Sustainability + Risk Management = Resiliency

sustain-RM-strong

I recently read a Forbes article of risk management and sustainability I thought made much sense.

It was an interview with Dr. Leo S. Mackay, senior vice president at Lockheed Martin, and he was describing a reorg at Lockheed that puts enterprise risk and sustainability under common reporting, since ERM and sustainability are both principally focused on the identification and prioritization of risk.

Considering risk and sustainability together is part and parcel of the same thing because sustainability in strategic terms is about building in resilience and efficiency into the business.  “Rather than have separate silos where discussions or disaggregated thinking around what are the existing and emerging risks, that now is a coordinated effort,” Dr. Mackay says “Those things are tantamount to risk mitigation and the control of risk.”

To me what Lockheed is building in their business is resiliency – perhaps an over-used word these days, but as good a descriptor as any. With organizations facing increased risks from cyber security to climate change, captives can lead the way to help create that resiliency, especially as many captives already work across silos if they cover diverse risks such as property and employee benefits. So as captive practitioners you can get the process started – by coming to VCIA’s Annual Conference to get some good education with sessions such as Expanding Your Captive Business Plan and Optimizing Your Captive’s Risk Profile and Reinventing Your Captive for Maximum Results.

Check it out: http://conta.cc/2vDCNrG

And a quick follow-up to last week’s blog: I reported about my concerns with the proposal to add a border adjustment tax (BAT) to any tax reform that Congress might attempt this summer, as it might cause additional costs to the captive insurance industry utilizing offshore reinsurers. Jim McIntyre just reported to me that the White House and congressional GOP leaders said that they are no longer looking at a border-adjustment tax as they work to get tax-reform legislation enacted this year. Good news as it eliminates one uncertainty in Washington!

I look forward to hearing from you.

Rich Smith
VCIA President

Cyber Stars

SOV-stars

We all know that Vermont’s captive regulators epitomize the Gold Standard the state embodies when it comes to captive insurance domiciles. Dave Provost, Sandy Bigglestone and the captive team at Vermont’s Department of Financial Regulation (DFR) are considered objectively as the best in the business. One reason for their star status is their desire to keep learning and moving ahead with the industry as it evolves. Being highly knowledgeable experts requires active learning.

This week, VCIA coordinated a ½ day educational session with the captive team from DFR (along with many of their colleagues from traditional insurance, banking and securities) on the subject of cybersecurity. VCIA board chair Heather McClure and Lynn Sessions from the law firm of Baker Hostetler lead the session on cyber liability, threats that create cyber exposure, regulatory scrutiny giving rise to claims and best practices when responding to these events. The goal of the session was to instill a depth and breadth of cyber knowledge in the Vermont staff that will be another benefit for Vermont captives.

Heather’s day job is executive director of operations at OU Physicians, and she is a licensed attorney in Oklahoma and Texas with an LL.M. in Health Care Law. She is also the Chief Operating Officer of OU Physicians’ captive professional liability insurer, Academic Physicians Insurance Company, which covers approximately 750 faculty physicians, 700 resident physicians and 700 medical students at the University of Oklahoma College of Medicine.

Lynn is a leading privacy and data protection attorney with Baker Hostetler with over 22 years of involvement in the healthcare industry. She has handled nearly 400 data breaches and over 100 regulatory investigations.  She was awarded a Burton Distinguished Writing Award at the Library of Congress for her article, “Anatomy of a Healthcare Data Breach.”

These two highly experienced professionals provided the DFR team with actual cyber liability claims and data breach responses, and provided a forum to ask questions of a leading privacy and data protection attorney and an insured who has experienced cyber incidents first hand.  The audience asked great questions and dug deep into what cyber policies should include and how best to regulate them for the good of the captive. Seeing this it is not hard to understand why Vermont remains the Gold Standard!

I look forward to hearing from you.

Rich Smith
VCIA President

Cyber Bully Pulpit

four-types-of-hackers-video-games

According to a report from a recent Captive.com article, a full 50 percent of US firms do not have cyber insurance, despite the fact that 61 percent of US firms expect the volume of cyber breaches to increase in the next year. Further, more than a quarter of US firms say they are not planning to purchase cyber insurance. These findings come from a new survey from analytics firm FICO, which also reveals that even among those that have insurance only 16 percent said they have cyber insurance that covers all risks. This puts the United States well behind the United Kingdom and Canada in cyber protection, among other countries.

This corresponds to a report released at the 2017 Risk & Insurance Management Society’s (RIMS) Conference earlier this year. According to the 2017 Cyber Risk Transfer Comparison Global Report, written by the Ponemon Institute, most organizations spend four times more on insurance protecting their physical plants, properties, and equipment than they do their information-based assets. The report indicates that most organizations spend much more on fire insurance premiums than on cyber insurance, despite stating in their publicly disclosed documents that a majority of the organization’s value is attributed to intangible assets.

This is where captives make sense: the majority of survey respondents said that cyber insurance was inadequate to meet the needs of their organization, too expensive and has too many exclusions. That’s practically the mantra for captive formations!  Over time, the traditional insurance market will likely meet the need of many insureds with cyber policies, but it’s a little scary how unprotected we currently are – the time is nigh!

Come to the VCIA Conference this year and learn more about Cyber for captive with Cyber Security and Captives: How to Stay One Step Ahead (part 1 & 2). Click here for more information. This is just one of dozens of great captive topics being covered at VCIA August 8–10.  Hope to see you there!

I look forward to hearing from you.

Rich Smith
VCIA President