Immediate Vault Immediate Access

Understanding New York’s New Insurance Disclosure Requirements

If your organization operates or could be sued in New York, there has been recent activity on the legal and regulatory risk landscape that risk professionals should be prepared for.

New York’s newly-enacted Comprehensive Insurance Disclosure Requirements legislation opens the door for defendants to request that organizations disclose the details of their commercial insurance programs that may apply to a judgment in the case. These details include policy limits and potentially even access to your claims adjusters. For those with more complex risk financing structures, the law may also lead to the misinterpretation of the organization’s coverages.

For the greatest success in complying with this new regulation, risk professionals must become their legal department’s greatest ally, stepping in to lend their expertise to prevent potential confusion and errors. Risk professionals can be integral in keeping sensitive information confidential, monitoring all disclosure requests and alerting their teams to any discrepancies in the interpretation of the shared information.

Additionally, risk professionals should proactively identify the relevant policies for counsel, mindful that the policy or program must potentially respond to the plaintiff’s claim.

What are the New York Disclosure Law’s requirements and how do they impact your insurance program?

The New York law requires that an insured defendant disclose information about any insurance policies sold or delivered in New York that could be applicable to a plaintiff’s claim. This requires careful assessment to ensure compliance while avoiding potentially unnecessary insurance disclosures.

Depending on the claimed amount and a program’s retention levels, disclosures likely include primary insurance policies and may include excess and umbrella policies as well. 

The disclosure requirements extend to various risk financing structures, including captives, self-insurance programs, risk retention groups and surplus lines insurers. Many claims may not reach the retentions, arguably rendering the insurance policies nonresponsive to the claim.

Other than in personal injury protection cases, the New York law requires that insured defendants provide proof of insurance to other parties within 90 days after answering the complaint. This could lead to the disclosure of incorrect insurance information. To address that risk, risk professionals can instruct counsel to obtain the proper COI for a particular claim and advise that it may need to fine-tune their COI process with outside vendors or brokers.

In the cases where arguments are made that COIs are not sufficient proof of insurance, insureds should be prepared to disclose redacted portions of their declaration pages. 

The New York law also requires insured defendants to identify the claims adjustor assigned to the claim, including a potentially surprising level of detail such as the adjustor’s direct email address. It is critical to keep claims adjusters informed and risk professionals should alert their adjustors before this disclosure is made. Immediately report to counsel any plaintiff communications to the adjustor.

What steps can risk managers take to ensure compliance?

If possible, a risk professional or an attorney familiar with insurance coverage should assume responsibility for an organization’s compliance with these disclosure requirements in all New York cases. This will be instrumental in ensuring responses are uniform and avoiding disclosure errors. 

Creating a checklist, as well as a readily accessible library of COIs, redacted declarations pages, and other pertinent information can help keep the organization compliant with New York’s law. Although there might be differing disclosure requirements, organizations with larger footprints should consider extending this structure across other states as well.

By taking these steps, risk professionals can minimize insurance disclosure disputes, assist with their organization’s compliance efforts, and avoid unnecessary interference with an organization’s insurance program.

How to Manage Supplier Risk and Performance in an Uncertain Global Economy

Essentially every company that manufactures goods today depends on other companies to supply the raw or value-added materials that go into their finished products. Most companies recognize that good supplier relationships are more than simply arm’s length transactions between opposing parties. A better way of looking at those relationships is as partnerships—albeit ones that require management and alignment of objectives first and foremost, but ultimately mutually beneficial relationships. The job of procurement is to ensure performance is as promised, risk is low and business objectives are being met through collaboration. When suppliers are treated as partners, they can be a huge asset in times of trouble. Especially today, with some industries moving from a buyer’s market to a seller’s market, many suppliers can have their pick of customers, especially if some are easier to do business with, foster collaboration, listen to new innovative ideas and, most importantly, pay on time.

Well before the pandemic, leading organizations in every industry have that strong supplier relationships and a reliable supply chain are paramount. It is critical to have full visibility across all your suppliers and knowing everything about them matters, because this may be the difference between meeting customer demand and falling short of it. Suppliers are a source of growth, innovation and efficiency, but if they are not managed holistically, they can be a source of risk, poor performance and noncompliance.

Enterprise technologies are available to holistically manage your suppliers throughout their lifecycle and incorporate all the necessary elements around supplier information-gathering, collaboration, and risk and performance management. Platforms with these capabilities can help risk professionals to: improve visibility across the supply chain (including sub-tiers of suppliers); ensure compliance with regulatory requirements (particularly new ESG regulations around carbon emissions, cybersecurity or diversity reporting); assess supplier viability and risk profiles; and evaluate performance and target improvement areas. Implementing such a system requires considerable advance planning and strategic thought. But following a deliberate series of steps can help you structure a solid program:

  1. Figure out what you want to accomplish with your supplier management program. 
  2. Secure executive buy-in from procurement, supply chain and IT leadership.
  3. Structure a plan to gather complete information about all your suppliers.
  4. Segment your suppliers into relevant groups, identifying the standards and processes each group is required to meet, and potentially establishing processes for each segment.
  5. Communicate goals, objectives and policies to your suppliers, whether it is around a code of ethics or more specific goals per segment.
  6. Create a process to continuously gather information about suppliers using surveys or a supplier portal, including topics like information security practices, certificates, financial updates and generic information updates.
  7. Establish an onboarding process for new suppliers and use third-party data sources to assess them against requirements and goals.
  8. Implement a monitoring program to regularly track key aspects of the supplier’s risk and performance profile. 

Your criteria can evolve over time, so regular reassessments of those criteria and related mitigation measures are always appropriate, but having them well-defined at the start will be a tremendous help in establishing clear expectations. As in any relationship, clarity is key to reducing the friction that can result from misunderstandings.

At the same time, however, issues directly affecting the supplier are only part of a larger risk profile. As we have seen during the pandemic, the transportation of supplies from a vendor’s overseas site to your own facility is also fraught with risks. For example, there are shortages of active piers, forcing ships to anchor for days or weeks before they can unload. Additionally, higher levels of theft and shortages of truck drivers, shipping containers, warehouse space, cargo pallets and inspection officials can all compound delivery delays. Being aware of issues within the supply chain, having visibility of your suppliers’ suppliers, and understanding relationships and dependencies are all key to be able to respond adequately.

Managing Sanctions Risk from Russia’s War on Ukraine

Since Russia began attacking Ukraine on February 24, thousands of people have been killed and over a million people have had to flee their homes, presenting one of the largest refugee crises Europe has ever experienced. In addition to the tragic human losses, the Russian invasion of Ukraine has triggered wide-ranging economic impacts. Among them, the European Union, United Kingdom, United States, Canada, Japan and others have enacted sweeping financial sanctions on Russia in an effort to pressure President Vladimir Putin to end the conflict. These sanctions have targeted Russia’s financial system and its international financial connections by restricting transactions between Russian banks and those in other countries, most notably through the SWIFT global financial network.

The economic impacts of these sanctions will likely affect many industries around the world, whether organizations deal with Russia directly or indirectly through third countries. In a briefing yesterday, global risk consultancy Control Risks discussed some of the risk management considerations and steps companies need to take as the sanctions landscape continues to evolve. According to panelist Henry Smith, partner and head of business intelligence and due diligence in EMEA at Control Risks, there are five key areas risk professionals should focus on to address the risk facing their companies as a result of these sanctions:

  1. What are your nexuses to Russia (including outside Russia)? Organizations need to look at their touchpoints with Russia, including investors and shareholders, lenders and banks, direct and indirect clients, contractual counterparties, and goods and services sourced directly or indirectly from Russia.
  2. Which sanctions apply to your organization?
    online pharmacy azithromycin with best prices today in the USA

    The applicability of sanctions will vary based on your sector, the nationality of the people within the organization, and the currencies you use. It is helpful to note that, currently, there is greater consensus among various sanctions regimes so you may not have to parse through conflicting degrees of severity—consistent sanctions against Russia are being imposed, at least across most Western countries.
  3. What risks are you exposed to? Conduct a risk assessment around which sanctions you are exposed to and whether there are any business activities, relationships or practices you need to end or change in some way. This involves regularly screening Russian counterparties against sanctions lists and undertaking detailed analysis of higher-risk relationships.
  4. How do you respond? Review the implications of any decisions on employees and on contractual obligations, both with direct and third-party clients. Consider any impact winding down activities in one area may have on other business areas. Be sure to engage with regulators, enforcement agencies, banks and insurers for guidance.
    online pharmacy periactin with best prices today in the USA

  5. What do you do as sanctions regimes evolve? Sanctions will change in response to security and political developments over the coming weeks and months, so it is important to stay informed of any communications from authorities.
    online pharmacy reglan with best prices today in the USA

    Review and read guidance from regulators, enforcement agencies, banks and insurers, and benchmark with industry peers to make sure you can still operate effectively.

Overall, when deciding whether to continue doing business with Russia, companies will need to consider both reputational and ESG-based perspectives as well as practical issues around your ability to do business, such as maintaining the working capital required to continue operations and ensuring that goods and services can still move through the supply chain.

Experts expect that the Russia-Ukraine crisis will have a long-term impact on the global economy and many effects of these sanctions may not be felt for weeks or months. Companies will need to remain vigilant in order to stay ahead of the risks.

Grow Employee Engagement with a Strong Investigation Process

In a tight labor market, employers are seeking to gain or retain a workforce with more pay, work for home and other perks. They can also improve retention through a culture of trust and consideration. Improve how you listen and investigate when someone on your team speaks up about compliance. If you investigate with urgency and respond, then you’ll gain trust and build employee engagement.

Here is an anecdotal case, from the perspective of the business: An anonymous report comes in from a small foreign office, that says “It seems like there is something going on between the marketing lead and a partner. I suspect they are wasting marketing funds.” The seriousness of the issue is not entirely clear—maybe the person reporting the issue is questioning the quality of the marketing campaigns. It is a challenge to reach people overseas.  Some initial questions are asked, but the case sits for months before anyone starts reviewing the matter closely. 

After almost a dozen interviews, no one reveals anything useful. The answer has to be found by sifting through years of email. The investigation ultimately uncovers how the company is being taken advantage of. It is shocking how so many people in the office know the marketing lead is stealing company funds, but said nothing. 

After the late start, combined with actual wrong-doing that is festering, the person who reported the wrongdoing and the rest of the office have stopped caring. The business is left with a problem infecting the whole office, instead of having to deal with only one or two bad actors.

Compliance is a Retention Issue

A compliance report may raise questions about potentially uncomfortable topics: harassment, fraud, conflicts of interest or any number of issues highlighted in a typical code of conduct. When a report is substantiated, someone might be disciplined or fired—thus, colleagues may view the person who reported the issue as disloyal to the team. Those who come forward may also fear that their company may not care about the reported issue or try to cover it up, and maybe even retaliate against them.

With the risks reporting presents, it is likely to be the most engaged, loyal employees who report, so you risk losing your best if you fail to listen. This happens when you leave reported issues unaddressed, where you fail to rectify a substantiated report or when you let a report languish unresolved. But if you follow up and respond quickly, you will win trust. When a talented employee feels listened to, they will have higher morale, trust the boss more and be more committed.

Improving Investigations

Listening to a compliance reporter is about taking the issue seriously and expediciously running it to ground. The foreign office scenario above would have gone better had the investigators seen through the vagueness of the report to the potential seriousness of the underlying misconduct and then doggedly pursued a resolution from the start. With those in the office uncooperative in interviews, having access to past email made it possible for the investigation team to close the case.  

Here are five tips to improve and speed up how you investigate:

  1. Have a process: Implement a disciplined approach for following the routine steps in a compliance investigation—assessing the initial report; developing an investigation plan; finding, verifying and analyzing to formulate a decision; and resolving with discipline, prevention, and training.
  2. Be selective when choosing your investigators: Staff your investigative team with individuals who are not wired to let cases sit. Provide them investigation training and consider augmenting with outsourced external investigators if an issue is large or complex.
  3. Define objectives: Set a clear objective for the investigation at the outset to keep investigators on track. The investigation can move on when they have obtained sufficient facts about the objective—finding that “smoking gun” email, for example. When you learn something new that needs further review, flag it for later but do not let it interfere with your first objective.
  4. Use technology: Give your investigators direct access to the data. It is frustrating for an investigator to receive a report and then have to wait for IT to provide the relevant emails or other data, then wait for IT to provide additional materials when the investigator learnes something new. The team’s investigation times accelerate when it has direct access to email and other communications through archiving platforms and other technology.
  5. Track timing: The time to complete an investigation is dependent on the circumstances. The investigation team should set period of time to resolve the investigation when a compliance issue arises.

A business builds a strong culture when it supports those who speak up. Having a strong investigative team, defining objectives, using technology and being aware of completion timing will allow you to quickly learn what is going on. You will also demonstrate that you are not using a haphazard approach.  This will give your employees more confidence in your company and encourage them to stay around.