Risk associated with domestic acts of terrorism shifting: RIMS report

While domestic terrorism has historically represented a disproportionate risk to property, relative to bodily harm, spread over numerous smaller incidents, that risk has shifted, according to a new report from RIMS, the risk management society.

Police investigate the scene where a car crashed into a roadblock in Edmonton on September 30, 2017. Investigators are expected to update their investigation today into a weekend attack that left an Edmonton officer stabbed and four people injured when the were hit by a rental truck fleeing police. Police have said terrorism and attempted murder charges are pending against the suspect, who has yet to be officially named. Mounties say the 30-year-old is a Somali refugee once investigated for allegedly espousing extremism. THE CANADIAN PRESS/Jason Franson

More recently, risk associated with domestic acts of terrorism has shifted toward fewer, high-profile events primarily involving bodily harm, said the report, titled Terrorism Insurance: Understanding the Boundaries of Coverage for a Risk Without Borders. The report, released on Tuesday, used the examples of small group or “lone wolf” terrorist attacks in Orlando and Dallas last year and the recent Las Vegas concert shooting.

The report, written by Micah Skidmore, a partner at Haynes and Boone LLP, said that “although we naturally think of property damage and bodily injury as the primary risks associated with terrorism, a significant domestic terrorism incident may present risks along multiple different dimensions,” including: fiduciary liability for corporate directors and officers; pollution loss and liability; professional (errors and omissions) liability; employment practices liability; business interruption loss; and privacy and network security liability.

Even where a company does not independently recognize terrorism risk sufficient to justify an insurance solution, some form of terrorism coverage may nonetheless be required by contract – including lending agreements. While many contracts specifically identify the type and amount of insurance coverage required of a counterparty, other contracts refer generally to “all risk” coverage or contain “other insurance” catachall provisions compelling the procurement of other usual and customary insurance coverage.

“Parties and courts have struggled, with varying results, to determine whether such general insurance requirements include terrorism risk insurance,” the report suggested. For example, in some cases, courts have found that terrorism risk coverage is required by general “all risk” or “usual and customary” insurance requirements, while other courts have found that terrorism risk insurance is not required by generic insurance requirements, but must be specifically demanded.

Terrorism risk insurance, whether through traditional or standalone policies, is an increasingly important element of domestic corporate insurance programs. “While concern over terrorism risk is palpable, information and understanding of terrorism risk insurance is not as well known,” Skidmore said in a press release from RIMS. “With terrorism risk being an unfortunate reality, corporate risk managers and counsel can take proactive measures to contain a risk that otherwise knows no bounds.”

Traditional policies, including commercial general liability and property policies, may provide some coverage for terrorism risk if not expressly excluded, the report pointed out. Many insureds also have policies with express, endorsed exclusions for “certified acts of terrorism,” which typically corresponds to the trigger for federal subsidies in the Terrorism Risk Insurance Program Reauthorization Act of 2015 (TRIPRA), i.e. “certified” foreign or domestic acts of terrorism that meet certain criteria, including aggregate losses in excess of US$5 million.

The government of the United States has never “certified” an act of terrorism since Congress passed the Terrorism Risk Insurance Act of 2002 (TRIA), which, among other things, required insurers to make available P&C coverage for losses arising out of terrorism on terms not materially different than those applicable to other perils and enabled this offering by creating a temporary program whereby the federal agreement agreed to reinsure certain losses resulting from “certified” acts of terrorism, subject to various conditions. In 2015, the program was reauthorized through TRIPRA. As a result of TRIA and TRIPRA, companies may elect to obtain “terrorism’ coverage through conventional P&C coverage.

The U.S. government never “certified” an act of terrorism since TRIA was enacted, meaning that if a traditional policy excludes “certified acts of terrorism,” it may still afford first- and third-party coverage for terrorism-related bodily injury and property damage. Some policies also exclude “other acts of terrorism,” the report added.

However “certified acts of terrorism” is defined in a standalone terrorism policy, the definition should ideally dovetail with terrorism exclusions in liability, property and other traditional policies to avoid a potentially significant gap in coverage, RIMS recommended.

The report concludes that the necessity for terrorism coverage “is a function of both increased risk and burgeoning market capacity.” However, despite the growing availability of coverage, policyholders must be vigilant in seeking the best terms and in accommodating the specific concerns unique to this risk, RIMS suggested. If a corporate policyholder decides that standalone coverage is the most appropriate, risk management and legal personnel should dedicate time to review the specific terms of the standalone policy, including those related to the valuation of claims for property damage, business interruption, the period of liability and the number of occurrences, among others.