Fintech Insurance | GB&A

Technology, Media & Communication

MENU

Fintech Insurance

From payment processing to alternative investing to expedited lending, the FinTech and RegTech industry has introduced innovation to financial related transactions where banks have otherwise been slow to expand. As a fintech company, the risk landscape that your company operates within is exactly as its name implies, combining the risks encountered by both the tech and financial sectors. This implies a high degree of regulatory compliance, an increased risk of cyber threats, and an increased severity of financial damages should your products or services fail. While it has proven to be a thriving sector, it’s still a very new environment requiring careful diligence, strong compliance, a careful risk management program and a well-structured insurance portfolio. For Fintech or RegTech companies currently involved with placing or reviewing their insurance programs, we recently published a helpful insurance guide along with some placement tips when approaching the markets.

Aside from traditional insurance products like general liability and workers compensation insurance, fintech insurance programs revolve around 3 core coverages:

  • E&O/Errors & Omissions: Professional liability insures against claims alleging negligence, errors or other failures arising from the company’s technology, financial services, and/or any miscellaneous services provided (such as consulting or auditing)
  • Cyber Liability/Network Security: Insures against damages resulting from data breaches, ransomware attacks, social engineering frauds, and more. Damages covered include 1st party losses (such as lost business income, extortion demands, fraudulent transfers, restoration costs, etc) and 3rd party losses (including regulatory costs, PCI fines, notification costs, and more)
  • Crime & 3rd Party Crime: Protects the organization and its clients against financial losses due to theft and frauds committed by malicious actors (including but not limited to employees).

Directors and officers insurance is an equally critical coverage for all Fintech and RegTech companies. D&O insures the organization and its executives against claims brought by shareholders, competitors, vendors, regulators, employees and creditors. There are a few reasons in particular Fintech companies should incorporate D&O within their insurance programs:

  • Fintech companies often require considerable capital. In addition to often being a requirement on a VC/PE term sheet, directors and officers insurance protects against claims brought by shareholders which is particularly important as more funds are raised.
  • It can help attract and retain qualified executives – since most will refuse to sit on an uninsured board.
  • Early stage companies often have a high risk of failure. D&O protects the executives assets against claims brought during insolvency.
  • The environment is highly regulated and compliance failures can quickly result in regulatory investigations and/or proceedings.
  • It can act as a “catch all” covering claims not covered elsewhere

In addition to the above, many Fintech companies should also explore additional lines of coverage such as EPLI Insurance, Side A DIC D&O, and/or IP insurance. EPLI (employment practice liability), which can be purchased as an additional coverage on an underlying D&O policy protects against a myriad of claims brought by employees and 3rd parties. These can range from wrongful termination, discrimination and harassment claims, to claims alleging “wage and hour” violations, to 3rd parties alleging websites and services are non ADA compliant. Separate Side A D&O policies provide yet additional value by acting as a sort of swiss army knife filling in any coverage gaps of the underlying D&O program, in order to provide the most robust coverage for the executives’ personal assets. Lastly, due to the considerable amount of proprietary technology many Fintech companies own, many organizations may benefit from IP insurance which provides coverage for attorney’s fees incurred in connection with defending a patent (patent defense insurance), or enforcing a patent (patent abatement insurance).

As fintech models differ so do their risk management needs. Companies providing loans or lines of credit require policies with a robust financial E&O component. For companies providing ancillary services such as consulting or auditing, the potential for professional liability claims increases further, requiring a professional liability policy with a broader range of defined services. Fintech companies providing AML/KYC compliance solutions on the other hand will need to pay greater attention to the scope of regulatory coverage while carefully assessing problematic policy exclusions such as the RICO and securities exclusions found in both E&O and D&O policies alike. Conversely, companies offering payment processing or cloud storage solutions will have a greater demand for stronger cyber security and data breach insurance. With some fintech companies providing industry specific solutions, needs can also vary depending on the industry being serviced. For example, fintech companies servicing the financial industry may encounter greater loss severity such as larger financial damage claims resulting from product failures. Lastly, trends such as social engineering attacks and increases in ransomware attacks create an even more complex risk environment.

It is important to partner with a broker that understands the range and complexity of the risks you face. As a relationship driven boutique brokerage, we work closely with our clients to better understand their risk requirements so that we can leverage our strengths and structure insurance solutions to best fit those needs. 

Risk Profile

The risk profile below is an outline of your company's core exposures. Click to learn more, and select your coverage of interest to begin building your insurance portfolio or click "contact us" to connect with a broker.

  • Commercial Liability & Property

    Commercial liability packages (sometimes referred to as CPP's or BOP's) provide balance sheet protection in the form of financial reimbursement and liability protection in the form of coverage for defense costs and damages resulting from:

    • Claims asserting bodily injury and/or property damage
    • Product liability claims (unless excluded)
    • Advertising Injury such as libel, slander and infringement related claims 
    • Theft and property damage losses for inventory, business property, machinery, etc
    • Loss of business income
    • Equipment breakdown
    • Key Broadening endorsements (Transit coverage, basic cyber, employee dishonesty, ERISA, basic EPLI, and more)

    Due to the fact that endorsements can either broaden and extend coverage or limit/exclude coverage, policies should be carefully reviewed. Seemingly small endorsements such as “selling price” endorsements and business income coverage for dependent properties (such as suppliers, retailers and leaders) can provide substantial coverage enhancements. Due to the advertising risks faced by this sector, it is also often wise to seek coverage through a carrier that has a strong reputation for advertising coverage.

    Learn More

  • Technology Professional Liability (E&O)

    Professional Liability insurance (also known as errors & omissions) provides liability protection for lawsuits brought by clients or 3rd parties asserting financial damages resulting from errors, acts or omissions in providing services and claims asserting failure to perform or deliver. E&O provides defense costs, damages, and other costs associated with resulting claims and litigation. E&O is a critical insurance component for companies in the financial, professional services or technology sectors. 

    With Fintech companies operating in a space between technology and finance, it is critical that companies in this sector pay careful attention compliance requirements and their professional liability policy’s terms and definitions. Pure Tech E&O policies will likely leave a large gap for the “non-tech” related professional services provided, while a financial or professional services errors and omissions policy will likely not cover all of the company’s tech exposures. Which highlights the importance of a properly structured E&O policy with an “all inclusive” definition of “professional services”. Companies in this sector may also be best served with a policy combining E&O/D&O (directors and officers) on one policy form. This approach can offer pricing advantages as well as eliminating carrier disputes (finger pointing) for claims that may fall in potential grey coverage areas.

    Learn More

  • Directors & Officers (D&O) and Employment Liability (EPLI)

    Directors & Officers insurance provides protection for individual directors/officers and the balance sheet protection for the entity. Claims are often asserted by shareholders, investors, employees, creditors, competitors and regulatory agencies and can include:

    • Claims asserting misrepresentations made in private placement memorandums
    • Breaches Of Fiduciary Duties
    • Anti Trust & False Advertising Claims
    • Bankruptcy related claims
    • Accusations of Fraud

    Many of the products/services Fintech companies provide are new, with a legal and regulatory landscape that has little development which can make it difficult to understand the true risks and exposures associated. Operating in this untested environment highlights the critical importance of a strong D&O program to. Further trends highlighting the importance of D&O for Fintech industry include: 

    Additional Trends increasing the potential for claims include:

    • Increasing compliance requirements and oversight leading to an increase in investigations, fines and penalties
    • Crowdfunding and JOBs act reporting exemption have the potential to fuel D&O claims
    • Usage of algorithims can result in 3rd party discrimination and red-lining claims
    • DOL’s (department of labor) newly passed fiduciary rule  
    • SEC’s increased usage of ALJ’s (administrative law judges) is making it easier to pursue actions. The SEC and law firms alike are increasing their pursuit of smaller companies.
    • Employment suits are increasing as a result of tech companies seeking “young energy” (creating unintended adverse ageism) and the mis-use of social media in the course of hiring/firing and employment decisions
    • EEOC is actively pursuing claims against companies for “illegal” background checks

    Learn More

  • Cyber Liability & Data Security

    With both the SEC, FTC and regulators pursuing smaller companies, the requirement for cyber insurance is great. As with all professional and management liability policies though, coverage can differ significantly from carrier to carrier and with most Fintech companies storing and/or transmitting large amounts of data and their revenue stream relying n their network “uptime”, small gaps can have large, unintended coverage implications. Basing purchasing decisions on premium alone is ill advised. Careful consideration should be given to coverage terms including the extent of first party coverage (such as loss of business income and reputational damage), coverage for data in the care of cloud providers, and coverage for viruses and ransomware/extortion demands. Cyber Liability insurance provides

    • First Party coverage for damages sustained by the entity including: lost income and restoration costs, notification and credit monitoring costs, costs related to extortion demands, and more
    • Third Party liability protection for claims and lawsuits arising from: failure to protect from (or prevent) an intrusion or transmission of a virus or attack, regulatory actions, media related liability, claims asserting breach of intellectual property and more

    Claims can arise from

    • Data Breaches, viruses and unauthorized access 
    • Lost or stolen laptops and lost or stolen paper records
    • Transmission of a virus to others
    • Rasomware and extortion demands
    • Media related liability
    • Clerical and human errors in opening or transmitting files
    • Payment processing and POS terminals

    Learn More

  • Employer's Liability & Workers Compensation

    Workers Compensation insurance is a mandatory coverage for companies with employees (including volunteers, uninsured independent contractors, leased or part time labor). It provides coverage for employees’ wages and medical payments resulting from injuries sustained while “on the job”. Coverages to consider include “broad form all states” coverage and foreign workers compensation coverage (especially important for employees traveling abroad for business). Additional employee related coverages that should be considered include: 

    • EPLI/Employment liability (protection for the hiring/firing of employees and discrimination/harassment related claims)
    • Employee benefits
    • ERISA/Fiduciary coverage (for the administration of employee benefits)
    • Long term disability
    • Kidnap & Ransom (for employees traveling abroad for business)

    Learn More

  • Crime & Employee Theft

    Crime & fidelity insurance provides protection for the entity against financial losses resulting from crime, theft and dishonest acts committed by employees, executives, independent contractors and other parties. Claims can include theft of money or securities, forgery, alteration, computer fraud, fraudulent invoicing, credit card and funds transfer fraud and more. More modern schemes include social engineering attacks (such as business email compromise, also known as CEO fraud). Third party crime coverage provides protection for claims of theft asserted by clients or customers while your employees are working on their premises or have access to computer networks. 

    Learn More

Connect With A Broker

Get (Risk) Managed.

Ready to review your existing insurance program? Interested in setting a reminder for a renewal review? Or simply have a question? We're here to help. We also understand you're busy - let's schedule a time to speak that works best for you. Simply schedule a call and we'll reach out when it's convenient.

Schedule a callback