Tag Archives: RIMS

Immediate Vault

Understanding New York’s New Insurance Disclosure Requirements

Posted on by

If your organization operates or could be sued in New York, there has been recent activity on the legal and regulatory risk landscape that risk professionals should be prepared for.

New York’s newly-enacted Comprehensive Insurance Disclosure Requirements legislation opens the door for defendants to request that organizations disclose the details of their commercial insurance programs that may apply to a judgment in the case. These details include policy limits and potentially even access to your claims adjusters. For those with more complex risk financing structures, the law may also lead to the misinterpretation of the organization’s coverages.

For the greatest success in complying with this new regulation, risk professionals must become their legal department’s greatest ally, stepping in to lend their expertise to prevent potential confusion and errors. Risk professionals can be integral in keeping sensitive information confidential, monitoring all disclosure requests and alerting their teams to any discrepancies in the interpretation of the shared information.

Additionally, risk professionals should proactively identify the relevant policies for counsel, mindful that the policy or program must potentially respond to the plaintiff’s claim.

What are the New York Disclosure Law’s requirements and how do they impact your insurance program?

The New York law requires that an insured defendant disclose information about any insurance policies sold or delivered in New York that could be applicable to a plaintiff’s claim. This requires careful assessment to ensure compliance while avoiding potentially unnecessary insurance disclosures.

Depending on the claimed amount and a program’s retention levels, disclosures likely include primary insurance policies and may include excess and umbrella policies as well. 

The disclosure requirements extend to various risk financing structures, including captives, self-insurance programs, risk retention groups and surplus lines insurers. Many claims may not reach the retentions, arguably rendering the insurance policies nonresponsive to the claim.

Other than in personal injury protection cases, the New York law requires that insured defendants provide proof of insurance to other parties within 90 days after answering the complaint. This could lead to the disclosure of incorrect insurance information. To address that risk, risk professionals can instruct counsel to obtain the proper COI for a particular claim and advise that it may need to fine-tune their COI process with outside vendors or brokers.

In the cases where arguments are made that COIs are not sufficient proof of insurance, insureds should be prepared to disclose redacted portions of their declaration pages. 

The New York law also requires insured defendants to identify the claims adjustor assigned to the claim, including a potentially surprising level of detail such as the adjustor’s direct email address. It is critical to keep claims adjusters informed and risk professionals should alert their adjustors before this disclosure is made. Immediately report to counsel any plaintiff communications to the adjustor.

What steps can risk managers take to ensure compliance?

If possible, a risk professional or an attorney familiar with insurance coverage should assume responsibility for an organization’s compliance with these disclosure requirements in all New York cases. This will be instrumental in ensuring responses are uniform and avoiding disclosure errors. 

Creating a checklist, as well as a readily accessible library of COIs, redacted declarations pages, and other pertinent information can help keep the organization compliant with New York’s law. Although there might be differing disclosure requirements, organizations with larger footprints should consider extending this structure across other states as well.

By taking these steps, risk professionals can minimize insurance disclosure disputes, assist with their organization’s compliance efforts, and avoid unnecessary interference with an organization’s insurance program.

RISKWORLD 2022: Q&A with Opening Keynote Michael C. Bush

Posted on by

RIMS RISKWORLD is just a few days away, kicking off in San Francisco on April 10. This year’s opening keynote will be delivered on Monday by Michael C. Bush, the CEO of Great Place to Work and author of A Great Place to Work for All: Better for Business, Better for People, Better for the World.

Bush recently sat down for an interview on the RIMScast podcast, discussing how the pandemic has redefined satisfaction in the workplace and the critical steps that risk professionals can take to increase equity and happiness in their organization. Download the RIMScast episode for Bush’s full interview and check out a preview of his April 11th keynote below:

What will you discuss in the keynote address at RISKWORLD?
Michael C. Bush: We’re going to talk about making a connection in a way that [makes] people, employees and clients feel they are cared for. Physical and mental health is a top priority now and risk professionals play a role because there is data and policy to consider. But, if you approach it correctly, it can lead to organizational success even during a pandemic or the Great Resignation.

How has the definition of happiness or satisfaction changed against the backdrop of the pandemic?
MB: Prior to the pandemic, we could talk about happiness, satisfaction, engagement and empowerment in one context. COVD has changed that. We were suddenly in a world where people felt like really nobody cared, because they were living a life where there was so much uncertainty. They didn’t know what they needed to do to protect themselves or their family members—physically and financially. This left huge voids because there was economic insecurity on top of it all. People had to watch their communities suffer as small businesses shut down one after another.

Great companies realized this was a time to care. Therefore, they became the one thing that their employees could rely on. In our interviews, we heard stories of companies sending employees necessities like toilet paper during shortages, making deliveries to their parents and other instances that were happening at a personal level. Those lucky employees realized their employers actually cared about them as people and not just as an employee, and that led to happiness. The only silver lining from the pandemic was that humanity has surfaced in a way that has connected us all.

How do you view resilience? 
MB: We all have tough days. When a person is under pressure but knows that they have support or someone or an organization that can relieve that pressure and enable them to bounce back, that’s resilience. It can eliminate burnout, but there’s a difference between burnout and being burnt out. And we’re going to discuss that difference at RISKWORLD.

Fans of language and communication—or those looking to sharpen their skills—will find some really strong takeaways from your take on active listening. Now that so many professionals depend on remote capabilities to work, how has your perception of active listening changed or evolved?
MB: I’ve become a more intense believer in active listening, especially over the last couple of years. It’s not just making eye contact and not just me repeating the last thing you said. Listening is really about caring. When you listen to a person in a deep way, it is the ultimate show of respect—and not doing it is equally disrespectful. If all I’m doing is waiting for someone’s mouth to stop moving to grab tidbits of what they said to make my point, that is not listening, that’s just a spring-loaded response.

When it comes to being remote, try to dial in and focus on the person who’s in front of you on the screen. Put down your mobile phone and stop multitasking—chatting, posting and “liking” things on social media. 

Listening, in the way I’m talking about, takes practice. It involves emptying your mind and being humble enough to do that and not holding on to your own point of view so tightly. When your mind is open, you start asking questions and learning starts. Through that exchange, something unusual and great happens: people feel safe and will start to say more. You might help someone solve their problem, they might help you, or you might identify a new risk altogether.

RIMS Risk Forum India 2021: Building Resilience As COVID, Cyberrisk Top Business Risks

Posted on by

An increasingly key theme year over year, resilience is at the root of the latest Excellence in Risk Management India report from Marsh and RIMS—and the RIMS Risk Forum India 2021 virtual event, where the report was officially released today. In the second year of the COVID-19 pandemic, risk professionals in India reported acute short- and long-term concerns about the interconnected risks of COVID-19 cases, global economic recession, and surging cyberrisks amid shifts in work arrangements.

In addition to the death of more than 5 million people in India, the pandemic has taken a considerable economic toll on the region. “According to the Organization for Economic Co-operation and Development (OECD), India’s economy contracted by close to 8% in 2020, while the world’s economy contracted by 3.5%,” the report noted. “Despite the OECD’s projections for economic expansion—both in India and globally—in 2021 and 2022, the potential for a prolonged global recession remains a concern for organizations in India.

buy fildena online orthomich.com/img/blog/jpg/fildena.html no prescription pharmacy

Previously one of the top risks for India-based risk professionals before COVID-19, cyberrisk has also increased significantly with the pandemic and the shift to remote work. “The shift to a remote workforce necessitated by sweeping lockdowns to stem the spread of the pandemic is widely seen as having increased cyberrisk,” Marsh and RIMS noted. “The Indian Computer Emergency Response Team (CERT-In) data indicated that cyberattacks in India rose by 300% in 2020, according to news reports. And cyber risk remained elevated in 2021, with more than 600,000 cybersecurity incidents reported in the first six months of the year alone, according to CERT.”

The continuing pandemic, resulting fallout, and ever-growing cyberrisk have presented the biggest risks for organizations in India in 2021, and the survey indicates that local risk professionals expect these to dominate the agenda for businesses in the year to come.

Despite the considerable concern, few respondents said their company is fully prepared for the continued fallout from COVID-19 or future pandemics. Asked to rate their organization’s preparedness from 1 to 5 (not prepared to fully prepared, respectively), the majority of India-based risk professionals ranked their organization a 3, and only 10% said they are fully prepared. While cyberrisk has been a top threat for longer, preparation is not much better for the threat—only a quarter of Indian companies said they are fully prepared for a cyberattack. This is particularly concerning as “some extent of remote work is expected to remain, leading to concerns of increased cyberattacks due to unsecured home networks,” Marsh said in a press release.

According to the report, this underscores the imperative to develop robust risk management strategies for both current and emerging risks and to focus on building resilience. Marsh identified four “common behaviors among companies that are on the path to becoming more resilient”: anticipating risk, connecting risk management to business strategy, avoiding gaps in the perception of preparedness, and measuring relevant data. Marsh and RIMS explained these further, defining key pillars that have set successful businesses apart, and potentially also offering considerations for other organizations to develop more mature risk management programs:

  • Anticipation: Resilient companies expect the unexpected. They have crisis management plans in place, but they also dig deeper, look farther ahead. Consider that during the pandemic even organizations with thorough business continuity plans struggled. Why? Many of them didn’t fully anticipate the widespread, long-lasting damage a pandemic could create.
  • Integration: Another key behavior among resilient organizations is to fully integrate risk management with operations and strategy. Doing so increases the ability to develop effective responses. Most organizations do not connect resilience planning with their long-term investment strategy. Those that do make the connection are on the path to better mitigating financial exposure, reputational damage, business interruption, and other losses.
    buy solosec online orthomich.com/img/blog/jpg/solosec.html no prescription pharmacy


  • Preparedness: On the journey to resilience, it’s important to develop an accurate perception of an organization’s preparedness. A false sense of security can halt an organization in its tracks. Companies often overestimate how quickly and effectively they will be able to respond to and recover from a given risk.
    buy antabuse online orthomich.com/img/blog/jpg/antabuse.html no prescription pharmacy

  • Measurement: There is no shortage of data and analytics in today’s business environment. But consistently applying metrics can be a stumbling block. Many companies fail to conduct a high rate of modeling and forecasting even on risks they see as important. And among the companies that do so, most only model in select areas.

Marsh and RIMS recommended that organizations in India focus on resilience heading into 2022 and beyond. “Resilience means being able to absorb the impact from a range of emerging risks and depends in large part on having robust risk management strategies in place,” the report explained. “This includes anticipating risk, connecting risk management to business strategy, ensuring your organization’s perception of preparedness doesn’t lead to a false sense of security, and measuring relevant data.”

Respondents largely indicated that their organization planned to increase investment in risk management, with 55% saying they expect increased resources, 27% expecting investment to stay the same, and only 4% expecting a decrease. This could be a critical differentiator in navigating COVID-19 recovery and other emerging risks in 2022. Indeed, 42% cited budget at the most critical barrier to understanding the impact of emerging risks on risk management.

Among the takeaways from the report, Marsh and RIMS urged organizations to invest in preparedness. “Look beyond pandemic as you develop a risk management strategy that is prepared to respond to any number of emerging risks,” the report said. “For example, shifting work patterns have intensified an already escalating cyber risk landscape that calls for a range of responses, from scenario planning to financial quantification.”

In addition to a panel on the Excellence in Risk Management India report, the RIMS Risk Forum India 2021 virtual event includes a number of sessions that address resilience challenges and opportunities for risk professionals in India. The program includes keynote addresses by Ajay Srinivasan, chief executive officer at Aditya Birla Capital Limited (ABCL), and Dr. Soumya Kanti Ghosh, group chief economic advisor at the State Bank of India, as well as education sessions like “Cyber Risk Management: A Priority for a Resilient Economy,” “Climate Risk and Your Path to Resilience,” “What COVID-19 Has Taught Us About ESG Risks and Why Risk Management Needs to Change,” and “Breaking the Chain: How Understanding Business Interruption Exposures Can Mean Supply Chain Resilience.”

The RIMS Risk Forum India 2021 virtual event continues tomorrow, December 4, and sessions will also be available for on-demand viewing for the next 60 days. Registration can be found here: https://www.rims.org/events/rf/india-forum-2021

RIMS ERM Conference Preview: Q&A with Keynote Dr. Andrea Bonime-Blanc

Posted on by

This year’s RIMS ERM Conference will be held virtually on November 4 and 5, 2020, promising two days packed with informative sessions featuring global risk leaders. The conference kicks off November 4th with a live keynote delivered by Dr. Andrea Bonime-Blanc, founder of GEC Risk Advisory and the author of Gloom to Boom: How Leaders Transform Risk Into Resilience and Value. She will also answer questions from the audience during a live session on November 5th.

Andrea Bonime-Blanc

Dr. Bonime-Blanc recently appeared on RIMScast to discuss her upcoming keynote; the role technology has played in environmental, social and governance risks (ESG); and what risk practitioners must do to succeed today. Check out some highlights below, and download RIMScast episodes 100 and 101 for a deeper dive with Dr. Bonime-Blanc into topics such as diversity, strategic risk management and ways ERM practitioners can generate and retain value. If you’d like to watch her keynote and join RIMS for the rest of the ERM Conference 2020, registration is now open for all attendees.

How did you first begin using and implementing ERM in your career?

Dr. Andrea Bonime-Blanc: I was the general counsel of a startup within a much larger utility company, and we were the global division that was going all over the world in the mid- to late-1990s and early 2000s looking for electric power generation distribution opportunities. I became the risk manager because…[someone] needed to put the risk hat on. We ended up creating programs, policies, procedures to really perform risk management. Building power plants in the middle of the jungle of Colombia or negotiating a joint venture with a Chinese government corporation running a coal mine in northern China presents a number of risks.

When did you notice how vital it was to “wear the risk hat”? 

AB-B: I’ll give you the example of an environmental, health and safety risk: When I was at PSEG, we went into a lot of different countries, including at least six or seven major Latin American countries that were privatizing their electric assets. There were competitions to acquire those assets in the first place, which created a whole bunch of risks from a standpoint of fraud and government corruption. I supervised the legal teams, and also led audit and finance teams. We had utility folks who understood the environmental, health and safety aspects of the assets we were looking at. There were cross-functional and cross-disciplinary teams that would work with the legal department and the general counsel’s office to figure out the risks involved with acquiring those potential assets. It showed how ERM done properly provides that way of collating and collecting really important, strategic information that is necessary at the highest levels of an organization.

How can diversity—of people and perspective—influence ERM in an organization?

AB-B: ERM is a collaborative process. It requires many different minds. A good ERM program will draw upon the knowledge of other key people and functions within an organization. If it’s a standalone program, it won’t work. Drawing on the knowledge and expertise and experience of your colleagues in different parts of the organization is crucial. Likewise, ESG plus T is all about understanding your non-financial issues as well as the risks that will have a financial impact.

You noted the addition of “T,” which stands for “technology”—why is technology so integral to ERM now, and how does it tie into your keynote?

AB-B: The technology piece has become so overwhelming, so suffusing, so minute-by-minute for us in the world that we live in—whether it’s negative like cyberattacks, or positive things, and there are so many other issues in between. We’re just starting to scratch the surface of both the negative and the positive in these technology issues.

Risk professionals have a role to play in creating the information that reaches the management and the board, and building a risk savvy culture. This includes building ERM that is integrated with the strategy of understanding the ESG+T issues that are part of your business, and how you integrate with crisis management and business continuity, for example. These are all pieces of the resilience model that I will share at the end of the keynote. It is something that risk professionals really need to understand, because it not only liberates you from your silo—if you’re in a silo—but it also demonstrates your value to the rest of the organization.