Mind the BI gap

02 February 2016

Businesses need to urgently reassess their supply chain coverage because of gaps in traditional business interruption insurance. 

The scope of available supply chain insurance is insufficient according to many UK risk managers. UK companies should review the increasing complexity of their supply chain and evaluate the related risk exposure, concluded a survey by Airmic, the UK association for risk and insurance management professionals. Weaknesses in existing business interruption insurance coverage have been demonstrated by several recent events, particularly by the Icelandic ash cloud, said the report.

There are many supply chain insurance products available, but they might not provide full coverage for all supply chain risks. Business and contractual solutions to supply chain risks are currently more common than insurance solutions, found Airmic's report. Insurance products are being developed that are relevant to the range of supply chain disruption that can occur, but these can be costly and the take-up is limited.

Evolving cover

Awareness of the potential inadequacies of current insurance is growing but the consequences of not getting to grips with the issues are too often overlooked. Many UK companies are unable to absorb the potentially massive costs of long periods of stalled production. The Japanese earthquake and Thai floods, for example, saw supplies of key components disrupted for months, which had a knock-on effect on final production in many firms. "Any company that relies on thirdparty overseas operations for any part of their intentions with specific text in policy wordings. Most refer to ‘loss' or ‘damage' being required and the exclusion definitions have become more detailed.

Where there is a financial limit per specified or unspecified supplier (for example £5 million), then cover is certainly inadequate where this proves to be less than the scale of the exposure. It is here that an insured is required to undertake the analysis and procure the right level of coverage. 

However, experience has shown that unforeseen gaps may not be clear without stress testing. Adrian Brennan, Partner at Echelon Claims Consultants, warns: "The traditional approach to insuring the supply chain by extension to the main policy provides perfectly good cover where there is a standalone loss arising from an insured event such as a fire or explosion. Yet, in a natural catastrophe environment or widespread event such as the Japanese earthquake, existing policy wording is unlikely to fully indemnify the policyholder for all of their supply chain losses." Examples of uninsured loss in Japan include the nuclear explosion concerning the Fukushima power plant, the impact of rolling power outages caused by the government shutdown of power generation from undamaged nuclear power plants, travel advisory warnings reducing visitors and affecting tourism, and risk of nuclear contamination to the water supply/food chain. 

In Thailand, there have been issues regarding denial of access, uninsured damage to the supply chain, and what constitutes the act of a competent authority. For the latter, companies were instructed by industrial estate management to leave their premises as the flood approached rather than mandatory evacuation notices being served as might be the case with hurricanes in the US.

Insurers are responding to the desire for wider protection that addresses nonphysical damage events such as insolvency of a key supplier, the risk of cyber attack or regulatory shutdown, for example with earnings and product integrity cover that offers BI protection against these risks as well as product recalls and loss of intellectual property rights. Another policy provides cover for all damage and nondamage events subject to a list of exclusions.

Yet this still may not be enough for today's sometimes torturously convoluted supply chains. These bespoke solutions are more expensive, Brennan says. "The policy limits provided by insurers for these policies should be attractive to mid-market companies. The downside is the cost and the high level of self-insured risk usually associated with this product. Standalone supply chain insurance could cost between four and eight per cent of the sum insured."

Managing the risk

Despite this choice of insurance products, companies' take-up has been limited. A fundamental issue, as highlighted by the Airmic report, is the supply chain risk management process. Poor management can compromise insurance cover and may curtail a claim settlement. After all, insurance companies can only offer cover based on the information given to them.

This can be especially challenging for companies that lack the significant resources needed to fully investigate their supply chain. Nevertheless, Cracknell stresses, it is vital not to just ignore the issue and hope for the best.

Understanding a company's exposures is the first step. A BI review involves a comprehensive identification and evaluation of BI exposures: an assessment of insurable exposures, key vulnerabilities and operational interdependencies, together with an understanding of how losses arise, the resultant business impact and ensuing costs.

The resultant technical report explains the adequacy of current policy arrangements with recommendations for possible improvements, including strategic advice on the status of any existing business continuity management programme, ensuring a clear link between insurance and risk management.

More specific services are also on offer. Modular supply chain risk management services offer a structured approach to evaluating supply chain risks. "The risk analysis needs to be around the ability to source those same raw materials, components, partly finished goods and complete products from other suppliers if something happens to the ones you are dealing, for example," Cracknell says. "It's also about understanding the timeframe - how long will it take to bring another supplier on-stream?"

Brennan advises building a map of suppliers to more clearly understand risks related to geographical location. Many suppliers of similar products are clustered together so an event like a flood may take out alternate suppliers based nearby (see box).

Experts can draw on existing data to calculate the impact on financial accounts should a critical supply point be lost. This information aids organisations in understanding their position more clearly before implementing mitigation measures and reducing risk to an acceptable level.

Contractual risk management may also help. Specialist legal guidance on best practices in the allocation of risk and responsibility in third-party contracts will ensure that contract negotiations are undertaken with a proper understanding of the issues. 

According to Brennan, these services work best as components of an integrated solution. All stakeholders have a role to play - insureds, insurers and brokers - in providing tailored and affordable protection. "The future of supply chain insurance cover is in ensuring that insurance solutions evolve to meet the specific needs of the client and address issues such as non physical damage in a way that is accessible to mid-market and FTSE 100 companies alike."

Mapping your supply chain exposures

Neglecting supply chain risks can be extremely costly even if insurance is in place, as a company supplying components to a hard disk drive manufacturer in Thailand discovered. The company had not mapped its supply chain risks and had failed to insure for losses resulting from damage at its key customers' and suppliers' premises.

Flooding caused significant property damage at the insured company's premises, which in isolation would have resulted in a substantial BI claim. However, the lack of customer or supplier cover resulted in insurers reducing the recoverable loss. The settlement received from insurers was £20 million. Had the supply chain risks been fully insured at the time of the loss the settlement would have been £30 million. 

Mapping your supply chain will help avoid a similar situation. Below is a guide to producing a comprehensive supply chain analysis:
  • Divide your supply chain into product groups
  • Map out critical points in the supply chain, identifying key suppliers and their risk exposures (for example, to flood)
  • For each supplier consider: 

a) What alternatives you have

b) How much stock you hold 

c) Whether contracts are fit for purpose

  • Estimate the total interruption loss across all affected products for a major fire at each supplier
  • Evaluate the benefit of implementing risk mitigation actions per supplier
  • Estimate the impact of different threat scenarios where these values vary from a fire scenario
  • Generate reports for internal and supplier use.

First published in Whiteboard, April 2013.