From payment processing to alternative investing to expedited lending, the FinTech and RegTech industry has introduced innovation to financial related transactions where banks have otherwise been slow to expand. As a fintech company, the risk landscape that your company operates within is exactly as its name implies, combining the risks encountered by both the tech and financial sectors. This implies a high degree of regulatory compliance, an increased risk of cyber threats, and an increased severity of financial damages should your products or services fail. While it has proven to be a thriving sector, it’s still a very new environment requiring careful diligence, strong compliance, a careful risk management program and a well-structured insurance portfolio. For Fintech or RegTech companies currently involved with placing or reviewing their insurance programs, we recently published a helpful insurance guide along with some placement tips when approaching the markets.
Aside from traditional insurance products like general liability and workers compensation insurance, fintech insurance programs revolve around 3 core coverages:
- E&O/Errors & Omissions: Professional liability insures against claims alleging negligence, errors or other failures arising from the company’s technology, financial services, and/or any miscellaneous services provided (such as consulting or auditing)
- Cyber Liability/Network Security: Insures against damages resulting from data breaches, ransomware attacks, social engineering frauds, and more. Damages covered include 1st party losses (such as lost business income, extortion demands, fraudulent transfers, restoration costs, etc) and 3rd party losses (including regulatory costs, PCI fines, notification costs, and more)
- Crime & 3rd Party Crime: Protects the organization and its clients against financial losses due to theft and frauds committed by malicious actors (including but not limited to employees).
Directors and officers insurance is an equally critical coverage for all Fintech and RegTech companies. D&O insures the organization and its executives against claims brought by shareholders, competitors, vendors, regulators, employees and creditors. There are a few reasons in particular Fintech companies should incorporate D&O within their insurance programs:
- Fintech companies often require considerable capital. In addition to often being a requirement on a VC/PE term sheet, directors and officers insurance protects against claims brought by shareholders which is particularly important as more funds are raised.
- It can help attract and retain qualified executives – since most will refuse to sit on an uninsured board.
- Early stage companies often have a high risk of failure. D&O protects the executives assets against claims brought during insolvency.
- The environment is highly regulated and compliance failures can quickly result in regulatory investigations and/or proceedings.
- It can act as a “catch all” covering claims not covered elsewhere
In addition to the above, many Fintech companies should also explore additional lines of coverage such as EPLI Insurance, Side A DIC D&O, and/or IP insurance. EPLI (employment practice liability), which can be purchased as an additional coverage on an underlying D&O policy protects against a myriad of claims brought by employees and 3rd parties. These can range from wrongful termination, discrimination and harassment claims, to claims alleging “wage and hour” violations, to 3rd parties alleging websites and services are non ADA compliant. Separate Side A D&O policies provide yet additional value by acting as a sort of swiss army knife filling in any coverage gaps of the underlying D&O program, in order to provide the most robust coverage for the executives’ personal assets. Lastly, due to the considerable amount of proprietary technology many Fintech companies own, many organizations may benefit from IP insurance which provides coverage for attorney’s fees incurred in connection with defending a patent (patent defense insurance), or enforcing a patent (patent abatement insurance).
As fintech models differ so do their risk management needs. Companies providing loans or lines of credit require policies with a robust financial E&O component. For companies providing ancillary services such as consulting or auditing, the potential for professional liability claims increases further, requiring a professional liability policy with a broader range of defined services. Fintech companies providing AML/KYC compliance solutions on the other hand will need to pay greater attention to the scope of regulatory coverage while carefully assessing problematic policy exclusions such as the RICO and securities exclusions found in both E&O and D&O policies alike. Conversely, companies offering payment processing or cloud storage solutions will have a greater demand for stronger cyber security and data breach insurance. With some fintech companies providing industry specific solutions, needs can also vary depending on the industry being serviced. For example, fintech companies servicing the financial industry may encounter greater loss severity such as larger financial damage claims resulting from product failures. Lastly, trends such as social engineering attacks and increases in ransomware attacks create an even more complex risk environment.
It is important to partner with a broker that understands the range and complexity of the risks you face. As a relationship driven boutique brokerage, we work closely with our clients to better understand their risk requirements so that we can leverage our strengths and structure insurance solutions to best fit those needs.