This document discusses key insurance coverages for entrepreneurial companies including property, product liability, cyber risk, intellectual property infringement, and international risks. It also outlines common risks that keep CFOs awake including financial, human capital, intellectual capital, operational risks, regulatory risks, and credit risks. The document then discusses building scalable insurance programs and the importance of management liability insurance including directors and officers liability, employment practices liability, fiduciary liability, and ERISA bonds. It concludes with an overview of privacy and cyber risks and coverages.

1. September 27, 2017
Managing Financial Risks
Key Insurance Coverages for Entrepreneurial Companies

2. 2| 2| 2|
What Keeps CFOs Up
at Night?
​Financial Capital: sourcesand uses of funds, reserves
​HumanCapital: talent management, benefits
​Intellectual Capital: trade secrets, patents, IP
​Operational Risks: contracts, supply chain, customers
​Regulatory Risks:SEC, FDA, HIPAA, etc.
​Credit Risks:A/R, vendor management, sales growth
​Management Liability / Personal Liability
​Cyber & Network Security

3. 3| 3| 3|
Risk Exposures Facing
Entrepreneurial &
Growth Companies
​Property - EDP Equipment, Networks and Data
​Fire, vandalism, theft, earthquake, flood, etc.
​Product Liability and Errors & Omissions
​“Failure to Perform” resulting in a financial loss to customers
​Cyber Risk - First Party andThird Party
​Network Security – unauthorized access, transmission of virus of malicious
code, theft/destruction of data, cyber extortion, business interruption
​Privacy – PII/PHI data exposed by hacker, lost device, rogue employee,
physical records, payment card information
​Media – Advertising & Personal Injury, infringement of Intellectual Property
​Intellectual Property
​Infringement of copyright, trademark, trade dress, patent
​International
​Fund Raising &Transactional Risks

4. 4| 4| 4|
Key Functions of
Business Insurance:
4 C’s of Insurance
​Claims
​Protect balance sheet
​Protect personal assets of Directors and Officers
​Compliance
​Statutory Requirements
​Workers Compensation
​Auto Liability
​Currency to do business
​Building and Equipment Leases / Debt and Loan Covenants
​Customer Contracts
​Ability to attract outside directors to sit on the board
​CreateStrategic Advantages
​Using insurance to add value to your company & customers

5. 5| 5| 5|
Building Scalable
Insurance Programs
​How does a company protect itself from supply chain risks?
​When should a company secure Professional Liability (E&O) and
Cyber Risk insurance?
​What about the timing of purchasing Directors & Officers (D&O)
insurance and what are the key things to lookfor?
​International Insurance - what does my company need to know
about complying with local country insurance statutes?
​When should I consider the following insurance products?
​Employment Practices Liability (EPL)
​Kidnap & Ransom (K&R) & BusinessTravel and Accident (BTA)
​Representations and Warranties
​Trade Credit Insurance
​Intellectual Property and Patent
​Product Recall Coverage

6. Personal Asset Protection
Importance of Management Liability

7. 7| 7| 7|
A Unique & Holistic
Approach to
Management Liability
Insurance

8. 8| 8| 8|
Why Does D&O
Insurance Exist
​Directors and Officers have commonlaw duties to the
companies which they serve.
​Duty of Care (Diligence)
​Duty of Loyalty (No Self-Dealing)
​Duty of Obedience
​Breaches of these duties subject D&Os to lawsuits from any/all
stakeholders such as investors (shareholders), creditors,
employees and government agencies.
​Most company by-laws allow the company to indemnify its
directors and officers for breaches of certain duties.
​Companies can “transfer” the risk of indemnification of its D&Os to an
insurance company.
​If indemnification is not available, D&Os are personally liable.
​D&O Insurance addresses both of these issues.

9. 9| 9| 9|
Why Buy Private D&O
Insurance?
​For most companies, the biggest benefit of a private company
D&O policy is the built-in EPL coverage
​While true D&O claims are rare, the likelihood increases as the
investor base expands
​Independent directors will want personal asset protection
​If IPO is a possible exit strategy:
​Initial representations (warranty statements) are made before prospectus is
drafted
​Only need to sign new warranties for increased limits
​Establish relationship with D&O markets
​If acquired, private company can be converted to run-off policy
and protect individuals post-closing

10. 10| 10| 10|
Typical D&O Claims ​Breach of Duties
​Mismanagement
​Breach of Contractual
Obligation
​Government or Regulatory
Investigations
​Misleading Financial
Information
​Bankruptcy
​Fraud / Misrepresentation
​Employment Practices Claims
where Directors andOfficers
are involved
​Intentional Interference with
Contractual Relations
​Breach of Implied Covenant of
Good Faith
​Breach ofJoint Venture
Agreements
​Allegations of StockOption
Backdating

11. 11| 11| 11|
Employment Practices
Liability Insurance
​Covers organization and employees for claims brought by
employees alleging wrongful termination, discrimination,
harassment, and other employment-related torts.
​ALWAYS excluded on standard General Liability andWorkers’
Compensation policies.
​Frequency of employment-related claims continues to rise each
year. Many are small in value but they can beexpensive to
investigate and defend.
​Policies can be broadened to cover harassment and
discrimination claims brought by non-employees (customers,
vendors, etc.). This is known as “third-party coverage”.

12. 12| 12| 12|
Typical Employment
Practices Claims
​Wrongful dismissal, discharge,
or termination of employment.
​Failure or refusal to hire or
promote.
​Wrongful discipline or
demotion.
​Negligent employment
evaluation
​Unlawful discrimination based
on age, gender, race, color,
national origin, religion, sexual
orientation, pregnancy,
disability, or other class
protected under applicable
federal, state or local law.
​Sexual or other workplace
harassment.
​Invasion of privacy.
​Defamation (including libel and
slander).
​Wrongful infliction of emotional
distress or mental anguish.
​Retaliatory treatment.
​Violation of civil rights.
​FMLA violations.

13. 13| 13| 13|
Other Management
Liability Coverages
​Fiduciary Liability
​Provides personal liability coverage for fiduciaries for claims arising out of
the legal liability associated with their fiduciary responsibilities. The
exposure to claims arises out of the Employee Retirement Income Sectary
Act (ERISA) of 1974.
​ERISA Bond
​Covers acts of dishonesty against the assets of employee benefit plans. This
bond is placed for the benefit of the plan and the plan's beneficiaries. This
bond will not protect the trustees themselves from liability claims and is
completely distinct from fiduciary liability insurance. ERISA law requires
you cover 10% of plan assets up to a maximum limit of $500,000
($1,000,000 if invested in your own securities).
​ Employee Benefit Liability Insurance
​Employee Benefit Liability Insurance policies cover many claims arising out
of errors or omissions in the administration of employee benefit plans,
including the failure to enroll an employee in the plan as well as the
rendering of improper advice related to employee benefit plans.

14. 14| 14| 14|
Menu Driven Approach
​Many insurers are providing a single
policy with options to add multiple
coverage lines (D&O, EPL, Fiduciary,
Crime, K&R) for private companies
​Creates a customized comprehensive
coverage program under one policy with
one carrier
​These policies are similar to a package
policy for property and liability coverage

15. Risk Mitigation for the Digital Age
Privacy and Cyber Coverages

16. 16| 16| 16|
​NOT DEFINED
Canbe any or all of the following:
Loss of Personally Identifiable Information(Clients
& Employees)
Failure to PreventUnauthorized Access
(Virus/Hacking)
Network orSecurity Failure (and Subsequent Loss
of Income)
Misuse/Infringement ofCopyright,Trademark,
Patent
Etc.
What is Cyber
Liability?

17. 17| 17| 17|
​Outside, Inside &System Failures
Hackers & Unauthorized Access
Viruses,Trojans & Malicious Codes
Employees – Intentional & Unintentional
System Failure
Vendors
Failure to ComplyWithCompanyPolicies
Cloud
Denial ofService
Phishing
Where do the threats
come from?

18. 18| 18| 18|
What You Need to
Know
​Your informationnetwork will be compromised.
Accept it!
​Physical security and cybersecurity are linked.
​Target breach, hackers got access to the network through the
HVAC system
​Cyber damage goes beyond the dollars
​Reputational damage with customers
​Increased cost of new systems for prevention (EMV)
​Everything cannot be protected equally
​Identify the crown jewels and really, really protect them
​Walls are probablyhigh enough – look at detection

19. 19| 19| 19|
Board-Level Cyber
Liability Questions

20. 20| 20| 20|
Data Breach Cost
Mitigation Strategies
​Don’t Be a Hoarder:Limit the amount of data stored;
regularly purge obsolete or unnecessary data
​Stick to the Essentials:If you don’t need details on a
customer, don’t collect it
​Keep aWatchful Eye: Monitor network activity using
system logs to know if/when/howyou were breached
​Ask for Help: In the event of a breach, it is essential to
respond appropriately and in a timely manner. Use
experts to help with this process.
​Be Prepared: Proactive risk management can thwart
attacks and curry favor with regulatorsif breached

21. 21| 21| 21|
How to Respond to a
Breach
Have A Plan!
67% of companies sufferingData Breaches are out
of business within 6 months.*
Breach Response Plan should be formalizedand
tested
Proactive compliance with industrysecurity
standards (PCI-DSS, SOC-2, HIPAA, etc.)
Risk Management, IT, and Legal should all be
involved
Insurance Carriersofferturn-keysolutions
​*(Symantec Corporation. 2013Internet SecurityThreat Report. Vol. 18. California: Symantec Corporation,
2013.)
21

22. 22| 22| 22|
Cyber Liability
Exposure Overview

23. 23| 23| 23|
First-Party v. Third-Party
Coverage

24. 24| 24| 24|
Diversified Insurance
Group
Contact Information
Regan Guth, ARM
Senior Vice President
Diversified Insurance Group
Tel: 801.325.5080
diversifiedinsurance.com
rguth@digrisk.com