The hard Property and Casualty insurance market for nonprofits is adding to the list of challenges confronting the industry. Nonprofits are experiencing higher costs and greater restrictions on coverage, and many are finding it difficult to maintain adequate protection. Going forward, nonprofit organizations will have to become more diligent in their approach to risk management to enhance their insurability and avoid damaging lawsuits.
The nonprofit P&C outlook
Nonprofit organizations today face many of the same challenges and risks as for-profit businesses but lack the depth of resources and staffing needed to address them. When it comes to protecting the organization’s mission and assets, many nonprofits often fail to recognize all potential liabilities. Navigating the risk landscape can be overwhelming, but failure to address risk at all levels can result in significant financial losses and ruin the organization’s reputation.
At a minimum, nonprofit organizations must insure for general liability, property, auto, directors and officers, professional liability, and workers’ compensation. According to Alera Group’s Property and Casualty 2022 Market Outlook, rate increases for nonprofits are expected to continue across all lines of coverage for at least the near future with the exception of workers’ compensation insurance, which is expected to remain stable.
When seeking new P&C coverage or renewals, nonprofits can expect increased underwriter scrutiny. Given the range of risks nonprofits face, underwriters will be looking very closely at all the organization’s potential liabilities, as well as at the policies and procedures that are in place to mitigate loss. This includes a review of any operational changes implemented by the organization during the COVID-19 pandemic to help stay afloat. Fast decisions and new ways of delivering services were a necessity, but insurers are anticipating an increase in the frequency and severity of lawsuits because of these changes. Three areas of concern for nonprofits are cybersecurity, employment practices liability and sexual abuse.
Alera Group outlines risk mitigation strategies for these lines of coverage in a recently released white paper, Insurance and Benefits for Nonprofits Innovative Solutions to Meet Today’s Challenges.
Cybersecurity is a growing concern as people are targeting nonprofit organizations because of the breadth of personal and financial information collected and the lack of cybersecurity protections in place, especially among smaller organizations. On the EPL insurance side, overall market demand is increasing due to a rise in the number and severity of claims. Vaccine mandates, reduced supervision due to remote work, and staffing shortages are some of the reasons behind the increase in claims. The nonprofit sector employs the third-largest workforce of any industry in the U.S. (about 12.5 million paid employees), according to the 2020 Nonprofit Employment Report by the Johns Hopkins University Center for Civil Society Studies. The sheer size of the overall workforce, coupled with the recent turbulence in the labor market, presents a greater likelihood of EPL exposure for nonprofits.
Finally, since general liability policies typically exclude coverage for claims involving abuse, it’s essential to add this coverage to nonprofits’ insurance programs. Coverage for sexual abuse and molestation, however, may be hard to come by due to passage of revivor laws that have expanded the statute of limitations on sexual abuse and molestation claims. This is leading many insurers to exclude or significantly cut back on this coverage.
Focus on risk management
Given budget and staffing constraints, nonprofits will need to work closely with their agents and brokers to evaluate their tolerance for assuming more risk going forward, as well as to explore alternate risk solutions, such as captive insurance. It’s important to start the process early to allow for thorough assessment of risks and existing risk-mitigation efforts. To reduce EPL risks, for example, organizations must be vigilant in their hiring and employment practices by conducting extensive background checks and annual employee reviews.
For cyber coverage, nonprofits will need to adopt a proactive approach to cybersecurity through data governance and education. It’s important for organizations to understand where data originates, where it’s stored and how it’s used. A risk assessment can identify vulnerabilities and help formulate a comprehensive risk mitigation plan. Vulnerable management programs must be adaptive to help organizations respond to emerging risks. Equally important is assessing internal vulnerabilities brought forth from third-party vendors and suppliers. It’s essential to vet each third-party entity for its cyber preparedness; a zero-trust model can protect nonprofits from outside threats.
Education is the front line of defense against cyber breaches. All employees and volunteers should understand cyber vulnerabilities and how to protect against cyberattacks. Communication and testing throughout the year heighten awareness and ensure vigilance.
Alternative risk solutions
Organizations across industries are turning to alternative risk solutions such as captive insurance programs and risk-purchasing groups due to costs and limitations in coverage. In a captive, the members are the insurance company, helping control costs and claims, improving cash flow, and increasing coverage and capacity, among other benefits.
Alternative risk solutions don’t work for all organizations. Forming a captive requires significant upfront capital to self-insure and to transfer risk through reinsurance. Given the current P&C outlook for nonprofits, however, moving to a captive is an option that should be given thoughtful consideration.
By working with a trusted agent or broker, nonprofit organizations can be assured they are receiving knowledgeable advice to protect the organization from avoidable risks and obtain the coverage they need at the best price.