Photo of Nicholas Hill

The SEC public company cyber disclosure rule raises issues that companies should consider in reviewing existing insurance coverage and in assessing overall risk. 

The SEC recently adopted a new cybersecurity disclosure related rule (the “SEC Cyber Disclosure Rule”)[1] in response to increasing risks associated with cyber incidents and a perceived need for investors to receive more fulsome corporate disclosures about cybersecurity risks, governance, and material incidents.  In prior efforts to improve consistency and accuracy of public company cybersecurity risk disclosures, the SEC issued interpretive guidance explaining how cybersecurity risk and incidents should be communicated based on long-standing requirements to periodically—and as needed—disclose material information to shareholders.[2]  But in spite of this guidance, in the SEC’s view corporate disclosure practices remained inconsistent, under-disclosure persisted, and investors lacked consistent information by which they could evaluate public companies’ cybersecurity risk.  In July 2023, the SEC adopted the SEC Cyber Disclosure Rule, which mandated new disclosures among other things, and which became effective in December 2023.Continue Reading The SEC’s Cybersecurity Incident, Governance, and Management Reporting Requirements: What you Need to Know to Avoid Cyber and D&O Coverage Gaps

In March last year, New York’s Appellate Division – First Department issued Xerox an important pro-policyholder decision in its D&O insurance recovery action against Travelers, arising from Xerox’s failed 2018 merger with Fujifilm.  In a thoughtful order, the court issued three key pro-policyholder rulings that: (1) reinforce the rule that the words “arising from” when used in policy exclusions should be narrowly construed under New York law; (2) recognize that an insurer who shows bad faith indifference to its policyholder’s rights may be held liable for a breach of the duty of good faith and extracontractual damages under New York law; and (3) held that the reasonableness of an underlying settlement is  an issue of fact that should go to the jury.  A copy of the Court’s decision is available here.Continue Reading Xerox Obtains Important Pro-Policyholder Decision in New York’s First Department, Adopting Narrow Construction of “Arising From” Exclusions and Confirming That Insurers Who Show Indifference to Policyholders’ Rights May Be Liable for Bad Faith in New York

A recent decision by a federal court in the Eastern District of New York illustrates how directors and officers (“D&O”) policies can provide valuable insurance coverage for defense costs and potential liabilities arising from False Claims Act (“FCA”) litigation.  In Northern Metropolitan Foundation for Healthcare, Inc. v. RSUI Indemnity Company, Case No. 20-CV-2224 (EK)

RELATED UPDATE: Tips for Pursuing Insurance Claims and Disaster Relief Funding in North Carolina After Hurricane Helene (October 3, 2024)

Hurricane Helene made landfall on Thursday, September 26, 2024, carrying catastrophic 140 mph winds as the first known Category 4 storm to hit Florida’s Big Bend region since records began in 1851. By Friday, Hurricane Helene’s effects could be felt through Georgia, South Carolina, North Carolina, Tennessee, and Virginia, with numerous fatalities and significant property damage and power outages reported across the entire southeastern United States. Flooding from the storm resulted in highway and road closures throughout the region, including Interstate 40 in North Carolina, and multiple dams in Tennessee and North Carolina were on the brink of failure before stormwaters began to subside.Continue Reading Tips to Maximize Insurance Recoveries for Hurricane Helene Property Damage and Business Interruption Losses

With bank stability and the related stock market rout now dominating the headlines for the first time since the 2008 financial crisis, are financial institutions’ D&O and bankers’ professional liability / E&O (“BPL”) liability policies ready to help backstop coverage, or potentially full of holes?  Coming out of a hard market where insurers carefully and quietly pulled back some policy enhancements over the course of several years, now is the time for financial institutions to review their insurance policies to identify and fill any significant gaps and holes in their executive risk coverages.  The last two weeks demonstrate that financial institutions, as well as their directors and officers, face the risks of receivership, government investigations, securities lawsuits, and personal liability following a bank failure or stock rout in the face of financial stability concerns.  Continue Reading Financial Institutions and Bank Directors and Officers in the Crosshairs – Are Their Insurance Policies Really Primed and Ready?

In a unanimous decision, the Ohio Supreme Court found that appellee EMOI Services, LLC’s (“EMOI”) businessowners insurance policy does not cover losses resulting from a ransomware attack on EMOI’s computer software systems.Continue Reading Ohio Supreme Court Holds that Insurance Policy Does Not Cover Ransomware Attack on Software

When seeking insurance coverage for “long-tail” mass tort and environmental claims that involve alleged exposures and injuries spanning multiple years, businesses often look to their occurrence-based commercial general liability (“CGL”) policies.   These policies are designed to provide broad coverage for defense costs, settlements, and potentially adverse judgements.  However, CGL policies generally cover “occurrences” during one-year policy periods and renew on an annual basis, which can complicate efforts to seek coverage for claims involving alleged injuries or property damage spanning decades.  Moreover, for severe claims, businesses may need to obtain access to one or more of their excess CGL policies.  Therefore, determining which policies to pursue, whether policies in multiple policy periods will respond, and how to access valuable excess coverage are factors that should always be considered with coverage counsel when facing long-tail exposures.  Courts across the country are divided on how these questions should be answered.  A recent decision issued by the Supreme Court of North Carolina in Radiator Specialty Co. v. Arrowood Indemnity Co., provides guidance to North Carolina policyholders attempting to maximize coverage for long-tail claims.Continue Reading North Carolina Supreme Court Provides Guidance to Policyholders Attempting to Maximize Insurance Coverage for Long-Tail Claims

The Russian invasion of Ukraine and the resulting sanctions Western countries have imposed on Russia have already caused potentially catastrophic losses for businesses with assets and investments in Ukraine, Russia and neighboring countries impacted by the attack. These losses could accelerate, based on a March 9, 2022, announcement by Russia’s ruling party.

According to that announcement, a Russian government commission has begun the approval process toward Russia nationalizing the assets of foreign businesses that leave Russia in light of the economic sanctions. This could create dire economic consequences for foreign businesses that leave Russia.Continue Reading Russia and the Insurance Angle — Tapping Political Risk and Other Insurance Coverages

In two recent decisions, the Texas Supreme Court defined the limited parameters in which Texas courts can look beyond the “four corners” of the complaint against the policyholder and the “four corners” of the insurance policy (i.e., the “eight-corners rule”) when determining whether an insurer’s “duty to defend” is triggered.

Permitting exceptions to the “eight-corners rule” and, in limited instances, allowing the use of extrinsic evidence to determine whether the duty to defend applies, requires policyholders to pay extra care to whether their insurers are properly accepting or denying defense of a suit. Application of fact-intensive tests like the Texas Supreme Court just announced varies from state to state.Continue Reading Beyond the Eight Corners: Determining Whether a Liability Insurer’s Duty to Defend Is Triggered