LMA5595 and LMA5596 PFAS Exclusions for Liability policies

 LMA PFAS Exclusions

Lloyd’s Market Association Bulletin LMA22-024-CM was issued in August 2022 and included two PFAS exclusions – LMA5595 and LMA5596 – for liability insurance and liability reinsurance policies. This article considers the background to these PFAS exclusions before analysing the exclusions themselves.

Background to PFAS Exclusions

PFASs Definition

According to the OECD, PFASs are fluorinated substances that contain at least one fully fluorinated methyl or methylene carbon atom (without any H/Cl/Br/I atom attached to it), i.e. with a few noted exceptions, any chemical with at least a perfluorinated methyl group (–CF3) or a perfluorinated methylene group (–CF2–) is a PFAS. PFASs include perfluorosulfonic acids, such as perfluorooctanesulfonic acid (PFOS), and perfluorocarboxylic acids like perfluorooctanoic acid (PFOA).

PFAS Use

PFASs are surfactants, i.e. reduce the surface tension between a liquid and another liquid or solid, making them effective in resisting fire and repelling water, oil, and grease. PFASs are found in materials such as firefighting foam, nonstick cooking pots and pans, paints, coatings for cables and wires, lubricants, food packaging, and textiles. Furthermore, PFASs are water soluble and appear to move through soil. PFASs are commonly described as persistent organic pollutants or “forever chemicals” because they remain in the environment for long periods of time.

PFAS Health Effects

Increasing PFAS litigation – see below – has been driven by growing evidence that PFASs are harmful to the environment and health. A 2022 National Academies of Sciences, Engineering, and Medicine report noted that:

  • PFAS exposure was linked to increased risk of dyslipidemia (abnormally high cholesterol), sub-optimal antibody response, reduced infant and foetal growth, and higher rates of kidney cancer; and
  • drinking water is contaminated with PFASs in thousands of communities across the United States.

Increasing PFAS Litigation

The LMA5595 and LMA5596 PFAS exclusions are a response to increasing private tort lawsuits and government enforcement of environmental laws and regulations. In the USA, for example, more than 6,400 PFAS-related lawsuits have been filed in its federal court since 2005; of these, more than 1,000 were filed in 2021 concerning firefighting foam. Initially, the defendants in such litigation tended to be primary producers of PFAS such as chemical companies and manufacturers of fire-suppressant foams. More recent litigation, however, recent litigation has targeted secondary manufacturers, textile manufacturers, cosmetics manufacturers, fashion and fast food companies.

There has been speculation that this increasing litigation could expose insurers to unanticipated claims, akin to asbestos claims (see, for example, ‘PFAS: The Next Asbestos‘?). Two examples of significant PFAS litigation are described below.

DuPont class action and settlement (West Virigina)

In February 2017, DuPont and its spin-off Chemours paid USD $671 million to settle lawsuits for 3,550 personal injury claims related to PFOA release from their Parkersburg plant into the drinking water. The settlement came after a court-created independent scientific panel, the C8 Science Panel, found a ‘probable link‘ between PFOA (also known as C-8) exposure and six illnesses: kidney and testicular cancer, ulcerative colitis, thyroid disease, pregnancy-induced hypertension and high cholesterol.

3M settlement with Minnesota

In February 2018, 3M settled a lawsuit brought by the state of Minnesota for USD $850 million; Minnesota had sought judgment for USD $5 billion. The lawsuit alleged that:

  • 3M dumped chemicals at sites near Minneapolis for more than 40 years, enabling them to get into wildlife and drinking water; and
  • 3M knew the chemicals were harmful but concealed the effects from regulators and distorted science on them.

Analysis of the LMA5595 and LMA5956 PFAS Exclusions

Are LMA5595 and LMA5596 necessary?

As noted above, LMA5595 and LMA5596 PFAS exclusions have been developed for liability insurance and liability reinsurance policies. Whether the LMA5595 or LMA5596 are necessary will depend upon the pollution exclusion in the policy. If applied in reinsurance contracts, however, then insurers may then apply them to policies they issue to avoid reinsurance gaps.

For Liability policies written on an occurrence basis, the LMA5595 and LMA5596 PFAS exclusions would only serve to exclude liability in future policies. For past occurrences, the Liability policies in force at that time will have to respond to the claim, subject to the pollution exclusions.

In the USA, it is understood that most insurers inserted ‘absolute’ or ‘total’ pollution exclusions after 1985. According to Pillsbury, however, ‘[i]n nearly half the states, policies containing this form of pollution exclusion have been held to be ambiguous and to provide coverage for pollution that was not expected or intended.’

LMA5595 and LMA5596: broad exclusions on PFAS liability

Broadly, paragraph 1 of the LMA5595 and LMA5596 endorsements exclude claims in connection with any PFAS – please refer to the endorsements for the exact wording. The LMA5595 and LMA5596 also contain anti-concurrent terms (see ‘regardless of any other cause contributing concurrently or in any sequence’). Paragraph 2 then acts as a clarification that the exclusion applies to costs to clean-up, monitor or assess the effect of any PFAS.

Difference: LMA5596 reverses the burden of proof

The difference between LMA5595 and LMA5596 is that LMA5596 has an additional paragraph which reverses the onus of proof (‘If UNDERWRITERS allege that this Exclusion applies to any claim under this POLICY the burden of proving the contrary shall be upon the INSURED’). Here, it may be appropriate to consider:

  1. what would be required for the ‘underwriters’ to allege that the exclusion applies?
  2. if there is more than one insurer for the policy, how would this clause operate?
  3. what justifies reversing the onus of proof? Parties to an insurance contract may specify who bears the onus of proving a particular fact, even if this involves reversing the onus of proof: see Levy v Assicurazione Generali [1940] AC 791. However, reversing the onus of proof is contrary to the interests of insureds and conflicts with the traditional position whereby the insurer must prove that an exclusion applies. Given the resources and expertise of insurance companies, it is difficult to see how reversing the burden of proof could lead to more equitable outcomes.

LMA5595 and LMA5596 definition of ‘PFAS’

In their final paragraphs, LMA5595 and LMA5596 define ‘PFAS’ as ‘any organic molecule, salt, free radical or ion, the composition of which includes at least one:

a. perfluorinated methyl group (-CF3); or

b. perfluorinated methylene group (-CF2-).’

This definition differs from that use by the OECD (see ‘PFASs Definition‘, above) due to its use of ‘organic molecule, salt, free radical or ion’. While the difference may not be material, the source of the LMA definition is not known (to this author) and it is unclear why the LMA would not use the more common OECD definition.

LMA5468A, LMA5469A and LMA5470A: Amended Cyber and Data endorsements for Liability policies

Background

While LMA5469A was issued in October 2022, LMA5468A and LMA5470A were issued on 15 March 2023 (beware the Ides of March!). Since LMA5468A, LMA5469A and LMA5470A are similar to their LMA5468, LMA5469 and LMA5470 predecessors, I recommend reading the analysis of those endorsements separately since I have chosen not to reproduce it here.

In LMA Bulletin LMA22-034-SD, the LMA stated that the changes to LMA5469 made for LMA5469A were ‘to clarify that the limited write-back of cover to the exclusion is subject to all the terms, conditions and exclusions of the policy (and any attached endorsements)’. This statement, however, does not tell the full story since the changes amount to more than a ‘clarification’.

Changing how LMA5468A, LMA5469A and LMA5470A operate

For each of LMA5468A, LMA5469A and LMA5470A, the primacy clauses of their predecessors have been deleted:

‘This endorsement supersedes any other wording in the Policy or any endorsement thereto having a bearing on a Cyber Act, Cyber Incident or Data, and, if in conflict with such wording, replaces it’.

This change should be considered in conjunction with the change to the preamble for the exceptions in paragraph 2:

‘Subject to all the terms, conditions and exclusions contained in this Policy or any endorsement thereto…’

Taken together, these changes are significant because they mean that other exclusions in the policy or attached to the policy – including those relating to cyber or data risks – could operate alongside those of LMA5468A, LMA5469A or LMA5470A. And if any exclusion in the policy applies to an insured’s claim, the claim is excluded. As such, these changes increase the likelihood that an insured’s claim will be excluded.

Rather than ‘clarifying’ how the LMA5468A, LMA5469A or LMA5470A apply, it would be more accurate to say that the exceptions to the exclusions in the amended versions operate differently because they are also subject to the underlying policy’s other exclusions.

Other changes

Other changes introduced in LMA5468A, LMA5469A or LMA5470A are as follows:

  1. For LMA5469A and LMA5470A, the exceptions to the exclusions now appear in paragraph 2 (i.e. immediately after the exclusions of paragraph 1); and,
  2. The definition paragraphs are not numbered. As a result, the definition of ‘Cyber Incident’ has sub-clauses (a) and (b), which is inconsistent with the other sub-clauses of the wording which are numbered 1.1, 1.2, 2.1 and 2.2.

Summary of LMA5468A, LMA5469A and LMA5470A

Exclusion LMA5468A LMA5469A LMA5470A
Cyber Act: loss or damage in connection with unauthorised, malicious or criminal act involving access to or use of an electronic device Excluded Excluded Excluded
Cyber Incident #1: loss or damage in connection with error or omission involving access to or use of an electronic device Excluded Excluded Excluded
Cyber Incident #2: loss or damage in connection with the unavailability or failure to access or use an electronic device Excluded Excluded Excluded
Any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident Excluded Excluded Excluded
Loss of use or reduction in functionality of Data Excluded Excluded Excluded
Repair, replacement, restoration, reproduction of Data Excluded Excluded Excluded
Loss or theft of Data Excluded Excluded Excluded
Value of Data Excluded Excluded Excluded
Exceptions
If arising out of a Cyber Incident, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property. No such exception Excepted Excepted
If arising out of a Cyber Act, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property. No such exception No such exception Excepted

LMA5468, LMA5469 and LMA5470: Cyber and Data endorsements for Liability policies

Background

LMA5468, LMA5469 and LMA5470 are Cyber and Data Exclusion Endorsements for Liability policies that were released by the LMA in November 2020.

At their broadest, LMA5468, LMA5469 and LMA5470 all exclude liability ‘in connection with’:

  1. any Cyber Act;
  2. any Cyber Incident;
  3. any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident;
  4. any loss of use or reduction in functionality of any Data;
  5. any repair, replacement, restoration, reproduction of any Data;
  6. any loss or theft of any Data; or
  7. any amount pertaining to the value of such Data.

Where the exclusions differ, however, is in their exceptions: LMA5468 has none, LMA5469 has an exception for Cyber Incidents, and LMA5470 has exceptions for both Cyber Incidents and Cyber Acts.

Exclusion LMA5468 LMA5469 LMA5470
Cyber Act: loss or damage in connection with unauthorised, malicious or criminal act involving access to or use of an electronic device Excluded Excluded Excluded
Cyber Incident #1: loss or damage in connection with error or omission involving access to or use of an electronic device Excluded Excluded Excluded
Cyber Incident #2: loss or damage in connection with the unavailability or failure to access or use an electronic device Excluded Excluded Excluded
Any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident Excluded Excluded Excluded
Loss of use or reduction in functionality of Data Excluded Excluded Excluded
Repair, replacement, restoration, reproduction of Data Excluded Excluded Excluded
Loss or theft of Data Excluded Excluded Excluded
Value of Data Excluded Excluded Excluded
Exceptions
If arising out of a Cyber Incident, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property. No such exception Excepted Excepted
If arising out of a Cyber Act, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property. No such exception No such exception Excepted

Overview of the definitions

As noted elsewhere on insurance-endorsements.com, the definitions of Cyber Act, Cyber Incident, Computer System and Data are problematic. For example,

  1. Cyber Act means ‘an unauthorised, malicious or criminal act or series of related unauthorised, malicious or criminal acts, regardless of time and place, or the threat or hoax thereof involving access to, processing of, use of or operation of any Computer System.’ In this definition, it is unclear how ‘unauthorised’ should be interpreted. Is it from the perspective of the insured? If an act has not been authorised, does that mean it is unauthorised? If an employee unintentionally exceeds their authority, is that unauthorised? If an authorised employee commits an act that violates a policy, does that make it unauthorised? These questions could have been avoided if the LMA had sought to define a ‘Cyber Act’ in terms of actual cyber threats rather than generalities.
  2. Cyber Incident has two limbs:
    1. an error or omission involving access, processing, use or operation of a Computer System. For this limb, it appears that the errors or omissions could be by the insured or a third party. But it is appropriate to consider: where is the cyber risk here? Separately, the second limb of ‘Cyber Incident’ is concerned with the outcome rather than the cause – this makes the Cyber Incident exclusion very broad and means that it could exclude liability in the absence of an actual cyber risk; and
    2. any unavailability (whether partial or total) or failure to access, process, use or operate (whether partial or total) any Computer System.
  3. The definition of Computer System includes ‘any electronic device’. While the concept of a computer system has undoubtedly changed over time, not every electronic device is a computer system. In this respect, the LMA’s definition of Computer System over-reaches;
  4. Data means information, facts, concepts, code or any other information of any kind that is recorded or transmitted in a form to be used, accessed, processed, transmitted or stored by a Computer System [emphasis added]. Since physical documents could be scanned, photocopied or faxed, such documents could be ‘Data’. It would be more appropriate if Data were re-defined such that it was limited to electronic data (perhaps even using ‘electronic data’ without definition) and did not extend to physical documents.

Re-thinking the Data exclusions

Paragraph 1.2 of LMA5468, LMA5469 and LMA5470 contains the ‘Data’ exclusions, excluding liability in connection with any:

1.2 loss of use, reduction in functionality, repair, replacement, restoration, reproduction, loss or theft of any Data, including any amount pertaining to the value of such Data;

Paragraph 1.2 is problematic because it puts separate exclusions into a single clause and seems to confuse what could be termed ‘circumstance’ and ‘property’ exclusions. Consider if paragraph 1 of LMA5468, LMA5469 and LMA5470 were amended to the following:

1. Notwithstanding any provision to the contrary within this Policy or any endorsement thereto –

1.1 this Policy does not apply to any loss, damage, liability, claim, fines, penalties, cost or expense of whatsoever nature directly or indirectly caused by, contributed to by, resulting from, arising out of or in connection with:

1.1.1 any Cyber Act or Cyber Incident; or

1.1.2 any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident; or

1.1.3 any loss of use or reduction in functionality of Data,

regardless of any other cause or event contributing concurrently or in any other sequence thereto unless subject to the provisions of paragraph 5 [note: subjectivity only appropriate for LMA5469 and LMA5470];

1.2 this Policy excludes any loss, damage, liability, claim, fines, penalties, cost or expense of whatsoever nature for any:

1.2.1 repair, replacement or restoration of Data; [note: deleted ‘reproduction’]

1.2.2 loss or theft of Data; or

1.2.3 amount pertaining to the value of Data.

The exclusions in paragraphs 1.2.1, 1.2.2 and 1.2.3, above, are concerned with Data as property and not circumstances within a broader chain of causation. Note, also, that the word ‘reproduction’ has been intentionally omitted from sub-clause 1.2.1 – the term ‘reproduction’ is problematic because it could apply to a third party that is distributing the Data and this is inconsistent with the other terms in that sub-clause.

The exceptions of LMA5469 and LMA5470

While LMA5468 does not have any exceptions to its exclusions, LMA5469 and LMA5470 do. Specifically,

  • LMA5469 has exceptions for ‘ensuing third party bodily injury’ or ‘ensuing physical damage to or destruction of third party property’ arising from a Cyber Incident; while,
  • LMA5470 has exceptions for ‘ensuing third party bodily injury’ or ‘ensuing physical damage to or destruction of third party property’ arising from a Cyber Incident or Cyber Act.

However, these exceptions may not be effective if the Data exclusions in paragraph 1.2 were enlivened. This is why the ‘Data’ exclusions should be amended, potentially as proposed above.

In determining the scope of the LMA5469 and LMA5470 exceptions, it is important to consider the cover provided by the underlying policy. In Australia, many General Liability (GL) or Public and Product Liability (PPL) policies indemnify the insured for its liability to pay compensation for:

  1. ‘injury’, which may include bodily injury, mental injury, invasion of privacy, defamation and discrimination; and
  2. ‘property damage’, which may include both a) damage to tangible property (including loss of use therefrom) and b) loss of use of tangible property which arises out of damage to other tangible property.

In comparing the exceptions in LMA5469 and LMA5470 with these definitions, it is apparent that:

  1. ‘bodily injury’ in the exceptions of LMA5469 and LMA5470 is narrower than ‘injury’ in many General Liability policies, such that mental injury, invasion of privacy, defamation and discrimination remain excluded; and
  2. ‘damage to or destruction of tangible third party property’ in the exceptions of LMA5469 and LMA5470 is narrower than ‘property damage’ in many General Liability policies since there is no allowance for ‘loss of use’ of property.

Other features of LMA5468, LMA5469 and LMA5470

Other features of LMA5468, LMA5469 and LMA5470 are as follows –

  1. Paragraph 2: a ‘reading down’ clause whereby, if any portion is invalid or unenforceable, the remainder shall apply in full force and effect (or, in the words of the endorsement, ‘the remainder shall remain…’);
  2. Paragraph 3: a ‘primacy clause’ whereby the endorsement supersedes or replaces any other clauses in the policy regarding Cyber Acts, Cyber Incidents or Data. Note, however, that this clause is deleted from LMA5468A, LMA5469A and LMA5470A;
  3. Paragraph 4: reverses the onus of proof such that, if the insurer alleges that the endorsement excludes ‘loss sustained by the Insured’, then the insured has the burden of proving otherwise. Here, it is appropriate to consider:
    1. what would be required for an insurer to ‘allege’ that the exclusion applies? The endorsement is silent on this; and
    2. what justifies reversing the onus of proof? Parties to an insurance contract may specify who bears the onus of proving a particular fact, even if this involves reversing the onus of proof: see Levy v Assicurazione Generali [1940] AC 791. However, reversing the onus of proof is contrary to the interests of insureds and conflicts with the traditional position whereby the insurer must prove that an exclusion applies. Given the resources and expertise of insurance companies, it is difficult to see how reversing the burden of proof could lead to more equitable outcomes.

Separately, it is unusual that paragraph 4 only uses the term ‘loss’ when paragraph 1 uses the terms ‘loss’, ‘damage’, ‘liability’, ‘claim’, ‘fines’, ‘penalties’, ‘cost’ and ‘expense’. While the intention of the clause is almost certainly to exclude all of these, the endorsement itself is not so explicit.

Please note that LMA5468, LMA5469 and LMA5470 have since been replaced by LMA5468A, LMA5469A and LMA5470A. The analysis in this article, however, is relevant to those updated endorsements.

LMA5400 and LMA5401: Cyber and Data endorsements

Analysis of LMA5400 and LMA5401

Background

Published on 13 November 2019 by Lloyd’s Market Association (LMA), LMA5400 and LMA5401 are intended for use on property insurance policies arranged either on a direct or facultative reinsurance basis.

It is difficult to concisely summarise the effects of LMA5400 and LMA5401 because they contain six far-reaching exclusions which utilise broad definitions (a ‘Computer System’, for example is ‘any… electronic device’). LMA5400 has a very limited exception to some of its exclusions, though this may not be effective because of the operation of LMA5400’s other exclusions. Rather than excluding cyber risks such as computer viruses, denial-of-service (DOS) attacks or hacking, LMA5400 and LMA5401 are based on the possible results of such risks rather than the causes, and only require ‘connections’ rather than causation for the exclusions to operate. As a result, LMA5400 and LMA5401 may exclude damage and losses that are not caused by cyber risks, and it is unclear whether insurers understand the uncertainty that this creates for themselves and insureds.

Exclusions LMA5400 LMA5401
Cyber Act: loss or damage in connection with unauthorised, malicious or criminal act involving access to or use of an electronic device Excluded Excluded
Cyber Incident #1: loss or damage in connection with error or omission involving access to or use of an electronic device Excluded Excluded
Cyber Incident #2: loss or damage in connection with the unavailability or failure to access or use an electronic device Excluded Excluded
Loss or damage in connection with loss of use or reduction in functionality of Data Excluded Excluded
Replacement or restoration of Data Excluded Excluded
Value of Data Excluded Excluded
Exceptions and scenarios
Exception for property damage caused by fire or explosion which results from Cyber Incident Yes, but Cyber Act or Data exclusions may prevail Excluded
Exception for business interruption caused by fire or explosion which results from Cyber Incident Excluded Excluded
Exception for property damage or business interruption if insured peril causes unavailability or failure to use an electronic device Excluded Excluded
Basis of Valuation
Basis of Valuation for Data Processing Media Cost to repair or replace the media, plus costs of copying Data from back-ups or originals None

The Exclusions: LMA5400 and LMA5401

LMA5400 and LMA5401 contain four separate exclusions on damage and loss in connection with:

  1. any unauthorised, criminal or malicious act involving a Computer System (a ‘Cyber Act’), whether the Computer System is the Insured’s or a third party’s;
  2. an error or omission involving access to, processing of, use of or operation of any Computer System (a ‘Cyber Incident’);
  3. partial or total unavailability or failure to access or use any Computer System (also a ‘Cyber Incident’); and,
  4. the loss of use or reduction in functionality of Data.

Beyond this, LMA5400 and LM5401 also exclude:

  1. the replacement or restoration of Data; and,
  2. the value of Data.

Initial observations: LMA5400 and LMA5401 are far broader than ‘cyber’ endorsements

Although considered further below, LMA5400 and LMA5401 define ‘Computer System’ as ‘any… electronic device… owned or operated by the Insured or any other party’ (see ‘Definition: Computer System’). From this, it is apparent that:

a) Exclusion 1), above, excludes damage and loss in connection with criminal acts – such as criminal damage, theft or vandalism – involving an electronic device;

b) Exclusion 1), above, may exclude damage and loss in connection with a person using an electronic device in an unauthorised manner (i.e. in breach of instructions). Exclusion 2), above, is also relevant in this scenario since it excludes property damage or loss in connection with an error or omission in using an electronic device;

c) Exclusion 1), above, may exclude damage and loss in connection with a person that has not been authorised to use an electronic device doing so, notwithstanding that they may have used the device in an authorised manner;

d) Exclusion 3), above, excludes damage and loss in connection the unavailability of an electronic device. Clause 2 of LMA5400 provides a partial exception to this exclusion (see ‘Perils exception’, below), but this only applies where the unavailability results in a fire or explosion. If there is an insured peril which causes damage to an electronic device, that damage may be excluded by LMA5400 and LMA5401, as may subsequent damage and business interruption;

e) Because the unavailability of a computer system will often involve a loss of use of Data, there is overlap between Exclusions 3) and 4), above. Even if the partial exception for Exclusion 3) and Cyber Incidents applies, effect would be given to the exclusion (see ‘A Cyber Incident and another exclusion applies? Exclusion prevails’); and,

f) Similar to Exclusion 3), Exclusion 4) excludes damage and loss from the loss of use of Data. If there is an insured peril which causes damage to a device containing Data, that damage will be excluded by LMA5400 and LMA5401, as will subsequent damage and business interruption.

These initial observations are not intended to be an exhaustive analysis, but demonstrate how LMA5400 and LMA5401 are far broader than the ‘Cyber’ endorsements which they purport to be.

Attribution language: causation not required for exclusions to apply

Sub-clause 1.2 includes the following attribution language: directly or indirectly caused by, contributed to by, resulting from, arising out of or in connection with. Of these, ‘in connection with’ (as used in the list of exclusions above) is the broadest and most significant because it may not require the excluded circumstance to be a proximate or remote cause of the damage/loss for the exclusion to apply. As per the anti-concurrent causation language (‘regardless of any other cause or event contributing concurrently or in any other sequence thereto’), the exclusions in LMA5400 and LMA5401 can apply even if there are other proximate or remote causes of damage/loss.

LMA5400 Perils exception

Despite the exclusions of clause 1, clause 2 of LMA5400 contains an exception where:

1) a Cyber Incident

results in

2) a fire or explosion

that causes

3) physical loss or damage to property insured.

However, this exception will not apply where the Cyber Incident has a connection with a Cyber Act.  Furthermore, while the exclusions exclude ‘loss’ generally, the exception in clause 2 is only for ‘physical loss or physical damage to property insured’ such that business interruption losses remain excluded by clause 1. This appears to be an unfair result for insureds – where the intention of the underlying policy is to pay business interruption loss that results from covered damage to property – since this intention is overridden by the endorsement.

LMA5401 does not contain an equivalent exception to clause 2 in LMA5400.

What if the peril comes first? Exclusion prevails

While clause 2 of LMA5400 provides cover where a Cyber Incident results in a fire or explosion that causes physical loss or damage to property insured, what happens if:

1) a fire or explosion

results in

2) a Cyber Incident, i.e.

a) an error or omission involving access or use of a Computer System, or

b) unavailability (partial or total) or failure to access or use a Computer System,

which causes

c) damage to property and business interruption?

In this case, the property damage and business interruption will be excluded. Again, this outcome may justifiably be considered unfair for the insured where the proximate cause of damage and business interruption is an insured peril. Nonetheless, the words ‘regardless of any other cause or event contributing concurrently or in any other sequence to the thereto’ in clauses are clearly intended to have this effect.

This unfairness may be exacerbated by the realisation that Computer System is defined to include ‘any… electronic device’ (see ‘Definition: Computer System’).

A Cyber Incident and another exclusion applies? Exclusion prevails

Consider a scenario in which:

1) a computer virus infects the insured’s computer systems

causing

2) those Computer Systems to be unavailable (a ‘Cyber Incident’ for which the exception would apply); and

3) Data on those Computer Systems to be deleted or corrupted (as per the exclusion in sub-clause 1.2),

resulting in

4) a fire or explosion

that causes

5) physical loss or damage to property insured.

In this scenario, it can be appreciated that there are two circumstances connected with the loss:

1) the Cyber Incident for which there is cover under clause 2; and,

2) the deletion or corruption of Data, which is excluded under clause 1.2.

As such, the common law principle as articulated in Wayne Tank and Pump Co Ltd v Employers’ Liability Assurance Corpn Ltd [1974] QB 57 (CA) may apply such that effect would be given to the exclusion. Per Cairns LJ in Wayne Tank:

if one cause is within the words of the policy and the other comes with an exception [i.e. exclusion] in the policy, it must be taken that the loss cannot be recovered under the policy. The effect of an exception is to save the insurer from liability for a loss which but for the exception would be covered.

While an outcome that is consistent with a common law principle may be hard to argue against, it should be noted that some policies – such as the Mk.V Modified Industrial Special Risks (ISR) policy – do provide cover where there is a non-excluded proximate cause of damage, notwithstanding that an excluded cause of damage may have preceded or followed it. From the Mark V Modified ISR:

Provided that the Insurer will indemnify the Insured for any Damage to Property Insured caused directly by any circumstances not excluded under Section 1 of this Policy, notwithstanding that these circumstances may in turn have been caused by any of the circumstances referred to in Exclusions 6.2.1 to 6.2.17.

Ultimately, this example of a computer virus should serve to demonstrate just how limited the perils exception in clause 2 of LMA5400 is.

Separately, it may be recalled that NMA2914 and NMA2915 have exceptions for property damage if:

1) loss of or damage to Electronic Data

causes

2) a Fire or Explosion.

LMA5400, however, has no such exception.

Basis of Valuation

LMA5400 provides a basis of valuation (or basis of settlement) for Data Processing Media, which is defined as property on which Data can be stored. Specifically, the basis of settlement for Data Processing Media is:

1) the cost to repair or replace the Data Processing Media; and

2) costs of copying Data from back-ups or from originals.

Like NMA2915 and NMA2914A, LMA5400 excludes costs of research and engineering, and costs to recreate, gather or assemble such Data. As per NMA2914, NMA 2915 and NMA2914A, LMA5400 states that if the media is not repaired, replaced or restored, then the basis of valuation is the cost of blank Data Processing media.

Similar to NMA2914, NMA 2915 and NMA2914A with respect to Electronic Data, LMA5400 states that the policy does not insure the value of Data. While this proposition is readily understandable for Electronic Data, on the basis that intangible assets and intellectual property are not typically covered by property policies, it is problematic for LMA5400 because its definition of ‘Data’ could include physical documents (see ‘Definition: Data’, below).

LMA5401 does not contain a basis of valuation.

Definitions

Definition: Computer System

In LMA5400 and LMA5401, the definition of ‘Computer System’ includes ‘any… electronic device’. It is noted that the ‘electronic device’ does not have to be associated with an actual computer. While the term ‘electronic device’ may lack a precise definition, the term could be applied to electrically powered devices and electronically-controlled devices.

To be clear, the broad definition of ‘Computer System’ in LMA5400 and LMA5401 makes the exclusion far broader than may have been intended. Specifically, Exclusion 3, above, has the effect that LMA5400 and LMA5401 will exclude loss or damage in connection with the unavailability or failure to access/use an electronic device.

It is noted that the definition of ‘Data’ (considered below) includes ‘code’, while the definition of ‘Computer System’ includes ‘software’ which consists of code. Under LMA5400 and LMA5401, the definition of ‘Computer System’ could also include ‘Data’. Consideration of the incongruities of these overlapping definitions, however, is beyond the scope of this analysis.

Definition: Data

The definition of ‘Data’ in LMA5400 and LMA5401 is unusual in that it is defined as ‘information of any kind that is recorded… in a form to be used, accessed, processed, transmitted or stored by a Computer System’. Given the ability of computers to scan and interpret physical documents, the definition of ‘Data’ in LMA5400 and LMA5401 could include physical documents. This may appear to be a perverse outcome, but the definition is not explicitly limited to ‘Electronic Data’ as that term is commonly defined in property policies (and was used in NMA2914, NMA2915 and NMA2914A).

As such, LMA5400 and LMA5401 could exclude damage to physical documents, manuscripts, deeds, specifications, plans, drawings, designs, books and other records.

Definition: Cyber Act

For LMA5400 and LMA5401, Cyber Act means “an unauthorised, malicious or criminal act or series of related unauthorised, malicious or criminal acts, regardless of time and place, or the threat or hoax thereof involving access to, processing of, use of or operation of any Computer System.”

The term ‘unauthorised act’ could be applied to:

1) an otherwise authorised person carrying out an act:

a) for which they have not been authorised (perhaps the act is outside the scope of their duties); or

b) that is contrary to instructions or guidelines (perhaps issued by an employer or manufacturer of a device);

2) an unauthorised person carrying out an act.

There may be emergency scenarios which compel persons to perform acts – involving electronic devices – for which they are not authorised in order to avoid or minimise the risk of injury or property damage. LMA5400 and LMA5401 do not appear to have considered such scenarios.

As noted above, the term ‘malicious or criminal act’ is also problematic because it could be applied to criminal damage, theft or vandalism involving an electronic device. Such acts should not be the subject of a cyber exclusion.

Definition: Cyber Incident

For LMA5400 and LMA5401, ‘Cyber Incident’ means

  • any error or omission or series of related errors or omissions involving access to, processing of, use of or operation of any Computer System; or
  • any partial or total unavailability or failure or series of related partial or total unavailability or failures to access, process, use or operate any Computer System.

The definition of ‘Cyber Incident’ demonstrates why LMA5400 and LMA5401 can have such broad application: they contemplate the results of cyber risks rather than cyber risks themselves. In its second limb, a ‘Cyber Incident’ is the unavailability or failure to use an electronic device. It should be apparent that there are many insured, non-cyber perils that could cause this, yet LMA5400 and LMA5401 make no such distinctions.

NMA2914, NMA2914A, NMA2915 and NMA2915A

Analysis of NMA2914, NMA2915, NMA2914A and NMA2915A

About

NMA2914, NMA2915, NMA2914A and NMA2915A are Electronic Data Endorsements that have been widely applied to Property policies. Since these endorsements can significantly reduce cover, it is important that their effects are understood. While NMA2914 and NMA2915 were published by the Non-Marine Association (NMA) on 25/01/01, NMA2914A and NMA2915A were released on 11/3/2015.

While NMA2914, NMA2915, NMA2914A and NMA2915A have been used by insurers (and reinsurers) to avoid exposure to cyber risks, these endorsements only address cyber risk indirectly by including ‘Computer Virus’ as a possible cause of loss of, or damage to, Electronic Data. Instead, these endorsements exclude damage and loss that results from damage to or loss of Electronic Data.

Summary: reductions in cover

1) NMA2914, NMA2915, NMA2914A and NMA2915A exclude loss of or damage to Electronic Data. However, NMA 2914 and NMA 2915, do provide cover for property damage if loss of, or damage to, Electronic Data causes a Fire or Explosion; NMA2914A and NMA2915A do not.

2) NMA2914, NMA2915, NMA2914A and NMA2915A all exclude business interruption loss that results from loss of or Damage to Electronic Data.

3) If a) an insured peril causes loss of or damage to Electronic Data, and b) that loss of or damage to Electronic Data results in subsequent property damage and business interruption, then such subsequent losses are excluded. This outcome demonstrates why insureds should resist the application of NMA2914, NMA2915, NMA2914A and NMA2915A.

For further analysis, please continue reading.

NMA2914 NMA2915 NMA2914A NMA2915A
Loss of, or damage to, Electronic Data Excluded Excluded Excluded Excluded
Cover for property damage caused by fire or explosion if such perils result from loss of, or damage to, Electronic Data Yes Yes No No
Cover for business interruption if loss of or damage to, Electronic Data causes fire or explosion No No No No
Cover if an insured peril causes loss of or damage to Electronic Data and subsequent property damage and business interruption No No No No
Basis of valuation: media Cost to repair, replace or restore such media Cost to repair, replace or restore such media. If no sub-limit: Cost of blank media Cost of blank media Cost of blank media
Basis of valuation: Electronic Data Cost to reproduce any electronic data Cost to reproduce any electronic data. If no sub-limit: cost of copying electronic data from back-ups or originals Cost of copying electronic data from back-ups or originals Cost of copying electronic data from back-ups or originals
Sub-limit In the risk details In sub-clause 2.1.1 No reference No reference
Value of Electronic Data None None None None

The Exclusions: NMA2914, NMA2915, NMA2914A and NMA2915A

Sub-paragraphs a) of NMA2914 and NMA2915, and Clauses 1.1.1 of NMA2914A and NMA2915A, effectively contain two exclusions:

1) An exclusion on loss of or damage to Electronic Data; and,

2) An exclusion on loss resulting from 1), above (i.e. an exclusion on loss resulting from loss of or damage to Electronic Data).

To the extent that Electronic Data may be considered property, the first exclusion may be regarded as a property exclusion; the second exclusion may then be considered a business interruption exclusion.

Definition of Electronic Data

The definitions of Electronic Data in NMA2914, NMA2915, NMA2914A and NMA2915A are identical and similar to those in many Property policies. If the underlying policy already has such a definition, however, then the definition of Electronic Data in NMA2914, NMA2915, NMA2914A and NMA2915A could be deleted.

Definition of Computer Virus

Since ‘computer virus’ is included as a cause of loss of or damage to Electronic Data, its definition is not material. Nonetheless, the definition of ‘Computer Virus’ in NMA2914, NMA2915, NMA2914A and NMA2915A poses interpretive difficulties –

1) if a computer virus is an unauthorised instruction or code, how is ‘authorisation’ determined? Practically, the vast majority of computer instructions and code will not have been ‘authorised’ by users or system administrators;

2) ‘propagate’ is typically used in the context of organisms being reproduced from parent stock. Here, the term is applied to instructions/code that ‘propagates’ through a computer system or network. But what of instructions/code on a single computer system that carries out a malicious operation but does not ‘propagate’? And what of malicious instructions/code that is transmitted by e-mail between computers that are not networked? Potentially, such instructions/code may not fit the definition of ‘computer virus’ in 1.1.3.

The above items are not exhaustive, though further analysis is beyond the scope of this analysis.

Listed Perils writeback: NMA2914 and NMA2915 only

Unlike NMA2914A and NMA2915A, NMA2914 and NMA2915 do provide cover in sub-clause 1(b) for property damage if:

1) loss of or damage to Electronic Data

causes

2) a Fire or Explosion.

On this basis, NMA2914A and NMA2915A may be regarded as inferior to NMA2914 and NMA2915. However, this sub-clause 1(b) in NMA2914 and NMA2915 only writes back cover for property damage such that business interruption losses remain excluded by sub-clause 1(a). This appears to be an unfair result for insureds – where the intention of the underlying policy is to pay business interruption loss that results from covered damage to property – since this intention is overridden by the endorsement.

What if the peril comes first? Exclusion prevails

While the listed perils writeback in NMA2914 and NMA2915 is beneficial, consider:

1) a peril insured by the policy (including but not limited to Fire or Explosion)

which causes

2) loss of or damage to Electronic Data

which, in turn, causes

3) further damage and business interruption.

The effect of NMA2914, NMA2915, NMA2914A and NMA2915A is that the loss of or damage to Electronic Data, the resultant property damage and the resultant business interruption are all excluded (i.e. 2) and 3), above). This outcome may justifiably be considered unfair for the Insured where the proximate cause of damage and business interruption is an insured peril. Nonetheless, the words ‘regardless of any other cause or event contributing concurrently or in any other sequence to the loss’ in sub-clauses 1(a) of NMA2914 and NMA2915, and sub-clauses 1.1.1 in NMA2914A and NMA2915A, are clearly intended to have this effect.

Basis of Valuation/Settlement: Electronic Data Processing Media Valuation

While NMA2914, NMA2915, NMA2914A and NMA2915A exclude loss of or damage to Electronic Data, the ‘Electronic Data Processing Media Valuation’ clause does provide for the reinstatement of Electronic Data, but this is conditional on covered damage to ‘electronic data processing media’.

For NMA2914, the basis of valuation (or basis of settlement) for ‘electronic data processing media’ is the cost to:

1) repair, replace or restore such media to its prior condition; and,

2) ‘reproduce’ any electronic data contained thereon.

NMA2914A provides the same basis of valuation if a sub-limit is specified in sub-clause 2.1.1.

However, for

1) NMA2914A where a sub-limit is not specified in sub-clause 2.1.1,

2) NMA2915, and

3) NMA2915A,

the basis of valuation for electronic data processing media is:

1) the cost of blank media; and

2) the costs of copying the electronic data from back-ups or originals.

These bases of valuation are inferior to that in NMA2914 because it does not include costs to ‘reproduce’ electronic data. In practice, there may not be any practical difference if the insured has back-ups of the electronic data. But if the insured does not have back-ups, then the term ‘reproduce’ may include activities to re-create, gather or assemble electronic data, because such activities are explicitly excluded in NMA2914A, NMA2915 and NMA2915A.

Sub-Limits

To summarise,

1) NMA2914 requires the sub-limit to be specified in the Risk Details;

2) NMA2915 and NMA2915A do not have sub-limits; and,

NMA2914A provides for a sub-limit to be entered in sub-clause 2.1.1, but sub-clause 2.1.2 addresses cases where no sub-limit is entered.

For NMA2914A, the absence of a sub-limit from sub-clause 2.1.1 is beneficial from an insured’s perspective for the reinstatement of the electronic data processing media, but this benefit may be outweighed by the detriment of the inferior basis of valuation.

Value of Electronic Data: none

Finally, NMA2914, NMA2915, NMA2914A and NMA2915A clarify that the policy does not insure the value of Electronic Data. While Electronic Data may be property for the purposes of the underlying policy, the value of such Electronic Data is an intangible asset and represents intellectual property. Intangible assets and intellectual property are not typically covered by property policies.

LMA5391 Coronavirus Exclusion

Analysis of LMA5391

About LMA5391

Drafted by the Lloyd’s Market Association (LMA) and released in March 2020, LMA5391 is a general coronavirus exclusion that was not designed for any particular type of policy.

LMA5391: the exclusion

LMA5391 excludes claims that are caused by or result from:

  • COVID-19 (i.e. the disease);
  • the virus (SARS-CoV-2) which causes the COVID-19 disease;
  • mutation or variation of that virus; and,
  • the fear or threat of any of the above.

A relatively narrow exclusion…

Compared to other LMA Communicable Disease exclusions, LMA5391 is a relatively narrow exclusion because:

  • the words ‘caused by or result from’ have the effect that the exclusion only applies where the listed items are the proximate cause of loss; and,
  • LMA5391 does not exclude all diseases transmissible between organisms, though the exclusion does extend to the underlying virus, mutations or variations thereof, and fear or threat of the preceding elements.

… but what about ‘variations’?

It is logical to exclude loss caused by mutations of SARS-CoV-2 on the basis that the virus was a cause of the loss. However, the word ‘variation’ in LMA5391 creates uncertainty since the exclusion could be applied to other coronaviruses on the basis that they are ‘variations’ of SARS-CoV-2 – this may not have been intended by the drafters of LMA5391, but the words are open to interpretation and this construction would not have been possible if the word ‘variation’ had been omitted.

The reason that the word ‘variation’ is significant is that some human coronaviruses continually circulate in the human population, such as human coronavirus OC43 (HCoV-OC43), human coronavirus HKU1 (HCoV-HKU1), human coronavirus 229E (HCoV-229E) and human coronavirus NL63 (HCoV-NL63). The symptoms of these human coronaviruses are generally mild, though others are more lethal –

  • Middle East respiratory syndrome-related coronavirus (MERS-CoV) has been identified as causing 858 deaths from outbreaks in 2012, 2015 and 2018; and
  • severe acute respiratory syndrome coronavirus (SARS-CoV) has been identified as causing 774 deaths between 2002 and 2004.

Regardless of its intention, LMA5391 should be explicit about whether other coronaviruses are within the scope of its exclusion.

LMA5393: Communicable Disease Endorsement for Property policies

Analysis of LMA5393

About LMA5393

Drafted by the Lloyd’s Market Association (LMA) and released in March 2020, LMA5393 has become a widely applied communicable disease endorsement for Property policies. This is unfortunate because, as demonstrated below, LMA5393 has a drafting deficiency that creates uncertainty for insureds, insurers and reinsurers.

Clause 1: the Communicable Disease Exclusion

A drafting deficiency

Interpreted literally, LMA5393 excludes loss or damage occurring at the same time as (‘concurrently with’):

  • a ‘Communicable Disease’; or
  • the fear or threat of a ‘Communicable Disease’.

Since LMA5393 does not literally require any connection or causation between the Communicable Disease, there would be no cover under the policy if, at the time of loss, someone – somewhere – had a Communicable Disease or feared a Communicable Disease. If an insurer applied this literal interpretation, the policy would no longer provide effective cover and, if challenged, a court would be likely to ‘read down’ or re-interpret the exclusion by determining the intention of the parties. A less likely alternative, however, would be for a court to strike out the endorsement in its entirety.

LMA5393 is the only LMA Communicable Disease exclusion to have this drafting deficiency.

What does clause 1 intend?

Determining the intention of the parties – and identifying the appropriate parties – is difficult because:

  • the clause was drafted by the LMA;
  • insurers applying LMA5393 may not have understood its drafting deficiency;
  • insurers may have recognised the drafting deficiency in LMA5393, but were required by reinsurers to apply it;
  • the insured is unlikely to have had any ability to negotiate the clause; and,
  • insurance brokers may have served as intermediaries between the insured and its insurers.

‘Read down’ version of LMA5393 clause 1

Prima facie, the simplest solution would be to ‘read down’ LMA5393 by:

  • removing the offending words, i.e. ‘or occurring concurrently or in any sequence with’; and,
  • moving them to the end of clause 1 for their intended effect, i.e. adding the words ‘, regardless of any other cause or event contributing concurrently or in any other sequence thereto’ after the words ‘(whether actual or perceived) of a Communicable Disease’.

An example of this ‘read down’ version of LMA5393 clause 1 is as follows:

This policy, subject to all applicable terms, conditions and exclusions, covers losses attributable to direct physical loss or physical damage occurring during the period of insurance. Consequently and notwithstanding any other provision of this policy to the contrary, this policy does not insure any loss, damage, claim, cost, expense or other sum, directly or indirectly arising out of, attributable to a Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease, regardless of any other cause or event contributing concurrently or in any other sequence thereto.

In most scenarios, this ‘read down’ version of LMA5393 clause 1 would be adequate to determine whether the exclusion applied. Nonetheless, this simple solution may not be the correct one if it does not give effect to the intention of the parties.

Re-drafting LMA5393 clause 1

Putting aside the drafting deficiency of ‘concurrently with’, LMA5393 is unusual in that its attribution language is limited to ‘arising out of’ and ‘attributable to’. LMA5394, for example, uses the words ’caused by’, ‘contributed to by’, ‘resulting from’, ‘arising out of’ and ‘in connection with’. LMA5394 therefore offers a guide to remedying LMA5393 and an amended clause 1:

This policy, subject to all applicable terms, conditions and exclusions, covers losses attributable to direct physical loss or physical damage occurring during the period of insurance. Consequently and notwithstanding any other provision of this policy to the contrary, this policy does not insure any loss, damage, claim, cost, expense or other sum, directly or indirectly caused by, contributed to by, resulting from, arising out of, or in connection with a Communicable Disease or the fear or threat (whether actual or perceived) of a Communicable Disease regardless of any other cause or event contributing concurrently or in any other sequence thereto.

What is LMA5393 excluding?

The answer to this question may depend on whether the ‘read down’ version or ‘re-drafted’ version of LMA5393 is applied. Specifically,

  • the ‘read down’ version of LMA5393 excludes damage or loss that ‘arises out of’ or is ‘attributable to’ a Communicable Disease or the fear or threat of a Communicable Disease. This would require the Communicable Disease to be a remote cause of the loss; whereas
  • at its broadest, the ‘re-drafted’ version of LMA5393 excludes damage or loss that has a ‘connection with’ a Communicable Disease or the fear or threat of a Communicable Disease. This would not require the Communicable Disease to be a cause – proximate or remote – of the damage or loss for the exclusion to apply.

Returning to the question: what is LMA5393 excluding? I do not think that anyone can be certain. LMA5393 appears to be a ‘market failure’ by the insurance industry because people who should have known better could not find the right words. Given this failure, a court may be reluctant to give insurers the benefit of the broader, re-drafted version of LMA5393 above, though this is speculation and not professional/legal advice.

Clause 2: clarification of exclusion

Clause 2 of LMA5393 of clarifies that the exclusion in clause 1 excludes costs to clean-up, detoxify, remove, monitor or test for a Communicable Disease or property insured that is affected by such Communicable Disease. While this may seem straightforward, there is a distinction between:

  1. a pathogen which causes a disease; and,
  2. a disease, which is a condition that affects an organism.

Strictly speaking, it would not be possible to ‘clean-up’ or ‘detoxify’ a disease. Furthermore, to ‘remove’ a disease would require the organism to be physically removed from a location. However, ‘monitoring’ or ‘testing’ for a disease is feasible, since this would simply require testing persons (or other organisms) to determine if they have the disease.

For consistency with clause 1, it would be preferable if clause 2 also referred to the ‘fear or threat (whether actual or perceived) of a Communicable Disease’. Given the breadth of clause 1, however, such an amendment does not appear strictly necessary.

Clause 3: definition of ‘Communicable Disease’

In clause 3 of LMA5393, ‘Communicable Disease’ is defined as ‘any disease which can be transmitted… from any organism to another organism’.  Requiring the disease to be transmissible between organisms does qualify the scope of the definition; food poisoning, for example, would not be excluded as a ‘Communicable Disease’ because it is transmitted by the ingestion of contaminated food or water, not by a pathogen that is transmitted between organisms.

Beyond this,

  • sub-clause 3.1 inclusively identifies types of pathogens;
  • sub-clause 3.2 inclusively identifies means of transmission; and,
  • sub-clause 3.3 identifies possible effects of the disease or pathogen.

None of these sub-clauses, however, are essential to the operation of the endorsement.

Clause 4: primacy clause

Clause 4 of LMA5393 is a ‘primacy clause’ which states that the endorsement shall apply to all extensions, additional coverages, exceptions and other coverage grants.

LMA5394: Communicable Disease Exclusion for property treaty reinsurance

Analysis of LMA5394

About LMA5394

Drafted by the Lloyd’s Market Association (LMA) and released in March 2020, LMA5394 is a Communicable Disease Exclusion for property treaty reinsurance.

Clause 1: the Communicable Disease Exclusion

At its broadest, LMA5394 excludes damage or loss ‘in connection with’:

  1. a Communicable Disease; or
  2. the fear or threat of a Communicable Disease.

Furthermore, LMA5394 is explicit that this exclusion will apply regardless of any other cause or event which may have contributed to the damage or loss.

Clause 2: definition of ‘Communicable Disease’

In clause 2 of LMA5394, ‘Communicable Disease’ is defined as ‘any disease which can be transmitted… from any organism to another organism’.  Requiring the disease to be transmissible between organisms does qualify the scope of the definition; food poisoning, for example, would not be excluded as a ‘Communicable Disease’ because it is transmitted by the ingestion of contaminated food or water, not by a pathogen that is transmitted between organisms.

Beyond this,

  • sub-clause 2.1 inclusively identifies types of pathogens;
  • sub-clause 2.2 inclusively identifies means of transmission; and,
  • sub-clause 2.3 identifies possible effects of the disease or pathogen.

None of these sub-clauses, however, are essential to the operation of the endorsement.

LMA5395: Coronavirus Exclusion for marine and energy liability policies

Analysis of LMA5395

About LMA5395

Drafted by the Lloyd’s Market Association (LMA) and released in April 2020, LMA5395 is a coronavirus exclusion for use on marine and energy liability policies.

The LMA5395 exclusion: clause 1

Broadly, clause 1 of LMA5395 excludes loss, damage and liability arising from the transmission (actual or alleged) of:

a) COVID-19;

b) SARS-CoV-2; or

c) any mutation of variation of SARS-CoV-2; or

d) any fear or threat of a), b) or c).

By excluding loss, damage and liability arising from the transmission of COVID-19, the drafters of LMA5395 appear to have misunderstood that it is a pathogen which is transmitted, not a disease. Technically, a ‘disease’ is a condition that negatively affects an organism and the condition will only develop after the pathogen has been transmitted. Given that the virus which causes COVID-19, SARS-CoV-2, has been excluded, this misunderstanding may not be material to the exclusion’s operation. But it is preferable that exclusions are consistent with science and, for disease exclusions, epidemiology.

COVID-19, SARS-CoV-2 and ‘variations’?

While many of the LMA clauses released at this time were ‘Communicable Disease’ exclusions, LMA5395 is limited to COVID-19 (i.e. the disease), SARS-CoV-2 (i.e. the virus which causes COVID-19) and ‘any mutation or variation of SARS-CoV-2’. While a mutation can be understood as having derived from SARS-CoV-2, the use of the term ‘variation’ is ambiguous since the term could be applied to other coronaviruses – this may not have been intended by the drafters of LMA5395, but the words are open to interpretation and this construction would not have been possible if the word ‘variation’ had been omitted.

The reason that the word ‘variation’ is significant is that some human coronaviruses continually circulate in the human population, such as human coronavirus OC43 (HCoV-OC43), human coronavirus HKU1 (HCoV-HKU1), human coronavirus 229E (HCoV-229E) and human coronavirus NL63 (HCoV-NL63). The symptoms of these human coronaviruses are generally mild, though others are more lethal –

  • Middle East respiratory syndrome-related coronavirus (MERS-CoV) has been identified as causing 858 deaths from outbreaks in 2012, 2015 and 2018; and
  • severe acute respiratory syndrome coronavirus (SARS-CoV) has been identified as causing 774 deaths between 2002 and 2004.

Regardless of its intention, LMA5395 should be explicit about whether other coronaviruses are within the scope of its exclusion.

The LMA5395 exclusion: clause 2

Clause 2 of LMA5395 states that the exclusion extends to liability and costs to ‘identify, clean up, detoxify, remove, monitor or test for a), b) or c) above’. While this may seem straightforward, there is a distinction between:

  • a pathogen which causes a disease; and,
  • a disease, which is a condition that affects an organism.

Strictly speaking, it would not be possible to ‘clean-up’ or ‘detoxify’ a disease. Furthermore, to ‘remove’ a disease would require the organism to be physically removed from a location. However, ‘monitoring’ or ‘testing’ for a disease is feasible, since this would simply require testing persons (or other organisms) to determine if they have the disease.

Since clause 2 is likely intended to be a clarification of clause 1, the omission of ‘fear or threat’ of a), b) or c) does not appear material. Nonetheless, its omission may create some ambiguity.

The LMA5395 exclusion: clause 3

Clause 3 of LMA5395 excludes liability, loss and costs that arise out of forms of financial loss as a result of ‘any of a), b) or c) above or the fear or the threat thereof’. Clause 3 is therefore best understood as a ‘consequential loss’ exclusion.

Clause paramount

Some LMA clauses contain a ‘primacy clause’ which states that the endorsement shall apply to all extensions, additional coverages, exceptions and other coverage grants. LMA5395 does not, but the opening statement of the endorsements states that ‘this clause shall be paramount and shall override anything contained in this insurance inconsistent therewith’. This statement has an equivalent effect to the primacy clauses of other LMA disease exclusions.

LMA5396: Communicable Disease Exclusion for liability policies

Analysis of LMA5396

About LMA5396

Drafted by the Lloyd’s Market Association (LMA) and released in April 2020, LMA5396 is a communicable disease exclusion for use on liability policies.

Clause 1: the ‘Communicable Disease’ exclusion

At its broadest, LMA5396 excludes liability and costs ‘in connection with’:

  1. a Communicable Disease; or
  2. the fear or threat of a Communicable Disease.

Because all that is required between the loss and Communicable Disease is a ‘connection’, the Communicable Disease may not need to be a cause of the loss for the exclusion to apply. The breadth of the exclusion is also demonstrated by the anti-concurrent causation phrase ‘regardless of any other cause contributing concurrently or in any sequence’ in clause 1.

Clause 2: clarification of exclusion

Clause 2 of LMA5396 clarifies that the exclusion of clause 1 includes costs to clean-up, detoxify, remove, monitor or test for a Communicable Disease. While this may seem straightforward, there is a distinction between:

  • a pathogen which causes a disease; and,
  • a disease, which is a condition that affects an organism.

Strictly speaking, it would not be possible to ‘clean-up’ or ‘detoxify’ a disease. Furthermore, to ‘remove’ a disease would require the organism to be physically removed from a location. However, ‘monitoring’ or ‘testing’ for a disease is feasible, since this would simply require testing persons (or other organisms) to determine if they have the disease.

Clause 3: definition of ‘Communicable Disease’

In clause 3 of LMA5396, ‘Communicable Disease’ is defined as ‘any disease which can be transmitted… from any organism to another organism’.  Requiring the disease to be transmissible between organisms does qualify the scope of the definition; food poisoning, for example, would not be excluded as a ‘Communicable Disease’ because it is transmitted by the ingestion of contaminated food or water, not by a pathogen that is transmitted between organisms.

Beyond this,

  • sub-clause 3.1 inclusively identifies types of pathogens;
  • sub-clause 3.2 inclusively identifies means of transmission; and,
  • sub-clause 3.3 identifies possible effects of the disease or pathogen.

None of these sub-clauses, however, are essential to the operation of the endorsement.