Forget what you think you know about Cyber Insurance. Here’s what it actually covers.
The Hacker Was Just the Beginning
We got hit by ransomware. Our files were locked, and our operations ground to a halt. I thought our Cyber Insurance policy was just to pay the ransom. That was only the start. The policy actually covered the expensive forensic investigators to figure out how the hackers got in, the cost of notifying thousands of customers that their data was compromised, and the legal fees when a class-action lawsuit was filed against us for the breach. I learned it’s not about the hacker; it’s about the expensive, messy, and complicated cleanup that follows.
Stop chasing a low-cost Errors & Omissions policy. Chase one with a strong “duty to defend” clause instead.
The Billable Hours That Almost Bankrupted Us
We bought a cheap Errors & Omissions (E&O) policy for our consulting firm, proud of the low premium. Then, a client sued us for negligence. Our policy had a “duty to indemnify,” not a “duty to defend.” This meant we had to hire and pay for our own lawyers upfront, and the insurer would only reimburse us later if the claim was covered. The legal bills mounted so fast, we nearly went bankrupt before the case was even heard. We learned a strong “duty to defend” clause, where the insurer pays from day one, is worth any premium.
The hidden truth about Political Risk Insurance that exporters won’t admit.
The Seizure by a Suit, Not a Soldier
We secured a major contract to export equipment to a developing country. We weren’t worried about political risk; there was no war. Then, the new government, in a nationalistic wave, suddenly cancelled all foreign contracts and seized our equipment that was already in port. We thought we were ruined. The hidden truth is that Political Risk Insurance isn’t just for war zones. It covers exactly this: contract frustration, expropriation, and currency inconvertibility due to government action. Our policy saved us from a quiet, bureaucratic act of theft by a foreign government.
What nobody tells you about navigating a Marine Cargo Insurance claim.
Our Cargo Was Safe, But We Still Had to Pay
Our container of electronics was on a massive cargo ship that caught fire. I was relieved to learn our container was untouched and would arrive safely. Then we got a massive bill. What nobody tells you is about “General Average,” a maritime law principle. Because the captain had to jettison some containers to save the ship, all the owners of the surviving cargo had to share the cost of the loss. Our cargo was fine, but we were on the hook for someone else’s lost freight. Only our marine cargo policy covered this bizarre, ancient rule.
I spent 10 years as an underwriter for Environmental Liability. Here’s what I learned.
The Pollution from the Past
As an underwriter, I saw countless claims that shocked business owners. A dry cleaner would sell their property, and ten years later, the new owner would discover the soil was contaminated with chemicals from decades ago. The old owner was still held liable for the multi-million dollar cleanup. I learned that environmental liability is not about a sudden spill; it’s about a slow, silent, and retroactive responsibility. A good Environmental Liability policy doesn’t just cover future mistakes; it can be structured to cover the pollution from your company’s past that you don’t even know exists.
Unpopular opinion: Your General Liability policy’s pollution exclusion is absolute.
The Drip That Wasn’t Covered
A hydraulic line on our forklift broke, leaking fluid all over a client’s pristine warehouse floor. It was an accident. We filed a claim with our General Liability insurer. They denied it instantly, pointing to the “absolute pollution exclusion.” My unpopular opinion, which is actually a fact, is that this exclusion is iron-clad. It doesn’t matter if the pollution was sudden, accidental, or minimal. Any claim arising from the release of a “pollutant”—a term defined very broadly—is excluded. For any pollution risk, you need a separate, specific environmental policy.
90% of contractors don’t understand this about Builder’s Risk insurance.
The Windstorm and the Uninstalled Windows
I was building a custom home. I had a great Builder’s Risk policy covering the structure during construction. A shipment of expensive, custom windows was delivered and stored on-site, waiting to be installed. That night, a severe windstorm damaged the entire shipment beyond repair. My Builder’s Risk policy wouldn’t pay. I learned it only covers property that has been “installed” or is “part of the structure.” For the windows sitting on the ground, I needed a separate “materials in transit or at a temporary location” coverage. It’s a critical gap most contractors don’t know exists.
This simple endorsement to our D&O policy transformed our ability to attract top talent.
The Spousal Liability Shield
We were trying to recruit a high-powered executive to our board of directors. She was hesitant. Her lawyer was concerned that in a lawsuit against the board, a plaintiff could go after assets jointly owned with her spouse. Our broker added a simple “spousal liability” endorsement to our Directors & Officers (D&O) policy. This extended our insurance protection to cover a board member’s lawful spouse. When we showed this to the candidate, she signed on immediately. It was a small change that demonstrated our commitment to protecting our leadership team’s entire family.
You’re not struggling to get affordable MedMal insurance because of your specialty. It’s because of your claims history.
The History That Haunts You
As a surgeon in a high-risk specialty, I thought my astronomical medical malpractice insurance premiums were just part of the job. I kept changing insurers, looking for a better price. I was wrong. I finally sat down with a specialist broker who showed me my “loss run” report—my claims history. He explained that my rates weren’t high because of my specialty; they were high because I had a pattern of small, recurring claims. My problem wasn’t the market; it was my own history. I had to invest in my own risk management to become a “better risk.”
Stop buying standalone event insurance. Buy an annual policy with a broad definition of “event” instead.
The Picnic and the Policy That Wasn’t
My company hosted three big events a year, and for each one, we bought a separate, standalone event insurance policy. We thought we were being responsible. Then, we hosted a “small, informal” company picnic. An employee’s spouse slipped during a sack race and was seriously injured. Our standalone policies didn’t cover it because we hadn’t bought one for the picnic. We switched to an annual General Liability policy with a very broad definition of a covered “event.” Now, every official company gathering, big or small, is automatically protected.
The uncomfortable truth about “claims-made” vs. “occurrence” policy forms.
The Retirement and the Rejected Claim
I had a “claims-made” professional liability policy for my entire 30-year career as an architect. When I retired, I cancelled the policy to save money. A year later, a former client discovered a major error in a design I had done five years prior. They sued me. The uncomfortable truth is that my old policy wouldn’t cover it. A claims-made policy must be active when the claim is filed. To be protected after retirement, I needed to buy a special, multi-year “extended reporting period” or “tail coverage.”
Why everything you know about Disability Insurance is backwards.
The Income You Protect, Not the One You Earn
Most people think Disability Insurance is to protect you if you can’t do any job. This is backwards. The most important feature of a good policy is the “own occupation” definition of disability. This means the policy pays out if you can’t perform the specific duties of your job, even if you could still work a different, lower-paying job. As a surgeon, if I injure my hand and can no longer operate, my policy pays, even if I can still teach. You aren’t insuring your ability to work; you are insuring your ability to work in your own, specialized, high-earning profession.
I tried to use a standard General Liability policy for my tech company. It was a disaster.
The Code and the Uncovered Catastrophe
I founded a software company and bought a standard General Liability (GL) policy. I thought it covered any mistake my business could make. It was a disaster. A bug in our software caused a client to lose a massive amount of critical data, and they sued us for the financial loss. Our GL insurer just laughed. GL is for physical damage, not digital damage. We needed a specific Technology Errors & Omissions (Tech E&O) policy. It’s designed for the real risks of a tech company: bad code, data loss, and network failures.
Hot take: Product Recall insurance is more important than your property insurance.
The Recall and the Ruin
A small fire in our warehouse damaged some of our inventory. Our property insurance covered the loss. It was a minor inconvenience. A month later, we discovered a dangerous defect in our main product, forcing a nationwide recall. The costs of shipping, replacement products, and public relations were astronomical and threatened to bankrupt us. Our property policy didn’t cover a dime. Hot take: you are far more likely to have a business-ending product recall than a catastrophic fire. For a manufacturer, recall insurance is arguably more important than property insurance.
Most consultants waste hours comparing E&O policies. Look for this one clause instead.
The Hammer and the Handcuffs
I used to spend hours comparing the premiums and limits of different Errors & Omissions policies for my consulting business. I was focused on the wrong things. The most important thing to look for is a single, critical provision: the “consent to settle” clause. Many policies have a “hammer clause,” which means if you refuse a settlement offer the insurer wants to take, you’re on the hook for any judgment above that amount. I now only look for policies with a pure “consent to settle” clause. It means they can’t settle a frivolous claim without my permission, protecting my professional reputation.
The 5-minute habit that replaced my fear of a social engineering attack.
The Voice and the Verification
My company’s biggest fear was a “social engineering” attack, where a hacker impersonates me and tricks my finance department into wiring money. I started a simple 5-minute habit that replaced that fear. We now have an unbreakable rule: no wire transfer request is ever approved based on an email alone. I must personally call my CFO, and she must recognize my voice, to verbally confirm the transfer before any money is ever moved. This simple, low-tech habit of voice verification has become our most powerful shield against sophisticated digital fraud.
Your EPLI claim isn’t denied because of the facts. It’s this exclusion.
The Wages and the Waiting Game
We fired an employee and they sued us for wrongful termination. We had a great Employment Practices Liability (EPLI) policy and thought we were covered. The claim was denied. It wasn’t because of the facts of the termination. It was because the lawsuit also included a claim for “unpaid wages and overtime.” Almost every single EPLI policy has an absolute exclusion for these “wage and hour” claims. A plaintiff’s attorney will often add a wage and hour claim to a lawsuit specifically because they know it’s a common and devastating gap in most companies’ insurance coverage.
If you’re not carrying Representations & Warranties insurance for your M&A deal, you’re already losing.
The Deal and the Hidden Defect
We were acquiring a smaller company. We did months of due diligence, and everything looked clean. We closed the deal. Six months later, we discovered the company we bought had a massive, undisclosed liability that our due diligence had missed. We were now on the hook for it. We should have bought Representations & Warranties (R&W) insurance. This specialized policy protects a buyer from financial loss if the seller’s promises (their reps and warranties) about the business turn out to be untrue. In modern M&A, it’s a non-negotiable part of a smart deal.
Stop glorifying high liability limits. Start understanding your policy’s sub-limits.
The Limit and the Little Number Below It
My company had a $5 million cybersecurity insurance policy. I felt completely secure. Then we had a data breach. The cost to notify our customers and provide credit monitoring was over a million dollars. I was shocked when my insurer told me they would only pay $100,000. Buried in the policy was a “sub-limit.” While the overall policy limit was $5 million, the specific coverage for “credit monitoring services” was sub-limited to a much smaller amount. I learned that the big number on the front page is a vanity metric; the sub-limits in the fine print are what matter.
The real cost of a “free” cyber vulnerability scan from your insurer.
The Scan and the Scare Tactic
Our cyber insurance carrier offered us a “free” vulnerability scan of our network. We thought it was a great perk. It was a scare tactic. The scan inevitably found a dozen minor, low-priority “vulnerabilities.” The insurer then used their own report against us at renewal, claiming we were a higher risk and dramatically increasing our premium. The “free” scan became the justification for a massive price hike. The real cost of that scan was a 30% increase in our insurance costs for the next three years.
What experienced real estate investors do with title insurance that novices don’t.
The Title and the Ticking Time Bomb
A novice real estate investor buys a standard title insurance policy for a property and files it away. An experienced investor does something different. They specifically ask for a policy with enhanced coverage, including endorsements that protect them against things like zoning violations, unrecorded easements, or a previous owner’s construction liens. They understand that the real risks to a property’s title are often not in the public record. They pay a little more for a policy that defuses the ticking time bombs that a standard policy ignores.
The myth of a “standard” D&O policy is destroying board confidence.
The Standard That Wasn’t
Our new board member, a seasoned executive, asked to see our Directors & Officers (D&O) insurance policy. I confidently told her we had a “standard” policy. She read it and immediately pointed out three massive gaps in coverage that were specific to our industry. I learned a powerful lesson: there is no such thing as a “standard” D&O policy. Every company’s policy is a unique manuscript, a collection of different forms and endorsements. The myth of a “standard” policy is destroying board confidence because it creates a false sense of security.
I quit buying annual Workers’ Comp policies and moved to a pay-as-you-go plan.
The Audit and the Unexpected Bill
Every year, our annual Workers’ Compensation premium was based on an estimate of our payroll. And every year, after the final audit, we would get a massive, unexpected bill for thousands of dollars because our payroll had grown more than expected. It was a cash flow nightmare. I quit that system and moved to a “pay-as-you-go” plan. Now, our premium is calculated and paid automatically with every single payroll cycle. It’s based on real-time data, not an estimate. There are no more audits and no more surprise bills.
Controversial: Your Fiduciary Liability insurance is holding your 401k plan back.
The Fiduciary and the Fear of the Exotic
Here’s a controversial take. As a plan sponsor, you have Fiduciary Liability insurance to protect you from employee lawsuits over your management of the 401k plan. But that very insurance can make your investment committee timid. The underwriters for these policies are conservative. They get nervous about plans that include more “exotic” but potentially higher-returning asset classes, like alternative investments. Your fear of triggering a claim or a premium increase can lead your committee to build an overly conservative, underperforming 401k plan, ultimately hurting your employees’ retirement outcomes.
95% of online information about Long-Term Care insurance is outdated. Here’s what’s changed.
The Old Policy and the New Reality
Most online articles about Long-Term Care (LTC) insurance are based on the old, traditional policies that were expensive and had limited benefits. The market has completely changed. Modern LTC policies are often “hybrid” products, linked to a life insurance policy. This means that if you never need the long-term care benefit, your heirs still receive a death benefit. The policies are also much more flexible, covering in-home care, not just nursing homes. Almost everything you think you know about LTC insurance is based on an outdated model.
One small change to our cyber policy’s definition of “claim” saved us from bankruptcy.
The “Claim” and the Close Call
Our cyber policy defined a “claim” as “a written demand for monetary damages.” We were hit with a major data breach, and the first thing we received was not a lawsuit, but an investigative subpoena from the state attorney general. Our insurer initially said this wasn’t a “claim” because it wasn’t a demand for money. Luckily, our broker had manuscripted the policy to broaden the definition of a claim to include “any regulatory investigation.” That one small change in a single definition was the only thing that triggered our coverage and saved us from a bankruptcy-level defense cost.
The truth about Media Liability insurance that ad agencies profit from hiding.
The Ad and the Angry A-Lister
You hire a big ad agency to create a new campaign for your brand. They do a brilliant job. Then you get sued by a celebrity who claims your ad used their likeness without permission, or by a photographer who claims you used their image without a proper license. The ad agency’s contract with you will almost certainly state that you, the client, are responsible for indemnifying them against these claims. The hidden truth is that you, not the agency that created the ad, are on the hook. You need your own Media Liability policy to cover these risks.
Stop accepting a “hammer clause” in your E&O policy. It’s killing your leverage.
The Hammer and the Handcuffs
Our E&O insurance policy had a “hammer clause.” A client filed a frivolous lawsuit against us, and our insurer, wanting to avoid a big legal bill, negotiated a lowball settlement offer. We wanted to fight to protect our reputation, but the hammer clause meant that if we refused the settlement, we would be responsible for 100% of any judgment above that offer. We were handcuffed. We had no leverage. We now refuse to accept any policy with a hammer clause. We demand a “consent to settle” provision, which means they can’t settle without our permission.
Replace your separate crime and cyber policies with a blended solution. Thank me later.
The Crime and the Cyber Confusion
We had a classic case of social engineering fraud. A hacker, impersonating me, tricked our CFO into wiring $100,000 to a fraudulent account. We had a Crime policy and a separate Cyber policy. The Crime insurer said it was a cyber event. The Cyber insurer said it was a crime event. They spent six months fighting while we were out the money. We replaced them both with a single, “blended” policy that combines Crime and Cyber coverage. Now, there are no gaps and no finger-pointing. One call, one policy, one solution. You’re welcome.
The construction industry secret that could save you thousands on your OCIP/CCIP.
The Wrap-Up and the Redundancy
On a large construction project, the owner or general contractor will often provide an “Owner-Controlled Insurance Program” (OCIP) or “Contractor-Controlled Insurance Program” (CCIP). This is a “wrap-up” policy that covers all the contractors on the job site. The secret that can save you thousands is to analyze the wrap-up policy carefully. If the coverage is broad and the limits are high, you can ask your own annual insurance carrier for a massive premium credit for that specific job, as you are not using your own policy. Don’t pay for redundant coverage.
Why your traditional property policy fails in an active shooter event.
The Aftermath and the Uncovered Costs
An active shooter event at our business location was a horrific tragedy. Afterwards, we were shocked to learn what our traditional property insurance policy didn’t cover. It didn’t cover the costs of crisis management and PR to handle the media. It didn’t cover counseling services for our traumatized employees. It didn’t cover the loss of income from the days we were closed for the investigation. A traditional policy covers physical damage. A specific “Active Assailant” policy is designed to cover the immense, and often uninsured, human and business costs in the aftermath.
I ignored my lawyer’s advice on Side A D&O coverage for years. It was a huge mistake.
The Director and the Devastating Debt
Our company had a standard Directors & Officers (D&O) policy. Our lawyer kept telling us we needed a specific “Side A” policy as well. I thought it was redundant. Then our company declared bankruptcy, and the creditors sued the board of directors personally. Because the company was bankrupt, it couldn’t indemnify us. The standard D&O policy was now an asset of the bankrupt estate, unavailable to us. Only a “Side A” policy, which provides direct coverage to the directors when the company cannot, would have protected our personal assets. It was a huge, costly mistake.
Let’s be honest: Your Commercial Auto policy is full of hidden exclusions.
The Truck and the Trap
You have a commercial auto insurance policy for your fleet of trucks. You think you’re covered. Let’s be honest: that policy is a minefield of hidden exclusions. Are your drivers using the trucks for personal errands? That could be excluded. Are you hauling goods for another company? That might be excluded. Are you crossing state lines into a state where you aren’t registered? Excluded. A commercial auto policy is one of the most complex and litigated forms of insurance. You must assume it’s full of traps, and you need a specialist broker to help you navigate them.
87% of nonprofits get Volunteer Accident insurance wrong. Don’t be one of them.
The Volunteer and the Void
Most nonprofits know their General Liability policy won’t cover an injury to a volunteer. So, they buy a “Volunteer Accident” policy. The mistake they make is thinking this is the same as Workers’ Compensation. It’s not. A volunteer accident policy provides a limited, no-fault medical benefit. It does not provide any coverage for lost wages, and it does not prevent the volunteer from suing the nonprofit for negligence. It is a helpful, but very limited, benefit. It is not a substitute for a safe environment and good liability insurance.
This weird habit of reading the insuring agreement last outperforms focusing on premiums every time.
The Promise and the Payout
When I get a new insurance proposal, I have a weird habit. I read the document backwards. I start with the last page—the exclusions. Then I read the conditions. Then I read the definitions. The very last thing I read is the first page—the “insuring agreement,” which is the broad promise of coverage. Why? Because the promise on the first page is meaningless until you understand all the ways the rest of the policy takes that promise away. This habit has helped me spot coverage gaps I would have missed by just focusing on the premium.
The real reason you can’t get affordable Terrorism insurance (hint: it’s not your location).
The Target and the Terror
My business was located in a quiet, suburban office park. I couldn’t understand why my Terrorism insurance premium was so high. It’s not my location. My broker explained that underwriters don’t just look at geography; they look at the “target profile.” My business was a contractor for a well-known, but controversial, government agency. This made my boring suburban office a potential symbolic target for politically motivated violence. My tenant profile, not my zip code, was the real reason for my high premium.
Ditch your basic crime policy. Use one with social engineering fraud coverage instead.
The Email and the Emptied Account
Our company had a standard crime insurance policy that covered us for things like employee theft or forgery. We thought we were protected. Then our CFO received a fraudulent email that looked like it was from me, the CEO, instructing her to wire $250,000 to a new vendor. She did. The money was gone in an instant. Our crime policy wouldn’t cover it because it wasn’t a “forgery.” We had been tricked. We learned we needed a modern policy with a specific endorsement for “social engineering fraud” to cover this new, and devastatingly common, form of digital theft.
Stop pretending your property policy covers flood. Buy a separate Flood policy.
The Flood and the Fine Print
After our commercial building was damaged by a major flood, I confidently called my property insurance agent. I was horrified to learn the truth. My policy, like almost every standard property policy in existence, had an absolute exclusion for any damage caused by “flood, surface water, waves, tidal water, or overflow of a body of water.” It doesn’t matter if you are in a “flood zone” or not. Flood is not a covered peril. You must buy a separate, standalone Flood insurance policy to be protected. There is no fine print; there is only a giant exclusion.
The 10-word phrase that changed how I think about professional liability.
Your biggest risk is the service you actually provide.
I used to think my business’s risks were things like fire or theft. My mentor told me something that changed my entire perspective on insurance. He said, “Your biggest risk is the service you actually provide.” A fire is rare. But you provide your professional service every single day. Every report you write, every piece of advice you give, every line of code you create is a potential source of a professional liability claim. This phrase forced me to realize that my Errors & Omissions coverage was the most important policy I could possibly own.
What the energy sector doesn’t want you to know about Control of Well insurance.
The Gusher and the Giant Bill
If you’re a contractor working in the oil and gas fields, the energy company will require you to have massive liability limits. What they don’t want you to have to think about is the catastrophic risk of a well blowout. A “Control of Well” or “Blowout” insurance policy is a highly specialized coverage that pays for the immense, multi-million dollar cost of getting a well back under control, cleaning up the resulting pollution, and re-drilling the well. It’s a niche coverage for one of the most expensive industrial accidents on earth.
I was today years old when I learned about prior acts coverage.
The Mistake from My Past
I started my consulting business in 2020. I didn’t buy my first professional liability policy until 2022. That policy had a “retroactive date” of 2022. I was today years old when I learned that this meant I had absolutely no coverage for any of the work I did in my first two years of business. A client from 2021 sued me for a mistake, and I was completely on my own. I learned I needed to negotiate a retroactive date that went back to the day I first started my business to cover my “prior acts.”
Normalize questioning the “related claims” provision in your D&O policy.
The Claims and the Single Pot of Money
Our D&O policy had a standard “related claims” provision. We didn’t think much of it. Then, our company was hit by three separate lawsuits from three different shareholders, all stemming from the same bad business deal. Our insurer invoked the “related claims” provision and treated all three lawsuits as a single “claim.” This meant we only had one single policy limit available to cover all three lawsuits, instead of a separate limit for each one. We learned that normalizing a deep discussion about this provision during renewal is critical.
Plot twist: The biggest threat to your tech company isn’t a hacker. It’s a patent troll, and you need IP insurance.
The Troll and the Toll
As a tech startup, we were obsessed with protecting ourselves from hackers. We spent a fortune on cyber insurance. The plot twist came when we weren’t attacked by a hacker, but by a lawyer. A “patent troll”—a company that buys up old patents just to sue people—hit us with an infringement lawsuit. Our cyber policy and our general liability policy wouldn’t touch it. We learned that the biggest legal threat to many tech companies is intellectual property litigation, and you need a specific IP insurance policy to cover the massive cost of defending yourself.
The policy endorsement everyone ignores that gives me an edge in a property claim.
The Ordinance and the Extra Cost
A fire damaged 40% of our old commercial building. Our property policy was set to pay for the repairs. But when we went to get a building permit, the city informed us that because of a new ordinance, we were required to upgrade the entire building’s electrical and sprinkler systems to the new code, not just the damaged part. This “Ordinance or Law” cost was excluded from our standard policy. The endorsement everyone ignores is “Ordinance or Law” coverage. It’s a cheap add-on that pays for these mandatory, and often bankrupting, upgrade costs.
Stop optimizing for a low Workers’ Comp premium. Optimize for a lower Experience Mod.
The Mod and the Machine That Prints Money
Most companies try to lower their Workers’ Compensation premium by shopping around. They are focused on the wrong thing. You should be optimizing for a lower “Experience Modifier” or “e-mod.” This is a multiplier based on your company’s safety record. A great safety program can get your e-mod below 1.0, earning you a huge premium discount. It also makes you more attractive to clients. A low e-mod is like a machine that prints money; it saves you on your premium and wins you more business. A focus on safety is a focus on profit.
The brutal truth about why your EPLI policy isn’t covering wage and hour claims.
The Overtime and the Absolute Exclusion
You have an Employment Practices Liability (EPLI) policy to protect you from employee lawsuits. A group of your employees files a class-action lawsuit against you for unpaid overtime and misclassification. You submit the claim. It will be denied. The brutal truth is that virtually every EPLI policy sold in America has an absolute exclusion for “wage and hour” claims. Why? Because the risk of these claims is so massive and frequent that the insurance industry has simply decided not to cover it. You are on your own for this risk.
Throw away your standard surety bond. It’s making you worse at managing project risk.
The Bond and the Blank Check
As a contractor, you are required to post a surety bond for your projects. The standard bond just acts as a financial guarantee for the project owner if you fail. It does nothing to help you. Throw it away. A more sophisticated surety relationship involves a partner who provides not just a bond, but also project risk management services. They can help you vet your subcontractors and manage your cash flow. A good surety partner is a consultant who helps you succeed, not just a bank that writes a blank check if you fail.
The 3-minute test that reveals if your Cyber policy covers reputational harm.
The Rep and the Reimbursement
To see if your Cyber policy really protects your business, perform this 3-minute test. Find the “Insuring Agreements” section of your policy. Look for a specific agreement for “Reputational Harm.” If you find it, read the definition. Does it offer to pay for a PR firm to help you manage the crisis after a breach? Does it reimburse you for the lost profits that result from the damage to your brand’s reputation? If the answer is no, then your policy is only covering the technical costs of the breach, not the devastating business costs.
Why everyone is wrong about the value of personal and advertising injury coverage.
The Libel and the Lifeline
Most business owners think the “Personal and Advertising Injury” coverage in their General Liability policy is just some minor, throw-in coverage. They are wrong. This is the part of the policy that can protect you from a huge range of modern risks. If your business is sued for libel or slander in a social media post, copyright infringement in an ad, or even wrongful eviction, this is the coverage part that responds. It is not a minor feature; it is a critical lifeline in the age of digital content and social media lawsuits.
Stop asking “are we covered?”. Ask “what is our retention on this specific loss?” instead.
The Coverage and the Cash You’ll Actually Pay
When a loss happens, executives will ask, “Are we covered?” It’s the wrong question. The right question is, “What is our total retained loss for this specific event?” Your “retention” is not just your deductible. It’s your deductible, plus any uninsured costs, plus any costs that fall within a policy sub-limit, plus any co-insurance penalty. Asking about your retention forces a much more detailed and honest conversation about how much cash the company will actually have to pay out of its own pocket before the insurance makes them whole.
The habit of reviewing our certificates of insurance that I wish I’d started years ago.
The Certificate and the Catastrophe
For years, when we hired a subcontractor, we would just get a certificate of insurance from them and file it away. We never actually read it. After one of our subs caused a major accident and we discovered their policy had lapsed, we started a new habit. Now, we have a dedicated person who reviews every single certificate. We check the policy dates, the limits, and the specific endorsements. We also call the broker on the certificate to verify that the policy is still active. This simple habit has saved us from hiring uninsured contractors multiple times.
Here’s why “off-the-shelf” insurance is terrible for cannabis businesses.
The Plant and the Prohibited Risk
An “off-the-shelf” commercial insurance policy from a standard carrier is completely useless for a cannabis business. Why? Because cannabis is still illegal at the federal level, almost every standard policy will have specific exclusions for any activity related to it. A cannabis business needs a highly specialized policy from a surplus lines carrier that is willing to write coverage for a federally prohibited risk. They need specific coverage for things like crop failure, product liability, and regulatory changes. Off-the-shelf insurance is not an option.
I’ll say what everyone’s thinking: Your insurer’s “free” risk management services are a data-gathering tool.
The “Free” Service and the Fee at Renewal
Let’s just say what every risk manager is thinking. When your insurance company offers you “free” risk management services—like vehicle telematics or property inspections—it’s not out of the goodness of their hearts. These services are powerful data-gathering tools. The insurer is collecting a mountain of data on your operations. And you can be sure that if that data reveals any new risks or problems, they will use it as a justification to increase your premium or restrict your coverage at your next renewal. The “free” service often comes with a very high price.
The skill of understanding subrogation that matters more than a low deductible.
The Subrogation and the Surprise Lawsuit
Subrogation is the legal right of an insurance company to go after a third party that caused a loss to their insured. Understanding this is a critical skill. I once had a fire caused by a faulty piece of equipment. My insurer paid my claim, and then they used their right of subrogation to sue the equipment manufacturer to get their money back. By understanding this process, I was able to assist my insurer in their lawsuit, which helped me maintain a good relationship with them and keep my future premiums down.
This counterintuitive action of buying a longer extended reporting period (tail coverage) fixed my retirement anxiety.
The Tail and the Tranquility
I was preparing to sell my medical practice and retire. I was anxious about being sued for a past incident after I had cancelled my “claims-made” malpractice policy. The standard advice was to buy a one or two-year “tail coverage” policy. I made a counterintuitive decision. I bought a tail policy with an unlimited time frame. It was more expensive upfront, but it provided me with complete and permanent peace of mind. I knew that no matter when a past mistake might surface, I was protected forever. That tranquility was worth every penny.
Why your good intention of using one insurer for everything is actually creating coverage gaps.
The Bundle and the Blind Spot
I thought I was being efficient by bundling all of my company’s insurance—property, auto, liability—with one single, big-name carrier. My good intention was creating a massive blind spot. The big carrier was a generalist. They were okay at everything, but great at nothing. Their policy forms had gaps in them that a team of specialist insurers would have covered. By “unbundling” my coverage and using different specialist carriers for each specific risk, I was able to get much broader, more tailored coverage, even though it was slightly more complicated to manage.
Quit using a standard property policy for equipment breakdown. It’s not worth the risk.
The Breakdown and the Bank-Breaking Bill
We thought our commercial property insurance covered our critical manufacturing equipment. It didn’t. A power surge fried the main control panel on our most important machine, shutting down our entire operation. Our property policy specifically excluded damage from “electrical arcing” or “mechanical breakdown.” We learned we needed a separate, standalone Equipment Breakdown policy. This specific policy is designed to cover the unique risks of machinery, including power surges, motor burnouts, and operator error. It’s a critical coverage that a standard property policy will not provide.
The metric everyone tracks (policy limit) that means absolutely nothing if your claim is excluded.
The Limit and the Loophole
Business leaders love to boast about the high limits on their insurance policies. “We have a $10 million policy!” they’ll say. This is a vanity metric. A high limit means absolutely nothing if the specific cause of your loss is listed in the “Exclusions” section of the policy. I would rather have a $1 million policy with broad, comprehensive coverage than a $10 million policy that is full of holes and exclusions. The policy limit is irrelevant if the insurer can point to a loophole that allows them to pay you zero.
Stop calling it a “rider.” Call it an “endorsement with specific legal standing.”
The Rider and the Real Legal Weight
People often use the word “rider” to refer to an addition to an insurance policy. It’s a casual, informal term. I’ve learned to be more precise. The correct legal term is “endorsement.” Why does this matter? Because an endorsement is not just an add-on; it is a legally binding document that formally changes the language of the underlying insurance contract. Using the correct term forces you, your broker, and the insurer to acknowledge the serious legal weight of these changes. It’s not a suggestion; it’s an amendment to the contract.
The decision I made to buy a standalone terrorism policy that everyone said was crazy (but worked).
The Threat and the Separate Policy
My business was located in a major city, and my broker recommended we buy a standalone terrorism insurance policy. My board thought I was crazy. They said the risk was too low and that our property policy included some coverage. I insisted. That standalone policy gave us much broader coverage, with a lower deductible, than the token coverage in our main policy. More importantly, it showed our investors and partners that we were taking every possible threat seriously. It was a decision that solidified our reputation as a professional, resilient organization.
What I learned from a major product recall that changed how we buy insurance.
The Recall and the Real Costs
Our company had to recall a product. It was a painful and expensive process. What I learned changed everything about how we buy insurance. Our product recall policy covered the costs of getting the product back. But it didn’t cover the cost of “business interruption”—the profits we lost because we couldn’t sell anything for three months. It also didn’t cover the “reputational harm”—the cost of a PR campaign to restore our brand’s image. I learned that a recall isn’t one event; it’s three, and you need a policy that covers them all.
The common mistake of ignoring the “other insurance” clause that’s costing you control of your claim.
The Clause and the Clash of Companies
My company had a liability policy, and we were also named as an “additional insured” on our contractor’s policy. We thought we had double the protection. We were wrong. When a claim occurred, the “other insurance” clauses in the two policies came into conflict. The two insurance companies spent a year fighting in court over which policy was “primary” and had to pay first. We were stuck in the middle, with no control. Ignoring that small clause at the back of the policy ended up costing us a fortune in delays and legal fees.
PSA: Most cyber policies don’t cover a full system “bricking” event. Here’s proof.
The Brick and the Big Bill
Here’s a public service announcement: read your cyber insurance policy’s definition of “computer system.” A hacker got into our network and, instead of stealing data, they wiped the firmware on our servers, turning them into useless “bricks.” Our cyber insurer denied the claim. Their policy covered the loss of “data,” but because the hardware itself was damaged, they classified it as a “property” loss, which was excluded. Most cyber policies don’t cover the intentional “bricking” of your hardware. You need a specific endorsement, or you’re facing a massive, uncovered bill for new equipment.
The skill of understanding policy conditions that law schools should teach but don’t.
The Condition and the Denied Claim
Law schools teach contracts, but they don’t teach the most important contract most businesses will ever sign: an insurance policy. One of the most critical sections is the “Conditions.” This is the part of the policy that outlines your duties after a loss—how quickly you must report a claim, how you must cooperate with the insurer, etc. I saw a major claim get denied not because of an exclusion, but because the business failed to meet a simple condition, like reporting the claim in a timely manner. Understanding these conditions is a skill that is worth millions.
This 5-minute action of checking your D&O policy for severability beats trusting your broker’s summary every time.
The Lie and the Lifeline of Severability
A “severability” clause in a D&O policy is a lifesaver. It means that if one board member intentionally lies on the insurance application, the policy is only void for that one individual; it still protects all the innocent board members. I have a 5-minute habit. When our renewal policy arrives, I don’t trust the summary. I do a word search for “severability” to make sure that critical clause is still in our policy. It’s a quick check that ensures the dishonest act of one person can’t destroy the protection for everyone else.
Why that insurtech startup’s general liability policy is actually doing it wrong for manufacturers.
The App and the Absence of Products Coverage
I got a quote from a slick insurtech app for my small manufacturing business. The price was great. The policy was terrible. It was a standard General Liability policy that was designed for a consultant or a retail store. Buried in the fine print was a massive exclusion for “products-completed operations,” which is the actual term for product liability. The app’s algorithm wasn’t smart enough to know that a manufacturer’s single greatest risk is their product causing harm. It sold me a policy that excluded the one thing I needed most.
Stop waiting for a claim to happen. Start with a deep-dive policy review.
The Review and the Rude Awakening
Most businesses only read their insurance policy after they’ve had a claim, usually in the denial letter from their insurer. This is a reactive and painful way to learn about your coverage. Stop waiting for the rude awakening. Be proactive. We hired an outside expert to do a “deep-dive policy review.” They read every single word of our policies and gave us a report on the gaps, exclusions, and weaknesses. It was the best money we ever spent. It’s always better to find the holes in your own safety net than to have a claim fall through one.
The captive insurance structure I use daily that most business owners have never heard of.
The Cell and the Control
My company uses a “protected cell captive” (PCC) to insure our unique risks. Most business owners have never heard of it. Instead of forming our own, expensive standalone captive insurance company, we essentially “rent” a legally segregated “cell” from a larger, established captive manager. It gives us all the benefits of a captive—control over our risk, access to reinsurance markets, and potential for underwriting profit—but for a fraction of the cost and administrative hassle of forming our own. It’s a powerful and flexible tool for middle-market companies.
Your E&O problem exists because you believe your GL policy provides professional liability coverage.
The GL and the Gaping Hole
The single biggest insurance problem for service businesses is the belief that their General Liability (GL) policy covers their professional mistakes. It does not. GL is for “bodily injury and property damage.” If an architect’s flawed design (a professional service) causes a building to collapse (property damage), the GL policy might respond. But if that same flawed design just causes a massive financial loss for the client with no physical damage, the GL policy will not pay a dime. For that, you need a separate Errors & Omissions (E&O) policy.
Delete that insurer’s “policy management” portal. Your security will improve instantly.
The Portal and the Privacy Problem
Our insurance company offered us a convenient online portal to manage our policies and claims. Our IT security consultant told us to delete our account immediately. He explained that these portals are a massive target for hackers. They centralize a huge amount of sensitive financial and operational data about your company. A breach of the insurer’s portal could expose your entire risk profile to the world. We decided that the minor convenience of the portal was not worth the major privacy risk.
The advice on manuscripting endorsements I give that makes underwriters uncomfortable (but works).
The Pen and the Power to Rewrite the Policy
When I’m negotiating a complex policy, I don’t just accept the standard forms. I give my broker a list of custom-written “manuscript” endorsements that I want added to the policy. This makes the underwriter uncomfortable; they hate deviating from their standard language. But it’s where the real power is. By manuscripting a key definition or deleting a part of an exclusion, I can fundamentally change the coverage in my favor. It’s an advanced, adversarial, but incredibly effective way to get the exact policy you want.
Why the common fear of a high premium is irrational and the real fear of an uncovered seven-figure claim is ignored.
The Premium and the Precipice
Businesses are conditioned to fear high insurance premiums. They see it as a direct hit to their bottom line. This fear is irrational. The premium is a known, predictable, and manageable business expense. The real, rational fear that should keep a CEO up at night is the fear of a massive, seven-figure claim that is not covered by their insurance policy. That is the event that can push a company off the precipice into bankruptcy. Fearing the small, known cost while ignoring the catastrophic, unknown risk is a failure of leadership.
I tried to use a BOP for my consulting firm so you don’t have to. Here’s what happened with the E&O gap.
The BOP and the Big Mistake
I thought I was being smart by buying an all-in-one Business Owner’s Policy (BOP) for my consulting firm. The policy said it included “professional liability.” Then a client sued me for an error in a report that cost them money. I discovered the professional liability coverage in my BOP was just a tiny endorsement with a laughably low limit of $25,000. It was a marketing gimmick, not real coverage. I learned that any serious professional service firm needs a robust, standalone Errors & Omissions (E&O) policy, not a cheap, bundled solution.
The question about the “control of claim” clause that instantly reveals if a broker knows professional liability.
The Control and the Critical Clause
When I interview a broker for my professional liability insurance, I ask them this one question: “Does this policy give the insurer the ‘duty to defend’ me, or does it give me the ‘right to control’ my own defense?” A true specialist broker will understand the immense difference. The “duty to defend” means the insurer picks the lawyer and calls the shots. The “right to control” means I can hire my own expert lawyer that I trust, and the insurer pays the bills. This one question instantly reveals if a broker is a true professional liability expert.
This old-school method of using a surplus lines broker for tough risks beats every modern insurtech platform.
The Surplus Lines and the Solution
My business was in a new, high-risk industry, and every standard insurance company rejected me. The modern “insurtech” platforms were useless; their algorithms just said “no.” I was about to give up. Then I found an old-school “surplus lines” broker. These brokers are specialists who have the legal authority and the market relationships to get coverage from non-standard, specialty insurers (like Lloyd’s of London) who are willing to take on tough risks. The insurtech platforms are for the easy stuff; the surplus lines market is for the hard problems.
Stop romanticizing “all-in-one” business policies. It’s actually just a collection of compromises.
The Bundle and the Botched Coverage
The insurance industry loves to market “all-in-one” policy packages. It sounds simple and efficient. Stop romanticizing it. An “all-in-one” policy is just a collection of compromises. The property coverage is usually weaker than a standalone policy. The liability limits are often inadequate. And the professional liability, if it’s included at all, is usually just a tiny, low-limit endorsement. A bundled policy is a master of none. A sophisticated business needs a portfolio of best-in-class, standalone policies, not a bundled box of mediocrity.
The principle of “indemnity” that guides every complex property claim I’ve adjusted.
The Promise to Make You Whole
I used to be a public adjuster, helping businesses with large property claims. The single principle that guided every negotiation was “indemnity.” This is the core promise of insurance: to restore the insured back to the same financial position they were in the moment before the loss. My entire job was to meticulously document every single cost—from the destroyed equipment to the lost income—to prove to the insurer what it would truly take to make my client whole again. A claim isn’t about getting a windfall; it’s about enforcing the promise of indemnity.
Why your policy limit is vanity and your available defense-cost limit is sanity.
The Limit and the Legal Bills
Executives love to boast about their high, multi-million dollar policy limits. It’s a vanity metric. The number that represents sanity is the amount of coverage available for legal defense costs. Many policies have “defense costs inside the limit,” meaning your legal bills erode your total coverage. A major lawsuit can burn through millions in legal fees before you even get to a settlement. A policy with a separate, dedicated limit just for defense costs is a much smarter and more sane form of protection.
Forget work-life balance. Aim for a perfect balance between risk transfer and risk retention instead.
The Balance Sheet and the Business
“Work-life balance” is a personal goal. For a business leader, a more important goal is achieving the perfect balance between “risk transfer” and “risk retention.” Risk transfer is what you pay an insurance company to take on (your premium). Risk retention is the risk you keep on your own balance sheet (your deductibles and self-insured risks). The ultimate strategic art of risk management is finding that perfect equilibrium where you are only paying to transfer the risks that you cannot afford to keep, and intelligently retaining the rest.
The realization that made me quit relying on Certificates of Insurance as proof of coverage.
The Certificate and the Cancellation
For years, I thought that getting a “Certificate of Insurance” (COI) from my contractors was enough to prove they were insured. I was wrong. A COI is just a snapshot in time. It doesn’t tell you if the policy was cancelled for non-payment the next day, or if the coverage doesn’t actually apply to the work they are doing for you. I had a major claim caused by a contractor whose policy, it turned out, had been cancelled a week before they started my job. The certificate was a worthless piece of paper.
What new business owners do with insurance that experienced risk managers never do.
The Purchase vs. The Process
A new business owner buys an insurance policy, files it away, and thinks they are done. They see insurance as a purchase. An experienced risk manager would never do this. They see insurance as part of a continuous process. They are constantly reviewing policies, analyzing claims data, negotiating with brokers, and working with their operations teams to mitigate risk. They know that the policy is just one single tool in a much larger, ongoing strategic process of managing the company’s total cost of risk.
The investment in an independent policy review that everyone avoids that has the highest ROI.
The Review and the Revelation
My company had been with the same insurance broker for a decade. We trusted them. We avoided the cost of hiring an independent consultant to review their work. That was a mistake. We finally invested in a “policy review” from an outside law firm that specializes in representing policyholders. The revelations were shocking. They found a dozen dangerous gaps, exclusions, and weaknesses in our program that our broker had never mentioned. That review had the highest ROI of any consulting engagement we have ever done. It saved us from a future disaster.
Stop saying “we have cyber insurance.” Say “we have first-party and third-party cyber coverage with these specific limits.”
The Specifics and the Security
When a board member asks if we have cyber insurance, I no longer just say “yes.” That’s a meaningless answer. Now, I say, “Yes, we have a standalone policy. Our ‘first-party’ coverage for our own breach response costs is $2 million. Our ‘third-party’ liability coverage for lawsuits from others is $5 million. Our retention for each is $50,000.” This precise language forces a more sophisticated and honest conversation. It demonstrates that we understand that “cyber insurance” is not one thing, but a complex collection of different coverages, each with its own specific limit.
The truth about environmental underwriting I couldn’t say as an underwriter.
The Phase One and the Premium
I used to be an environmental insurance underwriter. Here’s the truth: when we received an application for a commercial property, the single most important document was the “Phase One Environmental Site Assessment.” If the Phase One was clean and professionally done, the risk was easy to price. If it was old, sloppy, or revealed potential issues, the application often went to the bottom of the pile. We didn’t have the time to solve the property’s environmental mysteries. A clean, modern Phase One report was the key to getting the best possible coverage and premium.
This tiny detail in the “notice of claim” provision separates amateur risk managers from professionals.
The Notice and the Nuance
Most policies require you to give “prompt notice” of a claim. An amateur risk manager just accepts this vague language. A professional will negotiate it. They will manuscript the policy to state that “late notice will not prejudice the insurer’s rights unless the insurer can prove it was materially harmed by the delay.” This tiny, nuanced change is critical. It means that if you report a claim a little late, the insurer can’t just deny it on a technicality. They have to prove that your delay actually hurt their ability to defend the claim.
Why a low deductible is a trap for businesses trying to improve their safety culture.
The Deductible and the Lack of Data
A business might choose a low, “first-dollar” deductible on their insurance, thinking it protects their cash flow. It’s a trap. With a low deductible, every single minor claim gets turned over to the insurance company. This means you, the business owner, lose visibility into the frequency and cause of your own small losses. By taking a slightly higher deductible, you manage the small claims yourself. This forces you to analyze your own data and gives you the incentive to build a better safety culture to reduce those claims in the first place.
Replace your complicated spreadsheet of policies with a simple insurance summary from your broker. You’re welcome.
The Spreadsheet and the Simplicity
I used to track my company’s ten different insurance policies on a massive, complicated spreadsheet. It was a nightmare to manage. I asked my broker to do something simple: create a one-page “Insurance Summary” for me. It lists every policy, the carrier, the limit, the premium, and the expiration date in a clean, easy-to-read format. He now sends me an updated summary every quarter. It has completely replaced my messy spreadsheet and has become the single most valuable document for managing my entire risk management program. You’re welcome.
The skill of negotiating policy language that’s 10x more valuable than getting a 5% premium reduction.
The Language and the Leverage
Most business owners focus their energy on negotiating a 5% or 10% reduction in their insurance premium. This is a small victory. The skill that is ten times more valuable is the skill of negotiating the policy language itself. Being able to work with your broker to manuscript an endorsement, broaden a key definition, or remove a part of an exclusion provides a massive amount of leverage and protection that is worth far more than any small discount on the premium. Stop negotiating the price; start negotiating the contract.
Stop treating your E&O policy like a commodity. Treat it like your license to operate instead.
The Commodity vs. The Charter
Many professionals treat their Errors & Omissions insurance like a commodity. They shop for the lowest price, thinking all policies are the same. This is a dangerous mistake. You should treat your E&O policy as your “license to operate.” It is the charter that gives you the financial confidence to provide your professional service. Like any professional license, it should be from a high-quality, reputable source, and it should be kept in good standing at all times. It’s not a commodity; it’s the foundation of your professional life.
The experiment I ran with a higher self-insured retention that proved our loss projections wrong.
The Retention and the Reality Check
Our financial models told us we could save a fortune by taking a higher self-insured retention (SIR) on our liability insurance. Our loss projections showed we would still come out ahead. I ran an experiment. I asked our CFO to actually set aside the full amount of the proposed new SIR in a separate, untouchable bank account. Seeing that massive amount of cash leave our operating account gave us a visceral reality check. The experiment proved that the real-world impact of the higher retention was much more painful than the spreadsheet had suggested. We kept our lower SIR.
Why your old crime policy worked before but doesn’t cover social engineering fraud.
The Forgery and the Fraudulent Email
Our old commercial crime insurance policy was designed to cover us for things like an employee stealing cash from the register or forging a check. It was built for a physical world. It is completely useless against modern risks. When our finance department was tricked by a fraudulent email into wiring hundreds of thousands of dollars to a criminal’s bank account, our old policy didn’t cover it. It wasn’t a “forgery.” We learned we needed a modern crime policy with a specific insuring agreement for “social engineering fraud.”
The choice to use a Risk Retention Group (RRG) that everyone judges that actually makes sense for our industry.
The Group and the Good Governance
When I told my board I wanted to move our medical malpractice insurance to a Risk Retention Group (RRG), they were nervous. RRGs are insurance companies owned by their members, and they aren’t backed by state guarantee funds. But for our specific, high-risk medical specialty, it was the best choice. The RRG was made up of our peers. They offered us lower rates, more stable pricing, and, most importantly, industry-specific risk management resources that no standard insurer could ever provide. Our “risky” choice actually made us a much safer organization.
I stopped automatically renewing my D&O policy and a bidding war happened.
The Renewal and the Ruthless Remarketing
For years, I just automatically renewed my company’s Directors & Officers policy with the same carrier. It was easy. This year, I decided to see what would happen if I stopped. I told my broker to take us to market and get competitive quotes. The result was a ruthless bidding war for our business. The incumbent carrier, faced with losing us, suddenly “found” a 15% discount. A new carrier came in with an even better offer. I learned that loyalty is punished in the insurance world. Making the carriers fight for your business every year is the only way to get a fair price.
The concept of “concurrency” that nobody with multiple properties understands but changes everything.
The Concurrency and the Coordinated Coverage
I own a portfolio of commercial properties, and for years I had different insurance policies for each one, with different renewal dates. I didn’t understand the concept of “concurrency.” My broker explained that all my property policies should be “concurrent”—meaning they should all have the same policy terms, conditions, and renewal date. This ensures there are no dangerous gaps between the policies and makes managing the portfolio infinitely simpler. It’s a simple concept that completely changed, and professionalized, the way I insure my real estate.
This unpopular opinion on umbrella policies will trigger agents but it’s true.
The Umbrella and the Underling
Here’s an unpopular opinion that will trigger many insurance agents. A personal or commercial umbrella policy is not a magical shield that covers everything. It is only as good as the underlying policies it sits on top of. If your primary auto or general liability policy has an exclusion for a certain activity, your umbrella policy will have that same exclusion. The umbrella doesn’t add new coverage; it just adds higher limits to your existing coverage. Its strength is entirely dependent on the quality of the policies beneath it.
Stop copying your competitor’s D&O limits. Do your own corporate governance risk assessment instead.
The Copycat and the Court Case
Our board of directors was trying to decide on our Directors & Officers insurance limits. The CEO said, “Just find out what our main competitor has and let’s get that.” This is a lazy and dangerous approach. Our competitor was a different size, had a different ownership structure, and faced different risks. We needed to do our own, specific corporate governance risk assessment. We analyzed our own unique exposures to determine the right limit for us. You should never outsource your risk management thinking to your competitor.
The mistake of ignoring the coinsurance clause in property policies that I see everywhere.
The Clause and the Costly Penalty
I see this mistake everywhere. A business owner will try to save money by intentionally under-insuring their building. They think, “My building is worth $1 million, but I’ll just insure it for $500,000 to get a lower premium. A total loss will never happen.” They don’t understand the “coinsurance” clause. This clause states that you must insure the property for a certain percentage of its value (usually 80-90%). If you don’t, the insurance company can penalize you by not paying the full amount of even a partial loss. It’s a devastating penalty for being cheap.
Why this new “parametric” insurance isn’t innovative. It’s just a valued policy repackaged.
The Parameter and the Pre-Agreed Payout
A new “insurtech” company is getting a lot of hype for its “parametric” insurance. They claim it’s a revolutionary innovation. It’s not. It’s just a modern name for a type of policy that has existed for centuries: a “valued policy.” A valued policy pays a pre-agreed amount based on a specific trigger, or parameter—like a hurricane reaching Category 3 in your zip code—rather than based on an adjuster’s assessment of your actual damage. It’s a useful tool, but it’s not a new invention; it’s just old wine in a new, digital bottle.
The rule of “follow form” I insist on for my excess policies (and why you should too).
The Form and the Flawless Follow
My company has a “tower” of liability insurance, with a primary policy and several “excess” layers on top. I insist on one simple rule: every single excess policy must be “follow form” to the primary policy. This means the excess policies must have the exact same terms, conditions, and exclusions as the policy beneath them. This prevents a dangerous situation where a claim is covered by your primary policy, but then excluded by your excess policy, leaving a massive, uninsured gap in your coverage tower.
Stop believing your BOP covers everything. Believe in the power of standalone policies instead.
The Bundle and the Big, Bad Gaps
A Business Owner’s Policy (BOP) is marketed as an “all-in-one” solution. Stop believing the hype. A BOP is a bundle of compromises. It combines property and liability, but both coverages are usually weaker than what you would get in a standalone policy. More importantly, a BOP provides almost no meaningful coverage for the biggest risks of a modern business: professional liability, cyber liability, and employment practices liability. To be truly protected, you need to “unbundle” your insurance and buy robust, standalone policies for each of your major risks.