Key Exposure Considerations

Unfortunately, the extent and types of terrorist attacks - as well as the resulting situations - have become more prevalent and complex in the past decade alone. Gallagher provides a full range of products and services that can be tailored to meet your specific needs.

  • Terrorism and sabotage including Chemical, Biological, Radiological and Nuclear.
  • Financial Loss including contingent business interruption, loss of earnings and extra expenses.
  • Extensions to financial loss (damage and non-damage) including denial of access, threat, loss of attraction, failure of public utilities.
  • Political violence providing broader coverage including terrorism, sabotage, strikes, riots, civil insurrection, revolution, rebellion, mutiny, coup d-etat, war and civil war.
  • Terrorism liability including public liability for third-party bodily injury, employers liability, pollution clean-up and defense costs.
  • Corporate protection covering kidnap, detention and highjacking as well as extortion and products extortion.

Practice Areas

Prior to the tragic events of September 11, 2001, U.S. property policies were silent on terrorism.  This was quickly replaced with absolute terrorism exclusions in the months that followed as carriers lost their reinsurance protection.  Pressure from commercial interests led to U.S. Congress passing the Terrorism Risk Insurance Act (TRIA) in November, 2002, and subsequent renewals, to provide a backstop to insurers that allowed coverage to be provided.  This federally backstopped program provides certainty and stability to the insurers guaranteeing both the availability and affordability of terrorism insurance coverage for U.S. commercial properties and businesses.

Many of the recent horrific attacks, while considered acts of terrorism, would not have triggered TRIPRA due to the amount of property damage sustained. Clients that elect to not purchase TRIPRA may find themselves with coverage gaps as exclusionary language and definitions of terrorism varies greatly by carrier.  TRIRPA itself has some coverage limitations that may not fully address your exposure to loss.  In addition to offering standalone coverage options, Gallagher also provides a wide range of asset based terrorism solutions that include:

  • Terrorism and Sabotage– United States and Global embedded or standalone coverage
  • Standalone strikes, riots and civil commotion, and malicious damage
  • Political violence coverage including terrorism, sabotage, strikes, riots, civil commotion, insurrection, revolution and rebellion; mutiny and coup d’état; and war and civil war.
  • Nuclear, Biological Chemical and Radiological (NBCR) (without requirement of a physical damage trigger)
  • Violent Malicious Acts (VMA) - insure the necessary extra expenses incurred in order to continue the normal conduct of your organization’s operations following a Violent Malicious Act.
  • Threats of Malicious Acts– Loss of revenue when access to your business is prevented following a threat or by order of a civil or military authority.
  • Denial of access (including non-damage) - disruption to your organization when access is impaired due to an event (radius based).
  • Loss of attraction coverage – For loss of revenue due to damage to a nearby iconic building or critical infrastructure (radius based).
  • Captive ‘wrap’ solutions for US domiciled clients
  • Terrorist threat coverage – 2hr waiting period available
  • Terrorism solutions for Banks including protection for mortgage/loan portfolios either forced placed or contingent.

Many advantages to seeking alternative standalone terrorism options outside of TRIPRA include:

  • No limitation on the size of the attack to trigger coverage.  TRIPRA requires the event be certified by the Secretary of Treasury and must exceed $5M in loss.   The backstop is not triggered until $120 million is exceeded in 2016.
  • Coverage for locations outside of the United States.  Broader political violence perils can also be covered for international locations such as War, Civil War, Strikes, Riots, Civil Commotion, Malicious Damage, Insurrection, Rebellion, Revolution, Coup D’états and Mutiny.
  • Definition of terrorism event is clearly stated in the policy wording and covers a broad range of coverage including acts committed for political, religious and ideological purposes as well as acts of sabotage.
  • Ability to include riots, strikes and civil commotion, malicious damage war and political violence coverage
  • Ability to include coverage for Cyber Terrorist and Nuclear, Biological, Chemical and Radiological (NBCR) attacks, not currently offered under TRIPRA
  • Access to crisis management and security risk assessment firms.
  • Broad Manuscript wordings available
  • $0 Deductible options
  • Inclusion of terrorism general liability and/or terrorism employers’ liability
  • Individual assets can be insured and specific limits and deductibles selected. When TRIPRA is embedded in a standard policy it is usually over the entire portfolio and subject to policy limits and deductibles.
  • Individual Risk pricing – Most carriers use a percentage of the property premium as part of their calculation. This can result in elevated pricing if coverage for Natural Catastrophes is embedded. 
  • Indemnity may be delayed by insurer’s reliance on the payment from the Government before claims can be settled with insureds.

This broad range of property based terrorism products and solutions allows you to confidently operate on a global basis and grow your business or organization while keeping your assets, people and shareholders protected.  

Cyberterrorism is generally defined to mean acts or threats by individuals, entities or nations engaged in disruptive activities against computer systems to intimidate or cause harm or further social, ideological, religious, or political objectives.  There are several insuring agreements that are directly impacted by cyberterrorism under a cyber policy:  Network Security, Privacy Liability, Breach Response, Cyber Extortion, and Business Interruption and Data Recovery are coverages that are susceptible to cyberterrorism.  In order to address cyberterrorism exposures, cyber insurance carriers have taken varied and inconsistent approaches to granting this coverage should there be a covered loss. 

Our Cyber Liability specialists can help you with coverage structure and pricing alternatives available from within the marketplace to put you in the best possible position to manage your Cyber risk as relates to Terrorism.

The policy language is not uniform among carriers and actually may be restrictive or only apply to certain insuring agreements.  The lack of uniformity within the cyber insurance market creates confusion as to what coverage is provided.  It is important to understand the two main approaches to granting cyberterrorism coverage:

Approach A:  Affirmative grant of cyberterrorism coverage attached to the security failure definition (which will define cyberterrorism). This approach leaves the war exclusion untouched allowing the carrier the right to reserve coverage should a cyberterrorism event be deemed a war or military action.

Approach B: Rather than granting a separate affirmative coverage, some carriers will provide a carveout to the “War and Terrorism” exclusion.  This approach affords cyberterrorism by modifying an exclusion in the policy that may typically be used to exclude war and terrorism actions, unless otherwise amended, to recognize that cyberterrorism acts will not apply. 

Of utmost importance, no matter the scenario above, cyberterrorism needs to result in a covered loss under a cyber policy. Assuming a covered loss, cyberterrorism coverage hurdles may exist if the language is not granted properly. 

Please be aware of the following:

  • Each carrier will specifically define the meaning of cyberterrorism coverage.
  • In many situations, carriers have crafted cyberterrorism definitions that are not clearly defined and may be left to interpretation.  For instance, some carriers leave out important references to nation-state terrorist attacks thereby creating ambiguity and possible coverage gaps if not fully discussed and understood.   
  • Most carriers require the war exclusion, and depending on the breadth of the cyberterrorism carveout, there can be unclear intentions on how the cyberterrorism action may be interpreted as an act of war. 

Unfortunately, in an evolving cyber landscape, cyber insurance policies have not been able to provide common language for cyberterrorism coverage.  It is clear that while solutions for cyberterrorism are available, the wording remains in an evolutionary pattern and requires experienced cyber brokers to guide clients through an ever-changing cyber threat landscape.

Generally, standard Casualty policies will typically include one of a variety of TRIA endorsements. (see attached sampling).   The specific endorsement that will be attached to a policy will depend on various factors including, but not limited to, whether or not an insured has elected to purchase or reject TRIA coverage as well as the overall exposure/risk profile of an insured. Many non-standard markets (E&S) exclude terrorism except cover provided under TRIPRA, therefore a careful review of the endorsements attached to a particular casualty policy should be conducted in order to fully understand the coverages purchased and whether or not an alternative risk solution is more appropriate. 

> TRIPRA Endorsements: General Liability (ISO)

Gallagher Environmental-Pollution Exposures Involving a Threat from and Act of Terrorism (TRIA).

Many environmental insurance carriers offer the option to purchase TRIA insurance within their policies for clients of Arthur J. Gallagher. In the event of an unfortunate act of terrorism a client may not be fully insured without TRIA coverage included in their pollution policy. These acts could pose a threat to human life and your business. A well-structured pollution insurance policy should contain additional coverage enhancements that could trigger coverage in the event an act of terrorism occurred and the TRIA fund was not able to fully indemnify our clients. Some of the more “high profile” industries that should always consider purchasing TRIA and that have an exposure would be the following:

  • Hospitals & Medical Offices
  • Public Entities (i.e., wastewater treatment)
  • Chemical Manufacturers (Agriculture, Petrochemical)
  • Schools & Educational Institutions
  • Bulk Fuel Terminals (Oil & Gas)
  • Power & Utilities
  • Food Manufacturers

Examples of specific terrorism exposures to these industries include:

  • Biological Exposures (Virus, bacteria, diseases, ie. Anthrax)
  • Chemical (Chemical weapons, poisonous gas, toxic hostile fire)
  • Nuclear (Low Level radioactive material)

Since an act of terrorism is often difficult to assess in advance of its action, there may be many other exposures not captured in this list. General Liability policies often exclude pollution or provide very little coverage. Don’t be left without the necessary coverage to ensure your business is fully covered for the unforeseen risk. 

Terrorism comes in many forms, and Kidnap and Ransom insurance (K&R) is designed to provide coverage for many expenses incurred in different types of terrorist attacks.  Primarily, a K&R policy provides ransom, additional expenses and liability coverage for actual or alleged kidnapping.  In countries throughout Europe, the Middle East and Africa, ISIS and other terrorist groups have been known to conduct kidnappings, and companies traveling or operating abroad, and even those here in the US, have increased exposure to these types of events.  Though terrorist attacks are not always motivated by financial gain, business persons who seem wealthy may be at higher risk to be targets of terrorist activity.

A K&R policy covers a company’s employees, directors, officers and family members, and provides additional coverage for terrorism-related events such as: death, dismemberment, loss of earnings, expatriate security evacuation, disappearance investigation and expense, threat response, express kidnapping, child abduction, and hostage crisis. In addition to ransom and negotiation, the policy pays such expenses as public relations, travel and accommodation, psychiatric/ medical care, legal advice, reward, personal financial loss, loss of salary, temporary increase security measures, communications equipment, forensic, rest and rehabilitation including meals and recreation for any victims, plastic surgery, job retraining and other related expenses.

Unfortunately, terrorism has become a real threat to companies both in the United States and abroad, and in today’s environment, a K&R policy is recommended for all companies.  In addition to the coverage, the policies provide access to a crisis response firm for consultation and advice, and access to a variety of risk management tools such as websites, newsletters, whitepapers, training and more. For most companies, premium is relatively inexpensive with $1M of coverage available for between $800 and $3,000 annual premium, and multi-year policies are available.

Kidnap Briefing Monthly - January 2017

With recent violent events that have taken place both domestic and abroad has brought renewed attention from employers as to the responsiveness of their workers’ compensation program.   Employers question how my workers’ compensation coverage will apply to violent acts in the workplace.  Additional concern has arisen as to what is the specific “action” that could or could not trigger coverage under their risk management program.   For acts that are committed on domestic/U.S. soil; coverage is broad as long as the injuries “arise out of employment.”  Employers do not have to question whether such “act” is perpetrated by an “Active Shooter,”   emanating from a “Certified Act of Terrorism,” or some other action carried out individual(s) associated with a specific “cause.”   In essence the “definition” of the action that causes loss should not preclude coverage for such acts. 

Application of coverage becomes clouded when your U.S. resident employees are working on internationally.  While coverage can be arranged for acts arising out of employment employers must pay attention to the 24 hour coverage aspect of their employees and what is their corporate policy for extending coverage when you employees are not working.