Articles

New Issues to Consider in Business Interruption Risks by Daniel Hughes, CPA/CFF/CGMA


Posted on April 29, 2015 by Daniel Hughes

In today’s hyper-connected environment, businesses can no longer depend solely on their own staff and operational efficiency to achieve performance goals.  Rather, global businesses must rely increasingly on outside suppliers and other vendors, including parts manufacturers, distributors and call centers, whose products and services are critical to a business’s ongoing operation.  Should the vendor or supplier experience a disruption in its operations, due to fire, flood, natural disaster or utility service stoppages, the resulting interruption could foreseeably crimple the company that relies on it.  Moreover, today’s businesses face an increased risk of business interruption due to non-physical events, such as cyberattacks, which could impede a third party’s operations and bring the business to a halt.

 

To keep up with this changing risk environment, business should regularly reassess their business-interruption insurance policies.   How much coverage is enough depends on an entity’s business risk, the industry in which it operates and its reliance on third-parties to conduct its operations.  For example, a law firm is inherently less hazardous than a chemical manufacturer that handles flammable materials. Similarly, companies with geographically diverse facilities may also appear less risky to insurers than those with geographically concentrated facilities in areas prone to civil unrest or natural disasters.  However, a law firm will face significant business losses and reputational damages should the system it relies on for storing client files becomes the target of a cyberhack.

 

Recent data breaches at national retailers, banks and health care facilities demonstrate that no regulations or financial backing is enough to protect businesses from cyber threats.  In fact, despite 2014’s record number of data breaches, estimated at two per day, the number and sophistication of cyberattacks are expected to increase in the future.  This puts businesses in a very difficult predicament, not only with their customers, but with their vendors and suppliers as well.

 

According to insurance brokerage and risk-management firm Aon, the average cost incurred as a result of a data breach is $7 million in direct costs and damages, including business interruption costs and legal expenses.

 

No matter who or what triggers an interruption in business operations, calculating claims requires the same formula based on lost gross earnings.  These estimations will help businesses determine the coverage limits that are best suited to their needs.  Required premiums will depend on such factors as the amount of coverage the business seeks, the desired deductible and how much exposure to hazards the company faces, internally and externally, and how much risk it is willing to accept.

 

Should a business need to file a claim, it should do so with the goal of collecting 100 percent of a defensible claim rather than 50 percent of an inflated number.  Proper documentation and accounting procedures are key to defending claims and negotiating appropriate settlements.

 

The Forensic Accounting and Business Insurance Claims practices of Berkowitz Pollack Brant has more than three decades of experience helping Florida businesses prepare for and maximize financial recovery from insured perils.

 

About the Author: Daniel S. Hughes, CPA/CFF/CGMA, is a director in Berkowitz Pollack Brant’s Forensics and Business Valuation Services practice.  He can be reached in the CPA firm’s Miami office at (305) 379-7000 or via e-mail at info@bpbcpa.com.