Why Tech Underwriters Still Care More About Contracts Than Cloud Risks
In the rapidly evolving landscape of technology, where cloud computing, artificial intelligence, and cybersecurity threats dominate headlines, it’s easy to assume that tech insurance underwriting has shifted its focus entirely to these emerging risks. However, the reality is that tech Errors and Omissions (E&O) underwriters still place significant emphasis on a seemingly old-fashioned element: contracts. While new technologies introduce novel challenges, the fundamental principles of risk assessment and liability remain firmly rooted in contractual obligations.
Table of contents
The Enduring Importance of Contractual Agreements
Despite the buzz around AI, cloud services, and IoT, the core underwriting approach for tech E&O insurance hasn’t fundamentally changed. As Erin Eisenrich, Vice President of Technology E&O and International at Berkley Technology Underwriters, points out, the technology may evolve, but the core underwriting principles remain consistent. Insurers are primarily concerned with how the failure of a client’s product or service could financially harm a third party. This concern transcends the specific technology involved, whether it’s a SaaS platform, an IoT device, or an AI algorithm. The exposure to third-party financial harm has always been a central tenet of tech E&O underwriting.
The industry has witnessed shifts in scale rather than scope. Digital connectivity, increased regulatory scrutiny, and a rise in cyberattacks have amplified the potential impact of errors and omissions. Insurers now evaluate the potential for cascading failures across interconnected systems. This means underwriters must consider the downstream impact of increasingly digitized environments, especially concerning embedded technologies and cloud computing. While these technological advancements introduce new layers of complexity, the underlying concern remains: How does the contract define the responsibilities, liabilities, and remedies in case of a failure?
The Contract as the Cornerstone of Risk Assessment
For tech E&O underwriters, a breach of contract is often considered the most significant exposure for a technology client. The contract outlines the specific obligations of the tech company to its customers, including service levels, performance guarantees, and data security measures. When these obligations are not met, it can lead to financial losses for the customer, which can then trigger a claim against the tech company’s E&O policy. Therefore, underwriters carefully scrutinize contract language to identify potential areas of risk and assess the potential for liability. For instance, vague or ambiguous language, overly broad warranties, or inadequate disclaimers can significantly increase the risk of a claim.
The extent of contract review varies depending on the size and complexity of the client’s business. For smaller businesses, policies tend to be more transactional, and comprehensive contract reviews are less common. However, for mid-market and larger clients, underwriters delve into the details of their contracts, examining service level agreements (SLAs), indemnification clauses, and limitation of liability provisions. One major red flag that underwriters look for is whether the limitation of liability clause is clearly defined and enforceable. A poorly written or unenforceable limitation of liability can expose the tech company to potentially unlimited damages, which can be a significant concern for underwriters.
Cybersecurity and the Blurring Lines of E&O
While contracts remain paramount, cybersecurity considerations have become increasingly intertwined with E&O underwriting. For tech clients, E&O and cyber coverages are becoming inseparable. Underwriters are now evaluating both how a company protects itself (internal cybersecurity practices) and how it protects its clients (third-party risk management). This dual perspective reflects the growing recognition that a cybersecurity incident can easily lead to an E&O claim if it results in a service disruption, data breach, or financial loss for the client.
The increasing importance of cybersecurity is evident in the evolving underwriting requirements. Multi-factor authentication (MFA) has become a baseline requirement, and the focus is shifting toward endpoint detection and response (EDR) and managed detection and response (MDR). These security measures are not only essential for protecting the tech company’s own systems and data but also for demonstrating a commitment to protecting its clients’ data and systems. The example of an IT consultant recommending a third-party security vendor highlights the complex claims scenarios that can arise. Even if the consultant is not directly responsible for a vendor’s failure, they could still be sued for recommending it, underscoring the need for careful due diligence and risk assessment.
AI and the Future of Tech Underwriting
Artificial intelligence presents a new frontier for tech underwriters. The widespread adoption of AI has outpaced regulation and established case law, creating uncertainty about coverage, claims settlement, and pricing. Questions arise about which policy—Directors and Officers (D&O) or E&O—should cover AI-related risks, blurring the lines between traditional coverages.
The industry is likely to see the rise of blended D&O/E&O policies to address these challenges. This approach simplifies coverage and eliminates ambiguity about which policy should respond to a claim. As the technology continues to evolve, underwriters will need to adapt their strategies to address the unique risks associated with AI. However, the fundamental principles of risk assessment and contractual obligations will remain central to the underwriting process.
Conclusion
While emerging technologies like cloud computing and artificial intelligence are reshaping the tech landscape, contracts remain the cornerstone of tech E&O underwriting. By carefully scrutinizing contract language, assessing cybersecurity practices, and staying abreast of evolving legal and regulatory developments, underwriters can effectively manage the risks associated with technology companies. As the industry continues to evolve, a deep understanding of contractual obligations will remain essential for navigating the complex world of tech E&O insurance.
Disclaimer: The information in this article is for general guidance only and may contain affiliate links. Always verify details with official sources.
Explore more: related articles.
