When Kevin La Croix asks in his recent D&O Diary article whether privacy issues represent the next big D&O liability exposure, the question is clearly rhetorical and the answer a firm 'yes'. 

Now GDPR is in force, the new rules tremendously increase organisational duties on management to provide for compliant behaviour. Data management systems will need to be established, adding further complexity to general compliance management, and, in case of breaches, creating new exposures for companies, their directors and, thus, D&O insurers.

Given this further example of heightened regulation, it is necessary for insurers to revisit underwriting procedures if they want to continue providing reliable and profitable coverage in this area. It is remarkable how intense underwriting sometimes is in relation to cyber policies, whereas a simple warranty statement will often be sufficient for placing D&O risks. 

There are interconnections between cyber and D&O risks that that should be considered too. And there needs to be an honest risk dialogue, however burdensome that might be. 

Together with leading FID&O experts from our international offices in the US, UK, France, Spain and Germany, this week, we will be discussing these developments with the industry during our European Roadshow visiting Madrid, Munich, Dusseldorf and Paris. If interested, please reach out for further news and invitations.