest insurance brokers recently stated, these losses are “absolutely something that is expected to be covered under cyber insurance.”[5] But in reality, it remains to be seen how vigorously insurance companies will push back on these claims.

Nonetheless, if a cyber policy has “system failure” coverage, then coverage for the CrowdStrike outage might be more likely. As one example, Beazley, a major cyber insurance carrier, offers policies providing coverage for “[b]usiness interruption loss that the insured organization sustains as a result of a security breach or system failure that the insured first discovers during the policy period.”[6]  “System failure” in that policy means “an unintentional and unplanned interruption of computer systems.”[7] Accordingly to Beazley, this policy would cover situations when a system glitch causes a retailer’s point of sale systems to go offline and prevents the retailer from making sales.[8] This would appear to be exactly what happened to many companies during the CrowdStrike outage, where their systems unexpectedly went offline, disrupting their businesses and causing them to lose income as a result.

Limitations May Exist

Nevertheless, cyber policies vary widely and many policies have exclusions or limitations that may be applicable. For example, cyber policies covering business interruption loss may include a waiting period for coverage. Under those types of provisions, a certain amount of time has to pass—typically 8 to 24 hours—before business interruption losses under the policy are triggered. As a result, coverage may turn on the length of the waiting period and how quickly computer systems were restored.

Another area for potential limitation in coverage is whether an entity’s cyber policy protects only the policyholder against system failures, or whether coverage is extended to losses caused by disruptions to business partners or suppliers. Whether these types of supply chain losses are covered will depend on the specific language in the policies.

Policyholders Should Move Promptly to Evaluate Coverage and Plan for the Future

As always, it is best to get ahead of these potential issues as early as possible, reviewing your coverages, and working with coverage counsel.

Few firms have the depth of experience and knowledge in this area as Reed Smith. If you are considering bringing a claim for the CrowdStrike outage, or are interested in reviewing your current coverages, Reed Smith’s Insurance Recovery Group can help. As one of the firm’s premier practice groups, and with insurance recovery lawyers across the globe, we are uniquely positioned to serve our clients in all aspects related to losses arising from system and network outages and failures, cyber events, and other tech-related business interruptions. Our expertise in this space allows us to provide our clients with the most up-to-date knowledge and experience in identifying and accessing your insurance recovery options.  

[1] Jonathan Stempel, CrowdStrike is sued by shareholders over huge software outage, Reuters (August 1, 2024), https://www.reuters.com/legal/crowdstrike-is-sued-by-shareholders-over-huge-software-outage-2024-07-31/.

[2] Jonathan Stempel, Crowdstrike is sued by fliers after massive outage disrupts air travel, Reuters (August 5, 2024), https://www.reuters.com/legal/crowdstrike-is-sued-by-fliers-after-massive-outage-disrupts-air-travel-2024-08-05/.

[3] Delta Air Lines CEO says CrowdStrike outage to cost carrier $500 mln, CNBC reports, Reuters (July 31, 2024), https://www.reuters.com/business/aerospace-defense/delta-air-lines-ceo-says-crowdstrike-outage-cost-carrier-500-mln-cnbc-reports-2024-07-31/.

[4] David Shepardson and Rejesh Kumar Singh, US opens probe into Delta following widespread flight cancellations, Reuters (July 23, 2024), https://www.reuters.com/business/aerospace-defense/us-opens-probe-into-delta-following-widespread-flight-cancellations-2024-07-23/.

[5] Evan Gorelick, Tech Outage Spurs Insurance Clients to Ready Cyber Claims, Bloomberg News (July 19, 2024), https://www.bloomberglaw.com/product/blaw/bloomberglawnews/insurance/BNA%2000000190-cd71-da8a-a99e-dff337b40003.

[6] Cyber BI Guide, Beazley.com, https://cyberservices.beazley.com/usa/bi_guide/policy_wording.html (last accessed Aug. 28, 2024).

[7] Id. 

[8] Id.

When the COVID-19 Pandemic incepted, and issues arose as to whether affected policyholders could seek Business Income and Civil Authority coverage from the presence or suspected presence of SARS-CoV-2 and consequent orders of Civil Authority, I thought that the easiest question to answer was whether such policyholders had suffered physical loss or damage (“PLOD”) to their property. 

The Majority PLOD Rule Prior to COVID-19

With my colleague, Nicholas Insua, I write and annually update a book discussing every Business Income (or Business Interruption) case decided in the United States. Many issues arising under policies providing “time element” coverage have but a handful of cases discussing them, but whether unusual circumstances – i.e., events other than fire, windstorm, etc. – cause “physical loss or damage” to property had been the subject of more than two score cases by March 2020. In about three quarters of those cases, courts held that such unusual circumstances – falling rocks which threatened but had not yet hit a property, temporary infusion of smoke or ammonia or gas fumes, risk of collapse caused by collapse of neighboring building – caused “physical loss or damage” if property could not be safely used as it had been used previously. I thought the same results would obtain in COVID-19 cases.

Courts Accept Insurers “PLOD” Arguments in the COVID-19 Context

Unfortunately, this prediction was incorrect. Largely, courts have accepted insurance company arguments that SARS-CoV-2 and consequent orders of Civil Authority do not cause PLOD. In the wake of these decisions, there have been two interesting, if wholly predictable, developments since then. 

Courts Continued To Apply the Majority PLOD Rule in Other Contexts

First, in the first few non-COVID-19 coverage cases decided after March 2020, courts continued to interpret PLOD as including covered loss from events rendering property unfit for its intended use. See James W. Fowler Co. v. QBE Ins. Corp., No. 20-35926, 2021 U.S. App. LEXIS 31714, at *2 (9th Cir. Oct. 21, 2021) (unpublished) (agreeing on appeal that a micro-tunnel boring machine which was undamaged but trapped underground would suffer “direct physical loss” if it “either impossible or unreasonably expensive to recover”); Crisco v. Foremost Ins. Co., No. C 19-07320 WHA, 2020 WL 7122476, at *4-5 (N.D. Cal. Dec. 4, 2020) (finding mobile homes suffered PLOD when a fire destroyed the electric, gas, sewer, and potable water infrastructure which serviced them but did not damage the mobile homes themselves); National Ink & Stitch, LLC v. State Auto Prop. & Cas. Ins. Co., No. SAG-18-2138, 2020 WL 374460, at *5 (D. Md. Jan. 23, 2020) (finding policyholder which suffered a ransomware attack on its computer server causing permanently lost access to its art files and other data had suffered loss of “functionality” and thus PLOD); and EMOI Servs., LLC v. Owners Ins. Co., 2021-Ohio-3942, P5-7 (Ohio App. 2021) (rejecting insurer’s argument that PLOD “does not occur when the insured merely loses access or use,” concluding that “[a]s a result of the encryption, [the policyholder] and its clients were unable to access [the policyholder’s computer] system for a significant period of time”).

In all of these cases, there was not tangible damage or alteration of property; what was lost was instead the use of property for its intended purpose. The result in these cases indicates that something other than application of the common law as it existed in March 2020 was motivating courts ruling against policyholders in cases addressing insurance coverage for PLOD from SARS-CoV-2: concern about the solvency of the insurance industry.

Insurers Are Leveraging PLOD Rulings in the COVID-19 Context to Win in All Similar Contexts

Two, not satisfied with pleading poverty to win in COVID-19 cases, the insurance industry is using results in COVID-19 cases to affect a major restriction in the coverage they provide without securing regulatory approval (and incur a cut in rates). And this has now occurred. In EMOI, on appeal, the Supreme Court of Ohio reversed (EMOI Servs., L.L.C. v. Owners Ins. Co., 208 N.E.3d 818 (Ohio Dec. 27, 2022) (applying Ohio law), citing a COVID-19 case. Insurers have made arguments citing COVID-19 cases in other contexts:

  • NMA Investments L.L.C. v. Fidelity & Guar. Ins. Co., No. 22-cv-1618, 2022 U.S. Dist. LEXIS 164606, at *8-10 (D. Minn. Sept. 13, 2022) (citing a COVID-19 case and rejecting Business Income claim of laundromat whose operations were affected by government and non-government barricades erected on streets in the wake of riots caused by the murder of George Floyd because the barricades did not cause PLOD to the policyholder’s property);
  • Cup Foods, Inc. v. Travelers Cas. Ins. Co., No. 22-cv-1620, 2023 U.S. Dist. LEXIS 10711 (D. Minn. Jan. 23, 2023) (rejecting Business Income claim for loss from barriers set up by government and private citizens citing COVID-19 case);
  • Garland Connect, LLC v. Travelers Cas. Ins. Co., No. CV-20-09252, 2022 U.S. Dist. LEXIS 33960, at *9-11 (C.D. Cal. Feb. 3, 2022) (applying California law) (citing COVID-19 case and finding that policyholder who was unable to access its former business premises when the landlord refused to extend its contract to perform operations there did not suffer PLOD);
  • Meridian Park Radiation Oncology Ctr., Inc. v. Allied Ins. Co. of Am., No. 3:21-cv-1471-AR, 2024 U.S. Dist. LEXIS 53178, at *10-14 (D. Or. Feb. 13, 2024) (applying Oregon law) (finding that facility administering radiation treatment which had to take its linear accelerator off line when its third-party cloud-network service provider went off line due to a cyberattack not suffered PLOD to its linear accelerator because that phrase requires “physical alteration or dispossession of the covered property” and citing COVID-19 cases);
  • Archer Western-De Moya J.V. v. Ace Am. Ins. Co. 87 Uptown Road, No. 1:22-CV-21160, 2024 U.S. Dist. LEXIS 51943, at *36-40 (S.D. Fla. Jan. 12, 2024) (applying Florida law) (noting the insurance company’s reliance on COVID-19 cases concluding that PLOD “requires a tangible alteration to the covered property” in arguing that the policyholder’s bridge components did not suffer PLOD from defective concrete);
  • 87 Uptown Road, LLC  v. Country Mut. Ins. Co., 207 N.Y.S.3d 241, 244-45 (N.Y. App. Div. Mar. 14, 2024) (applying New York law) (citing COVID-19 case and concluding that loss at an apartment complex attributable to tenants moving, not because their apartments had been damaged by fire but rather because of “various inconveniences” accompanying rebuilding of damaged units, was not a loss caused by PLOD because “inconvenience alone, absent direct damage, is not enough to afford coverage”); and
  • Century Aluminum Co. v. Certain Underwriters at Lloyd’s, 97 F.4th 1019, 1023 (6th Cir. 2024) (applying Kentucky law) (rejecting policyholder’s claim for loss from PLOD to its alumina ore when closure of inland waterways prevented it from timely receiving ore, citing cases addressing the effect of COVID-19, to find “[t]he temporary delay never threatened to deprive [the policyholder] of its ownership or control of the alumina,” and policyholder did not suffer PLOD).

One court rejected the insurance company’s argument: Tiffany & Co. v. Lloyd’s of London Syndicates 33, 510, 609, 780, 1084, 1225, 1414, 1686, 1861, 1969, 2001, 2012, 2232, 2488, 2987, 3000, 3623, 4444, 4472, & 4711, No. 651544/2023, 2024 N.Y. Misc. LEXIS 2433, at *66-67 (N.Y. Supr. May 3, 2024)(applying New York law) (finding “loss” of ore not controlled by COVID-19 case).

Inevitably, however, insurance companies will leverage cases giving them relief in the COVID-19 context to reverse the former majority rule on PLOD in all contexts. This will dramatically restrict coverage for thousands of policyholders, given that the vast majority of property insurance claims are resolved by negotiation, not litigation, on the basis of the law set forth by courts. If any party is to accept this dramatic restriction of historic coverage, it is the regulator, who can impose a commensurate reduction in insurance rates.

Introduction

The Eleventh Circuit Court of Appeals’ recent decision in ECB USA, Inc. v. Chubb provides several important lessons for corporate policyholders faced with potential coverage issues arising from their consulting or professional services.

The issue in ECB was whether Chubb’s professional services liability policy applied to claims against an accounting firm for a faulty audit performed for a food services company, Schratter Foods. Looking to rules of grammar and canons of construction to interpret the policy, the court ruled in favor of Chubb and found that coverage was restricted to accounting services “for financial institutions,” and thus did not apply to the Schratter Foods audit.

As we explain below, the ECB decision highlights the complexities and uncertainty that can arise when insurance policies are interpreted based on technical rules of grammar and linguistics, which can be deployed to reach a result at odds with the policyholder’s expectations of coverage. The decision also serves as a reminder about the importance of ensuring that policy language aligns with the company’s current business activities—particularly at the time of renewal. Finally, the decision illustrates the risks for corporate policyholders in jurisdictions that construe policy language differently depending on whether the insured is deemed “sophisticated.”

The ECB USA v. Chubb Opinion

In 2001, Chubb sold a professional services liability policy to the accounting firm Constantin Associates LLP. Constantin renewed its Chubb policy for several years, ultimately culminating in a renewal policy issued in December 2017. ECB USA, Inc. v. Chubb Ins. Co. of N.J., No. 22-10811, 2024 U.S. App. LEXIS 19221, at *3 (11th Cir. Aug. 1, 2024). The policy provided liability coverage for “Wrongful Acts” in the performance of “Computer Consulting including computer system architecture and design”; “Temporary Placement Agency Services”; and (relevant here) “Management consulting services.” Id. at *4.

Chubb defined “[m]anagement consulting services” as: “services directed toward expertise in banking finance, accounting, risk and systems analysis, design and implementation, asset recovery and strategy planning for financial institutions.” Id.

Constantin performed an audit for Schratter Foods in connection with an acquisition between Schratter and a third party—ECB. Id. at *5. According to the opinion, the audit “allegedly did not go well,” and ECB sued Constantin for alleged negligence in auditing Schratter’s financial statements, which ultimately led to a settlement. Id. ECB then sued Chubb to enforce Constantin’s rights under the policy, arguing that Chubb breached the policy by refusing to defend and indemnify Constantin for the underlying suit and settlement. Id.

As framed by the Eleventh Circuit, the case came down to “grammar and canons of construction.” Id. at *2. Specifically, the issue under New Jersey law was framed as “whether the phrase ‘for financial institutions’ modifies ‘accounting.’” Id. at *11. (The parties agreed that New Jersey law governed the dispute.) To answer that question, the court first weighed different grammatical canons of construction, starting with the “last-antecedent canon” and the “nearest-reasonable-referent canon.” Under those canons, ECB argued that the phrase “for financial institutions” only refers to the immediately preceding phrase (“asset recovery and strategy planning”). Id. at *3. Thus, ECB argued that “for financial institutions” did not limit the scope of covered “accounting” services listed as a standalone service in the same provision. ECB also argued that, under the doctrine of contra proferentem, the ambiguity in Chubb’s policy must be resolved against the insurer and in favor of coverage. Id. at *13.

Chubb, on the other hand, urged the court to apply the “series-qualifier canon.” Under the series-qualifier canon, Chubb argued, “a postpositive modifier like ‘for financial institutions’ modifies all the terms in a list of parallel items”—including “accounting.” Id. at *2-3. So, Chubb argued that the accounting firm was not entitled to coverage, because the audit in question was performed for Schratter Foods, not a financial institution.

Weighing the grammatical implications of the policy language, the court ultimately found that Chubb had the better reading. Id. at *22. For instance, the court found that the canons advanced by ECB were not on point, because the parts of speech typically associated with those canons (including pronouns, relative pronouns, and demonstrative adjectives) were missing from the policy. Id. ECB also conceded that “for financial institutions” applied at least to “asset recovery and strategy planning,” which the court viewed as “more than the nearest reasonable referent.” Id. at *23. More importantly, ECB conceded that the policy language contained “parallel terms,” and the court concluded that these canons don’t apply “when the syntax involves a parallel series of nouns or verbs.” Id. Focusing on ECB’s concession, the court instead found the series-qualifier canon appropriate for resolving the dispute. Id. Specifically, the court reasoned that “the parallel nature of the terms links them together so that the postpositive modifier ‘for financial institutions’ can naturally apply to every item in the list, not just the last one or two.” Id. at *24. Because the audit was not performed for a financial institution, the court held that there was no coverage for the underlying claims arising from the Schratter Foods audit, though conceding that this limitation could have more clearly been stated by the addition of a comma.

The court next analyzed whether to apply the doctrine of contra proferentem, which provides that courts should construe ambiguous policy language against the party that drafted the policy—inevitably, the insurance company. Id. at *29. But despite what fairly can be described (at best) as sloppy policy language drafted by Chubb, the court declined to construe the policy against Chubb, finding that Chubb had the better reading, and emphasizing that Constantin was also a “sophisticated commercial entity.” Id.

Key Lessons for Corporate Policyholders

The decision in ECB USA, Inc. v. Chubb offers several important takeaways, particularly for corporate policyholders.

First, the decision highlights the complexities and uncertainty that can arise when courts interpret insurance policy language based on grammatical canons. These are obscure, linguistic presumptions that few, if any, policyholders (or their brokers) are familiar with. There is also no indication that insurance companies themselves consider grammar or linguistics in drafting insurance policies. On a more practical level, the decision illustrates the difficulty in predicting how a court might resolve any given dispute using these canons of construction—a growing concern in modern textualism. See William N. Eskridge, Jr., Brian G. Slocum & Kevin Tobia, Textualism’s Defining Moment, 123 Colum. L. Rev. 1611, 1648-49 (2023) (explaining that “more systematic research . . . should be done to test the reliability of canons that purport to show ordinary meaning”).

In ECB, the court resolved the coverage dispute by choosing between competing canons of construction that turned on the parts of speech and linguistic structure of the policy provision, leading to an outcome where the very last phrase in the provision applied to (and restricted) the earlier reference to “accounting,” removing coverage for any accounting services performed for non-financial institutions. Further highlighting the range of outcomes here, the court seemingly could have looked to an entirely different canon—the canon against surplusage—to find that coverage did exist. Because some of the services listed in the policy already referred to banking or finance, applying the financial institutions modifier to those same terms would be entirely redundant. 

Compounding this issue is the court’s comment about commas. While the court acknowledged that placing a comma before the phrase “for financial institutions” certainly would have established “with more certainty that it applies across every term in the list,” the court opined that commas are “discretionary.” ECB USA, Inc., 2024 U.S. App. LEXIS 19221, at *26. (The “let’s eat, grandma” example suggests this is not always the case.) But the court cited a 1971 Supreme Court case, which did not involve insurance policy interpretation. In the insurance context, courts have explained that an insurer seeking to limit coverage “must clearly and unambiguously draft a policy provision to achieve that result.” See Geico Gen. Ins. Co. v. Virtual Imaging Servs., 141 So. 3d 147, 157 (Fla. 2013). While commas might be discretionary from a pure linguistics standpoint, they should not be discretionary from an insurance policy drafting standpoint. Suggesting that insurers have discretion to draft less-than-clear policy language incentivizes insurers to make careless drafting choices in their insurance policies.

Equally important is the court’s discussion on ambiguities in insurance policy language and how those ambiguities are resolved (at least under New Jersey law and similar jurisdictions).

Let’s take the second question first: The court found that, even assuming the policy contained an ambiguity on the “for financial institutions” issue, New Jersey law did not require the policy to be construed in favor of coverage to resolve that ambiguity, because the accounting firm was also a “sophisticated commercial entity.” Id. at *31. To be sure, some jurisdictions (including Florida) do not recognize a “sophisticated insured” exception, and instead apply the general rule that ambiguous policy language will be construed against the insurance company that drafted and sold the policy; other jurisdictions recognize a limited carve-out but with additional caveats (such as California, which requires evidence that the policyholder was actually involved in negotiating and drafting the policy). See Cachet Fin. Servs. v. Berkley Ins. Co., No. 23-55217, 2024 U.S. App. LEXIS 5765, at *5-6 (9th Cir. 2024). In fact, the Eleventh Circuit itself has recognized that the policyholder’s interpretation need not be the most reasonable one (or even the correct one) in order for the policy to be deemed ambiguous and construed against the insurer. See Cont’l Ins. Co. v. Roberts, 410 F.3d 1331, 1333-34 (11th Cir. 2005).

And as the ECB decision illustrates, there are good reasons to be wary of “sophisticated insured” exceptions.

The opinion indicates that Constantin had “many different options to purchase liability insurance,” but those options are never specifically discussed, and the reality is that policyholders often have very few choices (and even less bargaining power) when it comes to negotiating actual policy language. See ECB USA, Inc., 2024 U.S. App. LEXIS 19221, at *31.There is no indication, for example, that this was a manuscript-type policy where Constantin actually had a say in crafting the precise policy language. Even sophisticated insureds who negotiate for better pricing or cover are typically negotiating over insurance-industry form language, not writing from scratch. The opinion also glosses over the fact that the policyholder was a “relatively small office with few employees.” Id. The court brushed this aside by observing that “size does not necessarily equate to a lack of commercial sophistication,” but the converse is also true: just because Constantin was “composed of accounting professionals” does not mean the firm was “sophisticated” from an insurance coverage standpoint.

Thus, the ECB decision highlights significant risks policyholders face in jurisdictions that consider the sophistication of the insured in determining coverage, including the risk that a court will deem the company “sophisticated” regardless of size, and regardless of their actual level of sophistication, areas of sophistication, or whether they had any actual bargaining power or involvement in negotiating or drafting the policy. In jurisdictions that follow the approach reflected by ECB, these policyholders may not get the benefit of the doubt when later seeking coverage under their insurance policies. Policyholders with operations in these jurisdictions (or across multiple jurisdictions) should consider contacting coverage counsel to assist with mitigating these risks. 

Finally, the ECB decision serves as a cautionary tale for corporate policyholders with evolving or wide-ranging business operations. When Constantin first obtained insurance from Chubb in 2001, the company might have been performing accounting services solely or primarily for financial institutions and wouldn’t think twice about the “financial institutions” phrase at the end of the policy’s definition of management consulting services. By 2017, when the policy came up for renewal, Constantin might have expanded its client-base to other industries (including food service companies like Schratter Foods), without re-examining the Chubb policy against its current operations. In that respect, ECB also highlights the importance of carefully and continuously examining coverage against the company’s current business activities—particularly at the time of renewal.

In what is described as the largest cyber loss event in years, on Friday, July 19, 2024, customers of CrowdStrike and many others throughout the world discovered that they could not access critical software and enterprise systems to run their businesses.

The mass outage was due to a defective CrowdStrike software update. The outage notably affected airlines throughout the world, causing the cancellation of thousands of flights, but disrupted many other entities, including government agencies (including transportation and emergency services), banks and financial services companies, hospitals and managed care providers, manufacturers, retail stores, and broadcasting and entertainment companies.

Businesses impacted by the CrowdStrike outage should carefully review their insurance programs to determine whether any policies may cover financial losses caused by the incident or potential claims from affected clients, customers, patients, or others:

  • Companies that carry cyberliability insurance should review whether their policies provide contingent business interruption coverage, which may cover lost income and other losses due to an outage or incident at a critical IT vendor. 
  • Supply chain insurance may respond to interruptions at other businesses in the company’s supply chain.
  • Businesses providing professional services should review the scope of any professional liability and technology errors & omissions coverage to determine how those policies may respond in the event of a claim, and whether the company should put its carriers on notice of circumstances (or a potential claim).

Companies also should carefully review any service or vendor agreements to determine whether they have rights under policies issued to the service provider or vendor, and whether they have any other rights of recovery independent of insurance.

Reed Smith’s Insurance Recovery Group is one of its premier practice groups. With insurance recovery lawyers across the globe, we are uniquely positioned to serve our clients in all aspects related to losses arising from system and network outages and failures, cyber events, and other tech-related business interruptions. Our expertise in this space allows us to provide our clients with the most up-to-date knowledge and experience in identifying and accessing your insurance recovery options.   

Hurricane Beryl has caused destruction in the Caribbean, Mexico and Texas. Continuing issues include power outages, both rolling and continuous, issues regarding access to clean water, severed communications, roads that remain impassable and issues accessing necessities like food and fuel.

Hurricanes cause dramatic damage to businesses and commercial properties every year, totaling some $9 billion according to the Congressional Budget Losses, and hurricanes are increasing in both frequency and severity. The 2024 hurricane season is expected to be more severe—including between 8 and 13 hurricanes, 4 to 7 of which are expected to be severe—due to La Nina and warmer ocean temperatures. Beryl was just the second of the Atlantic Tropical Cyclone storm names, so more damage can be expected.

Several Policies May Provide Coverage

While there is no stand-alone hurricane policy, riders to commercial property or business owners’ policies for named perils may be purchased, and several coverage types can address damages caused by hurricanes.  

Most “all risk” policies cover damage caused by wind and wind-driven rain, but typically exclude flood damage. Flood insurance can be purchased as a rider or stand-alone policy, and covers losses from flooding, including buildings and their contents. For named peril policies, both wind and flood may be excluded. In this case, wind insurance, sometimes called named storm or named peril coverage, can help cover damage caused by gales, winds and hail if wind is excluded.

Business Income and Extra Expense

Lost business income coverage is vital. It generally is subject to a waiting period of 24-72 hours before coverage kicks in. Since it is subject to the exclusions in the policy, businesses may need to ensure business income coverage is covered by their flood insurance. If your business depends on third parties to operate, contingent business interruption coverage is important. If you rely on suppliers or distributors, contingent business interruption coverage may help cover losses caused by property damage to contingent businesses. Similarly, if your business relies on component parts, suppliers, or distributors, specialized supply chain coverage (whether as a rider to a commercial policy or standalone) may cover hurricane-related supply chain interruptions that result in lost business income.

Extra expense coverage may help defray costs to continue operating and mitigate damages, including continuing production at the current site, moving to a temporary location, using other facilities, paying contractors, overtime, and bonuses.

Other Important Coverages

Sewer backup cover also is vital, as hurricanes frequently wreak havoc on sewer systems. Sewer backup insurance can cover losses caused by water or waterborne material discharged by a sewer, drain or sump. Offsite utility interruption coverage also is important, and frequently is excluded.

Other policies also may provide cover following a hurricane:

  • General liability can protect against injury to customers or damage to their property.
  • Workers’ compensation can help if an employee is injured by a hurricane while on the job.
  • Finished stock insurance may help cover lost inventory damaged by a hurricane.

A few years ago, a new law in Texas went into effect limiting policyholder remedies for improper insurance claims handling and added several requirements for submissions for claims arising from “damage to or loss of covered property caused, wholly or partly, by forces of nature” including hurricane, tornado, flood, wind or rainstorm. Texas policyholders also must provide a high level of detail when disputing a carrier’s coverage determination and they must consent to inspection by the carrier. Failure to meet either the detail or consent requirement can lead to dismissal of a suit. It requires a policyholder’s attorney to provide notice to a carrier that if the claim issues are not resolved within 60 days, the policyholder will file suit. Currently, policyholders are only able to get a 10% interest rate from a late-paying carrier, and there also are limits on the attorneys’ fees a policyholder can recover if they are forced to file suit. 

Tips for Policyholders Following a Hurricane

  1. Notify the insurer and the broker of any property damage and business interruption.
  2. Preserve evidence of the damage.
  3. Obtain approval from your carriers before replacing or removing damaged property.
  4. Get the proper Proof of Loss form and fill it out within the requisite time.
  5. Communicate with your carrier regarding the need to submit a partial proof of loss due to the nature of continuing investigations into losses caused by hurricanes.
  6.  Gather all documentation relating to any business interruption or extra expenses.
  7. Consider retaining an accounting firm. Some policies provide coverage for loss preparation costs.
  8. Communicate with the insurer, being sure to provide all necessary and relevant documentation, and be sure to log those communications.

Conclusion

Hurricane losses raise complex issues including those relating to causation and overlapping coverage provisions. Hire experienced coverage counsel to review all insurance policies for potential coverage and to evaluate potential coverage issues before submitting any claim.

For additional thoughts from Reed Smith’s Insurance Recovery Group on natural disaster coverage, we recommend listening to the recent Insured Success podcast episode titled Navigating Insurance Claims After Natural Disasters. An upcoming episode of Insured Success will focus specifically on hurricane recovery and expand on the thoughts discussed in this blog.