Is Your Firm at Risk? Insurance Essentials for Alternative Asset Managers

By Matthew Kryder

Managers who treat insurance as a commodity may be jeopardizing their company’s future. Purchasing decisions driven by price with little regard to the insurance contract lend themselves to significant coverage gaps, unnecessarily exposing the firm and its investors to an irrevocable financial loss. Alternative asset managers are especially vulnerable to such gaps due to the unique financial exposures they face. “Off the shelf” insurance policies often fail to adequately cover their operations and the managers who purchase them may be taking on more risk than they realize.

Insurance policies are highly differentiated contracts and insurance carriers specializing in financial services risks have created programs tailored to meet the unique needs of the asset management industry. Managers interested in proper risk transfer should partner with an experienced insurance broker with access to these programs to secure the coverage they need to protect themselves and their stakeholders.

This article takes a closer look at some of the unique financial exposures and rising trends faced by the asset management industry. We also detail the essential insurance coverages needed for an effective risk transfer program while highlighting the coverage gaps to be avoided.

Fund Management & Investment Advisor Exposures

In today’s volatile marketplace and rising government regulation, alternative asset managers face a variety of adverse exposures. Interactions with regulators, shareholders, investors, vendors, creditors and employees can lead to costly litigation. These risks threaten the bottom line and the reputation of your fund and its managing partners. For example, a fund assumes vicarious liability for the actions of its outside service providers. If an error is made in misstating performance or in the financials, the fund will bear the responsibility. Even well-managed operations can be sued for mismanagement, misrepresentations, employment practices violations, breach of duty, and failure to provide adequate disclosure of the investment risks involved.

Management Liability Insurance

The primary purpose of the Management Liability policy is to pay for defense costs. If a lawsuit is brought against the management entity, the fund’s assets are used to indemnify the fund manager. Management Liability insurance would prevent a fund from needing to liquidate positions or use cash to pay for defense costs. The insurance limit should correlate to the assets under management (AUM), however, this limit typically covers a minimal portion of AUM. It is important to remember that Management Liability is designed to pay defense costs for a mistake, not indemnify the loss of tens of millions of dollars of trading losses. The policy would be prohibitively expensive if it covered the fund’s assets. Management Liability provides an extra degree of security and comfort to your current investors and serves as an excellent selling point to your potential investors.

Examples of Management Liability Gaps

Many fund managers attempt to cover these risks with a traditional Directors and Officers Liability (D&O) policy. D&O alone, however, does not provide adequate protection for a fund. Because a fund manager also serves as an investment advisor to its investors, it may be impossible to determine whether a claim results from professional advice, which is not covered by a traditional D&O Policy. D&O and Professional (a.k.a. ‘Errors and Omissions’) Liability are written together in a Management Liability policy to protect against these risks.

Another common gap is that specific operations may be overlooked when writing the Management Liability policy. For example, if the funds themselves are not listed as the Named Insured on the policy, then the funds are exposed if a lawsuit is brought against the manager and the funds.

Another example of an overlooked operation is the management of ERISA plans. If the firm manages funds for employer sponsored plans such as pensions and 401(k) plans, then they have a fiduciary exposure and Fiduciary Liability coverage should be included. Fiduciary Liability provides protection for breaches of fiduciary duty by administrators of Employee Benefit Plans. These policies usually include coverage for Errors & Omissions. Unlike the ERISA or fidelity bond, Fiduciary Liability coverage provides liability protection for the fiduciary.

Fund managers serving on outside boards can also expose the fund to decisions made or advice given by these managers. An “Outside Directorship Liability” Endorsement should be added to provide additional protection in connection with outside boards on which they serve. This coverage is especially critical for private capital managers who sit on the boards of their portfolio firms.

Employee Related Exposures

Hiring the right talent is critical to the success of any firm. However, managers need to be aware of the additional risks associated with managing employees, including employee theft and lawsuits stemming from the administration of employee benefits. Managers are especially vulnerable to employee discrimination and harassment suits which can quickly spiral into significant losses for employers. According to the Equal Employment Opportunity Commission (EEOC), the average cost of settling out of court for employment related cases was $75,000 and jury awards averaged $217,000 in 2020. More than half of EEOC claims filed in 2020 involved claims of retaliation.

Employment Practices Liability Insurance

If you have employees, your firm should secure Employment Practices Liability coverage which provides for the legal costs to defend claims involving sexual harassment, wrongful termination, and discrimination including legal liability for such acts. It also covers discrimination suits brought by candidates you chose not to hire. This coverage is also known by various titles: Employment Related Practices Liability, Management Risk Protection, Employers E&O, and Americans with Disabilities Act Insurance which are all basically the same coverage.

Crime Insurance and Financial Institution Bond

A Crime policy and a Financial Institution Bond cover losses stemming from theft of money and securities, including theft of your firm’s assets by an employee. Managers will want to make sure investors’ assets are covered under this policy as well.

Employee Benefits Liability Insurance

Are you providing employee benefits to attract and retain talent? Then you’ll need an Employee Benefits Liability policy which provides protection against claims made by employees caused by a negligent act, error, or omission in the administration of an Employee Benefit Plan. Incidents such as providing incorrect advice concerning an employee’s health insurance plan or failure to enroll employees under a benefit program are covered.

ERISA Bond

An ERISA (Employee Retirement Income Security Act) Bond is a fidelity bond that protects against dishonest and/or fraudulent acts of employees or trustees that could arise in the course of maintaining an Employee Retirement Plan. The ERISA Act requires employers to maintain a bond in the amount of at least 10% of the retirement plan assets.

Cyber Risks

Asset managers are improving operational efficiencies and profitability by leveraging technology. Such efforts, however, have greatly increased their exposure to cybercrime. Ransomware, wire fraud, and data breach have been the primary drivers of cyber insurance claims for the financial services industry. Asset managers are especially vulnerable to these methods of attack due to the potential for financial loss, legal liability, and reputational damage. Financial firms are a prime target for criminals given the staggering potential monetary reward. In 2024, the average cost of recovery from a ransomware attack for financial service organizations was $2.58M[1] and data breach was $6.08.M[2]. According to the FBI, cybercrime losses of $12.5B were reported in 2023, with a substantial portion attributed to wire fraud.[3]

Dependence on outside service providers has become another rising exposure for US businesses. The ransomware attacks on Change Healthcare and CDK Global, for example, caused widespread business interruption for their consumers. This exposure isn’t just limited to cyberattacks: an estimated 8.5 million computer systems were impacted by Crowdstrike’s defective software update that was pushed to their customers.

Unfortunately, cybercrime is here to stay. The National Association of Insurance Commissioners reports a significant rise in cyber claims frequency and severity of attacks on US businesses[4]. Cyber criminals are becoming more specialized and organized. The rise of Ransomware as a Service (RaaS), for example, has lowered the barrier to entry for cyber actors. Artificial Intelligence (AI) has enabled cyber criminals to be more sophisticated and effective. Phishing emails are better written and tailored to their audience. Deep fake audio and AI video generation have also brought impersonation to a whole new level of believability.

Cyber Insurance

The best defense against these risks is to implement effective cyber security measures including multi-factor authentication (MFA), employee training, and managed detection and response tools, to name a few. However, even the best controls can be breached. When an attack occurs, cyber insurance serves as a pre-paid crises management team by providing time-critical resources such as forensics, legal compliance and ransomware negotiators. A cyber policy also indemnifies businesses for wire fraud loss, ransom payments, and costs associated with data breach including notification expenses, legal fees and data recovery. While it’s essential to cover the direct costs associated with an attack, a properly written policy should also cover indirect losses such as business interruption and reputational damage.

A major shift in the cyber insurance market is the use of technology to reduce claims and mitigate severity of losses for their clients. Many cyber carriers are leveraging public data, for example, to evaluate an applicant’s digital footprint and underwrite the risk more effectively. Some carriers can now mitigate risk by alerting clients of potential threats and recommending measures to remediate.

Cyber Insurance Gaps

Although cyber insurance has emerged as an effective financial safeguard, many insurance contracts do not adequately protect investment firms from the unique set of exposures they face. Cyber insurance contracts vary widely among carriers and insuring agreements are provided on an a la carte basis, where needed coverages may be overlooked without careful review. Business Interruption and Cyber Crime agreements, for example, aren’t always included. Many policies do not provide Dependent Business Interruption, which covers your firm from losses due to a technology outage of a service provider. This coverage should be added if your firm outsources critical operations.

Insurance carriers have responded to rising claims by instituting exclusions and limits to coverage. Wire fraud losses, for example, have been so rampant that most carriers have implemented sub-limits on this coverage up to a maximum of $250,000. Other carriers use highly restrictive conditions such as requiring the insured to follow specific procedures for coverage to apply. Wire fraud coverage (a.k.a. ‘Social Engineering’ or ‘Funds Transfer Fraud’) would not pay, for example, if an employee fails to authenticate a funds transfer request by phone.

Also, many Social Engineering agreements only cover losses to the insured’s money, not money owned by others. In this case, a wire fraud loss would not be covered if a fund manager is tricked into transferring money from a pooled account.

The good news is insurance is available to cover these gaps, however it is imperative your policy be tailored to address the multitude of cyber exposures you face.

Key Person Risk

In the asset management industry, where investment strategies and client relationships rely heavily on the expertise of a few key individuals, the loss of a top fund manager, portfolio strategist, or executive can have significant financial and reputational consequences. This reliance on specific individuals creates what is known as key person risk—the risk that a business will suffer if a crucial team member dies, becomes disabled, or departs unexpectedly. Key person risk is particularly acute in asset management due to the importance of reputation, investor confidence and investment performance, as well as the potential for operational and strategic disruption.

Key Person Life and Key Person Disability Insurance

The risk of a key person’s death or disability can be mitigated with an insurance policy on the individual. If the insured person dies or becomes disabled, the company receives a payout, which is used to cover financial losses, hire a replacement, and stabilize operations. Key Person Life Insurance can be structured as term life insurance (for a set period) or permanent life insurance (which can include a cash value component). Key Person Disability Insurance benefits are paid either monthly or as a lump sum. It is important these insurance policies align with the key person provisions of a firm’s operating agreement or fund documents.

In Conclusion

Insurance policies are often viewed as commodities and purchased piecemeal in response to stakeholder demands, rather than as part of a cohesive risk management strategy. The day your organization suffers a lawsuit, cyber-attack, or sudden death or disability of a key person is not the time you want to discover gaps in your insurance plan! The unique set of exposures and rising threats that asset managers face coupled with the complexities of insurance contracts highlight the importance of partnering with an experienced insurance broker who can tailor an insurance plan to effectively transfer these risks for your firm. Such measures will enable your company to thrive in the face of unexpected curve balls.

1. Sophos, “The State of Ransomware 2024”
2. IBM, “Cost of Data Breach Report 2024”
3. Federal Bureau of Investigation, Internet Crime Report 2023
4. National Association of Insurance Commissioners, “Report on the Cyber Insurance Market,” Oct. 15, 2024

Petschauer Insurance has over 60 years experience as an independent insurance brokerage, representing the country’s leading insurance companies.  We have the expertise to provide the financial services industry with the coverages needed to protect their firms and investors.  Dedicated to a higher standard of excellence, we look to establish a firm relationship of mutual trust and service with the goal of reducing potential risks or gaps in your coverage while attempting to lower your overall insurance costs.