In the following guest post, John Orr, Lawrence Fine, and Angus Duncan summarize the findings from the latest WTW Directors’ and Officers’ Liability Survey. John is WTW’s D&O Liability Product Leader; Larry is WTW’s Management Liability Coverage Leader; and Angus Duncan is a Global D&O Coverage Specialist for WTW. I would like to thank the authors for allowing me to publish their article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is the author’s article.
As professionals in executive risk, many of us follow industry developments, such as market and claim trends. In an effort to better understand risk, however, we turn to policyholders themselves, to their officers, directors and risk teams. That’s the most direct and reliable way to decipher what their risk concerns are and, from a “what keeps you up at night” perspective, to determine the exposures that they think present the greatest risks to their organizations and to their directors and officers.
Each year, WTW publishes its Directors’ and Officers’ Liability Survey. In our 2023 edition (available here), which we developed in collaboration with Clyde & Co LLP, we have continued the international scope of our report, with responses from officers, directors, and risk managers in 40 countries around the world. As with past surveys, respondents came from a variety of industries, as well as different organizational types and revenue sizes.
The survey asks respondents to consider two principal categories of risk – risks for businesses and risks for directors and officers. Results from 2023, compared to the two prior years, are below. Consistent with prior years, the top two risk concerns for businesses were: “economic risks” and “cyber risks.” For the first time in the business risk part of the survey, we asked about risks associated with “regulatory/legislative change” and that has immediately come in as the overall number three risk for businesses.
For our purposes in this post, we focus on the responses of North American participants. Looking at the risks for directors and officers in this region, also consistent with prior years’ results, cyber-related exposures dominated all other risks in 2023. Specifically, “cyber attack” (a concern for 72% of respondents), “data loss” (68%), and “cyber extortion” (60%) comprised the top three risk concerns. Rounding out the top five were sub-topics first introduced in the survey this year, also cyber-related: “cyber crime” (55%) and “sufficient cyber expertise at board level” (38%). In fact, respondents in North America were more concerned about this last risk than respondents in any other region.
There was a tie for the sixth leading concern for participants in North America: “regulatory breach” and the perceived state of the company’s “systems and controls” (both at 36%), the latter describing a concern that the failure of an organization’s systems and controls might lead to other serious problems, such as cyber breaches and corporate derivative lawsuits. We note, however, that as to all other sub-categories related to “governance,” North American respondents expressed less concern than respondents in all other global regions except Australasia.
It is perhaps useful to take note of risks that the rest of the world thought were higher priorities than respondents in North America did. For example, economic risks for businesses, such as inflation and recession, were greater concerns in Europe, Asia and Latin America, but lower in Great Britain and Australasia. Specific to one issue, the risk to directors and officers from “Insolvency/bankruptcy/financial distress of the organization” was a concern to only 19% of North American respondents. This was lower than in any other region except Australasia.
Likewise, environmental, social and governance (“ESG”) risks – so dominant in headlines around the world in recent years – did not present itself as a significant category of concern for most respondents in North America. To be fair, ESG concepts are found within many of the other surveyed subjects, from governance to topics relating to biodiversity, employment, health and safety, and cyber. Yet, even on what is an explicit ESG risk, that of “climate change,” only 26% of North American respondents saw this as a very or extremely significant risk for directors and officers. This was less than in any other global region.
Perception of climate risk as a concern has seen noteworthy movement from last year. On the one hand, only 39% of respondents globally indicated that they saw this risk as a very or extremely significant risk to the business in 2023, compared to 50% a year earlier. By contrast, as a risk for directors and officers, “climate change” was up to 42% compared with only 38% in 2022.
The change is perhaps subject to interpretation. While there is a significant volume of climate change litigation, the majority of it to date has not been against directors and officers. What we do see is a big difference between jurisdictions. While “climate change” does not feature in the top seven risks for directors and officers in North America, it is the number one risk for directors and officers of companies in Great Britain where there has been a high profile claim against the directors of a multinational energy company. It is also the number four risk for directors and officers in Australasia.
Outside of “climate change,” there are other ESG-related risks that make it into the top seven risks for directors and officers overall. These include the risks of “health and safety prosecutions” and “bribery and corruption.” While these don’t make it into the top seven for North America, they are replaced by other governance-related risks, so even for North America most of the top seven risks for directors and officers can be categorized as ESG-related.
How do the other responses of North American survey participants compare to those around the world? A comparison of views on a more detailed list of issues is below.
Finally, we asked respondents to comment on the importance of various aspects of their insurance policies. The top concern for survey participants in North America was “choice of lawyer” (a concern for 75% of respondents), an issue that concerns Europeans and Australasians to a lesser extent and does not appear on any chart of top concerns elsewhere.
The second greatest concern in North America, “cover for claims in all jurisdictions” (72%), made the top seven in every region except Australasia. Number three was “cover for cybersecurity-related risks” (70%), a new survey choice that scored high in every region except Great Britain.
All of this would appear to underscore the importance of having robust D&O (and cyber) policy provisions across the board, including the function and breadth of wording relating to claims and defense, and how claims in multiple U.S. and foreign jurisdictions are handled.
This is just one of many takeaways from our survey: by understanding the risk concerns of organizations, we can work with them, their leadership and risk teams and their counsel, to address those concerns in the structure and scope of their insurance programs, and in the breadth of coverage itself.
* * *