A Major Problem with the Mk.IV Advisory ISR Policy

June 21, 2026 by Stephen Tomlinson

Overview

This article considers the Mk.IV Advisory ISR policy and how its indemnity clauses make no reference to events occurring “during the Period of Insurance”. While this omission was addressed in the Mk.IV Modified ISR policy, many ISR policies transacted in Australia:

continue to use the Mk.IV Advisory ISR policy; or
are based on the Mk.IV Advisory ISR policy and repeat this omission.

In my view, the Mk.IV Advisory ISR policy was never intended to operate differently from the vast majority of Property policies. To the extent that the Mk.IV Advisory ISR policy has been interpreted differently, this has been based on an incorrect interpretation of the policy’s “operative clause”. This is a problem which has created a significant coverage gap and has a simple solution, but remains unaddressed by the insurance industry.

1. The Mk.IV Advisory ISR: “insured events” and the “Period of Insurance”

The Mk.IV Advisory and Mk.IV Modified ISR policies both have the same “operative clause”:

Whereas the Insured named in the Schedule has paid or agreed to pay to the Insurer(s) specified below the Premium shown on the Schedule, now the Insurer(s) agree(s), subject to the terms, Conditions, Exclusions, Memoranda, Warranties, limitations and other provisions contained herein or endorsed hereon, to indemnify the Insured as specified herein, against loss arising from any insured events which occur during the Period of Insurance stated in the Schedule or any renewal thereof. [emphasis added]

However, The Indemnity clauses in Sections 1 and 2 of the Mk.IV Advisory ISR make no reference to the “Period of Insurance”. For example, The Indemnity in Section 1 of the Mk.IV Advisory ISR reads as follows:

THE INDEMNITY
In the event of any physical loss, destruction or damage (hereinafter in Section 1 referred to as ‘damage’ with ‘damaged’ having a corresponding meaning) not otherwise excluded happening at the Situation to the Property Insured described in Section 1 the Insurer(s) will, subject to the provisions of this Policy including the limitation on the Insurer(s) liability, indemnify the Insured in accordance with the applicable Basis of Settlement.

In Understanding the ISR^[1], Manning identifies a problem with this indemnity clause:

[The Indemnity] makes no reference to the damage occurring during the Period of Insurance. Underwriters soon learned that this created a deficiency in the Policy from their perspective, in that claims have been made and paid where the occurrence giving rise to the damage occurred during the Period of Insurance but the Damage occurred after the Policy had expired. [emphasis added]

These claims arose because of how the words “any insured events which occur during the Period of Insurance” in the operative clause of the Mk.IV Advisory ISR policy were interpreted.

2. Vintix v Lumley General Insurance

Manning refers to Vintix Pty Ltd v Lumley General Insurance Ltd (1991) 6 ANZ Insurance Cases 61-050^[2] (‘Vintix‘) as an example of a claim where the occurrence giving rise to the damage occurred in a different period of insurance to the damage.

In Vintix, Giles J considered that the proximate cause of the damage in that claim was an earthquake which occurred on 28 December 1989, while the damage upon which the claim was based resulted from heavy rains that occurred six weeks later in February 1990. But the issue of which policy responded, i.e.

the policy in force during the proximate cause event, or
the policy in force when the damage occurred,

was not at issue in Vintix. Furthermore, Vintix did not involve a Mk.IV ISR policy. Vintix’s usefulness is therefore limited to an example where damage occurred subsequently to its proximate cause.

For completeness, Vintix was appealed to the New South Wales Court of Appeal: see Lumley General Insurance v Vintix Pty Ltd (1991) 6 ANZ Insurance Cases 61-087^[3]. While determining proximate cause wasn’t relevant to the issues before the court (since the policy covered both “earthquake” and “storm and/or tempest and/or rainwater”), two judges considered that rain was the proximate cause of damage, while the other judge considered earthquake to be the proximate cause.

3. What does the Mk.IV Advisory ISR mean?

I have not been able to find any Australian cases where a court has considered the Mk.IV Advisory ISR policy and what is meant by:

its operative clause referring to “insured events which occur during the Period of Insurance”; and
its indemnity clause being silent about the Period of Insurance.

To the extent that claims have been “made and paid” (to use Manning’s words) under Mk.IV Advisory ISR policies based on when the proximate cause occurred, this seems to be based on a misunderstanding of the words “insured events” as they are used in the operative clause. Because the totality of insurance theory, insurance law and other passages in the Mk.IV Advisory ISR policy – as considered in 3A., 3B. and 3C., below – strongly suggest that the “insured events” in the operative clause of the Mk.IV Advisory ISR policy (and the Mk.IV Modified ISR policy) are:

under Section 1 of the policy, “damage” (i.e. physical loss, damage or destruction); and
under Section 2 of the policy, “Damage” (i.e. loss, destruction or damage caused by any cause or event not excluded).

3A. The ISR: a policy of indemnity

The ISR policy is a policy of indemnity, and the insured only suffers loss when damage occurs. Until the damage occurs, the insurer has no obligation to indemnify the insured. In Globe Church Incorporated v Allianz Australia Insurance Limited (2019) 99 NSWLR 470 at 209, the majority (Bathurst CJ, Beazley P and Ward JA) held that:

Absent a provision in an indemnity insurance policy that makes lodgement of a claim a condition precedent to liability, the concept of a promise to indemnify (to make good the loss or to hold harmless against loss) in the context of a property damage insurance policy is such that the promise is enlivened when the property damage is suffered. Unless it be necessary for there to be a claim on the insurer to give rise to the liability, it is at the point of property damage that the insured has not been held harmless against the loss… [emphasis added]

In its “Observance of Terms and Conditions” clause, the Mk.IV Advisory ISR policy makes the “due observance and fulfilment” of the policy’s conditions and other terms of the policy conditions precedent to the insurer’s liability (“insofar as the same are capable of being construed as such”). If the insured did not exercise “due observance and fulfilment” of the Notification of Claims condition, then the insurer’s promise to indemnify would only be enlivened upon satisfactory notification. But the responding policy would still be that which was in force when the damage occurred.

3B. Other ISR policies and questions of intent

This issue with the Mk.IV Advisory ISR policy does not arise in the Mk.IV Modified ISR policy. In the Mk.IV Modified ISR policy, The Indemnity clauses in Section 1 and Section 2 were amended to contain the words “during the Period of Insurance”. For the Mk.IV Modified ISR policy, its Section 1 indemnity clause is as follows:

In the event of any physical loss, destruction or damage (hereinafter in Section 1 referred to as ‘damage’ with ‘damaged’ having a corresponding meaning) not otherwise excluded happening during the Period of Insurance at the Situation to the Property Insured described in Section 1 the Insurer(s) will, subject to the provisions of this Policy including the limitation on the Insurer(s) liability, indemnify the Insured in accordance with the applicable Basis of Settlement. [emphasis added]

The drafters of the Mk.IV Modified ISR policy made this change to remove any ambiguity about how the Mk.IV Modified ISR policy would operate. Interestingly, the drafters of the Mk.IV Modified ISR policy did not change the Operative Clause of that policy. Since it is highly likely that they would have considered the Operative Clause in conjunction with The Indemnity, the fact that they did not amend the Operative Clause suggests that:

they considered its “insured events” to be “damage” under Section 1 and “Damage” under Section 2; and
adding “during the Period of Insurance” to The Indemnity was strictly a clarification, rather than a significant change in how the policy would operate.

Separately, in the Mk.V Advisory ISR and Mk.V Modified ISR policies, the Extent of Cover clauses are explicit that “the Insured will indemnify the Insured against Damage occurring to Property Insured during the Period of Insurance”.

While I haven’t read every Property insurance policy, the overwhelming majority of such policies are explicit that they are enlivened by damage which occurs during the period of insurance. The Mk.IV Advisory ISR is highly unusual in that its indemnity clauses do not have this requirement. This invites the following questions:

was omission of the words “during the Period of Insurance” from The Indemnity clauses an oversight from the drafters of the Mk.IV Advisory ISR policy? Or,
did the drafters of the Mk.IV Advisory ISR policy intend for the policy to operate differently from the overwhelming majority of Property policies? If this was their intention, it is hard to believe that they would not have made that intention explicit.

As such, the omission of the words “during the Period of Insurance” from The Indemnity clauses of the Mk.IV Advisory ISR policy appears to be an oversight.

3C. The Property Insured

In the Mk.IV Advisory ISR policy, the clause titled “The Property Insured” provides that the definition of Property Insured is based on “the occurrence of any damage”, not the occurrence of an event (not otherwise excluded) which may cause damage:

THE PROPERTY INSURED
All real and personal property of every kind and description (except as hereinafter excluded) belonging to the Insured or for which the Insured is responsible, or has assumed responsibility to insure prior to the occurrence of any damage, including all such property in which the Insured may acquire an insurable interest during the Period of Insurance. [emphasis added]

If the Mk.IV Advisory ISR policy was intended to respond to the insured peril, then this should read “prior to the occurrence of the insured event”, or similar. It would be unfair for the insurer if property could become Property Insured after an event not otherwise excluded occurs, because the occurrence of such an event materially changes the risk.

3D. Summary

There is a significant and obvious conflict between:

the strong arguments that the “insured events” in the operative clause of the Mk.IV Advisory ISR policy are intended to be “damage” and “Damage” under Sections 1 and 2 of the Mk.IV Advisory ISR, respectively; and
claims that have been “made and paid” under Mk.IV Advisory ISR policies based on when the insured peril occurred.

4. Coverage gap created by the Mk.IV Advisory ISR

It is dangerous for insureds, their advisers and insurers to be relying on Mk.IV Advisory ISR policies given this conflict and uncertainty about policy response. Furthermore, this issue is not strictly limited to Mk.IV Advisory ISR policies: many broker-branded ISR policies and manuscript ISR policies are based on the Mk.IV Advisory ISR.

A potential coverage gap arises if an insured moves from a Mk.IV Modified ISR policy to a Mk.IV Advisory ISR policy for the subsequent policy period. For example, consider a scenario where:

an event not otherwise excluded occurs one day before the insured’s Mk.IV Modified ISR policy (or any other Property policy which is enlivened by damage during the period of insurance) is due to expire; and
the insured moves to a Mk.IV Advisory ISR policy (or an ISR policy based on the Mk.IV Advisory ISR) and damage occurs during that period of insurance.

If the Mk.IV Advisory ISR is treated as being enlivened by events not otherwise excluded during the period of insurance, then neither policy will respond to this damage or the resultant business interruption loss. If the policies provided equivalent coverage and the insurers of both policies were the same, then the insurers may agree to cover the loss and it is only a timing issue as to which policy responds. But if the policies would respond differently or the insurers are not the same, then it is not simply a timing issue: there is a real possibility of a disputed claim because the liability of the insurers may differ. Insureds, brokers and insurers should not find themselves in this position.

5. The solution: amend wordings without “during the Period of Insurance”

The solution to this problem is straightforward: Mk.IV Advisory ISR policies, and those based on such policies, should be amended to match the Mk.IV Modified ISR policy so that they operate similarly to the overwhelming majority of Property policies. Specifically,

in The Indemnity in Section 1 of the Policy, the words “during the period of insurance” should be added after the word “happening”; and
in The Indemnity in Section 2 of the Policy, the words “during the period of insurance” should be added after the word “damaged”.

While the solution is straightforward, implementation is not. While insurers are treated as the authors of insurance policies at law, insurance brokers are often responsible for those policies in practice. Furthermore, insurance brokers often:

oppose changes to those insurance policies; and
oppose insurers applying endorsements to amend them,

even when those changes or endorsements are eminently sensible. It is a sad reflection on the Australian insurance industry that this has been a known problem for over 30 years, that there is a straightforward solution for it, and that the problem persists. Insureds deserve better.

Securities and the ISR Policy

May 15, 2026 by Stephen Tomlinson

Overview

This article considers the tangibility of securities and how securities are treated under the ISR policy. “Dematerialisation” and “immobilisation” have changed the nature of securities, yet the ISR policy and the attitudes of many insurance professionals have not evolved. There are clear problems with insuring securities under the ISR policy and an equally clear solution: the Crime policy.

Tangible property and basis of settlement clause (e)

The definition of Property Insured in the Mk.IV Modified ISR policy requires property to be “tangible”, though this requirement is strangely absent from the Mk.IV Advisory ISR. Furthermore, in the Mk.IV Modified ISR, basis of settlement clause (e) is as follows:

(e) On computer systems records, documents, manuscripts, securities, deeds, specifications, plans, drawings, designs, business books and other records of every description:
The cost of repairing, replacing, reproducing or restoring same, including information contained therein or thereon but excluding the value to the Insured of the said information or, if repair, replacement, reproduction or restoration is not carried out with reasonable despatch, the replacement cost of materials as blank stationary at the time and place of the damage.

There are two obvious problems with this provision:

there is cover for computer systems records, i.e. data. Since data is not tangible property, cover for computer systems records conflicts with the requirement that Property Insured be tangible; and
there is cover for “securities”. Like data, a security is intangible property: it is an interest in property such as a stock or bond. That interest may be recorded in a document such as a certificate. But since basis of settlement clause (e) excludes “the value to the Insured of the said information”, the policy does not intend to indemnify the insured for the loss of the value of the securities themselves. Rather, the policy covers the physical certificate which evidences ownership of the securities. The policy would therefore be clearer if “securities” was replaced with “certificates of securities”, something which is addressed in the SECURXS4 endorsement.

The SECURXS4 endorsement

A common endorsement for ISR policies is the SECURXS4 Securities endorsement which removes “securities” from basis of settlement clause (e) and provides its own basis of settlement for “Securities”:

SECURXS4 Securities
Basis of Settlement (e) is amended by deleting the word “securities”. In the case of Securities (which shall mean certificates of stock, bonds, coupons and all other types of securities), the basis of valuation shall be:
(a) if, with the approval of the Insurer(s), the Securities can be replaced, the cost of replacement paid or payable by the Insured; or
(b) if the Securities cannot or are not to be replaced by the Insured, the greater of:
(i) the price for which the Insured purchased them, and
(ii) the closing market value on the last business day prior to the date of discovery by the Insured of the loss or destruction of the Securities or, if the time of discovery by the Insured is after the close of the market, their closing market value on the day of discovery by the Insured of the loss or destruction of the Securities.
(c) in the case of a loss of subscription, conversion or redemption privileges through the loss of any Security, the value of such privileges immediately preceding the expiration thereof,
such valuation being in the currency in which the loss was sustained. Losses sustained in currencies other than Australian dollars shall be settled by converting the amount of loss to Australian dollars at the market rate as set by the Reserve Bank of Australia at the time of settlement of the loss or such other rates as may be expressly agreed with the Insurer(s). If there is no market price or value on the relevant day stated herein, then the value shall be agreed between the Insured and the Insurer(s) or, in default thereof, the Insured and the Insurer(s) shall submit to arbitration and be bound by the decision of the Umpire.

The SECURXS4 endorsement refers to “certificates of stock, bonds, coupons and all other types of securities” [emphasis added]. Here, the words “certificates of” apply to “all other types of securities”, such that “damage” (i.e. physical loss, damage or destruction) of a certificate is required for indemnity.

Since the SECURXS4 endorsement indemnifies the insured for the cost of replacement (or alternatives based on the value of the securities), rather than the cost of replacing the certificate, there is – prima facie – greater cover for the insured and exposure for the insurer.

The NEGINXB4 endorsement

Relatedly, the NEGINXB4 endorsement is as follows:

NEGINXB4 Money – Extended Definition
The definition of Money extends to include travellers cheques, securities and negotiable instruments.

The NEGINXB4 endorsement presents its own problems because it is not explicit whether:

securities and negotiable instruments are covered; or
certificates of securities and certificates of negotiable instruments are covered.

The NEGINXB4 endorsement has been cited as relevant to the theft of certificates of securities, with the September 1986 theft from the Hospital Superannuation Board office in Hawthorn (a suburb of Melbourne) used as an example. There, thieves stole “Aussie Mac” bonds which had a face value of $3,000,000. These bonds were “bearer bonds”, i.e. negotiable instruments that could be redeemed through banks or brokers, and could not be cancelled.

1986, however, was a different time and things have changed…

Is anybody still holding certificates of securities?

In modern times, the vast majority of securities have been:

“dematerialised”, i.e. they exist only as electronic records; or
“immobilised”, i.e. physical certificates (where they exist) are held in a central vault, with ownership transferred electronically.

To the extent that physical certificates are still used, securities exchanges in advanced economies are implementing dematerialisation to reduce costs, reduce risk and provide shorter settlement periods.

It is not uncommon for ISR policies to have the SECURXS4 endorsement and a sub-limit in the Schedule against “Securities”. But for the vast majority of insureds, that endorsement and its sub-limit won’t achieve anything because the insured doesn’t hold physical certificates of securities.

In Australia in 2026, certificates of securities are only likely to exist for:

physical share certificates issued by unlisted companies and private equity that are not part of a centralised registry; and
promissory notes or commercial paper, i.e. physical documents that may be issued for private debt transactions.

The problems with insuring securities under an ISR

From an insurer’s perspective, cover for certificates of securities is problematic because:

certificates of securities are highly liquid and portable. This makes them susceptible to theft and disappearance in ways that other tangible property (e.g. buildings, machinery) is not; and
under the SECURXS4 endorsement, the basis of settlement is:
1. the replacement cost; or
2. the closing market value.

For the securities identified above (i.e. those of unlisted companies, promissory notes and commercial paper), these securities are not traded such that the insured and insurer would need to agree a value. For many securities, this will not be straightforward. If the insured and insurer cannot agree, then the SECURXS4 endorsement provides for arbitration. But arbitration provisions are void under section 43 of the Insurance Contracts Act 1984 (Cth).

From an insured’s perspective, cover for securities is significantly restricted by Perils Exclusion 7(a)(i) which excludes physical loss, destruction or damage occasioned by or happening through:

“fraudulent or dishonest acts, fraudulent misappropriation, embezzlement, forgery, counterfeiting data corruption, unauthorised amendment of data and erasure by electronic or non electronic means involving the Property Insured by the Insured or any employee(s) of the Insured acting alone or in collusion with any other person(s)”.

These are likely the greatest risks for securities, followed by these acts being perpetrated by parties without a connection to the Insured or its employees.

Conclusion

Given dematerialisation, immobilisation, the nature of securities, the limitations of the SECURXS4 endorsement and Perils Exclusion 7(a)(i), securities should not be covered under ISR policies. Rather, securities should be insured under a Crime insurance policy. Crime policies address the most significant risks to securities, such as theft, disappearance, forgery and fraudulent transfer, both by employees of the insured and third parties. Furthermore, Crime policies can cover securities against physical perils, though insureds should review the terms of the policy to understand the cover.

In 2026 and beyond, there is no good reason for insureds (or their brokers) to continue covering securities under an ISR policy. If the ISR policy is to evolve in the 21st century, removing cover for securities so that such property can be appropriately insured under a Crime policy would be but one step among many.

Not all ISR sub-limits are equal (or “cumulative”)

March 13, 2026 by Stephen Tomlinson

Introduction

The Mk.IV ISR policy is not explicit about how its Limit of Liability and Sub-Limits of Liability (collectively, “limits”) apply. Like many aspects of the Mk.IV ISR policy, an understanding of how limits apply is often acquired through experience. This article, however, uses examples to show how limits should apply.

A Mk.IV ISR example: Premises in the Vicinity (Prevention of Access)

Let’s say:

damage occurs to property in the vicinity of the insured location (the “Premises”);
damage from that peril is insured under the policy, if such damage occurred to Property Insured;
the damage prevents access to the Premises; and
there is interruption with the Business in consequence of the damage.

Under the “Premises in the Vicinity (Prevention of Access)” memorandum, these circumstances are “deemed to be loss resulting from Damage to property used by the Insured at the Premises”, which enables the insured to claim business interruption loss under The Indemnity in “Section 2 – Consequential Loss”. That indemnity is subject to the “limitation on the Insurer(s) liability” and the amount of loss is calculated “in accordance with the applicable Basis of Settlement”. Accurate use of singulars and plurals is not a strength of the Mk.IV ISR, since the applicable Bases of Settlement could be:

Loss of Gross Profits;
Claim Preparation Costs;
Pay-Roll; and
Additional Increase in Cost of Working.

So, what is the “limitation on the Insurer(s) liability”? Well, let’s say the policy has the following Sub-Limits of Liability:

Premises in the Vicinity (Prevention of Access): $250,000;
Claim Preparation Costs: $1,000,000; and
Additional Increase in Cost of Working: $1,000,000.

While Loss of Gross Profits and Pay-Roll (assuming Pay-Roll is insured separately) would have declared values, they do not have Sub-Limits of Liability.

If Loss of Gross Profits and Pay-Roll were claimed up to their declared values as a result of a Premises in the Vicinity (Prevention of Access) claim, it would render the Sub-Limit of Liability for Premises in the Vicinity (Prevention of Access) meaningless. Clearly, the Sub-Limit of Liability for Premises in the Vicinity (Prevention of Access) must be an overarching limit – “the limitation on the Insurer(s) liability” – and amounts payable under the other bases of settlement must fall within both their own Sub-Limits of Liability (if any) and that “limitation”.

There is no rational basis to claim that the Sub-Limits of Liability for Claim Preparation Costs and Additional Increase in Cost of Working should not be subject to the Sub-Limit of Liability for Premises in the Vicinity (Prevention of Access). The purpose of a Sub-Limit of Liability is to limit the insurer’s exposure, and this purpose is defeated if the insurer’s exposure is not $250,000, but potentially $2,250,000. Consider the amounts of the Sub-Limits of Liability: in this example (from a real policy), the Additional Increase in Cost of Working Sub-Limit is four times that of Premises in the Vicinity (Prevention of Access). Again, the purpose of the Sub-Limit of Liability on Premises in the Vicinity (Prevention of Access) is defeated if the Loss of Gross Profits and Pay-Roll components of the claim were limited to $250,000, but the insured could claim up to $1,000,000 for each of Claim Preparation Costs and Additional Increase in Cost of Working.

From the paragraph above, it is clear that “the limitation on the Insurer(s) liability” – as referred to in The Indemnity in “Section 2 – Consequential Loss” can be a Limit of Liability or a Sub-Limit of Liability. Since the same words, i.e. “the limitation on the Insurer(s) liability”, are used in The Indemnity in Section 1, it can be safely concluded that the same applies there.

Another Mk.IV ISR example: Flood

Let’s consider another example where a Policy has the following Sub-Limits of Liability. For Section 1:

Removal of Debris: no sub-limit;
Landscaping: $250,000;
Extra Cost of Reinstatement: $1,000,000;
Additional Extra Cost of Reinstatement: $500,000;
Expediting Costs: $50,000; and
Liability to Make Enquiries: $250,000.

For Section 2:

Claim Preparation Costs: $1,000,000; and
Additional Increase in Cost of Working: $1,000,000.

And for Sections 1 and 2 combined:

Flood: $10,000,000.

Now, let’s say Property Insured at the Premises is damaged by Flood, and that the total amount of the damage and resultant business interruption is $20,000,000.

The previous example established that “the limitation on the Insurer(s) liability” can be a Limit of Liability or a Sub-Limit of Liability and, if a Sub-Limit of Liability, such limit is an overarching limit within which other Sub-Limits of Liability operate. Given this, it should be clear that the insurer’s liability is limited to the Sub-Limit of Liability against Flood, i.e. $10,000,000. It would defy logic to claim that the Sub-Limits should apply cumulatively (i.e. “stacking of sub-limits”) and that the insurer’s liability (assuming all other limits could be exhausted) should be $14,050,000, i.e. $10,000,000 plus $250,000 plus $1,000,000 plus $500,000 plus $50,000 plus $250,000 plus $1,000,000 plus $1,000,000. If the limits could stack, perversely, the insured would be disadvantaged by not having a sub-limit for Removal of Debris.

The Mk.V ISR

In the Mk.V ISR, its definition for Limit of Liability includes the following: “If more than one Limit or Sub-Limit of Liability applies, the lesser amount shall be payable”. This was intended to clarify the position in the Mk.IV ISR where “the limitation on the Insurer(s) liability” for a loss could be a Limit of Liability or a Sub-Limit of Liability. Unfortunately, the Mk.V ISR wasn’t clear about when a Limit or Sub-Limit of Liability would “apply” as an over-arching limit. Because if there is not a Sub-Limit of Liability applying as an overarching limit, then the Sub-Limits of Liability in the policy will apply cumulatively (as, for example, in a typical fire claim).

For the Mk.V ISR, the TOPLIM01 endorsement is as follows:

TOPLIM01 Precedence of Sub-Limits

In Definition 1.8, the sentence reading “If more than one Limit or Sub-Limit of Liability applies, the lesser amount shall be payable” is amended to read:

If more than one Limit or Sub-Limit of Liability applies, the greater amount shall be payable.

Respectfully, this endorsement doesn’t make sense. If a policy has a Limit of Liability and, say, a Flood Sub-Limit of Liability, would anyone seriously suggest that the lower Flood Sub-Limit of Liability should be ignored and that the policy’s Limit of Liability should apply to Flood claims? One would hope not, though stranger things have happened.

Addressing the sub-limit problem

Above, I’ve considered a Premises in the Vicinity (Prevention of Access) claim and a Flood claim. So, contingent business interruption and particular perils/circumstances/events can give rise to an overarching Sub-Limit of Liability (i.e. a Sub-Limits of Liability that acts like a Limit of Liability because it is the maximum amount payable).

Although less common, an overarching Sub-Limit of Liability could also arise if a Sub-Limit of Liability applies to a particular item of property. Obviously, however, if damage occurred to both Sub-Limited and not-Sub-Limited property, then the Sub-Limit would only apply to the Sub-Limited property.

To address the operation of Sub-Limits of Liability and Limits of Liability, I drafted a clause that sought to explain how Sub-Limits of Liability should operate, which recognised that:

Sub-Limits of Liability apply independently of each other, subject to exceptions;
those exceptions are when a Sub-Limit of Liability applies to: a peril, event or circumstance; a particular location (i.e. Premises/Situation); contingent business interruption covers; or Property Insured;
if such a Sub-Limit of Liability applies, it is the maximum amount payable by the insurer;
if more than one such Sub-Limit of Liability applies, then the lowest Sub-Limit of Liability is the maximum amount payable (consider Flood enlivening the Premises in the Vicinity (Prevention of Access) memorandum; and
if damage occurs to Property Insured and only part of that Property Insured is subject to a Sub-Limit of Liability, that Sub-Limit of Liability will only apply to that part of the Property Insured.

To demonstrate the operation of the clause, examples were included.

Are so many words needed to solve this problem? Respectfully, the number of words isn’t necessarily a problem. But ambiguity and confusion over the proper operation of Sub-Limits of Liability is a problem. Shouldn’t insurance practitioners be trying to provide clarity?

Post-script: Non-Marine Property Physical Loss or Damage Wording (LMA3182)

After initially drafting this article, I came across the LMA’s Non-Marine Property Physical Loss or Damage Wording (LMA3182). It has sought to address the operation of limits with the following:

LIMIT OF LIABILITY

The Underwriters’ maximum liability in a single Occurrence regardless of the number of Locations or coverages involved will not exceed the Policy limit of liability as specified in the Schedule. However, when a sub-limit of liability for a Location or other specified property or coverage is shown, such sub-limit will be the maximum amount payable for any loss or damage arising from direct physical loss or damage at such Location or involving such other specified property or such coverage. [emphasis added]

Each Sub-limit stated in this Policy applies as part of, and not in addition to, the overall Policy Limit of Liability for an Occurrence insured hereunder. Each Sub-limit is the maximum amount potentially recoverable from all insurance layers and program policies combined for all insured loss, damage, expense, Time Element or other insured interest arising from or relating to that aspect of the Occurrence, including but not limited to type of property, construction, geographic area, zone, location, or peril.

If insured under this Policy, any Sub-limit for Earth Movement, Flood, Windstorm or Named Storm, is the maximum amount potentially recoverable from all insurance layers combined for all insured loss, damage, expense, Time Element or other insured interest arising from or relating to such an Occurrence. [emphasis added] If Flood occurs in conjunction with a Windstorm, Named Storm or Earth Movement, the Flood Sub-limit applies within and erodes the Sub-limit for that Windstorm or Named Storm, or Earth Movement.

Here,

the first paragraph provides that sub-limits of liability for locations and property can be over-arching sub-limits (i.e. “the maximum amount payable…”); and
the third paragraph provides that sub-limits on particular events (Earth Movement, Flood, Windstorm or Named Storm) can be over-arching sub-limits (i.e. “the maximum amount potentially recoverable…”).

I commend the LMA on seeking to provide greater clarity about the operation of sub-limits. The LMA’s approach is different to that which I proposed above and, specifically, it doesn’t:

state a default position that sub-limits of liability apply independently;
address sub-limits of liability for contingent business interruption covers; or
state that the lower over-arching sub-limit will apply.

Some insurance professionals may not consider that these things need to be stated explicitly but, as above, my experience suggests otherwise and clarity is preferable.

Improving the ISR: deleting the Amount of Policy Not Reduced by Loss memorandum, and explaining Event and Aggregate Limits

February 7, 2026 by Stephen Tomlinson

Introduction

This article provides two suggestions for improving the Industrial Special Risks (ISR) policy:

deleting the Amount of Policy Not Reduced by Loss memorandum; and
relatedly, explaining “event” and “aggregate” limits.

The Amount of Policy Not Reduced by Loss memorandum

In the Mk.IV ISR policy, the “Amount of Policy Not Reduced by Loss” memorandum appears in the Memoranda Applicable to All Sections:

Amount of Policy not Reduced by Loss
The insurance under each section and/or item of this Policy and the Indemnity Period shall be automatically reinstated in the event of any loss in consideration of the payment by the Insured of a pro-rata additional premium calculated on the amount of the loss settlement at the rate(s) agreed for the Period of Insurance.

Ultimately, this memorandum doesn’t make sense in the ISR policy and should be deleted.

In the ISR policy, the Limit of Liability and Sub-Limits of Liability apply “for any one loss or series of losses arising out of any one event at any one Situation” (i.e. per event and per Situation). Subject to the exceptions (see “Event and Aggregate Limits”, below), the quoted words mean that:

If an event affects multiple locations, the Limit of Liability and Sub-Limits of Liability apply to each location (“Situation”) separately; and
For each event, the full amounts of the Limit of Liability and Sub-Limits of Liability are available. That is, the Limit of Liability and Sub-Limits of Liability are not reduced (or “eroded”) by previous events.

Given this, the “insurance under each section and/or item of this Policy and the Indemnity Period” (as those words are used in the “Amount of Policy not Reduced by Loss” memorandum) does not need to be reinstated by the payment of additional premium, because the insurance was never reduced in the first place.

In this respect, the Limit of Liability and Sub-Limits of Liability in the ISR policy are fundamentally different from the “sums insured” in other Property policies which may be eroded by loss.

Event and Aggregate Limits

So, what about those exceptions? In the ISR policy, Sub-Limits of Liability (and, potentially, Limits of Liability) may apply:

“per event” or “any one event”; and/or
“in the aggregate” or “in the annual aggregate”.

While these terms are reasonably well understood within the insurance industry, their meaning may not be clear to those outside it – and this can create confusion for insureds. At their most basic,

If a limit applies “per event” or “any one event”, then that limit is intended to apply across all insured locations combined. For example, if an insured has multiple locations that are affected by a single Flood event, and there is a Flood limit of $1,000,000 applying “per event”, then the insured would only be able to claim $1,000,000 in respect of that Flood event, regardless of the number of insured locations affected; and
If a limit applies as an “annual aggregate”, then it is intended to apply for all such events occurring during the Period of Insurance. Ambiguity may arise, however, as to whether an aggregate limit applies to a) each location individually or b) all locations combined – this is considered below (see “Clarifying aggregate limits”).

So a limit of liability which applies as an “annual aggregate” could be eroded. But it doesn’t make sense for an annual aggregate limit to be automatically reinstated for a pro-rata additional premium calculated on the loss (to paraphrase the Amount of Policy not Reduced by Loss memorandum) because:

the rationale for an “annual aggregate” limit is to limit the insurer’s exposure;
the amount of the loss settlement may not be known until well after the event which has caused the damage. This is particularly relevant if there is resultant business interruption. If the insured hasn’t made the payment, is the insurance reinstated? The wording memorandum of the memorandum suggests that the answer is “no”; and
if there’s a total loss, what would the reinstated insurance be covering? Why should the insured be required to pay a premium if there is no property to be insured?

Hopefully, the preceding discussion demonstrates that the “Amount of Policy not Reduced by Loss” memorandum serves no purpose in the ISR policy. It should be deleted.

Clarifying aggregate limits

As describe above, ambiguity may arise as to whether an aggregate limit applies to a) each location individually or b) all locations combined. It is therefore prudent for insurance brokers and insurers to define these terms. An example of such a definition is as follows:

Event and Aggregate Limits

Where the term “per event” or “any one event” is stated for any Limit of Liability or Sub-Limit of Liability, the amount of that Limit of Liability or Sub-Limit of Liability represents the Insurer’s maximum liability for any one event in respect of the Period of Insurance for all insured locations combined.

Where the term “annual aggregate” is stated for any Limit of Liability or Sub-Limit of Liability, the amount of that Limit of Liability or Sub-Limit of Liability represents the Insurer’s maximum liability:

a) for any one event; and

b) in the aggregate,

in respect of the Period of Insurance for all insured locations combined.

The second paragraph of this example may seem unnecessarily wordy. However, aggregate limits could apply to events like Flood or to contingent business interruption covers (i.e. covers that do not require damage to property used by the insured at the insured location). Furthermore, the words “in respect of the Period of Insurance” are used because an indemnity period could commence during the Period of Insurance but extend beyond it – this makes the phrase “during the Period of Insurance” problematic. There may be better ways of explaining event and aggregate limits but, for now at least, the above should suffice as an example.

The Indemnity Principle, Replacement Cost Insurance and Reasonable Despatch

February 1, 2026 by Stephen Tomlinson

In the context of Property insurance, this article considers:

the indemnity principle;
replacement cost insurance; and
the reasonable despatch requirement.

While the article focusses on the Australian Industrial Special Risk (ISR) policy, it is relevant to Property and Material Damage Business Interruption (MDBI) policies generally.

What is the indemnity principle?

The indemnity principle means that the insured is restored to their position prior to the loss. Where an insurance policy covers real property, the insured can only be restored to their pre-loss by reinstatement (i.e. repair, rebuilding or replacement) of that property.

If the insured was to be indemnified purely on an indemnity basis, the amount of the indemnity would be the cost of reinstatement less an allowance for betterment. Here, betterment is the amount by which the reinstated property (containing new and/or improved materials) is more useful or valuable than the pre-loss property. As Campbell and Stewart explain:

“A deduction for betterment is a necessary corollary of the indemnity principle: the deduction ensures that an insured is not put in a better position, post-indemnity, than he or she was in prior to the loss.”[1]

Replacement cost insurance

Contrary to the indemnity principle, under “replacement cost” insurance:

the insured is indemnified on a “new-for-old” basis;
there is no deduction for betterment; and
the parties effectively “contract out” of the indemnity principle.

The Australian Industrial Special Risk (ISR) insurance policy is an example of “replacement cost” insurance, and many Property insurance policies operate on this basis. For buildings, machinery, plant and other property and contents, the “Reinstatement or Replacement” memorandum in the Mk.IV ISR provides that “[T]he basis upon which the amount payable is to be calculated shall be the cost of reinstatement of the damaged property insured at the time of its reinstatement, subject to the following Provisions…”

Conditions applying to replacement cost insurance

In the Mk.IV ISR’s “Reinstatement or Replacement” memorandum, the following conditions (among others) apply to its replacement cost indemnity:

the reinstated property is not to be better or more extensive that the condition of the original property when it was new. This condition (and condition 4), below) seek to counter the moral hazard that arises in replacement cost insurance;
reinstatement must be commenced and carried out with reasonable despatch. This condition seeks to contain reinstatement costs which could reasonably be expected to increase if reinstatement is not effected promptly. If property were not reinstated promptly, it would increase insurance premiums for insureds generally. Beyond this, reasonable despatch provides contract certainty since, without it, the insured’s responsibilities for effecting reinstatement are unclear (i.e. when is reinstatement to occur?);
co-insurance (also known as average or underinsurance). This condition is vital to ensure that insureds accurately declare reinstatement costs and the premium can be calculated accordingly; and
no payment beyond indemnity value is payable until the cost of reinstatement has been incurred. In the ISR, the however, this condition is tempered by the “Progress Payments” condition.

These conditions are fundamental to replacement cost insurance, and the rest of this article will focus on reasonable despatch.

Reasonable despatch in the Mk.IV ISR

In the Mk.IV ISR, the reasonable despatch requirement in the “Reinstatement or Replacement” memorandum is as follows:

“The work of rebuilding, replacing, repairing or restoring as the case may be (which may be carried out upon any other site(s) and in any manner suitable to the requirements of the Insured, but subject to the liability of the Insurer(s) not being thereby increased), must be commenced and carried out with reasonable dispatch, failing which the Insurer(s) shall not be liable to make any payment greater than the indemnity value of the damaged property at the time of the happening of the damage.”

Reasonable despatch in Australia: CIC Insurance and Brescia

In Australia, the “reasonable despatch” requirement has come under scrutiny as a result of the judgments in CIC Insurance Ltd v Bankstown Football Club (1997) CLR 384 and Brescia Furniture Pty Ltd v QBE Insurance (Australia) Limited & anor [2007] NSWSC 598.

In CIC Insurance Ltd,

six months after the insured lodged its claim, the insurer declined the claim, alleging that it was a fraudulent claim, and cancelled the policy;
the insured’s financial position was such that it could not reinstate and replace property unless it was indemnified under the policy;
a majority of the High Court held that the failure of the insured to commence reinstatement with reasonable despatch meant that the insurer was only liable to pay the indemnity value of the property;
the majority held that reasonable despatch should be measured without consideration of the insurer’s wrongful declinature (at 403).
the majority indicated that the insured’s position would have been better had it accepted the insurer’s repudiation and sought damages for breach of contract. If the insured proved that rebuilding would have occurred had the insurer admitted liability, damages would be calculated on the basis of the cost of reinstatement.

Gaudron J dissented, stating that:

“It is not reasonable, in my view, to require an insured person to commence and carry out rebuilding and repairs in circumstances where the insurer is wrongfully denying liability under a policy of insurance of the kind involved in this case” (at 412).

In Brescia Furniture Pty Ltd v QBE Insurance, the facts were similar, i.e. the insurer declined the claim and the insured could not reinstate and replace property unless it was indemnified under the policy. Hammerschlag J considered that he was bound by the decision in CIC Insurance, such that Brescia was only entitled to indemnity value, and not the cost of reinstatement. Per Hammerschlag J (at 464):

“An outcome in accordance with the reasoning of Gaudron J is in my view a fair and reasonable one but I am bound to follow the majority view. But for that, I would have followed the approach of Gaudron J.”

Campbell and Stewart concur with Gaudron J and Hammerschlag J[2]:

“Where an insurer under a replacement cost policy wrongfully declines a claim, few would disagree that it is unfair of an insurer to argue that its liability under the policy should be limited because of the insured’s non-fulfilment of conditions. This would be to allow the insurer to take advantage of its own wrong.”

Furthermore, other jurisdictions support the views of Gaudron J, Hammerschlag J, and Campbell and Stewart:

In an obiter passage in City Realties (Holdings) Ltd v National Insurance Co of New Zealand Ltd (1986) 4 ANZ Insurance Cases 60-695, 74, at 140, the insurer’s wrongful declinature was regarded as relevant to reasonable despatch; and
In British Columbia, it has long been held that for so long as the insurer wrongfully declines the claim, it is not reasonable to expect the insured to rebuild. See, for example, see Omega Inn Ltd v Continental Insurance Co (1987) 37 DLR (4^th) 573, at 574.

Reasonable despatch and Unfair Contract Terms (UCT) laws

As explained, reasonable despatch is a fundamental condition for replacement cost insurance. However, the decision in CIC Insurance (in 1997) should have been a wake-up call for the insurance industry to ensure that the reasonable despatch requirement operates fairly. And the decision in Brescia Furniture (in 2007) should have been a reminder. Yet it seems that the vast majority of ISR policies were not amended in light of these decisions.

However, Unfair Contract Terms (UCT) laws came into effect in Australia on 5 April 2021, applying to standard form contracts, consumer contracts and small business contracts. As a result, many Property insurance policies (including ISR policies) have been amended to qualify the reasonable despatch requirement so that it would not apply where a delay was due to circumstances beyond the insured’s control – this would appear to include an insurer’s declinature. But not all Property insurance policies have made this transition and, for those that haven’t, reasonable despatch may be an elusive concept. I hope that this article provides some guidance.

[1] Campbell, N., and Stewart B., Prevention of Performance in Replacement Cost Insurance – Preventing a Fictional Response, Otago Law Review (2002) 5 229, at 231.

[2] Campbell, N., and Stewart B., Prevention of Performance in Replacement Cost Insurance – Preventing a Fictional Response, Otago Law Review (2002) 5 229, at 249.

LMA5410: Cyber Loss Limited Exclusion Clause (Property Treaty Reinsurance) No.1

January 31, 2026 by Stephen Tomlinson

Background to LMA5410

Published on 6^th March 2020 by the Lloyd’s Market Association (LMA), LMA5410 is a Cyber Exclusion Clause intended for use on Property treaty reinsurance.

LMA5410 Exclusions: Computer Systems and Data

Generally, the LMA5410 clause excludes loss in connection with:

“any loss of, alteration of, or damage to or a reduction in the functionality, availability or operation of a Computer System”; or
“any loss of use, reduction in functionality, repair, replacement, restoration or reproduction of any Data, including any amount pertaining to the value of such Data”.

The Computer System exclusion (i.e. 1., above) can operate as both a peril and property exclusion, i.e. it excludes loss in connection with the circumstances described, and excludes damage to a “Computer System”.

The primary intent of the Data exclusion (i.e. 2., above) appears to be to act as a property exclusion on Data, i.e. exclude damage to Data. Nonetheless, it could also act as a peril exclusion by excluding other losses in connection with the circumstances described. Unlike LMA5400 endorsement, the Data exclusion in LMA5410 is absolute in that is has no exceptions.

Exception to the Computer System Exclusion

The Computer System exclusion has an exception whereby cover is provided for:

“physical damage to property insured under the original policies and any Time Element Loss directly resulting therefrom where such physical damage is directly occasioned by any of the following perils:

fire, lightning, explosion, aircraft or vehicle impact, falling objects, windstorm, hail, tornado, cyclone, hurricane, earthquake, volcano, tsunami, flood, freeze or weight of snow.”

Interpretation of the words “directly occasioned by” could depend on the circumstances, but may require a listed peril to be a proximate cause of the damage for the exception to apply. However, a listed peril could be the proximate cause of the physical damage regardless of whether it occurred before OR after the circumstances described in the Computer System exclusion (i.e. “loss of, alteration of, or damage to or a reduction in the functionality, availability or operation of a Computer System”). Though it is difficult to see how the circumstances described in the Computer System exclusion could cause natural perils like windstorm, tornado, cyclone, hurricane, earthquake, volcano, tsunami, flood, freeze or weight of snow.

Operation of the exception when the Data exclusion also applies?

The exception to the Computer System exclusion, however, may not operate if the circumstances causing the loss also enliven the Data exclusion, which does not have an exception. While the internet may not need further explanation of the Wayne Tank judgment (perhaps see Spark Helmore’s “Storms, floods and exclusions: a refresher on the application of Wayne Tank principles”), it could be summarised as follows: if a loss arises from two perils – one of which is excluded and the other is not – and it is not possible to apportion the loss between the perils, then the exclusion prevails and the insured will not be indemnified. Predicting how a court may view the Computer System exception when the Data exclusion is enlivened may be a fool’s errand.

What about malicious cyber events?

An unusual aspect of LMA5410 is that is does not distinguish between malicious and non-malicious cyber events (c.f. with the absolute exclusions on “Cyber Acts” in LMA5400 and LMA5401, i.e. “an authorised malicious or criminal act or series of related unauthorised, malicious or criminal acts, regardless of time and place, or the threat or hoax thereof involving access to, processing of, use of or operation of any Computer System”). This invites the following questions:

do reinsurers really have an appetite to cover malicious cyber acts under Property reinsurance treaties?
Are malicious cyber activities considered an insurable risk? Should they be?

Given the nature of malicious cyber activities (including nation-state involvement or support), there is potential overlap with a policy’s “War” and “Terrorism” exclusions. But since 2019, the UK’s Prudential Regulation Authority (PRA) and Lloyd’s have been aligned in seeking to eliminate “silent cyber” coverage and clarifying policy positions. But when it comes to malicious cyber events (or “Cyber Acts” to use the terms of LMA5400 and LMA5410), it seems strange that LMA5410 is silent.

LMA5595 and LMA5596 PFAS Exclusions for Liability policies

June 16, 2023 by Stephen Tomlinson

LMA PFAS Exclusions

Lloyd’s Market Association Bulletin LMA22-024-CM was issued in August 2022 and included two PFAS exclusions – LMA5595 and LMA5596 – for liability insurance and liability reinsurance policies. This article considers the background to these PFAS exclusions before analysing the exclusions themselves.

Background to PFAS Exclusions

PFASs Definition

According to the OECD, PFASs are fluorinated substances that contain at least one fully fluorinated methyl or methylene carbon atom (without any H/Cl/Br/I atom attached to it), i.e. with a few noted exceptions, any chemical with at least a perfluorinated methyl group (–CF₃) or a perfluorinated methylene group (–CF₂–) is a PFAS. PFASs include perfluorosulfonic acids, such as perfluorooctanesulfonic acid (PFOS), and perfluorocarboxylic acids like perfluorooctanoic acid (PFOA).

PFAS Use

PFASs are surfactants, i.e. reduce the surface tension between a liquid and another liquid or solid, making them effective in resisting fire and repelling water, oil, and grease. PFASs are found in materials such as firefighting foam, nonstick cooking pots and pans, paints, coatings for cables and wires, lubricants, food packaging, and textiles. Furthermore, PFASs are water soluble and appear to move through soil. PFASs are commonly described as persistent organic pollutants or “forever chemicals” because they remain in the environment for long periods of time.

PFAS Health Effects

Increasing PFAS litigation – see below – has been driven by growing evidence that PFASs are harmful to the environment and health. A 2022 National Academies of Sciences, Engineering, and Medicine report noted that:

PFAS exposure was linked to increased risk of dyslipidemia (abnormally high cholesterol), sub-optimal antibody response, reduced infant and foetal growth, and higher rates of kidney cancer; and
drinking water is contaminated with PFASs in thousands of communities across the United States.

Increasing PFAS Litigation

The LMA5595 and LMA5596 PFAS exclusions are a response to increasing private tort lawsuits and government enforcement of environmental laws and regulations. In the USA, for example, more than 6,400 PFAS-related lawsuits have been filed in its federal court since 2005; of these, more than 1,000 were filed in 2021 concerning firefighting foam. Initially, the defendants in such litigation tended to be primary producers of PFAS such as chemical companies and manufacturers of fire-suppressant foams. More recent litigation, however, recent litigation has targeted secondary manufacturers, textile manufacturers, cosmetics manufacturers, fashion and fast food companies.

There has been speculation that this increasing litigation could expose insurers to unanticipated claims, akin to asbestos claims (see, for example, ‘PFAS: The Next Asbestos‘?). Two examples of significant PFAS litigation are described below.

DuPont class action and settlement (West Virigina)

In February 2017, DuPont and its spin-off Chemours paid USD $671 million to settle lawsuits for 3,550 personal injury claims related to PFOA release from their Parkersburg plant into the drinking water. The settlement came after a court-created independent scientific panel, the C8 Science Panel, found a ‘probable link‘ between PFOA (also known as C-8) exposure and six illnesses: kidney and testicular cancer, ulcerative colitis, thyroid disease, pregnancy-induced hypertension and high cholesterol.

3M settlement with Minnesota

In February 2018, 3M settled a lawsuit brought by the state of Minnesota for USD $850 million; Minnesota had sought judgment for USD $5 billion. The lawsuit alleged that:

3M dumped chemicals at sites near Minneapolis for more than 40 years, enabling them to get into wildlife and drinking water; and
3M knew the chemicals were harmful but concealed the effects from regulators and distorted science on them.

Analysis of the LMA5595 and LMA5956 PFAS Exclusions

Are LMA5595 and LMA5596 necessary?

As noted above, LMA5595 and LMA5596 PFAS exclusions have been developed for liability insurance and liability reinsurance policies. Whether the LMA5595 or LMA5596 are necessary will depend upon the pollution exclusion in the policy. If applied in reinsurance contracts, however, then insurers may then apply them to policies they issue to avoid reinsurance gaps.

For Liability policies written on an occurrence basis, the LMA5595 and LMA5596 PFAS exclusions would only serve to exclude liability in future policies. For past occurrences, the Liability policies in force at that time will have to respond to the claim, subject to the pollution exclusions.

In the USA, it is understood that most insurers inserted ‘absolute’ or ‘total’ pollution exclusions after 1985. According to Pillsbury, however, ‘[i]n nearly half the states, policies containing this form of pollution exclusion have been held to be ambiguous and to provide coverage for pollution that was not expected or intended.’

LMA5595 and LMA5596: broad exclusions on PFAS liability

Broadly, paragraph 1 of the LMA5595 and LMA5596 endorsements exclude claims in connection with any PFAS – please refer to the endorsements for the exact wording. The LMA5595 and LMA5596 also contain anti-concurrent terms (see ‘regardless of any other cause contributing concurrently or in any sequence’). Paragraph 2 then acts as a clarification that the exclusion applies to costs to clean-up, monitor or assess the effect of any PFAS.

Difference: LMA5596 reverses the burden of proof

The difference between LMA5595 and LMA5596 is that LMA5596 has an additional paragraph which reverses the onus of proof (‘If UNDERWRITERS allege that this Exclusion applies to any claim under this POLICY the burden of proving the contrary shall be upon the INSURED’). Here, it may be appropriate to consider:

what would be required for the ‘underwriters’ to allege that the exclusion applies?
if there is more than one insurer for the policy, how would this clause operate?
what justifies reversing the onus of proof? Parties to an insurance contract may specify who bears the onus of proving a particular fact, even if this involves reversing the onus of proof: see Levy v Assicurazione Generali [1940] AC 791. However, reversing the onus of proof is contrary to the interests of insureds and conflicts with the traditional position whereby the insurer must prove that an exclusion applies. Given the resources and expertise of insurance companies, it is difficult to see how reversing the burden of proof could lead to more equitable outcomes.

LMA5595 and LMA5596 definition of ‘PFAS’

In their final paragraphs, LMA5595 and LMA5596 define ‘PFAS’ as ‘any organic molecule, salt, free radical or ion, the composition of which includes at least one:

a. perfluorinated methyl group (-CF₃); or

b. perfluorinated methylene group (-CF₂-).’

This definition differs from that use by the OECD (see ‘PFASs Definition‘, above) due to its use of ‘organic molecule, salt, free radical or ion’. While the difference may not be material, the source of the LMA definition is not known (to this author) and it is unclear why the LMA would not use the more common OECD definition.

LMA5468A, LMA5469A and LMA5470A: Amended Cyber and Data endorsements for Liability policies

June 13, 2023 by Stephen Tomlinson

Background

While LMA5469A was issued in October 2022, LMA5468A and LMA5470A were issued on 15 March 2023 (beware the Ides of March!). Since LMA5468A, LMA5469A and LMA5470A are similar to their LMA5468, LMA5469 and LMA5470 predecessors, I recommend reading the analysis of those endorsements separately since I have chosen not to reproduce it here.

In LMA Bulletin LMA22-034-SD, the LMA stated that the changes to LMA5469 made for LMA5469A were ‘to clarify that the limited write-back of cover to the exclusion is subject to all the terms, conditions and exclusions of the policy (and any attached endorsements)’. This statement, however, does not tell the full story since the changes amount to more than a ‘clarification’.

Changing how LMA5468A, LMA5469A and LMA5470A operate

For each of LMA5468A, LMA5469A and LMA5470A, the primacy clauses of their predecessors have been deleted:

‘This endorsement supersedes any other wording in the Policy or any endorsement thereto having a bearing on a Cyber Act, Cyber Incident or Data, and, if in conflict with such wording, replaces it’.

This change should be considered in conjunction with the change to the preamble for the exceptions in paragraph 2:

‘Subject to all the terms, conditions and exclusions contained in this Policy or any endorsement thereto…’

Taken together, these changes are significant because they mean that other exclusions in the policy or attached to the policy – including those relating to cyber or data risks – could operate alongside those of LMA5468A, LMA5469A or LMA5470A. And if any exclusion in the policy applies to an insured’s claim, the claim is excluded. As such, these changes increase the likelihood that an insured’s claim will be excluded.

Rather than ‘clarifying’ how the LMA5468A, LMA5469A or LMA5470A apply, it would be more accurate to say that the exceptions to the exclusions in the amended versions operate differently because they are also subject to the underlying policy’s other exclusions.

Other changes

Other changes introduced in LMA5468A, LMA5469A or LMA5470A are as follows:

For LMA5469A and LMA5470A, the exceptions to the exclusions now appear in paragraph 2 (i.e. immediately after the exclusions of paragraph 1); and,
The definition paragraphs are not numbered. As a result, the definition of ‘Cyber Incident’ has sub-clauses (a) and (b), which is inconsistent with the other sub-clauses of the wording which are numbered 1.1, 1.2, 2.1 and 2.2.

Summary of LMA5468A, LMA5469A and LMA5470A

Exclusion	LMA5468A	LMA5469A	LMA5470A
Cyber Act: loss or damage in connection with unauthorised, malicious or criminal act involving access to or use of an electronic device	Excluded	Excluded	Excluded
Cyber Incident #1: loss or damage in connection with error or omission involving access to or use of an electronic device	Excluded	Excluded	Excluded
Cyber Incident #2: loss or damage in connection with the unavailability or failure to access or use an electronic device	Excluded	Excluded	Excluded
Any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident	Excluded	Excluded	Excluded
Loss of use or reduction in functionality of Data	Excluded	Excluded	Excluded
Repair, replacement, restoration, reproduction of Data	Excluded	Excluded	Excluded
Loss or theft of Data	Excluded	Excluded	Excluded
Value of Data	Excluded	Excluded	Excluded
Exceptions
If arising out of a Cyber Incident, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property.	No such exception	Excepted	Excepted
If arising out of a Cyber Act, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property.	No such exception	No such exception	Excepted

LMA5468, LMA5469 and LMA5470: Cyber and Data endorsements for Liability policies

June 13, 2023 by Stephen Tomlinson

Background

LMA5468, LMA5469 and LMA5470 are Cyber and Data Exclusion Endorsements for Liability policies that were released by the LMA in November 2020.

At their broadest, LMA5468, LMA5469 and LMA5470 all exclude liability ‘in connection with’:

any Cyber Act;
any Cyber Incident;
any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident;
any loss of use or reduction in functionality of any Data;
any repair, replacement, restoration, reproduction of any Data;
any loss or theft of any Data; or
any amount pertaining to the value of such Data.

Where the exclusions differ, however, is in their exceptions: LMA5468 has none, LMA5469 has an exception for Cyber Incidents, and LMA5470 has exceptions for both Cyber Incidents and Cyber Acts.

Exclusion	LMA5468	LMA5469	LMA5470
Cyber Act: loss or damage in connection with unauthorised, malicious or criminal act involving access to or use of an electronic device	Excluded	Excluded	Excluded
Cyber Incident #1: loss or damage in connection with error or omission involving access to or use of an electronic device	Excluded	Excluded	Excluded
Cyber Incident #2: loss or damage in connection with the unavailability or failure to access or use an electronic device	Excluded	Excluded	Excluded
Any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident	Excluded	Excluded	Excluded
Loss of use or reduction in functionality of Data	Excluded	Excluded	Excluded
Repair, replacement, restoration, reproduction of Data	Excluded	Excluded	Excluded
Loss or theft of Data	Excluded	Excluded	Excluded
Value of Data	Excluded	Excluded	Excluded
Exceptions
If arising out of a Cyber Incident, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property.	No such exception	Excepted	Excepted
If arising out of a Cyber Act, exceptions for: 1) third party bodily injury; and 2) physical damage to or destruction of third party property.	No such exception	No such exception	Excepted

Overview of the definitions

As noted elsewhere on insurance-endorsements.com, the definitions of Cyber Act, Cyber Incident, Computer System and Data are problematic. For example,

Cyber Act means ‘an unauthorised, malicious or criminal act or series of related unauthorised, malicious or criminal acts, regardless of time and place, or the threat or hoax thereof involving access to, processing of, use of or operation of any Computer System.’ In this definition, it is unclear how ‘unauthorised’ should be interpreted. Is it from the perspective of the insured? If an act has not been authorised, does that mean it is unauthorised? If an employee unintentionally exceeds their authority, is that unauthorised? If an authorised employee commits an act that violates a policy, does that make it unauthorised? These questions could have been avoided if the LMA had sought to define a ‘Cyber Act’ in terms of actual cyber threats rather than generalities.
Cyber Incident has two limbs:
1. an error or omission involving access, processing, use or operation of a Computer System. For this limb, it appears that the errors or omissions could be by the insured or a third party. But it is appropriate to consider: where is the cyber risk here? Separately, the second limb of ‘Cyber Incident’ is concerned with the outcome rather than the cause – this makes the Cyber Incident exclusion very broad and means that it could exclude liability in the absence of an actual cyber risk; and
2. any unavailability (whether partial or total) or failure to access, process, use or operate (whether partial or total) any Computer System.
The definition of Computer System includes ‘any electronic device’. While the concept of a computer system has undoubtedly changed over time, not every electronic device is a computer system. In this respect, the LMA’s definition of Computer System over-reaches;
Data means information, facts, concepts, code or any other information of any kind that is recorded or transmitted in a form to be used, accessed, processed, transmitted or stored by a Computer System [emphasis added]. Since physical documents could be scanned, photocopied or faxed, such documents could be ‘Data’. It would be more appropriate if Data were re-defined such that it was limited to electronic data (perhaps even using ‘electronic data’ without definition) and did not extend to physical documents.

Re-thinking the Data exclusions

Paragraph 1.2 of LMA5468, LMA5469 and LMA5470 contains the ‘Data’ exclusions, excluding liability in connection with any:

1.2 loss of use, reduction in functionality, repair, replacement, restoration, reproduction, loss or theft of any Data, including any amount pertaining to the value of such Data;

Paragraph 1.2 is problematic because it puts separate exclusions into a single clause and seems to confuse what could be termed ‘circumstance’ and ‘property’ exclusions. Consider if paragraph 1 of LMA5468, LMA5469 and LMA5470 were amended to the following:

1. Notwithstanding any provision to the contrary within this Policy or any endorsement thereto –

1.1 this Policy does not apply to any loss, damage, liability, claim, fines, penalties, cost or expense of whatsoever nature directly or indirectly caused by, contributed to by, resulting from, arising out of or in connection with:

1.1.1 any Cyber Act or Cyber Incident; or

1.1.2 any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident; or

1.1.3 any loss of use or reduction in functionality of Data,

regardless of any other cause or event contributing concurrently or in any other sequence thereto unless subject to the provisions of paragraph 5 [note: subjectivity only appropriate for LMA5469 and LMA5470];

1.2 this Policy excludes any loss, damage, liability, claim, fines, penalties, cost or expense of whatsoever nature for any:

1.2.1 repair, replacement or restoration of Data; [note: deleted ‘reproduction’]

1.2.2 loss or theft of Data; or

1.2.3 amount pertaining to the value of Data.

The exclusions in paragraphs 1.2.1, 1.2.2 and 1.2.3, above, are concerned with Data as property and not circumstances within a broader chain of causation. Note, also, that the word ‘reproduction’ has been intentionally omitted from sub-clause 1.2.1 – the term ‘reproduction’ is problematic because it could apply to a third party that is distributing the Data and this is inconsistent with the other terms in that sub-clause.

The exceptions of LMA5469 and LMA5470

While LMA5468 does not have any exceptions to its exclusions, LMA5469 and LMA5470 do. Specifically,

LMA5469 has exceptions for ‘ensuing third party bodily injury’ or ‘ensuing physical damage to or destruction of third party property’ arising from a Cyber Incident; while,
LMA5470 has exceptions for ‘ensuing third party bodily injury’ or ‘ensuing physical damage to or destruction of third party property’ arising from a Cyber Incident or Cyber Act.

However, these exceptions may not be effective if the Data exclusions in paragraph 1.2 were enlivened. This is why the ‘Data’ exclusions should be amended, potentially as proposed above.

In determining the scope of the LMA5469 and LMA5470 exceptions, it is important to consider the cover provided by the underlying policy. In Australia, many General Liability (GL) or Public and Product Liability (PPL) policies indemnify the insured for its liability to pay compensation for:

‘injury’, which may include bodily injury, mental injury, invasion of privacy, defamation and discrimination; and
‘property damage’, which may include both a) damage to tangible property (including loss of use therefrom) and b) loss of use of tangible property which arises out of damage to other tangible property.

In comparing the exceptions in LMA5469 and LMA5470 with these definitions, it is apparent that:

‘bodily injury’ in the exceptions of LMA5469 and LMA5470 is narrower than ‘injury’ in many General Liability policies, such that mental injury, invasion of privacy, defamation and discrimination remain excluded; and
‘damage to or destruction of tangible third party property’ in the exceptions of LMA5469 and LMA5470 is narrower than ‘property damage’ in many General Liability policies since there is no allowance for ‘loss of use’ of property.

Other features of LMA5468, LMA5469 and LMA5470

Other features of LMA5468, LMA5469 and LMA5470 are as follows –

Paragraph 2: a ‘reading down’ clause whereby, if any portion is invalid or unenforceable, the remainder shall apply in full force and effect (or, in the words of the endorsement, ‘the remainder shall remain…’);
Paragraph 3: a ‘primacy clause’ whereby the endorsement supersedes or replaces any other clauses in the policy regarding Cyber Acts, Cyber Incidents or Data. Note, however, that this clause is deleted from LMA5468A, LMA5469A and LMA5470A;
Paragraph 4: reverses the onus of proof such that, if the insurer alleges that the endorsement excludes ‘loss sustained by the Insured’, then the insured has the burden of proving otherwise. Here, it is appropriate to consider:
1. what would be required for an insurer to ‘allege’ that the exclusion applies? The endorsement is silent on this; and
2. what justifies reversing the onus of proof? Parties to an insurance contract may specify who bears the onus of proving a particular fact, even if this involves reversing the onus of proof: see Levy v Assicurazione Generali [1940] AC 791. However, reversing the onus of proof is contrary to the interests of insureds and conflicts with the traditional position whereby the insurer must prove that an exclusion applies. Given the resources and expertise of insurance companies, it is difficult to see how reversing the burden of proof could lead to more equitable outcomes.

Separately, it is unusual that paragraph 4 only uses the term ‘loss’ when paragraph 1 uses the terms ‘loss’, ‘damage’, ‘liability’, ‘claim’, ‘fines’, ‘penalties’, ‘cost’ and ‘expense’. While the intention of the clause is almost certainly to exclude all of these, the endorsement itself is not so explicit.

Please note that LMA5468, LMA5469 and LMA5470 have since been replaced by LMA5468A, LMA5469A and LMA5470A. The analysis in this article, however, is relevant to those updated endorsements.

LMA5400 and LMA5401: Cyber and Data endorsements

August 8, 2020 by Stephen Tomlinson

Analysis of LMA5400 and LMA5401

Background

Published on 13 November 2019 by Lloyd’s Market Association (LMA), LMA5400 and LMA5401 are intended for use on property insurance policies arranged either on a direct or facultative reinsurance basis.

It is difficult to concisely summarise the effects of LMA5400 and LMA5401 because they contain six far-reaching exclusions which utilise broad definitions (a ‘Computer System’, for example is ‘any… electronic device’). LMA5400 has a very limited exception to some of its exclusions, though this may not be effective because of the operation of LMA5400’s other exclusions. Rather than excluding cyber risks such as computer viruses, denial-of-service (DOS) attacks or hacking, LMA5400 and LMA5401 are based on the possible results of such risks rather than the causes, and only require ‘connections’ rather than causation for the exclusions to operate. As a result, LMA5400 and LMA5401 may exclude damage and losses that are not caused by cyber risks, and it is unclear whether insurers understand the uncertainty that this creates for themselves and insureds.

Exclusions	LMA5400	LMA5401
Cyber Act: loss or damage in connection with unauthorised, malicious or criminal act involving access to or use of an electronic device	Excluded	Excluded
Cyber Incident #1: loss or damage in connection with error or omission involving access to or use of an electronic device	Excluded	Excluded
Cyber Incident #2: loss or damage in connection with the unavailability or failure to access or use an electronic device	Excluded	Excluded
Loss or damage in connection with loss of use or reduction in functionality of Data	Excluded	Excluded
Replacement or restoration of Data	Excluded	Excluded
Value of Data	Excluded	Excluded
Exceptions and scenarios
Exception for property damage caused by fire or explosion which results from Cyber Incident	Yes, but Cyber Act or Data exclusions may prevail	Excluded
Exception for business interruption caused by fire or explosion which results from Cyber Incident	Excluded	Excluded
Exception for property damage or business interruption if insured peril causes unavailability or failure to use an electronic device	Excluded	Excluded
Basis of Valuation
Basis of Valuation for Data Processing Media	Cost to repair or replace the media, plus costs of copying Data from back-ups or originals	None

The Exclusions: LMA5400 and LMA5401

LMA5400 and LMA5401 contain four separate exclusions on damage and loss in connection with:

any unauthorised, criminal or malicious act involving a Computer System (a ‘Cyber Act’), whether the Computer System is the Insured’s or a third party’s;
an error or omission involving access to, processing of, use of or operation of any Computer System (a ‘Cyber Incident’);
partial or total unavailability or failure to access or use any Computer System (also a ‘Cyber Incident’); and,
the loss of use or reduction in functionality of Data.

Beyond this, LMA5400 and LM5401 also exclude:

the replacement or restoration of Data; and,
the value of Data.

Initial observations: LMA5400 and LMA5401 are far broader than ‘cyber’ endorsements

Although considered further below, LMA5400 and LMA5401 define ‘Computer System’ as ‘any… electronic device… owned or operated by the Insured or any other party’ (see ‘Definition: Computer System’). From this, it is apparent that:

a) Exclusion 1), above, excludes damage and loss in connection with criminal acts – such as criminal damage, theft or vandalism – involving an electronic device;

b) Exclusion 1), above, may exclude damage and loss in connection with a person using an electronic device in an unauthorised manner (i.e. in breach of instructions). Exclusion 2), above, is also relevant in this scenario since it excludes property damage or loss in connection with an error or omission in using an electronic device;

c) Exclusion 1), above, may exclude damage and loss in connection with a person that has not been authorised to use an electronic device doing so, notwithstanding that they may have used the device in an authorised manner;

d) Exclusion 3), above, excludes damage and loss in connection the unavailability of an electronic device. Clause 2 of LMA5400 provides a partial exception to this exclusion (see ‘Perils exception’, below), but this only applies where the unavailability results in a fire or explosion. If there is an insured peril which causes damage to an electronic device, that damage may be excluded by LMA5400 and LMA5401, as may subsequent damage and business interruption;

e) Because the unavailability of a computer system will often involve a loss of use of Data, there is overlap between Exclusions 3) and 4), above. Even if the partial exception for Exclusion 3) and Cyber Incidents applies, effect would be given to the exclusion (see ‘A Cyber Incident and another exclusion applies? Exclusion prevails’); and,

f) Similar to Exclusion 3), Exclusion 4) excludes damage and loss from the loss of use of Data. If there is an insured peril which causes damage to a device containing Data, that damage will be excluded by LMA5400 and LMA5401, as will subsequent damage and business interruption.

These initial observations are not intended to be an exhaustive analysis, but demonstrate how LMA5400 and LMA5401 are far broader than the ‘Cyber’ endorsements which they purport to be.

Attribution language: causation not required for exclusions to apply

Sub-clause 1.2 includes the following attribution language: directly or indirectly caused by, contributed to by, resulting from, arising out of or in connection with. Of these, ‘in connection with’ (as used in the list of exclusions above) is the broadest and most significant because it may not require the excluded circumstance to be a proximate or remote cause of the damage/loss for the exclusion to apply. As per the anti-concurrent causation language (‘regardless of any other cause or event contributing concurrently or in any other sequence thereto’), the exclusions in LMA5400 and LMA5401 can apply even if there are other proximate or remote causes of damage/loss.

LMA5400 Perils exception

Despite the exclusions of clause 1, clause 2 of LMA5400 contains an exception where:

1) a Cyber Incident

results in

2) a fire or explosion

that causes

3) physical loss or damage to property insured.

However, this exception will not apply where the Cyber Incident has a connection with a Cyber Act. Furthermore, while the exclusions exclude ‘loss’ generally, the exception in clause 2 is only for ‘physical loss or physical damage to property insured’ such that business interruption losses remain excluded by clause 1. This appears to be an unfair result for insureds – where the intention of the underlying policy is to pay business interruption loss that results from covered damage to property – since this intention is overridden by the endorsement.

LMA5401 does not contain an equivalent exception to clause 2 in LMA5400.

What if the peril comes first? Exclusion prevails

While clause 2 of LMA5400 provides cover where a Cyber Incident results in a fire or explosion that causes physical loss or damage to property insured, what happens if:

1) a fire or explosion

results in

2) a Cyber Incident, i.e.

a) an error or omission involving access or use of a Computer System, or

b) unavailability (partial or total) or failure to access or use a Computer System,

which causes

c) damage to property and business interruption?

In this case, the property damage and business interruption will be excluded. Again, this outcome may justifiably be considered unfair for the insured where the proximate cause of damage and business interruption is an insured peril. Nonetheless, the words ‘regardless of any other cause or event contributing concurrently or in any other sequence to the thereto’ in clauses are clearly intended to have this effect.

This unfairness may be exacerbated by the realisation that Computer System is defined to include ‘any… electronic device’ (see ‘Definition: Computer System’).

A Cyber Incident and another exclusion applies? Exclusion prevails

Consider a scenario in which:

1) a computer virus infects the insured’s computer systems

causing

2) those Computer Systems to be unavailable (a ‘Cyber Incident’ for which the exception would apply); and

3) Data on those Computer Systems to be deleted or corrupted (as per the exclusion in sub-clause 1.2),

resulting in

4) a fire or explosion

that causes

5) physical loss or damage to property insured.

In this scenario, it can be appreciated that there are two circumstances connected with the loss:

1) the Cyber Incident for which there is cover under clause 2; and,

2) the deletion or corruption of Data, which is excluded under clause 1.2.

As such, the common law principle as articulated in Wayne Tank and Pump Co Ltd v Employers’ Liability Assurance Corpn Ltd [1974] QB 57 (CA) may apply such that effect would be given to the exclusion. Per Cairns LJ in Wayne Tank:

if one cause is within the words of the policy and the other comes with an exception [i.e. exclusion] in the policy, it must be taken that the loss cannot be recovered under the policy. The effect of an exception is to save the insurer from liability for a loss which but for the exception would be covered.

While an outcome that is consistent with a common law principle may be hard to argue against, it should be noted that some policies – such as the Mk.V Modified Industrial Special Risks (ISR) policy – do provide cover where there is a non-excluded proximate cause of damage, notwithstanding that an excluded cause of damage may have preceded or followed it. From the Mark V Modified ISR:

Provided that the Insurer will indemnify the Insured for any Damage to Property Insured caused directly by any circumstances not excluded under Section 1 of this Policy, notwithstanding that these circumstances may in turn have been caused by any of the circumstances referred to in Exclusions 6.2.1 to 6.2.17.

Ultimately, this example of a computer virus should serve to demonstrate just how limited the perils exception in clause 2 of LMA5400 is.

Separately, it may be recalled that NMA2914 and NMA2915 have exceptions for property damage if:

1) loss of or damage to Electronic Data

causes

2) a Fire or Explosion.

LMA5400, however, has no such exception.

Basis of Valuation

LMA5400 provides a basis of valuation (or basis of settlement) for Data Processing Media, which is defined as property on which Data can be stored. Specifically, the basis of settlement for Data Processing Media is:

1) the cost to repair or replace the Data Processing Media; and

2) costs of copying Data from back-ups or from originals.

Like NMA2915 and NMA2914A, LMA5400 excludes costs of research and engineering, and costs to recreate, gather or assemble such Data. As per NMA2914, NMA 2915 and NMA2914A, LMA5400 states that if the media is not repaired, replaced or restored, then the basis of valuation is the cost of blank Data Processing media.

Similar to NMA2914, NMA 2915 and NMA2914A with respect to Electronic Data, LMA5400 states that the policy does not insure the value of Data. While this proposition is readily understandable for Electronic Data, on the basis that intangible assets and intellectual property are not typically covered by property policies, it is problematic for LMA5400 because its definition of ‘Data’ could include physical documents (see ‘Definition: Data’, below).

LMA5401 does not contain a basis of valuation.

Definitions

Definition: Computer System

In LMA5400 and LMA5401, the definition of ‘Computer System’ includes ‘any… electronic device’. It is noted that the ‘electronic device’ does not have to be associated with an actual computer. While the term ‘electronic device’ may lack a precise definition, the term could be applied to electrically powered devices and electronically-controlled devices.

To be clear, the broad definition of ‘Computer System’ in LMA5400 and LMA5401 makes the exclusion far broader than may have been intended. Specifically, Exclusion 3, above, has the effect that LMA5400 and LMA5401 will exclude loss or damage in connection with the unavailability or failure to access/use an electronic device.

It is noted that the definition of ‘Data’ (considered below) includes ‘code’, while the definition of ‘Computer System’ includes ‘software’ which consists of code. Under LMA5400 and LMA5401, the definition of ‘Computer System’ could also include ‘Data’. Consideration of the incongruities of these overlapping definitions, however, is beyond the scope of this analysis.

Definition: Data

The definition of ‘Data’ in LMA5400 and LMA5401 is unusual in that it is defined as ‘information of any kind that is recorded… in a form to be used, accessed, processed, transmitted or stored by a Computer System’. Given the ability of computers to scan and interpret physical documents, the definition of ‘Data’ in LMA5400 and LMA5401 could include physical documents. This may appear to be a perverse outcome, but the definition is not explicitly limited to ‘Electronic Data’ as that term is commonly defined in property policies (and was used in NMA2914, NMA2915 and NMA2914A).

As such, LMA5400 and LMA5401 could exclude damage to physical documents, manuscripts, deeds, specifications, plans, drawings, designs, books and other records.

Definition: Cyber Act

For LMA5400 and LMA5401, Cyber Act means “an unauthorised, malicious or criminal act or series of related unauthorised, malicious or criminal acts, regardless of time and place, or the threat or hoax thereof involving access to, processing of, use of or operation of any Computer System.”

The term ‘unauthorised act’ could be applied to:

1) an otherwise authorised person carrying out an act:

a) for which they have not been authorised (perhaps the act is outside the scope of their duties); or

b) that is contrary to instructions or guidelines (perhaps issued by an employer or manufacturer of a device);

2) an unauthorised person carrying out an act.

There may be emergency scenarios which compel persons to perform acts – involving electronic devices – for which they are not authorised in order to avoid or minimise the risk of injury or property damage. LMA5400 and LMA5401 do not appear to have considered such scenarios.

As noted above, the term ‘malicious or criminal act’ is also problematic because it could be applied to criminal damage, theft or vandalism involving an electronic device. Such acts should not be the subject of a cyber exclusion.

Definition: Cyber Incident

For LMA5400 and LMA5401, ‘Cyber Incident’ means

any error or omission or series of related errors or omissions involving access to, processing of, use of or operation of any Computer System; or
any partial or total unavailability or failure or series of related partial or total unavailability or failures to access, process, use or operate any Computer System.

The definition of ‘Cyber Incident’ demonstrates why LMA5400 and LMA5401 can have such broad application: they contemplate the results of cyber risks rather than cyber risks themselves. In its second limb, a ‘Cyber Incident’ is the unavailability or failure to use an electronic device. It should be apparent that there are many insured, non-cyber perils that could cause this, yet LMA5400 and LMA5401 make no such distinctions.