The SEC public company cyber disclosure rule raises issues that companies should consider in reviewing existing insurance coverage and in assessing overall risk. 

The SEC recently adopted a new cybersecurity disclosure related rule (the “SEC Cyber Disclosure Rule”)[1] in response to increasing risks associated with cyber incidents and a perceived need for investors to receive more fulsome corporate disclosures about cybersecurity risks, governance, and material incidents.  In prior efforts to improve consistency and accuracy of public company cybersecurity risk disclosures, the SEC issued interpretive guidance explaining how cybersecurity risk and incidents should be communicated based on long-standing requirements to periodically—and as needed—disclose material information to shareholders.[2]  But in spite of this guidance, in the SEC’s view corporate disclosure practices remained inconsistent, under-disclosure persisted, and investors lacked consistent information by which they could evaluate public companies’ cybersecurity risk.  In July 2023, the SEC adopted the SEC Cyber Disclosure Rule, which mandated new disclosures among other things, and which became effective in December 2023.Continue Reading The SEC’s Cybersecurity Incident, Governance, and Management Reporting Requirements: What you Need to Know to Avoid Cyber and D&O Coverage Gaps

In March last year, New York’s Appellate Division – First Department issued Xerox an important pro-policyholder decision in its D&O insurance recovery action against Travelers, arising from Xerox’s failed 2018 merger with Fujifilm.  In a thoughtful order, the court issued three key pro-policyholder rulings that: (1) reinforce the rule that the words “arising from” when used in policy exclusions should be narrowly construed under New York law; (2) recognize that an insurer who shows bad faith indifference to its policyholder’s rights may be held liable for a breach of the duty of good faith and extracontractual damages under New York law; and (3) held that the reasonableness of an underlying settlement is  an issue of fact that should go to the jury.  A copy of the Court’s decision is available here.Continue Reading Xerox Obtains Important Pro-Policyholder Decision in New York’s First Department, Adopting Narrow Construction of “Arising From” Exclusions and Confirming That Insurers Who Show Indifference to Policyholders’ Rights May Be Liable for Bad Faith in New York

A recent decision by a federal court in the Eastern District of New York illustrates how directors and officers (“D&O”) policies can provide valuable insurance coverage for defense costs and potential liabilities arising from False Claims Act (“FCA”) litigation.  In Northern Metropolitan Foundation for Healthcare, Inc. v. RSUI Indemnity Company, Case No. 20-CV-2224 (EK)

With bank stability and the related stock market rout now dominating the headlines for the first time since the 2008 financial crisis, are financial institutions’ D&O and bankers’ professional liability / E&O (“BPL”) liability policies ready to help backstop coverage, or potentially full of holes?  Coming out of a hard market where insurers carefully and quietly pulled back some policy enhancements over the course of several years, now is the time for financial institutions to review their insurance policies to identify and fill any significant gaps and holes in their executive risk coverages.  The last two weeks demonstrate that financial institutions, as well as their directors and officers, face the risks of receivership, government investigations, securities lawsuits, and personal liability following a bank failure or stock rout in the face of financial stability concerns.  Continue Reading Financial Institutions and Bank Directors and Officers in the Crosshairs – Are Their Insurance Policies Really Primed and Ready?

On Nov. 23, 2021, the New York Court of Appeals sided with the policyholder, resolving a decades-long insurance coverage dispute, J.P. Morgan Sec. Inc. v. Vigilant Ins. Co., __ N.E.3d __, 2021 N.Y. Slip Op. 06528, 2021 WL 5492781 (Nov. 23, 2021). It held that a $140 million disgorgement payment to the Securities and Exchange Commission (SEC) was a covered “loss” rather than an uninsurable “penalt[y]” under the error and omissions/professional liability policies at issue.

The 6-1 majority opinion is a landmark decision on the insurability of disgorgement and restitution damages that will likely have ramifications for policyholders seeking to recover similar losses from their insurers in disputes in New York and throughout the country.Continue Reading New York’s Highest Court Sides With Insured: $140M Disgorgement Payment Is Covered Loss