Reservation of Rights letters are no longer the benign keepers of the status quo of coverage.
Chances are, most corporate policyholders have received a Reservation of Rights (“ROR”) letter in the course of an insurance coverage dispute. Traditionally, an ROR is sent by an insurance company to its policyholder to advise that while the insurer will agree to defend a lawsuit filed against the policyholder, it is “reserving its rights” to deny the claim at a later date. In the past, insurers rarely made due on the threat to revoke coverage in the future. In essence, even with an ROR in place, most insurance companies defended and paid the claims. As a result, policyholders could often ignore the ROR, with no adverse consequences.
Inaction in the face of an ROR is no longer a viable course of action. Insurers are now aggressively using ROR letters to severely limit their defense and indemnity obligations. Some of the tactics include:
Trying to get policyholders to agree to return fees paid on their behalf;
Including overbroad language which ignores its obligation to specify reasons for the ROR;
Including language that the policyholder agrees with the ROR unless it responds to the ROR;
Trying to change policy rights and obligations by obtaining agreement to the ROR;
Requiring that the policyholder contribute to settlements, even where sufficient coverage exists; and
Arguing that failure to object to the ROR is a waiver of such objections.
The practical advice here is that policyholders can no longer treat ROR letters with casual interest and simply put them in the file drawer. Policyholders should be alert to the adverse consequences that can result from failing to respond to the ROR letter. If you receive a ROR letter, members of the McNees Insurance Recovery Group are here to protect your rights and make sure that an appropriate response is made.
Here is a nightmare scenario: over the weekend, hackers break into your business’ computer system and steal confidential information, including social security and credit card data. You are now faced with incurring significant costs to repair the security breach, notifying customers of the breach of data, defending potential lawsuits, and perhaps enduring government imposed fines and penalties. You may also experience lost business income due to downtime in the immediate aftermath of the computer breach, and more long term effects from the damage to its reputation.
Will your general commercial liability policy protect against these losses and claims?
At best, the answer is maybe. Much depends on the bases asserted in any claim. At a minimum, insurers will take a hard look at the exclusions in their policies. They may defend claims, but only after reserving their rights to deny the claim at a later point.
Does coverage specifically designed for cyber liabilities exist in the marketplace?
Thankfully, the answer is yes. Cyber insurance, as it is best known, has existed in the marketplace for about seven years. The available data suggests that fewer than 30% of businesses have this coverage, but that number is expected to rise in the future. Basically, cyber insurance is designed to protect against the economic losses arising from computer breaches. As with most insurance, there are conditions that must be met to be approved and exclusions that limit coverage. Also, because the product is new, not many cases have been decided that interpret the meaning of the policies. If you have any questions about the benefits of cyber insurance to your business, please contact a member of the McNees Insurance Recovery Group.