Enterprise Risk Management and the Insurance Act 2015: Be prepared! Part 1
This year I have designed and taught a one-day workshop on construction insurance for MBL Seminars (check out my section on www.mblseminars.com, and register your interest for the September to December 2015 UK-wide programme). Significant time is devoted to the Insurance Act 2015.
Following excellent feedback, I am designing a new workshop, which focuses exclusively on the risk management aspects of the Insurance Act 2015. Roll out through MBL will start in Autumn 2015.
The Insurance Act 2015 is coming! On 12 August 2016, to be precise. Just over a year, with a prescribed 18-month lead-in since Royal Assent on 12 February 2015. Why, then, be bothered about it now? Like, NOW? Well, it’s making fundamental changes to UK commercial insurance law, and “most UK corporate boards organisations and insurance buyers do not fully understand the implications of the IA” (Mactavish, 30 March 2015).
Yet they must. As such, those responsible for ERM in UK organisations, as well as international organisations having a UK branch, need to plan how they are going to implement and manage the changes within their organisations. In Part 1 of this article, I aim to provide the risk manager with an introduction to the changes. Part 2 will set out some practical tips. Like most things needing preparation, the sooner you start, the sooner you’ll get a handle on it.
So, what should the risk manager do?
Firstly, attend my courses, obviously (shameless plug).
Secondly, grasp these conceptual changes:
The philosophy behind the IA is to rebalance the relationship between insured and insurer: the existing law (Marine Insurance Act 1906, MIA) having been criticised for providing insurers with remedies (read: “get-outs”) seemingly out of touch with commercial reality (read: “disproportionate” or “not linked” to “loss”). Similar changes were made to UK consumer insurance in 2013. Three key areas are set out in paragraphs 2-4 below by way of example.
The mutual obligation of uberrima fides (“utmost good faith”), is abolished: the cornerstone of what makes insurance contracts special, and a first line of defence for insurers to avoid contracts.
The status of “warranties” changes: currently s33 MIA discharges an insurer from the date of breach. The new s10 IA will discharge the insurer from liability for the period of breach. That means the insured temporarily has no cover, but the insurer remains on risk.
Certain of the changes can be “contracted out of”: insurers are already preparing alternative sets of contract (policy) terms and organisations need to understand the impact.
The IA repeals the current requirement (s. 18 MIA) to “disclose every material circumstance”: instead, the insured will be tasked with disclosing “every material circumstance which the insured knows or ought to know”, and must make a “fair presentation of the risk” (s. 3). It remains to be seen, of course, what exactly this means in practice, but there is guidance in the Act (information must be “reasonably clear and accessible”, “substantially correct” and made “in good faith”).
A word of warning, however: just because the philosophy aims to assist the insured, does not mean the insured should be complacent.
Let’s look more closely.
Who is the “insured”? A commercial enterprise is a legal entity, but is not human. Helpfully, the IA sets out which humans are imbued with knowledge on behalf of the organisation. Listen up, senior executives… Mr/Ms President, that includes you! … you are the “insured”, as well as those who are stated to be responsible for insurance (more accurately, not just the guy or girl who is nominally “responsible”, but all who participate in insurance procurement)…. The legal responsibility for disclosure on behalf of the insured extends widely and - take note - therefore has the potential to import specific risk into the organisation.
Just when the risk manager has enough to deal with in getting to grips with the IA!
Organisationally, the legal responsibility should be delegated to a risk manager and/ or an insurance manager and their teams. They should be the conduit through which raw factual data is gathered, assessed and processed into accurate presentational data for the purposes of the insurance programme and to ensure compliance with the IA.
How might a business go about organising itself in order to manage the process and the attendant risks?
In Part 2 of this article I will suggest practical actions which the risk manager can employ to achieve the aims and, at the same time, minimise the organisational risks outlined above.
 I also design and deliver similar workshops via private commission, which are tailored to the individual organisation