Save the date: 2020 Miami Latin American Claims (Re)Insurance Forum

Forum2020_header_blog-01

Kennedys and QLDG are pleased to announce the dates of the 2020 Miami Latin American Claims (Re)Insurance Forum, the event of choice for the insurance industry in the region where key industry experts gather and analyze relevant underwriting and claims issues, trends, and developments in Latin America & the Caribbean.

As every year, topics and case studies are carefully chosen based on current affairs and the feedback received from the market. For this upcoming edition, in addition to the highly rated panels with regional and local market leaders, topics for debate will include:

• Cyber
• D&O / BBB
• BI (property / energy)
• Marine
• Surety / Construction
• Efficiency of innovative underwriting/claims tools
• Difficult legal issues such as moral damage and limitation.

Certain Risk Managers will be invited again this year to join and enrich the sessions.

The Forum presents an excellent opportunity for networking with top industry professionals. In the past edition, we had 220 participants and more than 30 (re)insurance carriers from Europe, Latin America, and the US.

Don´t forget to mark your calendar:  June 16th – 19th 2020

Where: Four Seasons Hotel Miami – 1435 Brickell Ave. Miami, FL 33131

More information and registration details to come.
Contacts:
Juan E. Lopez-Santini: jlopez@qldg.com
Alex Guillamont: alex.guillamont@kennedyslaw.com
Hilda Welcker: hilda.welcker@kennedyslaw.com 

Posted in Conferences, cyber, Cyber Risks in Latin America, Events, Insurance Event, insurance seminar, Miami Latin America Claims (re) Insurance Forum, Other | Tagged , , , , , , , , , , , , | Leave a comment

Highlights of the 2019 Miami Latin American Claims (Re)Insurance Forum

Miami Palm Trees low res

The fifth annual Miami Latin American Claims (Re)Insurance Forum, hosted by Kennedys and QLDG in June 2019, was a resounding success. The 2020 forum will take place on June 16th –19th 2020 and details will be announced soon.

The 2019 edition was attended by in excess of 215 delegates from around the globe.  The mix of delegates included as many as 45 industry-leading speakers from companies, including AGCS, AIG, AXA-XL, Axis Capital, Beazley, Brit, Chubb, Continental Seguros, Everest Re, FM Global, Generali, Hannover Re, Helvetia, Hiscox MGA, IRB Brasil Re, Liberty, Munich Re, Pacífico, Partner Re, R+V De, Rimac, SBS Seguros, Scor, Starr, StarStone, SURA, Swiss Re, Trans Re, Travelers, Validus Re, and Zurich.
For details, you can check the 2019 Forum’s program here.

The 2019 Forum kicked off with the Regional Market Leaders Outlook Panel, always an audience favorite,  where the most relevant issues affecting the (re)insurance industry over the last year as well as pertinent topics for the near future were discussed. This year the panel engaged in a lively discussion on inclusion and diversity in leadership, China’s growing influence in Latin America, the future market impact of Venezuela, and the London market’s role in Latin America in light of a global hardening market.

After a productive coffee break, a session on the Contraloría of Colombia’s recent decisions on claims-made policies and how these decisions affect financial lines policies followed. The panel discussed the recent increase in Securities Class Actions originating from Latin America, the Lava Jato investigation’s role in the increase, the legal basis behind these class actions, and how underwriters are adapting their pricing models to account for this new risk.

The first day of the Forum closed with two very interesting panels. The first was on Regional Issues with BI in the specific context of mining and energy losses and the second one, completely dedicated to Brazil presented coverage success stories in property losses.

Day 2 of the Forum opened with another innovation by its organizers. For the first time, the Forum gathered Local Market Leaders to provide their insight on the most trending issues affecting their particular markets where the panelists led an engaging discussion on market penetration, a hardening market, the role technology will play in adding value to the (re)insurance business, and the role of parametric insurance in the future.

This was followed by a panel discussing the legal issues commonly found when dealing with claims in Latin America and, particularly, in specific jurisdictions such as Argentina, Brazil, Colombia, Mexico and Venezuela. The session started explaining the effects of inflation on the adjusting process of claims and the insured amounts when dealing with claims in jurisdictions with high inflation rates and hyperinflation. Then, the application of judicial interest, legal interest, and inflation in Brazil, Colombia and Mexico and how these calculations can increase a claimed amount when in litigation. The panel further discussed the repercussions of the OFAC sanctions when making payments of claims to individuals that may be included in the Specially Designated Nationals Lists and the compliance and due diligence a company must carry out in order to avoid any breach to the OFAC sanctions and how the OFAC sanctions may affect underwriting business in risky jurisdictions. The session ended with an overview on the regulatory changes expected in the region and how they would affect the insurance industry, if passed.

We then moved to an extremely interesting panel on cyber (re)insurance. It opened with an overview of the latest developments in technology in the past year, focusing in on machine learning and autonomous vehicles. They also discussed on how the (re)insurance industry should better prepare themselves for cyber risks, how to manage property risks in the cyber era and the dangerous of Silent Cyber. This conversation transitioned to a perspective on social engineering and how losses stemming from it may fall under the cover of a BBB policy.

Day 2 closed with mock mediation on environmental liability. The mock mediation related to a claim emanating from an oil pipeline spill caused by illegal tapping by the fictional Olive Oil (insured), helped explain the benefits of mediation as a method of dispute resolution.

We wrapped up the Forum with a final day of two panels discussing construction risks in LATAM. A hypothetical Building Information Model (BIM) of a tunnel project in Peru showed how BIM could be used both at the earliest stages of construction, thus saving time and money and minimizing risk and how Loss Information Modelling (LIM), a technology developed by JS Held, could be used to analyze claims. It was fantastic to see the use of BIM to access disaster sites, which would have otherwise been impossible to access. Given that BIM will become compulsory on large construction projects in Brazil in the near future, it led to a very lively debate amongst the panelists and the delegates. The panel also highlighted the important distinction between “a defect” and “defective design,” which included, amongst many laughs, a broken glass and a bag of toilet roll. Having set the stage, the BIM model came alive with a hypothetical tunnel claim that the panelists used to discuss the important, but often, misunderstood concepts of defective design, exclusion clauses, and specific challenges encountered on tunnel projects.

The final panel used the same hypothetical case study of the tunnel in Peru and allowed an adjuster to discuss the importance of considering when the loss arises—whether during construction, the maintenance period, or in the operational phase of the project—and how different policies would respond accordingly. This is an issue regularly seen in LATAM as there is often a lack of clarity in policy language on when one phase ends and another one begins. This fed in nicely to a discussion with forensic accountants who considered how they would calculate a Delay in Start-Up claim and how BIM may help with this. The lively session, accompanied by a hard hat worn by the panelists to symbolize that they were speaking as a “risk manager,” rounded off the Forum nicely with a case study considered from beginning, middle, and end.

After hearing all the engaging panels, the future of the industry in Latin America looks positive and with lots of opportunities. The number of companies attending the Forum has been increasing through the years, in 2019 we had a record of companies attending and we expect it to continue growing. 2020 Miami Claims (Re)Insurance Forum will be held at the Four Seasons hotel in Brickell from June 16th to June 19th 2020. Topics and registration details will be announced soon.

Authors: Alex Guillamont, Head of Latin America and Caribbean and Javier Vijil, Associate at Kennedys.

 

 

Posted in Conferences, Events, Insurance Event, Miami Latin America Claims (re) Insurance Forum, Other | Tagged , , , | Leave a comment

Upcoming panel discussion in Miami on September 12th: To what extent can technology reduce risks in construction projects in US and Latin America?

SCL flyer Sept 12 event

Image | Posted on by | Tagged , , , , , | Leave a comment

Upcoming Women in (Re)Insurance event in Miami on August 27th 2019

women in reins aug 2019

Image | Posted on by | Tagged , , | Leave a comment

An overview of cyber legislation in Latin America

Computer source code programmer script developer.

A year ago, the Governor of California signed the California Consumer Privacy Act of 2018 into law. Known as the first comprehensive privacy regime in the United States, the Act imposes on businesses significant privacy obligations, creates a number of privacy rights, and provides for enforcement both through private right of action and regulatory enforcement.

Just a few weeks earlier, on 25 May 2018, the European Union’s General Data Protection Regulation (GDPR) became enforceable. Under the GDPR, which aims to give European citizens and residents control over their personal data and to simplify the regulatory environment, a processor of personal data, amongst other obligations, must clearly disclose any data collection, declare the lawful basis and purpose for data processing, and state how long data is being retained and if it is being shared with any third parties or outside of the EU.

These landmark pieces of legislation are indicative of a growing concern, around the world, for one’s personal information, who has access to it, and how it is protected. The widespread outrage to recent data protection scandals such as Cambridge Analytica, which compromised the data of millions of Facebook users in the US, Europe, and the UK, further punctuate this concern.

This preoccupation with personal data security has extended to Latin America, where legislation is emerging to address these concerns. In 2016, the Inter-American Development Bank issued a report putting the cost of cybercrime in Latin America at approximately US$90 billion per year. The report also found that the region in general suffers from a low level of public awareness when it comes to cybercrime and data security; furthermore, many jurisdictions have no legislation in place to force private firms to disclose if they have been victim to cyber-attacks.

The purpose of this article is to provide an overview of the current legislative framework in the region, focusing on the region’s biggest jurisdictions. We will focus on the following key questions:
1 Who are the data protection authorities?
2 Is data breach a defined, legal term?
3 What are the data breach notification requirements, if any?

Argentina

Per the Ley de Protección de Datos Personales (Ley 25.326/2000), the relevant data protection authority in Argentina is the Dirección Nacional de Protección de Datos Personales.

While Argentinian legislation does not define data breach per se, there are several examples of breaches detailed and regulated in the law. Data breaches are also further categorized as light breach, serious breach, and very serious breach.

In terms of notification requirements, there is no requirement to notify the data owner of a personal data breach. However, current legislation is being proposed to make it obligatory to notify both the Dirección Nacional de Protección de Datos Personales and the owner of the compromised data.

Brazil

On 14 August 2018, the Brazilian Congress passed a bill related to personal data protection and its corresponding law, Law 13.709, was subsequently approved. This law is enforceable 18 months after its approval—February 2020.

Taking lessons from the GDPR, the law defines personal data, sensitive personal data, anonymous data, database, owner of the data; controller; operator (processor), etc. However, some provisions must be complemented by additional laws/regulations that are still in their early stages of growth. For example, the breach report communication and the methodology of the administrative sanctions require further regulations.

Regarding the relevant data protection authority, the original text of the bill established the creation of a specific authority, reporting to the Ministry of Justice. However, the Brazilian President removed this provision from the final wording of the law. Until it is determined whether a specific regulatory agency or administrative body will be created, the Brazilian Public Prosecutor, the Ministry of Justice and the Consumer Protection Authorities are the entities responsible for commencing/conducting any proceedings concerning the breach of Law 13.709.

While Law 13.709 does not define personal data breach specifically, it defines personal data as information related to a person’s identity and further defines sensitive personal data as information related to a person’s race or ethnicity, religious convictions, political opinions, health and sexual life, and genetic or biometric data.

Finally, in the case of a data breach, the data controller must report the incident to both the relevant authorities and the affected individual. The communication must be made within a reasonable time and must at least inform: i) the personal data affected by the breach; ii) a description of the technical and security processes used to protect the personal data; iii) the risks concerning the breach; and iv) the steps adopted to mitigate the breach.

Chile

Chile’s Law 19.628/2011 establishes some data privacy regulations; however, this law applies only to public entities. While the Council for Transparency handles compliance with Law 19.628, there is no regulatory authority that monitors compliance with data privacy laws by the private sector.

Law 19.628 does not define data breach; however, it defines personal data as information relating to a natural person’s identity. It further defines sensitive data as personal data that refers to a natural person’s physical or moral characteristics or facts or circumstances of their private or intimate life, such as data relating to a person’s habits, race, ideologies, political opinions, religious beliefs, physical and mental health, and sexual life.

In terms of notification requirements, there is no requirement to notify the data owner of a personal data breach.

Colombia

Per Colombia’s Law 1581/2012, the Superintendencia de Industria y Comércio is the relevant data protection authority. However, with respect to financial data and financial entities, the relevant authority is the Superintendencia Financiera.

While Law 1581/2012 does not establish a legal definition of data breach itself, there are established principles and obligations that should be followed in order to avoid allegations of non-compliance with Law 1581/2012.

Notification of a data breach should be addressed to the Superintendencia de Industria y Comercio, but there is no obligation to notify the data owner.

Mexico

Mexico’s Ley Federal de Protección de Datos Personales en Posesión de Particulares (LFPDPPP), passed in 2010, establishes the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales as Mexico’s data protection authority.

Mexico is one of the few countries in Latin America that has a specific legal definition for data breach: “any damage, theft, loss, alteration, modification, destruction or unauthorized use, copy, access or processing of personal data” (Article 63 of the LFPDPPP).

Mexico is also one of the few countries that requires owners of data that has been compromised to be notified of such. The LFPDPPP requires that “any breach that significantly damages pecuniary or non-pecuniary rights must be notified to the owners of the data immediately, once the data holder/controller confirms the breach and takes actions to begin an exhaustive investigation process to determine the breach’s magnitude, so that the data owners can take measures accordingly” (Article 20 of the LFPDPPP). The notification must inform: i) The nature of the breach; ii) the compromised personal data; iii) recommended measures to protect the data owner’s interests; iv) the corrective measures that immediately took place; and v) the means by which the owner of the data can get more information on the breach (Article 65 of the LFPDPPP).

Peru

We conclude our journey through the region’s legislative framework in Peru. Law 29733/2013 establishes the Autoridad Nacional de Proteccion de Datos Personales, a part of the Ministry of Justice, as the data protection regulator.

Law 29733 does not define data breach; however, non-performance of the principle and obligations established under Law 29733 is considered a breach per se.

In terms of notification requirements, there is no requirement to notify the data owner of a personal data breach.

Conclusion

As can be seen from our legislative overview, while cybersecurity and data privacy legislation is still nascent in Latin America, concern and interest is growing. As has usually been the case in the past, and as demonstrated by Brazil, we believe those jurisdictions whose current legislation is lacking will quickly take cues from the GDPR, cybersecurity legislation in the United States, and more sophisticated jurisdictions in Latin America. Development will be quick; and with development comes risk that will have to be properly addressed by (re)insurance carriers throughout the region.

Authors: Alex Guillamont, Head of Latin America and Caribbean at Kennedys and Javier Vijil, Associate at Kennedys’ regional hub in Miami.

Posted in cyber, Cyber Risks in Latin America, Other | Tagged , , | Leave a comment

Risky business: the increase in US securities class action originating from Latin America

Tightrope walker concept of risk taking and challenge

Over the past 10 years, there has been a record increase in the filing of securities litigation against foreign companies that issue securities in the United States, most commonly via American Depository Receipts (ADRs). Between 2014 and 2018, 202 cases against foreign companies were filed in the United States, representing a 41% increase in filings, with nearly every region experiencing a major jump in the number of suits. 26 of these cases have specifically been filed against Latin American companies.[1]

In a correlated manner, the average settlement value of these actions has also increased at an astonishing rate over the past five years. From 2014 to 2019, total settlements increased 581% from US$657 million (2008-2014) to US$4.5 billion (2014-2018). The average settlement value for actions brought in Latin America is US$16.8 million; however, it is worth noting that there is an outlier — the settlement value entered into by Petrobras in the action arising out of the Lava Jato scandal, valued at US$3.3 billion.[2]

Our experience corroborates these findings, having seen more and more US securities actions filed against our clients’ insureds in Latin America. As an example, in addition to the Petrobras class action mentioned above, over the past years, we have dealt with US securities actions filed against Argentina’s largest real estate company, Peru’s largest construction company, and a Brazilian mining giant.

Given the increased prevalence, and potential exposure, arising out of US class actions filed against Latin American companies, we believe it would be useful to provide a brief overview of the most common type of securities action filed against Latin American companies in the United States, Section 10b-5 actions brought under the 1934 Securities Exchange Act, and a common problem (re)insurers face in adjusting these claims in the context of D&O (re)insurance and these policies’ willful misconduct exclusion.

The United States Congress enacted the 1934 Securities Exchange Act in response to the stock market crash of 1929 and the resulting Great Depression. The key provision of the Securities Exchange Act is Section 10(b), which, along with Security Exchange Commission (SEC) Rule 10b-5(b) promulgated thereunder, broadly prohibits deception, misrepresentation, and fraud “in connection with the purchase or sale of any security” based on any public corporate statement. Specifically, Rule 10b-5 prohibits the use of any “device, scheme, or artifice to defraud,” and creates liability for any misstatement or omission of a material fact, or one that investors would think was important to their decision to buy or sell a security.

Claims brought under Section 10(b) of the Securities Exchange Act are subject to a heightened pleading standard. Specifically the Second Circuit, which is the judicial circuit encompassing New York City where the vast majority of these actions are filed, has found that in order to succeed under these provisions, a plaintiff bears the burden to prove that (1) the defendant made a material misrepresentation or omission; (2) with scienter; (3) a connection between the material misrepresentation or omission and the purchase or sale of a security; (4) reliance by the plaintiffs on the alleged material misrepresentation or omission; (5) economic loss suffered by the plaintiffs; and (6) loss causation.[3]

A particularly interesting discussion can be had on the scienter requirement in 10b-5 claims and its relation to the willful misconduct exclusions typically found in D&O policies. Black’s Law Dictionary defines scienter as “a mental state consisting in an intent to deceive, manipulate, or defraud. In this sense, the term is used most often in the context of securities fraud.” Thus, scienter is a term comparable to the concept of dolo in Latin American jurisdictions.

Furthermore, in the Second Circuit, “a strong inference of scienter can be established by alleging facts either ‘(1) showing that the defendants had both motive and opportunity to commit the [alleged] fraud or (2) constituting strong circumstantial evidence of conscious misbehavior or recklessness.’”[4] Further backing this jurisprudence, the US Supreme Court has found that “every Court of Appeals that has considered the issue has held that a plaintiff may meet the scienter requirement by showing that the defendant acted intentionally or recklessly.”[5]

At the same time, recklessness is defined as “conduct whereby the actor does not desire harmful consequence but nonetheless foresees the possibility and consciously takes the risk; gross negligence; recklessness involves a greater degree of fault than negligence but a lesser degree than intentional wrongdoing.” As such, recklessness is a term comparable to the concept of culpa grave in Latin American jurisdictions.

Therefore, a guilty verdict in a 10b-5 action necessarily has the effect of triggering the willful misconduct exclusions typically found in D&O (re)insurance policies, which have the effect of precluding coverage for claims arising out of an insured’s intentional misconduct or gross negligence.

This leads to a scenario where (re)insurers and their insureds have conflicting interests in the litigation, with the (re)insurers potentially wishing to see litigation through to the end to assure that any potential indemnities are properly paid and with the insured, understandably, wishing to settle the matter to save themselves time, money, and the threat of an adverse judgment. However, it must be noted that because willful misconduct exclusions may only be applied once a final judgment confirming the insured’s guilt is rendered, (re)insurers must continue advancing defense costs to the insured. These defense costs also play an important equation in the decision of whether to settle a case or not, as they are quite costly—running an average, in our experience, of approximately US$20 million through trial.

Given the above, it is not only necessary for (re)insurers to conduct an intricate cost-benefit analysis when presented with a US securities claim in order to determine the strategy they wish to pursue in terms of defending or settling the action, but it is also important for underwriters to reconsider their pricing models for D&O (re)insurance policies issued to Latin American entities with exposure to the US securities market, especially when considering the current trend of US securities litigation against foreign companies becoming not just more prevalent, but more expensive as well.

This topic made for a lively discussion at this year’s annual Miami Latin American Claims (Re)Insurance Forum, where industry leaders gathered to give their perspectives on this notable trend. A particularly interesting point was raised regarding expert discovery. Usually, experts’ reports on damages, which are key to engaging in settlement negotiations, occur after fact discovery is completed, which in turn is a costly and time-consuming part of litigation. However, this extra expense could be avoided, and settlements could potentially be entered into quicker, if expert’s damages reports were set to be produced after fact discovery.

Find out more about the other topics discussed at this year’s Miami Latin American Claims (Re)Insurance Forum.

References
1 Why D&O Costs Are Soaring for Foreign Filers
2 Ibid.
3 GAMCO Inv’rs, Inc. v. Vivendi Universal, S.A., 838 F.3d 214, 217 (2d Cir. 2016).
4 In re Bear Stearns, Inc. Securities, Derivative, and ERISA Litigation, 763 F.Supp.2d 423 (S.D.N.Y.2011).
5 Tellabs, Inc. v. Makor Issues & Rights Ltd., 551 U.S. 308, 319 (2007).

Authors: Alex Guillamont, Head of Latin America and Caribbean and Javier Vijil, Associate at Kennedys’ regional hub in Miami.

Posted in (re) Insurance articles Latin America, Other | Tagged , , , | Leave a comment

Are the recent deaths in the Dominican Republic a threat for future recovery actions?

aerial-aerial-footage-aerial-photography-1893040

The Dominican Republic is the second-largest Caribbean nation by area with approximately 10 million inhabitants, of whom approximately three million live in the metropolitan area of Santo Domingo, the capital city. The island is famous for its beaches, resorts, golf courses, hotels and for its friendly service.

However, during 2019, a series of deaths (at least twelve American tourists) have happened in different hotels and resorts, triggering alarms in an economy where last year, the tourism industry raised USD 7.6 billion, which represents over 17% of country’s GDP.

Although, online travel insurance companies have confirmed that these deaths have not affected travel interests in the Caribbean country, considering the impact that this kind of event can provoke in the insurance industry, we would like to give you a “sneak peek” on how the legal system works, as well as recovery actions against hotels, tour operators and third parties.

How the legal system works in the Dominican Republic?
The Dominican Judicial Branch is composed of three instances:

1. First Instance Courts sees all matters that are not attributed by law to another court and other matters expressly attributed to them by law;
2. The Second Instance Courts or Appeal Courts attends to the appeals against first instance judgements and other matters expressly attributed to them by law; and
3. The Supreme Court of Justice has the power to hear and rule on cassations filed for Civil, Commercial, Criminal, Labor and other matters.

The majority of actions in the Dominican Republic, which need to be filed within 2 years from the date of the loss or damage, go through the three instances, which usually take between 3 to 5 years in total.

The relationship between the hotels and their guests is considered contractual, commencing at the time the guest pays for their reservation directly to the hotel. When the reservation is made through a tour operator and/or third parties, although the contractual relationship is between the guest and the tour operator who would be sued if the guest files a complaint even when the hotel is responsible for the damages, the claimant may also file a claim directly against the hotel due to the hotel’s obligation to ensure the safety and well-being of its guests.

Most of the suits involving hotels are usually related to falls or accidents that occur in the facilities, such as drowning in the pools and some illnesses. In these claims, the plaintiff, on whom the burden of proof lies, must show that the accident or fall was caused by some damage in the area, such as a wet floor, a staircase whose steps have faults, etc. In cases that involve illnesses, the plaintiff also needs to exhibit a toxicological report showing that the disease is the consequence of the consumption of decomposed food or an adulterated drink. The lack of this evidence during trial can lead to a non-favorable judgement.

In regards to jurisprudence, despite the fact that Dominican law is governed by codes (Civil, Commercial, Criminal, etc.), case law exists in which the Supreme Court recognizes that the civil liability derived from defective products (i.e. rotten food, damaged equipment, use of non-approved pesticides) is not limited to the hotel but includes all of the people involved in the manufacturing process.

Is a recovery action possible in the Dominican Republic?
First of all, the plaintiff has to demonstrate the existence of the damage and/or the responsibility (or lack of it) of the defendant to present the case in court.

For any recovery action to be executed in the Dominican Republic, including those cases in which tour operators and/or third parties are involved, there must be:

– A final judgment recognizing the damage and ordering certain compensation;
– That the payment ordered by the court to the person who suffered the damage has been executed and;
– That the person responsible for the damage is solvent.

For those who may have interest in claims filed in the Dominican Republic, we can state that generally speaking, the chances of a successful recovery is 50/50. However, if all three requirements above mentioned are present, the chances of a successful recovery increase exponentially.

Authors: Alex Guillamont, Head of Latin America and Caribbean at Kennedys, Carlos Álvarez, lead partner of Kennedys’ associate office in the Dominican Republic, and Daniel Padrón, Associate of Kennedys in Miami.

Posted in (re) Insurance articles Latin America, Other, recovery action | Tagged , , , | Leave a comment