By Adam Puharic, President of Puharic and Associates, Inc.
In the aftermath of the covid-19 business lockdowns and employers scrambling to reconstitute their business in a work-from-home or hybrid format, Cyber Liability and Employment Practices Liability (EPLI) have become more critical protections than ever before. Now more than ever, business owners are interested in upgrading their coverage limits and improving their protection against hacking, ransomware, and covid-related lawsuits from employees.
But insurance buyers beware! There is danger lurking in upgrading cyber and EPLI coverage, and unwary agents can cause a business to lose past-acts coverage because of a misunderstanding in two specific insurance terms. Retroactive dates and Knowledge dates are important and similar provisions for claims-made policies, but they differ in critically important ways. This article is aimed at educating business owners with the general terminology, and we will avoid diving down into the detailed coverage descriptions that insurance agents are responsible for teaching their clients.
Retroactive Date, provide “full prior acts” coverage for “wrongful acts” as long as the Insured had no knowledge of them, according to a wonderful article by Mike Hogan, CIC that you can access here: https://www.linkedin.com/pulse/impact-coverage-from-continuity-date-retroactive-prior-mike-hogan/ So, for example, if your insurance coverage has been in force for 10 years, and assuming your agent has purchased a policy with a Retroactive date back to that original date, you can file claims in your current carrier for incidents you become aware of now, even if the actual event took place within the prior 10 years.
Knowledge Date, on the other hand, refers to prior coverage that may be granted to you, that you knew about in the past, but did not report at that time. A common example may be a hacking event that occurred late last year, with a cyber liability policy renewing January first. Let’s imagine the company hires an IT firm and spends money on what was once suspected to be a small, localized problem. After months of band-aid repairs, the IT contractor suspects the encryption and other hacking remnants have permanently damaged the hard-drives and recommends replacing every computer in the business. What was once a claim for a few hours of IT service has mushroomed into a hardware and software re-fit running into the tens of thousands of dollars.
With the recent increase in insurance coverage upgrading that has resulted from the shift to remote work, the new insurance policy may offer higher limits or even a price savings – but will the new carrier honor the Knowledge Date? The answer lies with the individual negotiations between the agent and the carrier, but often, the new market will refuse to recognize the prior Knowledge Date, even while maintaining full prior Retroactive Date coverage. “What’s the big deal?” you might ask. “Doesn’t the client have a duty to report incidents that might rise to a claim?”
The very nature of cyber claims and employment practices liability claims is akin to a corn maze: Sometimes they wind down a path of unsubstantiated allegations and never amount to much. Other times, the events can wind and turn, “snowballing” into a larger event beyond the financial capability of the employer. Having knowledge of the event, and not the Knowledge Date to allow for coverage leaves the business owner without options.
“So, report everything?” you respond. Yet the Knowledge Date allows the carrier and the insured the opportunity to work together and avoid frivolous claims and over-reporting that can clog the adjustment process. It makes the business owner more of a partner in the process, a benefit to the insurance company and the insured.
Therefore, when comparing the new offer to your current coverage, make sure to ask the agent to explain the Retroactive Dates and Knowledge Dates, and the benefit and risk between switching carriers.