Profits Not Prison

Noel Vickery 2015 CFO Symposium Adelaide

10 years ago only 5% of major losses were not

predicted ‘Black Swan’ nor on risk registers.

Presently 20% of major losses are not included

on risk registers

Introduction

1. Cyber & IT - Don’t be a statistic

2. Directors & Officers - Your Personal Liability

3. Contractual Exposure - What the ……?

4. Supply Chain Risk – How many links in your chain?

5. Terrorism - Business terrorised by Insurers

Agenda

Cyber & IT

Cyber & IT Security

“While companies are investing millions of dollars in insurance policies to protect themselves from cyber security breaches, the market is fraught with pitfalls”

Zouhair Guelzim, chief information security officer of L’Oreal Americas.

Australia is a “paradise for white-collar criminals”. More than

20% of Australian businesses

experienced cyber crime in 2012

(Symantec)

Global Risk Ranking - Cyber risks (Allianz Risk Barometer 2015)

2015 5th

2013 15th

2014 8th

Cyber & IT Security

There are 2 Company types Those that have had an attack, and those that will

• Data stored in the ‘Cloud’ & other data storage

• IT and Computer Fraud

• Data theft

• Website ‘Hacked’ and held to ransom

• Breach of Privacy Act

• Social Media – Tweets, Facebook & YouTube

• Malware, viruses etc.

• Identity theft

• Unauthorised & erroneous electronic funds transfers

Cyber – IT - Technology

Real Risks

Which cyber risks are the main cause of

economic loss? Lo

ss o

f re

pu

tati

on

• 61%

B

usi

nes

s in

terr

up

tio

n

• 49%

Loss

of

clie

nt

dat

a

• 45%

Allianz Risk Barometer Cyber risks Top Business Risks 2015

• Which cyber risks do companies fear most? – data theft, loss of reputation and increased threats

• Protecting against Cyber Risk – better hardware, better processes and increased awareness,

• Insured Risk v Residual Risk

Loss of Reputation - Main Cost

What is preventing companies being better

prepared against cyber risks? R

isk

is u

nd

eres

tim

ated

• 73%

B

ud

get

con

stra

ints

• 59%

Hav

en’t

an

alys

ed t

he

pro

ble

m

• 54%

Allianz Risk Barometer Cyber risks Top Business Risks 2015

Given the increasing frequency of cyber security incidents, and the growing impact of those incidents on business, a board of directors’ oversight activities

should include ensuring the adequacy of a company’s cyber security measures.

The issues are complicated, but there are things Boards and management can do to begin to quantify

and mitigate the risks.

Cyber & IT– Business responsibility

Directors & Officers Liability

Your Personal wealth at risk

• What is the risk, and is it insured?

• Directors & Officers vs. Management Liability Is there cover for the corporate entity?

• Increasing legislation, exposures and penalties,

• One ‘shared’ insurance policy Limit

• Will an Corporate Entity claim leave a void for the directors?

What SHOULD be keeping you awake

at night? Directors & Officers Insurance

• Disclosure

• Operation of Insurance Policy – True advancement of Defence Costs – Fraud

• Corporate Indemnities – Legal restrictions

• Effective severability & non imputation clauses

• Insured vs. Insured exclusions

• Major Shareholder exclusion

• Insolvency exclusion & Debt related exclusions

COVERAGE ISSUES

Directors & Officers Insurance

Contractual Exposure

What the ……?

• Contracts, leases, purchase, supply, subcontracts

• Indemnities – should be written in specific not generalised terms

• Hold Harmless/Subrogation Waivers

• Proportionate Liability – Written out, by conduct or arbitral process

• Caps on Liability

• Insurance Protection

• Force Majeure & liquidated Damages

Contractual Exposure

Supply Chain Risk

Who is the weakest link in your chain?

• Power under the Sea – subsea cables

• Reliance on power and other utilities

• Damage to infrastructure

• Concentration of suppliers - globalisation

• Distribution channels

• Cyber & IT suppliers

• Weather & natural events - Volcanoes

• Insolvency of suppliers/manufactures

Supply Chain Risk

Terrorism Business terrorised by Insurers

Terrorism

the guardian.com

• Australian Terrorism Act

• Terrorism Risk excluded by prescribed insurance policies

• Insurance Policy Exclusion, overridden if Terrorist incident declared by Federal Govt

• But can your insurer deny your claim if no terrorist incident is declared?

Terrorism

• Managing costs – Profits not Prison

• Risk identification

• Truly understanding your business

• Understanding your business’ drivers

• The Devil is in the detail

• Uninsured risks or insurances not purchased

• Insurance certainty

Summary

54% of respondents managing

costs and improving

profit are among top three

priorities

51%

regulatory change

is top concern

2014 Global Insurance CFO survey

Locally focused. Nationally resourced.

Internationally represented.

• Founded in 1927- USA

• World's fourth largest insurance broking and risk management company.

• 30 locations across Australia.

• Network of 400 Offices throughout 30 countries

• Employs over 20,000 people worldwide

About Arthur J. Gallagher Australia

Profits Not Prison