Summary: The Insurance Services Office (ISO) has developed an e-commerce program providing coverage for cyber risks, a growing threat to the world's resources. E-commerce coverage has been available through several specialty markets; this program makes the coverage available through standard markets.
The program includes the Financial Institutions Information Security Policy and the Media and Information Security Protection Policy.
This article discusses ISO form EC 00 10 01 14, Information Security Protection Policy.
Topics covered:
Introduction
EC 00 10 was developed to answer the growing need for standardized forms addressing the risks of e-commerce in an increasingly hostile environment. What was once considered a wonderful new way of doing business has become fraught with peril for the unwary. Hackers, phishers, pharmers, as well as out-and-out thieves have become commonplace. This coverage form is an important step in protecting against loss of electronic data, extortion threat, or wrongful act committed by the named insured with regard to website publishing, or a wrongful act with regard to unauthorized access to the insured's computer system with the result that a client's personal information is published. Included as well is business income loss because of an e-commerce incident or extortion threat.
This article discusses coverages, exclusions, conditions, and definitions of form EC 00 10. The definitions are key to understanding the coverages and exclusions. The nature of "wrongful acts", "interruptions", "e-commerce incident" and other such terms are not standard policy language, and as such need to be clearly understood when working with this policy.
Web Site Publishing Liability: this insuring agreement states that the insurer will pay for both loss the insured becomes legally obligated to pay and defense expenses as a result of a claim first made against the insured during the policy period or applicable extended reporting period, for a wrongful act or series of interrelated wrongful acts taking place on or after the retroactive date, if any, shown in the declarations and before the end of the policy period. A wrongful act is any actual or alleged error, misstatement or misleading statement published or posted by the insured on its web site that results in infringement of another's copyright, title, slogan, trademark, trade name, service mark or name, or any form of defamation against a person or organization, or a violation of a person's right of privacy. If the insured erroneously posts a customer's medical history online, that is a wrongful act.
The 2014 edition of the form added a paragraph stating that coverage is provided under the insuring agreements for which an aggregate limit of insurance is shown in the declarations.
Security Breach Liability: this insuring agreement declares that the insurer will pay for both loss the insured is legally obligated to pay, as well as defense expenses resulting from a claim first made against the insured during the policy period or during the applicable extended reporting period, for a wrongful act or a series of interrelated wrongful acts taking place on or after the retroactive date, if any, shown in the declarations and before the end of the policy period.
The definition of wrongful act for a security breach is any actual or alleged neglect, breach of duty or omission by an insured that results in a security breach or computer system transmitting by e-mail or other means a virus to another person or organization. A security breach is the acquisition of personal information held within the computer while in the care, custody or control of the insured that is accessed by someone not authorized to have such information, or has access but the access results in the unauthorized disclosure of the information. In this example a hacker might access personal information of customers that the insured keeps in his database.
Added with the 2014 edition is a paragraph providing coverage for both loss and defense expenses resulting from a claim in the form of a regulatory proceeding made during the policy period or the extended reporting period. The claim must be made against the insured in response to a covered wrongful act or series of interrelated wrongful acts.
Programming Errors and Omissions Liability: under this insuring agreement, the insurer agrees to pay for both loss that the insured becomes legally obligated to pay and defense expenses as a result of a claim for a wrongful act or series of interrelated wrongful acts that take place on or after the retroactive date and before the end of the policy period. Interrelated wrongful acts are those that have a common nexus, such as fact, circumstance, event, transaction or cause.
Replacement or Restoration of Electronic Data: this insuring agreement promises the insurer will pay for loss of electronic data or computer programs stored within the business's computer system resulting directly from an e-commerce incident that is both sustained and reported to the insurer during the policy period. An e-commerce incident is a virus, malicious code, or denial of service attach introduced into the computer system that is designed to destroy, corrupt, delete, or prevent the use or access to any part of the system. Some e-commerce incidents are individuals restricting access because they can, others use this as a way to hold a company ransom for a large amount of funds to unlock the system so the insured can use it again.
Extortion Threats: under this insuring agreement, the insurer will pay for loss resulting directly from an extortion threat that is both communicated to the insured business and reported to the insurer during the policy period. The insurer will not pay for extortion expenses or ransom payments that are part of a series of related threats that began prior to the policy period.
Business Income and Extra Expense: this insuring agreement states the insurer will pay for loss due to an interruption resulting directly from an e-commerce incident or an extortion threat that occurs during the policy period.
Public Relations Expense: under this insuring agreement, coverage applies to a loss due to negative publicity resulting directly from an e-commerce incident or security breach sustained during the policy period.
Security Breach Expense: this insuring agreement promises to pay for loss resulting directly from a security breach (as defined) sustained during the policy period.
Coverage is written on an aggregate basis. Any amount paid for covered loss and defense expenses reduces the policy aggregate. Upon exhaustion of the limits, the insurer will not be liable for any loss regardless of when a claim is made or a loss is sustained.
Each insuring agreement may be written for a different amount of insurance (and applicable deductible), or not included at all. Payment made for a covered loss and defense expenses under any of the insuring agreements is applied to the aggregate limit and serves to reduce the aggregate limit.
In the 2014 edition of EC 00 10, the paragraph discussing the insuring agreement aggregate limit of insurance was restructured to include optional coverage for regulatory proceedings under the Security Breach Liability insuring agreement. If coverage for regulatory proceedings is provided, the limit of insurance is part of, not in addition to, the aggregate limit of insurance for the insuring agreement.
The deductible application varies depending on the insuring agreement to which it is applied. For the Web Site Publishing Liability, Security Breach Liability, and Programming Errors and Omissions Liability insuring agreements, the insurer pays only the amount of covered loss and defense expenses in excess of the applicable deductible shown in the declarations resulting from the same wrongful act or interrelated wrongful acts. For example, under the Web Site Publishing Liability insuring agreement, the deductible applies to all loss and defense expenses resulting from the same wrongful act or interrelated wrongful acts that are covered under that insuring agreement.
In regard to the deductible for the Replacement or Restoration of Electronic Data, Extortion Threats, Public Relations Expense, and Security Breach Expense insuring agreements, the insurer agrees to pay only the amount of loss that is in excess of the applicable deductible amount shown in the declarations.
Under the Business Income and Extra Expense insuring agreement, the insurer pays only the amount of covered loss that exceeds the greater of the deductible amount shown in the declarations, or the amount of loss incurred during the waiting period shown in the declarations.
In the event that the loss is covered under more than one insuring agreement, only the highest deductible amount applicable to the loss is applied.
The defense and settlement provisions apply only to the Web Site Publishing Liability, Security Breach Liability, and Programming Errors And Omissions Liability insuring agreements. The insurer has the right and duty to select counsel and defend the insured against any covered claim, regardless of whether the allegations of the claim are groundless, false, or fraudulent. But if the claim is not covered under any of these insuring agreements, the insurer has no duty to defend the insured.
In the 2014 edition of the form, a provision was added due to the addition of regulatory proceedings coverage to state, in part, that the company has the right but not the duty to defend the insured against a claim covered under Paragraph b. of the Security Breach Liability insuring agreement. The company has no duty to defend the insured against any claim that is not covered under any of these insuring agreements.
The insurer can make a reasonable settlement of a claim with the insured's written consent. If the insured does not consent, then the insurer's liability for all loss resulting from such claim will not exceed the amount for which the insurer could have settled the claim, plus defense expenses incurred as of the date the settlement was proposed to the insured. From this point on, the insured assumes sole expense for all further responsibility for its defense, including all investigative costs, defense costs, and settlement costs.
Form EC 00 10 contains twenty-three exclusions. Loss or defense expenses are excluded based upon, attributable to, or arising out of the following:
|- Lightning, earthquake, hail, volcanic action, or other act of nature
- War, warlike action, insurrection, rebellion, revolution, usurped power, or action taken by government authority in hindering or defending against any of these
- Dispersal or application of a pathogenic or poisonous biological or chemical materials or nuclear radiation or radioactive contamination
- Bodily injury or physical damage to or destruction of tangible property, including loss of use
- Unexplained or indeterminable failure, malfunction, or slowdown of the computer system
- Interruption in normal computer function or network service or function because of overload of the system or insufficient capacity to process transactions (does not apply if the interruption is caused by an e-commerce incident)
- Complete or substantial failure, disablement, or shutdown of the Internet, regardless of cause
- Failure of, reduction in, or surge of power
- Actual or alleged violation of the Racketeer Influenced and Corrupt Organizations Act and its amendments or similar federal, state, or local law
- Malfunction or failure of any satellite
- Oral or written publication of material if done by an insured or at an insured's direction with knowledge of its falsity
- Insured's assumption of liability by contract or agreement (does not apply to liability an insured would have incurred in the absence of a contract or agreement)
- Actual or alleged patent or trade secret violation
- Actual, alleged, or threatened dispersal, seepage, migration, release, or escape of pollutants or any request, demand, order, or requirement that any insured clean up, remove, contain, treat, detoxify, monitor, test for, neutralize, or in any way respond to or assess the effects of pollutants or any claim or suit brought by or on behalf of any governmental authority because of cleaning up, removing, containing, treating, detoxifying, monitoring, testing for, neutralizing, or in any way responding to or assessing the effects of pollutants
- Claim, suit, or other proceeding pending or existing prior to the policy period
- An insured's employment practices
- Any wrongful act or interrelated wrongful acts occurring prior to the retroactive date
- Any wrongful act or interrelated wrongful acts alleged in any claim reported under any prior policy;
- Any criminal, dishonest, malicious, or fraudulent act or any willful violation of any statute or regulation committed by an insured (the 2014 edition added an exception for dishonest, malicious, or fraudulent acts giving rise to claims or losses covered under the Security Breach Liability insuring agreement)
- Any action or proceeding brought by or on behalf of any governmental authority or regulatory agency (does not apply to actions or proceedings brought by or on behalf of any governmental authority or regulatory agency based on its capacity as the insured's customer)
- Costs associated with upgrading or improving the computer system
- Claims of one insured against another insured (the 2014 edition added an exception for claims brought or alleged by an employee against an insured as a result of a security breach)
- Unintentional errors or omissions in the entry of electronic data into the computer system
Form EC 00 10 contains several conditions, which are described in the following paragraphs.
Cancellation: The first named insured can cancel with written notice to the insurer; the insurer can cancel with ten days notice for nonpayment; otherwise thirty days notice is given. This provision could be modified by a state amendatory endorsement. Proof of mailing will be sufficient proof of notice.
Changes: The first named insured can make changes to the policy terms but only with the insurer's consent. Terms can be amended or waived with the insurer's endorsement.
Examination of Books and Records: The insurer has permission to examine and audit the insured's books.
Inspections and Surveys: The insurer has the right to make inspections or surveys and recommend changes but is not obligated to do so.
Premium: The first named insured is responsible for payment of all premiums and is the payee for any return.
Transfer of the Policy: The insured's rights and duties cannot be transferred except with the insurer's permission except in the case of death of an individual named insured.
Subrogation: The insurer is subrogated to the extent of the insured's right of recovery to the extent of such payment.
Bankruptcy: The insurer's obligations under the policy do not terminate in event of the insured's bankruptcy.
Representations: The insured represents that all information and statements contained in the application are true, accurate, and complete.
Changes in Exposure: If an insured acquires another business, there is no coverage unless notice is given to the insurer within ninety days, written consent by the insurer is obtained, and an additional premium paid. If the named insured business is acquired or merges with another, the policy continues until the end of the policy period but only with respect to wrongful acts occurring prior to the merger or acquisition. If an organization ceases to be a subsidiary, coverage continues until the end of the policy period but only with respect to wrongful acts occurring prior to the cessation.
Other Insurance: If a covered loss is also covered by another valid policy, then this policy applies only in excess of any retention, deductible, and limit of the other policy, even if the other policy declares itself to be primary, contributory, excess, contingent, or otherwise, unless the other policy is specifically written to be excess of this policy. When this policy is excess, the insurer has no duty to defend if any other insurer has that duty. But if no other insurer defends, this policy will provide a defense but then be entitled to the insured's rights against the other insurers.
Legal Action against Us: The insurer cannot be enjoined in a suit against its own insured. The insured must comply with all policy terms before bringing suit against the insurer. Suit must be brought within two years from the date loss is reported (unless modified by law).
Separation of Insureds: Except with respect to the applicable limits of insurance, the insurance applies separately to each insured against whom claim is made.
Duties in the Event of a Claim or Loss: The named insured must notify the insurer in event of an occurrence or offense that might result in a claim against an insured or a loss that might be covered by the policy; this notice must be as soon as practicable, but no later than thirty days. The insurer must be authorized to obtain records and other information.
Under the Web Site Publishing Liability, Security Breach Liability, and Programming Errors And Omissions Liability insuring agreements, the insured must immediately record the specifics of the claim and the date received, immediately send copies of any demands, notices, summonses, or legal papers received in connection with the claim, authorize the insurer to obtain records and other information, and assist the insurer in enforcing any right against any person or organization that may be liable to the insured because of an occurrence or offense to which the policy may apply. The insured cannot make a voluntary payment, assume any obligation, or incur any expense without the insurer's consent, unless at the insured's own expense.
In event of a loss under the Replacement or Restoration of Electronic Data and Extortion Threats insuring agreements, the insured must notify law enforcement officials and submit to examination under oath and give a signed statement of answers, at the insurer's request. Proof of loss is due within 120 days. For the Extortion Threats insuring agreement, the insured must determine that an extortion threat actually occurred, make every reasonable effort to immediately notify an associate and the security firm before making a ransom payment, and approve any ransom payment.
Valuation –Settlement: Premiums and any other monetary amounts are expressed and payable in the currency of the Unites States of America. Business income loss is determined based on net income before the covered interruption, the insured's likely income had no interruption occurred, operating expenses (including payroll) necessary to resume e-commerce activities, and other relevant sources of information. Business income is reduced to the extent any e-commerce activities are offset by an increase in other means of business, such as mail or telephone. Extra expense is determine based on necessary expenses exceeding the normal operating expenses that would otherwise have been incurred, and necessary expenses that reduce the business income loss.
Extended Reporting Periods: The provisions in this clause apply only to the Web Site Publishing Liability, Security Breach Liability, and Programming Errors and Omissions Liability insuring agreements.
The basic extended reporting period lasts thirty days but does not apply to claims covered under any subsequent insurance the insured has purchased. It does not extend the policy period.
The supplemental extended reporting period is available by endorsement and for an extra charge if the policy is cancelled (except for nonpayment) or not renewed by either the insurer or the insured. The 2014 edition of the policy added a statement that the supplemental extended reporting period begins when the basic extended reporting period ends.
Request for the supplemental extended reporting period must be made in writing, and the full premium must be paid within thirty days after the end of the policy period. This reporting period does not extend the policy period; it gives the insured an additional time to report claims arising out of a wrongful act that occurred on or after the retroactive date and before the end of the policy period.
Confidentiality: The insured is to make every effort not to divulge the existence of coverage for extortion threats.
Territory: Coverage applies to wrongful acts committed anywhere in the world; however, suits must be brought in the United States, including its territories, Puerto Rico, or Canada.
There following definitions are listed on EC 00 10:
Application: This is the signed application for the policy, including any attachments and other materials submitted in conjunction with the application.
Business Income: This definition is common to the ISO forms: net income (profit or loss before incomes taxes) that would have been earned or incurred and continuing normal operating expenses incurred, including payroll.
Claim: This definition is common and means a written demand for monetary or nonmonetary damages, including injunctive relief, a civil proceeding commenced by the service of a complaint or similar proceeding, or, under the Security Breach Liability insuring agreement, a regulatory proceeding commenced by the filing of a notice of charges, formal investigative order, service of summons, or similar document. The claim must be brought against any insured for a wrongful act.
Computer program: A computer program is a set of related electronic instructions directing operations and functions of a computer or devices connected to it, which enable it to receive, process, store, or send electronic data.
Computer system: This includes computers and related peripheral components, systems and applications software, terminal devices, and related communications networks by which electronic data is collected, processed, transmitted, stored, or retrieved. The term is limited to computer systems that are owned, leased, or operated by the named insured.
Defense expenses: These are the reasonable and necessary fees (attorneys' and experts' fees) and other expenses incurred in defense of appeal of a claim. Excluded are wages or other expenses of the named insured's employees.
E-commerce activities: Means activities conducted by the named insured in the normal conduct of the business via the website and the email system.
E-commerce incident: This type of incident is a virus, malicious code, or denial of service attack (as when hackers bombard a site with so much traffic they cause it to shut down). Any of these must be introduced into or enacted upon the computer system or network to which is connected and is designed to damage, destroy, delete, corrupt, or prevent the use of or access to any part of the system, or otherwise disrupt normal operation. Recurrence of the same virus after the computer system has been restored constitutes a separate e-commerce incident.
Electronic data: This is digital information, facts, images, and sounds stored as or on, or created or used on, or transmitted to or from computer software on electronic storage devices that are used with electronically controlled equipment. The term does not include data licensed, leased, loaned, or rented to others and should not be considered tangible property.
Employee: This definition was overhauled in the 2014 edition of the form. It means any natural person who was, now is, or will be employed on a full or part-time basis, furnished temporarily to the insured, leased to the insured, an officer, a director, a trustee, a manager (for limited liability companies), a volunteer worker, a partner (for limited liability companies), or a member (for limited liability companies) of the named insured and of the insured's subsidiaries.
Extortion expenses: These are fees and costs of security firms, persons, or organizations hired with the insurer's consent to determine the validity and severity of an extortion threat. Expenses also include interest costs the insured pays for financial institution loans taken to pay a ransom demand, reward money the insured pays to an informant leading to the arrest and conviction of the extortionists, and any other reasonable fees incurred.
Extortion threat: This is a threat or series of related threats attempting to cause an e-commerce incident; to disseminate, divulge, or utilize proprietary information or weakness in the source code by gaining unauthorized access to the computer system; to destroy, corrupt, or prevent normal access to the computer system by gaining unauthorized access to the system; to inflict ransomware on the computer system or network; or to publish the insured's client's personal information.
Extra expense: These are the necessary expenses incurred during an interruption that would otherwise not have been incurred or incurred to avoid or minimize the suspension of the e-commerce activities. This term does not include any costs or expenses associated with upgrading, maintaining, improving, repairing, or remediating any computer system.
Informant: An informant is a person other than an employee who provides otherwise unobtainable information in return for the reward offered by the insured business.
Insured: This is any named insured and its employees.
Interrelated wrongful acts: This term means all wrongful acts that have the same common nexus of any fact, circumstance, situation, event, transaction, cause, or a series of causally connected facts, circumstances, situations, events, transactions, or causes.
Interruption: With regard to an e-commerce incident, this means an unanticipated cessation or slow-down of the e-commerce activities or a suspension of these activities to avoid or mitigate transmitting a virus or malicious code to another person or organization. An interruption begins when e-commerce activities are interrupted and ends the earliest of ninety days after the interruption begins, the time e-commerce activities are resumed, or the time service is restored.
With regard to an extortion threat, it means a voluntary suspension of e-commerce activities based on evidence of a credible threat or on the recommendation of a security firm. This type of interruption begins when the e-commerce is interrupted and ends the earliest of fourteen days after the interruption begins, the time e-commerce activities are resumed, or the time service is restored.
Loss: "Loss" is defined according to which insuring agreement is being referenced. With regard to the Web Site Publishing Liability, Security Breach Liability, and Programming Errors and Omissions Liability insuring agreements, loss is compensatory damages, settlement amounts, and costs awarded pursuant to judgments or settlements. The 2014 edition of the form added punitive and exemplary damages, to the extent insurable by law, and, for the Security Breach Liability insuring agreement, fines or penalties assessed against the insured, to the extent insurable by law. Loss does not include civil or criminal fines or penalties except those allowed by law under the Security Breach Liability insuring agreement. This definition of "loss" also excludes the multiplied portion of multiplied damages, taxes, royalties, the amount of any disgorged profits, matters uninsurable under law.
With regard to the Replacement or Restoration of Electronic Data insuring agreement, "loss" means costs to replace or restore electronic data including cost of data entry, reprogramming, and computer consultation services. Not included in the definition is the cost to duplicate research that lead to the development of electronic date or computer programs. The cost to replace the media on which the electronic data was stored is covered.
For the Extortion Threats insuring agreement, the definition includes extortion expenses and ransom payments.
Under the Business Income And Extra Expense insuring agreement, the term means the actual loss of business income sustained and/or extra expenses incurred.
With respect to the Public Relations Expense insuring agreement, "loss" means public relations expenses (as defined).
For the Security Breach Expense insuring agreement, the term means security breach expenses (as defined).
Named insured: The named insured is the entity or entities shown in the declarations, and any subsidiary.
Negative publicity: This is information that has been made public and has caused, or is reasonably likely to cause, a decline or deterioration in the reputation of the named insured or of one or more of its products or services.
Personal information: The 2014 edition of the form revised this definition to mean any information not available to the general public for any reason in which an individual may be identified. The term includes, but is not limited to, an individual's social security number, protected health information, financial account numbers, security codes, passwords, personal identification numbers associated with credit, debit or charge cards, and any other nonpublic information defined in privacy regulations.
Policy period: This period is the time from the inception date of the policy shown in the declarations to the expiration date shown in the declarations, or its earlier cancellation or termination date.
Pollutants: These are any solid, liquid, gaseous, or thermal irritant or contaminant, including smoke, vapor, soot, fumes, acids, alkalis, chemicals and waste; waste includes materials to be recycled, reconditioned, or reclaimed. This definition is common to other ISO forms.
Privacy regulations: This term was added to the 2014 edition of the form and means the Health Insurance Portability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act, the Gramm-Leach-Bliley Act of 1999, Section 5(a) of the Federal Trade Commission Act, the Identity Theft Red Flags Rule, and any other similar state, federal, or foreign identity theft or privacy protection statute or regulation.
Public relations expenses: This means fees and costs of a public relations firm and any other reasonable expenses incurred by the named insured (with the written consent of the insurer) to protect or restore the named insured's reputation solely in response to negative publicity (as defined).
Ransom payment: This is a payment made in the form of cash.
Ransomware: This means any software that encrypts electronic data held within the computer system and demands a ransom payment in order to decrypt and restore the electronic data.
Regulatory proceeding: This term was added to the 2014 edition of the form and means an investigation, demand, or proceeding brought by or on behalf of the Federal Trade Commission, Federal Communications Commission, or other administrative or regulatory agency or any federal, state, local, or foreign governmental entity.
Security breach: This means the acquisition of personal information held within the computer system or in nonelectronic format while in the insured's or an authorized third party's care, custody, or control. The breach must be caused by a person who is not authorized to have access to the information or who is authorized but whose access results in the unauthorized disclosure of the information.
Security breach expenses: These expenses are costs to notify all parties affected by a security breach, overtime salaries paid to employees assigned to handle inquiries from parties affected by the breach, fees and costs of a company hired by the named insured for the purpose of operating a call center to handle inquiries from affected parties, post event credit monitoring costs for parties affected by the security breach for up to one year from the date they are notified of the breach, and any other reasonable expenses incurred by the named insured with the written consent of the insurer.
The 2014 edition of the form added costs to establish whether a breach has occurred; costs to investigate the cause, scope, and extent of the breach; and costs to determine any action necessary to correct or remediate the conditions that led to or resulted from the breach as part of the definition.
This term does not include any costs or expenses associated with the upgrading, maintaining improving, repairing, or remediating any computer system as a result of a security breach.
Subsidiary: Any organization in which more than 50 percent of the outstanding securities or voting rights representing the present right to vote for the election of directors, trustees, managers (for limited liability companies) or persons serving in a similar capacity, is owned in any combination by one or more named insureds, qualifies as a subsidiary.
Suit: As with other definitions in the form, this definition is common to ISO forms and includes a civil proceeding, arbitration, or any other alternative dispute resolution proceeding.
Third party: This term was added to the 2014 edition of the form and means any entity that the named insured engages under the terms of a written contract to perform services for the named insured.
Virus: This is any kind of malicious code designed to damage or destroy any part of a computer system (including electronic data) or disrupt its normal functioning.
Wrongful act: As this term applies to the Web Site Publishing Liability insuring agreement, it means any actual or alleged error, misstatement, or misleading statement posted or published by an insured on its website. This must result in any type of infringement of another's copyright, title, slogan, trade name, trade dress, trademark, service name, or service mark; any form of defamation against a person or organization; or a violation of a person's right of privacy.
As applicable to the Security Breach Liability insuring agreement, a wrongful act is any actual or alleged neglect, breach of duty, or omission by an insured that results in a security breach or a computer system transmitting, by email or other means, a virus to another person or organization.
With respect to the Programming Errors and Omissions Liability insuring agreement, this term means any actual or alleged programming error or omission that results in the disclosure of the client's personal information held within the computer system.
There are several endorsements available for use with EC 00 10. Many of them amend terms of coverage or cancellation in accord with various jurisdictions' statutes, regulations, or insurance code, and so will not be reviewed here.
Endorsement EC 10 03 01 14, Nonbinding Arbitration, gives both the insured and the insurer the right to make a written demand for arbitration as to whether a claim against a named insured is covered, as opposed to arbitration to set the amount of the loss.
Specified individuals can be added as employees by scheduling them on EC 20 02 01 14, Include Specified Individuals as Employees.
Endorsement EC 20 03 01 14, Amend Territory Condition for Wrongful Acts or Suits, allows the insured to exclude certain territories for wrongful acts or to include certain territories in which a suit can be brought.
Endorsement EC 20 04 01 14, Amend Territory Condition – Suits Worldwide, modifies the territory condition so that wrongful acts occurring anywhere in the world, or suits brought anywhere in the world, are not precluded.
Endorsement EC 20 05 01 14, Agreed Value for Business Income, modifies the amount of business income payable. The number of hours elected for the waiting period deductible is subtracted from the total number of hours of interruption; the result is multiplied by the agreed value hourly amount. Any business income loss payable under this formula is reduced to the extent that the reduction in business generated over the Internet is offset by any increase in volume of business from mail or telephone.
Includes copyrighted material of Insurance Services, Office, Inc., with its permission.
This premium content is locked for FC&S Coverage Interpretation Subscribers
Enjoy unlimited access to the trusted solution for successful interpretation and analyses of complex insurance policies.
- Quality content from industry experts with over 60 years insurance experience, combined
- Customizable alerts of changes in relevant policies and trends
- Search and navigate Q&As to find answers to your specific questions
- Filter by article, discussion, analysis and more to find the exact information you’re looking for
- Continually updated to bring you the latest reports, trending topics, and coverage analysis
Already have an account? Sign In Now
For enterprise-wide or corporate access, please contact our Sales Department at 1-800-543-0874 or email [email protected]