Make your startup sustainable: Operational risks’ insurance

In our previous article we examined the different risks faced by companies. One of them was the “Operational Risk”, being the risk of loss resulting from inadequate or failed internal procedures, systems or policies, or from external events. That definition comes from the financial sector, but it can be extended to the start-up world.

That article was published on 14/07/2017 by Philippe Goutière, ABIL, on Silicon Luxembourg.

The depth and breadth of operational risks to which start-ups are exposed will depend on their specific activities, products or customers. But it is fair to say that start-ups are generally speaking more acutely exposed to them. New products, new processes, new people, increased regulatory scrutiny… they all contribute to an increase in operational risks. It is a challenge to manage all of them.

Operational risk includes a variety of events, including:
  • Fraud by employees or third parties, with or without the assistance of computer equipment, such as fraud on bitcoin platforms, fake president fraud, hacking, ransomware…;
  • Employment risks, in particular relating to key people retention, health and safety issues, discrimination issues, excessive turnover…;
  • Business risks related to clients, products or business practices, such as loss of customers, product failure, non-compliance with regulation…;
  • Risks of damaging physical assets, such as fire, terrorism…;
  • Business disruption and systems failures risks, such as consequent to a DDOS attack, a cloud or network failure;
  • Execution risks, such as fat finger errors, wrong entries, failed reporting.
Often, insurances are a pretty good solution to manage those risks.
  • Fraud insurances: protect the company’s assets against the risks of fraud;
  • Liability insurances, such as Directors & Officers’ liability (D&O), General Liability, Professional Liability, Product Liability, Employment Liability, Civil Liability, Tenants Liability;
  • Cyber insurances, covering the consequences of electronic attacks and system failures;
  • Data Protection insurances, covering the consequences of a loss of data, including business interruption losses and administrative fines (as imposed foreseen under the GDPR);
  • Property insurances, protecting the tangible assets;
  • Kidnap & ransom insurances, protecting individuals travelling in unsafe countries on behalf of the company;
  • Trade risk insurances, protecting the company against commercial and political risks;
  • Travel, key man, pension … to protect people or the company itself.

In all instances, it is important that all your insurance policies are looked at as a whole to avoid gaps and overlaps. For holdings or other top companies in Luxembourg, insurance policies will also contribute to the substance and the support Group risk management’s policies.

Finally, specific insurance coverages should be considered when performing acquisition or executing exit strategy. Transactional insurances facilitate acquisition or sale of companies and other products support IPO.

Make your start-up sustainable: Protect your start-up from the very first moment

That article was published on 30/06/2017 by Philippe Goutière, ABIL, on Silicon Luxembourg.

Those who work in start-ups are usually some of the most talented people in their respective fields. And it is going to take all that talent to turn a business opportunity, the one in which they believe, into real value. But the flipside of opportunity is “risk”. Needless to say, that risks can have negative consequences and in some cases, destroy both the company and its founders in the shortest time.

While risk is an integral part of entrepreneurship, there are different ways to approach it. Entrepreneurs who succeed with their company over the long term have all one point in common: they are aware of the risks to which their business is exposed and have learned to manage them.

What are those risks?

There are obviously a multitude of risks and threats that affect start-ups. Early-stage companies are commonly said to face the following ones in particular:

  • financing risk: you can’t raise money when needed;
  • product risk: you can’t translate your concept into a working or attractive product;
  • business development risk: you can’t get deals with other companies;
  • timing risk: You are too early or too late to the market;
  • technology risk: you rely on poor systems; or
  • credit risk: your customers are not paying you in due time.

The more you grow, the more you discover additional risks. Just consider the following ones affecting companies at any stage of development: market risk, legal (regulatory) & tax risk, people risk, political risk or environmental risks…

What are the best practices?

The best practice can be summarized in one simple advice: Manage your risks!

“Risk Management” is the activity of thinking about what could go wrong in the company, and what are the best ways to mitigate the risk. Companies who have an adequate understanding of their risks are in a superior position to those who do not; on the long run they will outperform.

There are no exceptions, even for start-ups; they should implement a corporate governance including a strong risk governance element. Board is ultimately responsible for every activity within an organization. Together with senior manager, he should have a deep understanding of both the opportunities that the company is pursuing, and the risks that are related to them. He should ask the right questions, such as: what are the main risks we face? What is the likelihood of those risks occurring, and what would be the consequences for the company? How much of that risk do we want to (and are we able to) manage internally? …

In many instances, insurances will prove very useful risk management tools, by transferring the adverse effects of a risk to a third party. Some of those insurances are mandatory by law, others are taken out because of a deliberate decision of the risk management body within the company.

In the following articles, we will focus on some of the key risks that you may face in running your business. For each of them, we will consider both internal risk management and external risk transfer solutions. We hope you enjoy the reading.

Representations and Warranties: get your deal done with an Insurance!

If your company is involved in M&A transactions, or if your activities include the acquisition or disposal of assets such as portfolio companies and real estate, you are probably familiar with the concept of “Representations and Warranties” (R&W).

R&W are assurances given by the seller to a buyer about an asset and relating to various matters such as title, tax liabilities, employment, litigation or environmental issues.

Under the transaction documents, sellers are usually required to indemnify the buyer for breaches of R&W. That explains why those guarantees are often heavily negotiated and can form one of the most difficult aspects of the deal negotiations. Buyers naturally seek maximum protection from sellers while sellers try to minimize their liability in respect of the transaction.

If the buyer has concerns as to the creditworthiness or the ability of the seller to deliver on its promises, then security is usually sought. Sellers may need to arrange for guarantees or hold a portion of the sale proceeds in escrow to ensure that funds are available in the event of a breach, or to give the buyer the right to hold back and retain a portion of the payment. These options are however unsatisfactory for the seller, as they eventually prevent him from liquidating a fund or limit and delay returns to investors. Also, and notwithstanding the guarantees, the buyer may still feel uncomfortable with the level or security obtained.

In this context, Reps & Warranties insurance (further “R&W Insurances”, also known as Warranties and Indemnities Insurances) are considered as a great tool to facilitate mergers, acquisitions, divestitures and other business transactions. They supplement or replace the seller indemnity obligations by insuring all (or most) of the representations made within the Sale and Purchase Agreement (SPA).

Key policy features:

  • Policyholder: The policy may be purchased either by the seller or by the buyer.
  • Tailor-Made Policy: policies are tailored to match the R&W negotiated in the SPA as closely as possible. There will be little difference between what could be claimed against the seller and what the seller (or the buyer as the case may be) can claim against the R&W policy.
  • Term: The policy term will run from the closing of the deal and for the full survival period negotiated in the SPA, or beyond if required.
  • Exclusions: They are usually limited to matters disclosed in diligence, intentional/criminal acts and fraud by the policyholder. Depending on the deal, insurers may want to limit coverage in respect of specific losses, such as resulting from breaches of covenants or forward-looking statements.
  • Covered Amounts: They are negotiated between the parties to the insurance contract. The insurance market as such has a capacity higher than EUR 500M.
  • Retention: The parties to the insurance will agree on a self-insured retention, to be borne by the insured. This is generally set at 0.5 % of the value of the transaction, but may vary depending on several factors, such as the industry, the size of the deal or the willingness to retain a higher part of the loss and consequently reduce the premium. For real estate transactions, the retention is more likely to be 0.1% of the transaction value.
  • Premium: The costs of these insurances typically range between 1% and 3% of the insured amounts. Factors such as the nature of the deal, the jurisdiction or the target asset are taken into account. Premiums are generally lower for real estate deals (0.8% to 1%) and titles guarantees (0.3%).

 Benefits of a Buyer-side policy

When taken out by the Buyer, the policy shall pay them directly for losses arising out of a post-closing discovery of seller’s breach of a representation or warranty in the SPA. Buyer-Side policies:

  • supplement or sometimes substantially replace the indemnification provisions provided in the SPA;
  • extend the survival of certain R&W, if required up to seven years, which allows considerably more time to detect and effectively recover for post-closing losses;
  • offer additional protection to the buyer beyond the negotiated indemnities;
  • protect buyers against the collectability or solvency risk of an unsecured indemnity provided by a seller (e.g., a financially distressed seller, multiple sellers or cross-border transactions);
  • distinguish a bid over other bids in an auction process, by requiring a seller to provide short survival periods, modest liability caps and reduced escrow amounts for breaches of representations and warranties in a bidder’s draft purchase agreement;
  • preserve key relationships by mitigating the need for a buyer to pursue claims against management sellers, eventually now working for the buyer;
  • provide the buyer with a direct right of action against the insurance policy. No need to first seek recourse against the seller;
  • protect the buyer from fraud or misleading information by the seller.

Benefits of a Seller-side policy

Under a seller-side policy, the insurer indemnifies the seller for its indemnification obligations to the buyer, resulting from breaches of its R&W in the SPA. Seller-Side policies:

  • provide the seller with a “clean exit” by reducing or eliminating the need to establish escrows or purchase price holdbacks, thereby enabling the seller to more quickly distribute greater portions of the purchase price to its investors and eventually close the fund;
  • increase the purchase price obtained, while the buyer has full recourse under the warranties;
  • protect minority/passive sellers concerned with joint and several liability for indemnifying the buyer;
  • provide additional comfort for individual or family sellers;
  • provide a solution for situations where there is a lack of ownership history such as restructurings.

Practical examples:

A private equity firm wanted to exit its investment in a technology company at an enterprise value of EUR 500M. The buyer required substantive warranties with an indemnification obligation of EUR 50M, which the private equity owner was unable to give as it could not take on long-tail financial liabilities during the divestment phase of its fund’s life-cycle. Management of the technology company were prepared to warrant up to EUR 10M (representing 50% of their EUR 20M stake in the technology business). 

Placing part of the purchase funds into a holdback escrow to cover potential warranty claims would prevent a clean exit for the private equity firm. On the other hand, the buyer was not prepared to consider a reduction in the consideration.

The buyer was able to purchase an insurance policy with a limit of EUR 40M to meet the total EUR 50M indemnity requirement. The policy was structured so that the buyer had to first pursue management up to their EUR 10M limit. The SPA therefore provided for a warranty cap of EUR 10M, backed by management’s escrow and the PE seller assumed no additional liability.

Why chose ABIL S.A. as your risk adviser or insurance broker?

ABIL is a Luxembourg based company specialized in risk management, advisory and insurance brokerage services, focusing in particular on companies active in the financial, advisory and technological sectors, as well as on large multinationals.

You may count on ABIL to tailor your R&W insurance policy to your specific needs and positively contribute to the success of the transaction. We also offer specific solutions to cover Tax liabilities, should there be a particular tax issue mentioned in your R&W.

We are at your disposal to address any question regarding and respond to any request for quotation.

 

ABIL S.A.

163, route d’Arlon

L-8009 Strassen

www.abilinsurance.com

Insurance to mitigate Tax exposures

The increased scrutiny by tax administrations and the consequent risk of a specific tax position being challenged have created uncertainties among the business community. The management of tax exposures becomes a key concern for companies, in particular in M&A deals or restructurings. A specific insurance market has emerged to cover risks related to tax issues.

Focus on an emerging product: Tax Liability Insurance

Imagine that you must proceed with a transaction or investment where there is uncertainty in the application of tax laws or inadequate time to obtain an advance tax ruling. The risk exists in that the tax treatment of the transaction is challenged by the tax authorities, potentially leading to substantial costs and liabilities.

Tax liability insurances are designed to fill the risk gap that results from uncertainty about a tax liability. As a risk transfer tool, it enables the company both to free up and to attract capital.

A customized insurance solution…

The wording of the insurance is tailor-made to cover your very specific tax exposure. Retentions are negotiable and the policy period is generally aligned with the applicable limitation period. Premium typically range between 2.5 % and 10 % of the insured limit, depending on the probability of an adverse outcome.

Coverage may address:

  • expenses incurred by the insured in engaging outside legal advisers and/or accountants in order to resolve the dispute with a relevant tax authority;
  • interest and insurable fines or penalties as well as additional tax payable if the dispute is lost;
  • gross-up of taxes payable (ie if the taxpayer is found to have an additional tax liability, the insurance proceeds may be deemed taxable: the policy will cover any tax incurred on receiving the proceeds).

Exclusions will vary from policy to policy but will generally consist in:

  • losses resulting from inaccurate facts or omission of material information given by the insured;
  • criminal or fraudulent acts or intentional violations of law; and
  • changes in legislation after the inception date.

… for a wide variety of tax risks

Insurance companies will consider offering insurance in respect of a very wide variety of tax risks provided they are able to review detailed advice from the insured’s financial advisers or its lawyers setting out the background, the potential tax liability and a legal analysis of the likelihood of the liability arising. Tax Liability insurance is suitable for risks turning on questions of law rather than fact and is unlikely to be available for promoter-driven, repetitive or purely tax motivated transactions, or those cases already subject to audit, litigation or on appeal from a tax authority.

Examples of risks covered by insurances include:

  • whether a foreign subsidiary qualifies as a “legal entity” under local corporate income tax rules;
  • whether a company meets the tests relating to an exemption or specific tax treatment;
  • the risk resulting in the claw-back of a historic claim for stamp duty land tax group relief;
  • the risk resulting in the tax authority questioning the validity of tax credits claimed by an entity.

When assessing a tax exposure, insurers will look at:

  • the type of risk, with a preference for those in connection with or as a result of a merger, acquisition, restructuring, recapitalization… or another type of transaction that demonstrates a clear business purpose other than to achieve a particular tax result;
  • the jurisdiction, preferably those politically stable, with developed legal system and a tax authority or tribunal with a recognized, accepted route of appeal and a reputation for competence, probity, fairness…;
  • legal advice or opinion from reputable lawyers or tax advisers provided to the insured. They will carefully review the advice to assess its merits and also identify any weaknesses or concern;
  • the likelihood of challenge from a tax authority which may be based on political climate or a tax authority’s propensity to challenge certain tax practices or target industries.

Case Study – VAT Risk

An insurance solution was sought for a scheme involving a land development incorporating the construction of a number of holiday homes. Under the scheme, the land owner and building developer (which were connected parties) entered into separate but inter-conditional contracts with the purchaser of the land – for the freehold sale of the land and the subsequent design and build services respectively (rather than a single sale of land containing completed holiday homes). Insurance was offered against the risk of a successful challenge that the sale of the land would be standard rated as opposed to VAT-exempt.

What are the strategic benefits?

  • transfers an uncertain liability from the insured to the insurer;
  • reduces the insured’s concerns about the potential for an adverse tax challenge;
  • transforms contingent claims into a quantified insurance cost;
  • can facilitate a sale or acquisition by providing certainty and managing negative financial impact;
  • can preserve or enhance the value of a business or an asset;
  • can be used where parties do not want or do not have time to obtain prior clearance from tax authorities.

Why chose ABIL S.A. as your risk adviser or insurance broker?

ABIL is a Luxembourg based company specialized in risk management, advisory and insurance brokerage services, focusing in particular on companies active in the financial, advisory and technological sectors, as well as on large multinationals.

ABIL will have you engaged with a selection of specialized “tax liability” insurers and will be advising in a first stage on responsiveness, experience in tax liabilities, and reputation for claims payment. We will also review your insurance contract with a particular focus on the scope of losses included and excluded, the impact of knowledge qualifiers, the term of coverage, operational restrictions and potential subrogation provisions.

We are at your disposal to address any question and respond to any request for quotation.

Cyber Risks and Data Protection

 If your business involves gathering, maintaining, disseminating or storing private and sensitive information, you probably wonder to what extend you can rely on your computers, servers, clouds and software to keep all that data safe and secure.

Our dependency on ICT has never been so high and there is no doubt it will increase even further. The smallest technical problem is likely to cause delays, business interruption and damages to third parties, especially when private data is involved. At the same time, cyber criminality is becoming more and more sophisticated. Examples of remote access hacking, distributed denial of service attacks (DDoS) or ransomware are in newspapers and newsletters every single day.

With the recent approval of the GDPR (General Data Protection Regulation), which will be applicable in Luxembourg as of 25th of May 2018, Europe has come up with a stricter data protection compliance regime. In case of loss of private data, companies are now exposed to important liabilities and severe penalties (up to EUR 4 % of the global gross revenues, with a maximum of EUR 20m).

How to get ready for the GDPR?

GDPR compliance is a mandatory requirement and many entities covered by the regulation will need to introduce serious structural changes. Consultants and lawyers are ready to scan your operational systems and procedures to get you there. You will probably also consider an upgrade of your IT infrastructure and security tools to protect against cyber-attacks and system failures.

Introducing Cyber Insurance as a powerful risk mitigation tool

Although mandatory, compliance with the law will not be able to prevent cyber-attacks and the devastating effects it may cause on your reputation and liability. Even the best and most robust security tools in place will never guarantee a 100% security for the personal information you manage.

To help you mitigate those risks and add a layer of corporate protection, you would be well served to consider a “cyber insurance” policy.

Cyber insurances exist for more than fifteen years in the USA, where some states like California were subject to similar regulation. More recently, a cyber insurance market has also developed in Europe, with insurers now offering a variety of solutions to all type of companies at affordable prices.

What does it cover?

Cyber insurances are comprehensive policies that include end-to-end risk management solutions for cyber-related events.

In the first instance, the policy will provide an immediate “first response” ICT and legal support straight after a security failure or privacy breach. In practice, insureds have access to dedicated specialists (ICT, consultants & lawyers) via a call center to look at the issue, provide the necessary support and prevent any aggravation of damage.

The policy further pays the various costs incurred in dealing with the issue: costs of notifications (including to the Data Privacy Authority, in compliance with the requirements of the GPDR), public relations to mitigate the reputational loss, and other services to assist in investigating, managing and mitigating a cyber incident.

Forensic investigations, legal consultations and identity monitoring costs for victims of a breach are all included.

The insurer will also pay the necessary costs and expenses incurred to recreate lost data held by the insured.

The liability section of the policy shall cover claims introduced against the company as a result of the failure of the insured’s network security or a failure to protect data. That includes responding to regulatory actions and investigations as well as the payment of defense costs and damages of third parties (such as customers or employees).

In some instances, the policy reimburses the lost income and operating expenses consequent to a material interruption of your business operations caused by a network security failure.

Finally, the cyber theft & extortion section responds to the threat of intentional security attacks against a company by an outsider attempting to steal or extort money, securities, or other valuables.

What is NOT covered?

Cyber insurance policies will intervene in excess of a self-insured amount (a deductible). As regards business interruption in particular, coverage will be triggered after a waiting period. Both the deductible and the waiting period are a matter of negotiation with the insurers.  

The insurance sections and exclusions vary significantly from one insurer to the other. We point out the following ones in particular :

  • losses resulting from electrical or mechanical failure of infrastructure other than IT (such as optical fiber, satellite disorder or power outage);
  • damages to tangible property (i.e. other than data) and physical injuries (a carve back to this exclusion is nevertheless available to exposed industries);
  • infringement of intellectual property.

 

Why chose ABIL S.A. as your risk adviser or insurance broker?

ABIL is a Luxembourg based company specialized in risk management, advisory and insurance brokerage services, focusing in particular on companies active in the financial, advisory and technological sectors, as well as on large multinationals.

You may count on ABIL to tailor your cyber policy to your specific needs. In order to avoid gaps, reduce overlaps and minimize insurance costs, ABIL performs a comprehensive review of your other policies such as the Directors & Officers Liability, Professional Liability, Crime, Kidnap & Ransom, Property or General & Product Liability.

We are at your disposal to address your questions on the matter and respond to any request for quotation