Companies aren’t stupid, they are just fighting today’s D&O threats with yesterday’s thinking and tools!


Companies aren’t stupid, they are just fighting today’s D&O threats with yesterday’s thinking and tools! 

By Wallace P. Buran, President CrisisRisk Due Diligence™ 

This is part one a five-part D&O series.

Companies and Directors are smart, capable and experienced. They have great expertise built over many years in running and governing successful companies. They are good at “business as usual” and addressing normal evolutions in their business environment. They are not generally good at “business unusual”. They have neither the expertise nor the training to address many of the critical “moments that matter” when radical changes and new threats occur in and to their business. Unfortunately, the Directors and Officers (D&O) risk environment is changing radically and continuing to change in very adverse ways. Many of the experiences and learnings from the past in governing and managing companies are not as applicable in today’s D&O world. These historical perspectives and paradigms often drive wrong decisions and actions, with very severe consequences.

The golden age of D&O 

Historically, D&O risks were heavily centered around financial reporting, SEC filings and shareholder communications, with some additional risks from Employment Practices Liability (EPL) and Merger & Acquisition (M&A) transactions. Theses risks were well understood with clearly defined regulations, standards and practices. Companies focused on understanding and complying with regulations and good practices. The rules were clear, prudent practices and controls were well defined, and internal and external audits could be used to ensure compliance. The role of Directors was “nose in, hands out. With sound governance practices by Officers and Directors, a D&O “safe harbor” could be achieved. Unsurprisingly, D&O risks were rather low, insurance and defense costs were moderate, and Directors and Officers were well protected, other than from “bad behavior”. That was yesterday.

Today’s D&O risk environment is very different

Today’s D&O Environment is much different, with more diverse sources of risk, and much more adversarial threats to Directors, Officers, and their companies. The facts:

  • D&O risks are much higher with an over 100% increase in legal actions files in the last 2 years
  • Sources of D&O risks have become much more diverse, including:
  • Cyber threats
  • Plaintiff Bar firm’s attacks
  • Mergers and Acquisition objections
  • Newer and less defined regulatory requirements and government agency initiatives, both domestic and foreign
  • External parties challenges – customers, suppliers, competitors, and local communities
  • Environmental, Sustainability and Governance (ESG) activists
  • Social Media activity
  • Litigation and settlement costs have more than doubled over the last 2 years with average case settlements in 2020 exceeding $13.8 million, up from $8.5 million in 2017
  • D&O insurance rates have increased 20% to 50% annually with some industries experiencing over 100% increases year over year
  • Risk levels not insurable (deductibles and self-insured retentions) have increase for most companies by 200% to 500% in the last 3 years 
  • Limits on insurance coverages have declined almost 50%, forcing most companies to carry less insurance or increase their insurance layers to achieve the desired coverage
  • Despite the dramatic increase in insurance premiums with substantial reductions in coverage, most insurance carriers currently are not profitable, and a number of carriers have exited the market
  • No new insurance carriers have entered the D&O market in the last 3 years despite a rising rate environment
  • Multi-jurisdiction filings have increased D&O defense costs and risks. D&O cases can now be filed in state and federal courts simultaneously forcing companies, and individual Directors and Officers, to defend themselves in multiple places and under different legal rules
  • Non-financial impacts to officers and directors’ personal brand, public image and reputation threats are much greater, more severe, generally cannot be insured, yet can have major impacts on individuals’ careers

There are few rules and no “safe harbors.”

Unlike financial reporting, regulatory or shareholder communication risks; there are no rules, “Generally Accepted Principles” or “Safe Harbor” standards established for these new and rapidly expanding sources of risk. Incidents, exposures and causes of action are what a plaintiff’s bar firm claims and what a judge says it is. Anything is now someone’s fault; anyone and everyone is liable; and Directors and Officers individually are highly visible, deep pocket targets. 

Most companies and virtually all insurers are relying on and even expanding traditional approaches/tools to manage risks in this more threatening D&O environment. Many companies are increasing their internal audit activities, expanding controls and compliance efforts, issuing written internal and public statements, and trying to react to threats as they occur.  They are generally doubling down on the traditional risk and practices they understand from the past. Few are researching and addressing new and emerging sources of threats. Fewer are developing and deploying new tools, processes and practices to reduce risk and limit severity.

Very few are researching and preparing for non-traditional threat areas like enhanced M&A scrutiny, cyber based class action suits, climate change challenges, ESG activist suits, social media risks and external stakeholders claims. These new and emerging sources of risk now make up most of the current and likely future litigation landscape that are driving increased D&O costs and liabilities.

The “Hidden Cost” of D&O

The majority of D&O costs are not just in the cost of insurance or even outside legal bills. They are “hidden” in the operating and legal budgets of the company. Costs incurred internally to support legal defense efforts, conduct forensic research, investigate incidents, document internal policies, processes, practices, and actions, and respond to external data requests are generally not tracked. Most companies have little visibility into these very real growing costs, or the time and focus lost by officers in supporting defense efforts. With increasing retentions and deductibles in most D&O policy policies, these “hidden costs” are growing substantially faster than D&O insurance premiums, with no end in sight.

Have you read your D&O policy?

Most Directors and Officers are largely unaware of the sharply increased threats they face and the growing insurance coverage limitations that are increasing their personal exposures. Few Officers or Directors have read the insurance policies in place to protect them and even fewer have a clear awareness of the new and emerging threats and how to prepare for and address these threats. Officers in particular do not have a good understanding of the much more adversarial and riskier environment in which they operate. They generally have little understanding of how their actions or inactions can drive increased legal actions against them, their companies or how D&O claims can impact their personal reputation, cost exposure and careers. Awareness, education and preventive strategies are in short supply. Effective preparation and preventative measures are not well deployed, and appropriate response capability to D&O incidents to limit damages and costs are in even shorter supply. 

Insurance Carriers are trying to “catch a falling knife.”

Insurance Carriers are leveraging their historically effective actuarial and underwriting capabilities to reevaluate their D&O policy structures, costs, retention levels, and risk limits to reduce their exposure. These efforts are primarily focused on financial levers and actuarial evaluations to redevelop their offerings to improve insured portfolio profitability. But with this purely financial and heavily past experience focused policy design work, insurance carriers are trying to “catch a falling knife”. Threats are emerging and expanding faster that insurance carriers can recognize and evaluate to adjust their policies to the changing risk profiles of their D&O customer base. Small wonder most carriers are losing money across their D&O portfolio despite rapidly increasing rates, lower coverage limits, higher retentions and additional exclusions. 

Carriers are not developing or assisting their insureds with risk reduction and loss prevention solutions. Actions their customers can use to “flatten the risk/cost curve” of this new D&O world are not being provided, yet there is no other way to reduce risks and costs. This has not been the core expertise of carriers in the D&O area.  Insurance companies generally do not have the broad understanding needed to advise their customers on new and emerging threats or help their customers institute changes to lower risks, and they do not appear to be researching this new and more threating world to develop solutions. 

The traditional D&O insurance model is unstainable.

Insurance carriers are continuing to lose money and their customers are continuing to get lower coverage at higher cost. This is not sustainable long-term. For insurers or companies who perceive/hope today’s higher risk D&O environment is temporary, they may continue their current focus on minimizing losses through policy changes and just working harder. But the data to date, shows there is little evidence this is a temporary or cyclical change in the D&O market.  Rather, it shows an increasingly higher risk and cost environment for the foreseeable future.  

For carriers and companies who perceive this is a permanent, more threatening environment, they must change their D&O offering paradigm. They must recognize and predict these new and emerging risk sources, prepare officers and directors to address these greater risks, and deploy solutions to effectively react to D&O incidents as they occur. Both carriers and companies must move beyond fighting today’s D&O battles with yesterday’s thinking. 

There is a better way.

For years, insurance carriers and their insureds have used “loss prevention” concepts and diagnostic tools to reduce the cost and frequency of Property & Casualty (P&C) losses. It has worked well in some areas and significantly reduced costs as well as incident frequency and severity. Unfortunately, they are not consistently providing proven crisis support and coaching to their customers when a D&O incident does occur in order to reduce and minimize the resulting incident severity. Unfortunately, carriers and their insureds have not always deployed “loss prevention” diagnostics, plans and tools for D&O, nor effective crisis response tools and support. Yet, this is precisely what is needed. 

Unlike the static, tactical P&C loss prevention tools, D&O loss prevention must be an evidence-based / experience-tested strategic and proactive solution that:

  • Predicts likely sources of risk to minimize incident frequency
  • Prepares the organization to quickly identify and respond to incidents and emerging crisis circumstances
  • Performs well through a D&O crisis event to minimize costs and impacts. 

Why have loss prevention solutions and tools not been developed and deployed?

Companies and their officers and directors lack of both perspective and knowledge about this new D&O world. They see the threats and issues as they occur and from anecdotal discussions with peers. But there is no broad-based, systematic research, compilation of prevention practices or development of performance standards for addressing new D&O risks like there are for financial disclosures, shareholder and investor communications, and regulatory compliance. Companies simply lack access to better tools and effectives approaches to managing through this much more turbulent risk environment. In many cases, even awareness is limited to financial and legal officers with operating officers and board members being far less knowledge of the issues and challenges. 

While Companies are concerned with the rapidly evolving D&O threats, they do not know what preventative plans and actions should be used to address them. Companies also have not put in place the awareness and response capabilities to rapidly identify, assess and respond to incidents if they do occur. While companies can continue to purchase D&O insurance with lower coverage and higher costs for now, they do not have the information, data, tools and capabilities to reduce D&O threats and reduce the severity of incidents. If companies continue to do what they have been doing with their D&O exposures, they will continue to get increasing “hidden cost growth”, narrower coverages, and increasing insurance rates.

Similarly, insurance carriers are not providing their insured with proactive D&O loss prevention solutions, plans and tools. Generally, they do not have solutions to provide. Insurance companies see D&O incidents within their insured portfolio on an individual customer by customer, case by case basis. They also see their overall loss history across their portfolio. But most of their information is primarily focus on settlements/judgements involving insurance payouts or from large potential loss cases where they have been informed of a circumstance by their customers. And most of this underwriting and actuarial information is tracked and managed at the customer level or perhaps at an industry sector level, but it is not tracked in detail across their entire D&O portfolio. 

There is also little modeling and data mining of this information to identify and evaluate trends and patterns and identify root causes and potential defensive actions companies should take. But even if carriers do try to develop these insights, they generally do not have the level of access to the operations, policies, practices, and tools used by their customers, or the diagnostic skills needed to research underlying incident drivers and root causes within a company that led to each case. 

Finally, carriers are concerned that even attempting to provide solutions and recommendations to their customers in the D&O space would expose them to increased liability. In the absence of defined standards and “safe harbor” actions, this is a legitimate concern. Thus, despite insurance carriers having better access to overall D&O activity and broader insights on current and past D&O litigation and claims, they are generally not developing loss prevention insights, strategies, and tools, nor are they researching the experiences of other carriers to gain a broader perspective. The very real risks of incurring liability, not having the access to company specific D&O practices, and not having diagnostic skills or experienced risk reduction resources limits insurance carrier’s ability and willingness to research and develop loss prevention solutions.

An objective, independent Loss Prevention provider is needed 

So, while both companies and insurance carriers each have parts of the information needed, neither appear likely to develop the frameworks and tools needed to address this higher and broader risk world. Companies and carriers need an independent loss prevention provider to:

  • Analyze the research of public and non-public D&O litigation data
  • Identify company and industry specific high likelihood, emerging threats over time
  • Compile "leading industry practices” beyond financial and accounting for reducing risks 
  • Prepare company specific loss prevention plan and strategies
  • Coach and educate companies in deploying risk minimization initiatives
  • Support companies in recognizing and accelerating effective crisis-based responses to D&O incidents
  • Deliver proven crisis support and coaching quickly to insureds when a D&O incident does occur in order to reduce and minimize incident severity. 
  • Provide companies, officers and directors with D&O updates, education, training, and direct access to industry experts

Demonstrating “prudence” and “duty of care” in this new D&O threat environment is also critical to effective litigation defense

Deploying this type of loss prevention thinking and planning would also help directors, officers, companies demonstrate “duty of care” and “prudence” in managing D&O risks. This not only reduces the incidence and severity of D&O claims, but also makes companies and their directors a much “harder” target for plaintiff bar firms and reduces likely settlement and judgement costs. This helps both companies and their insurers reduce costs, reduce reputation risk exposures and reduces the “hidden cost” of D&O claims. 

Companies and insurance carriers must fight today’s battles with better information, data, tools, thinking and capabilities. 

Next month’s article will focus on the “hidden” costs of D&O risks.

Share this Post:

Wallace P. Buran, President CrisisRisk Due Diligence™ 

Wally Buran is the president of CrisisRisk Strategies, LLC Due Diligence Division and the Managing Director of CXO Advisors. Wally has over 35 years of management and consulting experience and has worked with public companies in a variety of industries including aerospace & defense, airlines, automotive, beverages, chemicals, consumer products, electronics, food, health care, industrial products, medical devices, paper, plastics, tire & rubber, transportation, and utilities. 

He was the CEO of Worldcrest, one of KKR’s portfolio companies, and led the Strategy Deployment Practice of Monitor Group, IBM’s Global Operations Strategy Practice, was a senior Partner with Deloitte Consulting and KPMG. In consulting, he managed and led assignments in strategy, mergers and acquisitions, enterprise transformation, supply chain, sales and marketing, and global sourcing.  

He has authored and directed multiyear research on Enterprise Transformation, Corporate Risk Management, Frontier Management Practices, and Shareholder Value Creation. He has served on the National Science Foundation, teaches in university and company based Executive Development Programs. At the Georgia Institute of Technology, he serves on Advisory Board of the School of Industrial and Systems Engineering, was the Edenfield Executive in Residence, and helped establish and build the Tennenbaum Institute for Enterprise Transformation. 


ad ad

Related articles

Patrick Rastiello joins Ardonagh Specialty to lead North America Reinsurance expansion

Ardonagh Specialty has appointed Patrick Rastiello as CEO* of its North American reinsurance operations.   Patrick will be responsible for building Ardonagh Specialty’s US reinsurance...

Global Markets Overview: February 2024

In this Global Markets Overview, we explore our global outlook and share what we think it means for 2024.  https://www.wtwco.com/en-gb/insights/campaigns/global-markets-overview As...


Risk Management Trailblazer Presented with RIMS Highest Honor for Lifetime Achievement in Risk Management  NEW YORK (February 13, 2024) – At the RIMS New Zealand and Pacific Island...

Insurer’s Lease More Than Doubles Its Chicago Office Space

Sompo International Plans Move to 46-Story Tower at 155 N. Wacker A global specialty insurance provider is more than doubling the size of its Chicago office in a move a few blocks north, bucking the trend...

Haynes and Boone, LLP is pleased to announce that Peter A. Halprin has joined the firm as a Partner

Haynes and Boone, LLP is pleased to welcome Insurance Recovery Partner Peter A. Halprin to the firm’s New York City office. A Chambers USA-ranked attorney, Peter joins from Pasich LLP, where...

LIO Specialty Launches Revolutionary Online Portal for Life Science Insurance Solutions

Leading the Excess and Surplus Lines Market with Innovative Coverage for Cannabis and Nutraceutical Industries  West Conshohocken, PA– LIO Specialty Insurance Company proudly announces the launch...