Running a business is inherently risky, and while you can’t protect your business against every threat it faces, it’s important to protect yourself and your company in any way possible. Purchasing business insurance is a way to mitigate risk and protect your company against unforeseen events. Here’s a look at the concept of risk in business insurance, how insurance companies assess risk and what you can do to reduce risk as much as possible.
As a business owner, you’re likely familiar with how to file an insurance claim. But many owners aren’t aware of how insurance companies view risk and how this factors into your coverage and costs.
Editor’s note: Looking for the right liability insurance for your business? Fill out the below questionnaire to have our vendor partners contact you about your needs.
Insurance risk is the likelihood that an adverse event will occur, resulting in a loss. This adverse event triggers an insurance claim the insurance company will pay (if it’s a qualifying event).
When it sells you an insurance policy, the insurance company takes on the risks associated with your company under the parameters of the types of policies you have.
A business owner buys an insurance policy to gain financial protection from certain risks or perils. After they purchase the insurance policy, a risk transfer takes place. The insurance company assumes the risk in exchange for a regular payment, called a premium.
After the insurance company assumes the risk of financial loss, it places the business in a “risk pool,” a large group of businesses that share common risks of incurring losses. In other words, the insurance company spreads its financial risk over a large pool of contributors that are all paying premiums.
Insurance companies assess risk through underwriting and claims data.
During an insurance applicant’s review process, underwriters use objective and subjective information to assess the risk associated with the applicant. For example, does the business have a security system (objective information)? Does the building look secure (subjective information)?
The underwriter also gains objective information from computer-generated loss runs, meaning it looks at your business’s claims history and experience rating mods and worksheets. For instance, the Workers’ Compensation Insurance Rating Bureau of California (WCIRB) says it provides a merit rating percentage to qualified policyholders. “The rating percentage is calculated based upon the policyholder’s audited payroll and losses for three consecutive policy periods, as reported to the WCIRB by the policyholder’s insurance company,” the bureau notes.
The data-gathering process might be specific to the insurance coverage being sought. For example, the property underwriter may obtain an Insurance Services Office (ISO) property report. Your underwriter will also evaluate business-specific data. According to Elliot Whittier Insurance, your insurance underwriter may review:
Elliot Whittier Insurance recommends that business owners track time and payroll for different work and job categories, which allows for the lowest workers’ compensation premiums that still protect both workers and the company. In addition, it offers the following suggestions:
After the insurance company gathers all the relevant data, the next factor is rating. The rating system assigns a price based on what the insurer believes it will cost to assume the financial responsibility for the applicant’s potential claim.
Underwriting will sort applicants into groups (risk pools) that present similar risk levels and then accept, deny or limit coverage for each applicant group. Underwriting sets a rate for each pool based on claims data for the group’s applicants. If a pool has claims data with higher average losses, it will have higher assigned premiums.
Underwriting is not a one-size-fits-all approach. Each insurance company has its own determining factors when evaluating a pool.
Now that we’ve examined how underwriters deny or limit coverage for a group of applicants, here are some examples of common insurance risk types in business.
Below is a list of the costliest claims reported for small businesses, according to claims data from insurer The Hartford. [Learn more about this provider in our in-depth review of The Hartford.]
We also include suggestions for the business insurance coverage type that could help mitigate this risk. (Be sure to check for policy restrictions or coverage waivers.)
These recommended policies are examples, but it’s critical to check with your insurer for policy details and speak with an insurance agent to address your specific business needs.
As a business owner, you should be aware of these other common claims.
Pandemic-related risk has been a hot topic as it relates to business interruption insurance, risks associated with workers who interact with the general public (third parties), and workers who could file a workers’ compensation claim.
On May 28, 2021, the U.S. Equal Employment Opportunity Commission (EEOC) updated its guidance related to COVID-19, vaccines, and the workplace, saying that workers can file a workers’ compensation claim if they have an adverse reaction to a vaccine after an employer-issued vaccination mandate (however, this doesn’t guarantee the claim will be filed).
As far as business coverage for COVID-19 is concerned, total claims can, at most, be kept within limits of available capital. Only a few businesses have bought pandemic-related coverage, probably because the price may be too high for the protection offered, according to an economic briefing held by Triple-I chief economists Steven Weisbartt and Michel Leonard.
The primary way to reduce risk is to institute a formal loss control program, which helps policyholders reduce claims using risk management and safety resources and training.
There are a few other ways to reduce risk:
Some insurers offer risk management programs for their insurance policyholders. Many other insurers also offer risk control representatives, who can give suggestions and guidance.
For instance, CNA’s risk control consultants can guide you through the contractual risk transfer as you enter into a contract with an outside entity (a subcontractor, tenant or service provider), which creates a new set of risks and liability issues.
CNA also features PrepWise, which helps with risk assessment. This includes CyberPrep, which focuses on a business’s cyber risk and is available to all CNA cyber policyholders. Learn more in our CNA review.
Insurance companies help policyholders mitigate risks associated with auto accidents. For instance, a common risk is distracted driving.
According to a Travelers Insurance survey, 1 in 4 businesses have had an employee get in a distraction-related crash while driving for work. Companies can buy distracted-driving policies to insure against this risk.
Travelers also offers its customers low-cost ways to reduce risk, such as asking employees to set their phones to “do not disturb” and forbidding texting while driving.
Your business can also use risk management software to analyze data from previous accidents and claims to learn how the risk could have been mitigated.
Cyber risk is among the top concerns of businesses surveyed in the 2020 Travelers Risk Index. The insurer recommends that companies use a business virtual private network (VPN) instead of a Remote Desktop Protocol, since a VPN allows for data encryption and protects sensitive or private information. Travelers also recommends using multifactor authentication.
Travelers points out that some roles within a company aren’t suitable for remote work because they’re at high risk of creating legal issues if the data is compromised. For example, consider a business that retains testing or other COVID-related information on an administrator’s laptop. Under the Health Insurance Portability and Accountability Act (HIPAA), any covered entity or business associate that collects, processes, or stores protected health information is required to implement security and privacy controls to protect its confidentiality, integrity and availability (also known as the “CIA triad”).
Travelers warns businesses that employees working from home should never allow anyone to access company resources. Employees should use only company-authorized devices for remote work, and they should dispose of company documents properly.