The following is an opinion piece written by Paul Bassett, managing director, crisis management, Gallagher.
The spate of high-profile crisis incidents over the past 18 months has prompted UK corporates to re-assess their approach to crisis management, but many businesses remain uncertain of the scope of their crisis insurance cover.
Following a series of high-profile incidents, crisis protocols have become a major focus for many UK businesses. Given the varied and unpredictable nature of attacks in a modern, digital era, it is critical that management teams are proactive in training their people on the ground to build resilience against the most stressful scenarios.
It is important too to remember that insurance remains a key part of business resilience. In many cases, specialist insurance coverage includes advice and support to businesses beyond financial reimbursement.
The attack on London Bridge on June 03, 2017, particularly put crisis insurance cover in the spotlight when, following the tragic incident, many businesses’ insurance pay-outs were delayed until the attack was officially categorised as a terrorist incident on June 28. In the intervening time, the commercial impact was so significant that Borough Market and a charity set up a fund to help traders.
Even then, only those with terrorism policies including cover for non-damage business interruption, such as denial of access, would have been able to recoup the most typical types of losses incurred. Also, in such circumstances, more broadly worded ‘crisis management’ or ‘crisis resilience’ policies would have been triggered and could respond with immediate assistance during the period when businesses found themselves forced to stay shut, caught as they were behind the security cordon.
More recently, the Skripal attack in Salisbury further demonstrated the need for more wide-ranging crisis cover. Businesses in central Salisbury were caught behind forensic and security cordons which extended across large parts of the town for weeks after the attack. Few were adequately covered for the closure of the main business thoroughfare and scarcity of shoppers that came in the wake of the attack. Not only have they suffered from denial of access but, due to the nature of the attack, loss of attraction too.
A recent poll of 100 leaders of large UK businesses commissioned by Gallagher revealed that while many businesses have taken encouraging steps to strengthen crisis resilience (91% have crisis protocols in place across all locations), just 30% have reviewed their insurance cover.
More broadly, the research findings implied a widespread misunderstanding of what businesses are covered for in the event of a terrorist or major crisis incident. For example, although the majority of businesses (85%) were correct in their belief that Pool Re, the government-backed terrorism reinsurance programme, provides cover in the event of financial loss relating to a terrorist incident, nearly two-thirds (65%) mistakenly thought that loss of data is also covered by Pool Re when it is not. A similar number (61%) were mistaken in their view that reputational damage also falls within this remit.
The fact that under a third of businesses have sought clarification on the parameters of their coverage provides some explanation for the wide-ranging misperceptions of indemnified scenarios. But senior management teams must remain proactive in assessing the bounds and scope of coverage to ensure their protection is as watertight as possible.
The reality is that many companies continue to operate in stakeholder silos; for example, management teams may have articulated their risks in a security context but not translated these efforts into a business continuity plan, thereby aligning crisis insurance cover with their wider crisis protocols. Sometimes this lack of join up is the result of a fault line in internal communication, but often it comes down to a lack of detailed knowledge or specialist support around the cover available in today’s market.
While the standalone terrorism insurance market has evolved its wordings to ensure the non-damage business insurance risks of threat, denial of access and loss of attraction can now be covered, many solutions still don’t include consultative services around crisis management per se. But taking a holistic, dynamic, consultative approach is essential to addressing today’s terrorism risk as well as wider security threats, incorporating both pre- and post-crisis support as well as immediately available assistance as a situation unfolds.
The preceding article was an opinion piece written by Paul Bassett, managing director, crisis management, Gallagher. The views expressed within the article are not necessarily reflective of those of Insurance Business.
