An article, published in the April 2020 edition of FAnews, stated that the number of claims made against company directors and officers (D&O) materially increased over the past three years, and that as a direct result, the insurance market experienced similar increases in the number of claims notifications over the same period.
Let us take a closer look at whether there have been any changes since then, and what to expect in 2021.
The contributing factors
The major contributing factors to the rise in claims were highlighted as follows:
- Increased stakeholder activism;
- Litigation funding consortiums;
- Involvement of institutional investors;
- Increased awareness of directors’ duties; and
- Access to advisers from international jurisdictions with experience in researching and initiating claims against directors.
Added to that list of major contributors is the commencement of the Protection of Personal Information (POPI) Act (1 July 2020), which becomes enforceable after a one-year grace period.
While the fall-out of the global pandemic has many consequences, two worth mentioning here are the fact that (1) many employees are now working from home, with increased digital security risks and (2) the tough economic climate due to lockdowns, leaves many businesses subject to redundancies and potentially liquidation. Liquidations have historically showed an increased risk for claims against directors.
Risks presented, in relation to POPI
POPI places a duty on the responsible parties (usually directors) to secure the integrity and confidentiality of personal information (as defined), and to take reasonable measures to prevent unlawful access to personal information. This includes the responsibility to identify risks of unlawful access, putting in place safeguards against such risks, verifying the effective implementation of such safeguards and updating the safeguards in relation to new risks. The Act also places a duty on the responsible party to notify the relevant parties if a breach occurs.
As with all lapses in directors’ duties, directors are exposed to litigation against them personally. If POPI is breached, the responsible party may face civil litigation. POPI provides for strict liability where the claimant does not have to prove that the responsible party acted negligently or intentionally, a breach is sufficient for the action to proceed. In addition to the normal compensatory damages available to claimants, POPI also provides for aggravated damages. It is also regarded as an offence if certain provisions are breached, and the responsible party may face imprisonment and fines.
The cost implications
Cost contributors were identified as the rising number of claims, and the increase in average cost of claims. It was also mentioned that the “long tail” of D&O (where claims are paid a few years after the policy period ends) made it necessary for underwriters to set the correct pricing proactively.
These cost pressures remain, and for 2021, include the continued contraction in capacity and tighter underwriting practices, especially with the increased cyber, POPI and Covid-19 related exposures.
Alleviate premium increases
As explained in SHA’s 2020 Annual Specialist Risk Review, it would serve directors well to partner with insurers and intermediaries, to be transparent, and proactive in risk management.
While risk transfer is part of the toolbox to manage risk, it is not the only risk mitigation factor. It falls upon businesses to explore risk management in their own environments, to improve their risk profile and the subsequent insurance terms and conditions – it is after all the D&O’s personal assets on the line.
Pierre Lombard
Senior Claims Specialist (Financial Lines)