Business interruption insurance is critical to keep the revenue generating ability of a business intact following an insured event such as a fire, flood or other catastrophic circumstance that can torpedo the financial health of an enterprise. Yet despite its importance to business continuity and the ability to fully recover from a loss event, business interruption insurance is largely misunderstood and as a result, the sums insured are often wholly insufficient to cover a catastrophic loss and the increased costs of working during the recovery period.
“Business interruption insurance is designed to compensate the business for the financial impact of the interruption or interference as a result of the insured suffering physical damage to the insured property or other key external events, for example damage at a key customer or a supplier’s depot, or own operations that prevents the normal business operations from continuing and generating revenue. The fact that we see businesses that are often underinsured on their Business Interruption sums insured is indicative of the enormous complexity that comes with calculating the correct insured sums that takes account the knock-on effects and increased costs of working following an insured event,” explains Tony Webster of insurance brokerage and risk advisors, Aon South Africa.
There are three key factors that play a major role in the compilation of a Business Interruption (BI) insurance schedule that is fit for purpose:
- Sum insured – As explained above, correctly insuring your business for business interruption is crucial. The sum insured must be calculated based on the insurance gross profit, not necessarily the accounting financial gross profit. This requires a deep understanding of a client’s financial records and its operating models.
- Indemnity Period - An indemnity period associated with BI insurance refers to the period of time it will take for the business to recover from a worst-case scenario. The appropriateness of the indemnity period needs to take into account factors such as the nature of the business and its assets, such as specialised machinery and equipment, seasonality of the business and competition within the market. As a simple example, if a hotel located at the coast suffered major structural damage following a fire, the BI insurance claim would look very different during winter months than it would during their peak holiday season. The indemnity period needs to account for complete building reinstatement, possible legal ramifications/delays if investigations due to human casualties are involved, building plan approvals, site preparation and the like.
- Business Continuity - While business continuity in itself is not an insurable risk, poor risk management can render a business uninsurable. Risk mitigation efforts undertaken by a business has a fundamental effect on the eligibility for insurance and the cost of insurance. Another critical aspect that is considered is the interdependency of different business units, and what impact each has on the continuity of the entire business. A catastrophic event in one business unit could impact other divisions or subsidiaries across the entire network as well as the ripple effect on customers and suppliers not to mention one’s own staff.
One of the most miscalculated areas of BI is how long it will take to overcome a catastrophe and get back to business. Getting a large production line or mining concern operational can be a very lengthy process, and more so when there are regulatory or investigative hurdles to leap. BI insurance should cover at the very least 12 months, if not 24 months, depending on the business complexity and environment – and then consider that this does not even begin to address the issue of lost market share during the downtime.
“If risk managers are approaching business interruption as a pure balance sheet exercise, they run the risk of buying transactional insurance, and not strategically relevant insurance tailored to their needs. If the adequacy of sums insured and declared values are not properly calculated, insurance cover will run out long before the business is back in operation, with dire financial and operational implications’” adds Tony.
Given the complexities of assessing the sums insured for a major BI loss, Aon South Africa engages with RSM South Africa to assist our clients with independent training and analysis of the financial consequences of various business interruption scenario’s. RSM is the 6th largest global audit, tax and consulting network and offers professional services that are specific to BI risks and the quantification of related losses.
“By working with RSM, Aon is able to provide the peace of mind of knowing that when it comes to business interruption, all the complexities such as exchange rates, interest, increased operational costs during a crisis, loss of market share, down- or up-stream complications, regulatory hurdles and many more are adequately considered, enabling the business to recover from a major insured peril with their reputation and bottom line intact,” he says.
Business Interruption Risks Underestimated
BI has been on the Top 10 list of risks facing businesses since Aon's Global Risk Management survey started in 2007.
“As supply chains have become global, there is increasing interdependency among companies. Such an industrial environment is heavily affected by uncertainties that have the potential to turn into unexpected disruptions. Moreover, the focus on inventory reduction and lean supply chains has also amplified such potential. For example, China's city of Tianjin, the world's third largest port, is home to offices of more than half of the Fortune 500 companies, and to factories that build cars, airplane parts, and mobile phones. As one can imagine, the deadly explosions in 2015 caused supply chain disruptions for companies around the globe,” explains Tony.
More importantly, the proliferation of cyberattacks has also added new urgency and dimension to BI. Cyberattacks can now cause electric outages, shut down assembly lines, block customers from placing orders, and break the equipment which companies rely on in order to run their business. Officials at Lloyd's estimate that cyber-related business interruption could cost businesses as much as US$400 billion a year.
In Aon’s report entitled "Cyber—the fast-moving target" released in April 2016, participants identified BI, both during a breach and post breach, as the top cyber risk concern. In addition to cyberattacks, one cannot ignore those occurring on a smaller scale, such as arson, a bomb threat, a fire or a power outage, all of which could cause disruptions on a scale equal to a natural hazard or a well-coordinated act of terrorism. In 2014, a contract worker set fire to an airport control centre in Chicago, resulting in more than 2,000 flights being cancelled. Incidents like this highlight the business vulnerability.
The interconnectivity of the global economy has amplified the negative impact of a single BI event. At the same time, with the emergence of cyberattacks, businesses can no longer use a litany of traditional risk management solutions to handle BI. New innovative solutions are needed. Even though disasters, both natural and manmade, are not always preventable, having an innovative business continuity plan in place can help reduce the impact of both traditional and new emerging risks related to BI.
“More importantly, risk managers should take a much broader view of risks, both traditional and emerging ones, and address them in a coordinated and holistic way. Being prepared enables companies to keep running during natural disasters, cyber or terrorist attacks or reputational crisis. While insurance can cover some of the property and operational losses, it cannot make up for the loss of market share, reputational damages, decline in investor confidence, or a decline in the share price caused by an interruption. Therefore, a fortified and robust business continuity plan will boost a company's resilience in the event of a BI,” concludes Tony.
In a world of growing complexity and the interrelated nature of risks, no company can rest on its laurels in terms of its BI recovery strategy. Continuity plans should always be ongoing works of improvement and constant risk mitigation. Everyone in the business should be asking what the worst-case scenario could be, and as a business, how to respond to it.