We're sorry but your browser is not supported by Marsh.com

For the best experience, please upgrade to a supported browser:



D&O Liability: A Risk Worth Covering for Senior Corporate Officers


The duties, obligations, and personal liability of the independent directors as gate keepers of the companies have been rising significantly under the new Companies Act. This has also aggravated further with the heightened activities of the banks pursuing resolution of non-performing assets (NPAs) under the new Insolvency and Bankruptcy Code, 2016 or public spat amongst high profile directors.

In the present circumstances, many independent directors are finding their jobs extremely onerous under heightened regulatory scrutiny and increased liability. Adequate protection under a proper D&O policy will help them perform their duties effectively.

Considering these, the recent directive by the Securities and Exchange Board of India (SEBI) mandating D&O policy for independent directors for Top 500 listed companies is an important step in this direction.

“With effect from October 1, 2018, the top 500 listed entities by market capitalization calculated as on March 31 of the preceding financial year, shall undertake Directors and Officers insurance (‘D and O insurance’) for all their independent directors of such quantum and for such risks as may be determined by its board of directors,” the SEBI directive said.

Origin and Issue

D&O Insurance has been in India for over 15 years and is now prevalent amongst most listed firms and some of the mid-sized firms, baked by private investors.  But comprehensive coverage and adequacy of limits remains an issue for the Indian market. Most of the cases, such covers are bought from a procurement approach rather than risk-based approach in assessing the exposure for the management. 

It must be noted that SEBI has insisted only on the purchase of a D&O Policy and it has left it to the board to decide on the quantum of coverage and limits purchased. 

If corporates are not buying adequate limits then independent directors will remain exposed to such risks and may need to buy additional individual D&O polices which are not prohibited by the regulator in India. Internationally, many companies do provide for separate dedicated limits for Independent directors via Side A policies. This is to ensure the company doesn’t utilise all the limits when an event takes place, leaving nothing to protect directors and officers.

What is D&O Policy

D&O liability insurance helps corporate directors and officers to discharge their duties with confidence and protects in the event of any personal litigation – often in addition to the company being sued – by investors, employees, regulators, or competitors, among other parties.

Such an insurance policy covers any liability arising out of breach of duty, mis-statements, errors and omissions, civil fines, and penalties. Any kind of criminal act (if proven) and criminal fines and penalties are excluded under the policy as the purpose of this policy is not to encourage wrongful behaviour.


Any liability arising out of:

  • Breach of duty
  • Mis-statements
  • Errors and omissions
  • Civil fines and penalties


  • Criminal fines and penalties

Present Context

In the last few months, we have already seen the banking sector demanding higher limits while purchasing or renewing their D&O policies. At Marsh we have seen Indian banks, including public sector lenders, looking to raise the limits under their existing D&O insurance policy by up to 50% since early 2018.

This higher demand can be attributed mainly to the recent challenges faced by the Indian banking sector, which has led banks to re-think on their D&O purchased limits and coverage. Secondly, the recent SEBI directive has also been a factor behind higher demand for such covers.

For the corporate sector, we have already seen demand for such polices rising by around 15-20% over last year, and we expect the growth to continue given the regulator’s insistence to buy such covers.

According to Marsh India’s internal estimates, in many cases, the limits purchased by banks and corporates were inadequate. In light of recent regulations, they would be used up quickly just to defend allegations made, thereby effectively leaving nothing for civil damages awarded.

  • The size of Insurance coverage and policy limits in the Indian banking sector varies significantly between the private sector and public sector in general. 
  • The private sector banks, especially those that are listed overseas, tend to buy sizeable limits compared to public sector banks.
  • Some of the public sector banks have coverage less than INR 10 crores.
  • The covers taken by Indian banks are below median levels compared to their global peers and even other Asian countries, who tend to buy 2-3 times higher limits.

15-20% increase in uptake due to recent SEBI directive and incidents of bank issues

  • PSU banks also opting for higher limits
  • Banks see a 50-100% rise in limits in 2018-19

Cannot Be Ignored Anymore

Sanjay Kedia, Country Head and CEO of Marsh India, advises, “The risk of exposure to  civil wrongdoing, fraud and class action lawsuits or global regulations like FCPA and UK Bribery Act or whistle-blower situations or simply financial misstatements, make it imperative for Indian companies to buy D&O covers in line with what their peers buy internationally. The experience of a banking sector is an early warning for other sectors to tighten their internal controls and review their management’s exposure before they are in the middle of the storm.”

It is very common for clients to buy a D&O policy through a professional broker as this is a highly specialised field where brokers have worked out bespoke solutions for clients along with cost, coverage, and limits optimization.

D&O insurance is set for significant changes with covers for newer risks. Companies need to understand the need for adequate and comprehensive coverage, and act accordingly. 

Once a director retires, the D&O policy doesn’t offer life time coverage which leaves them high and dry without any recourse to corporate resources. So there is a need to insure such risks

In India, the size of domestic D&O coverage varies significantly from one firm to another.  Outside of listed entities, we find many corporates don’t have meaningful limits and comprehensive coverage. There is a clear need to apprise board and independent directors whilst  evaluating D&O exposure backed by risk based analytics and benchmarking of near peers.


  • Inadequate coverage
  • Lower limits
  • Lack comprehensive coverage outside listed entities
  • Procurement based approach followed while accessing D&O exposure
  • Risk based analytics not considered while assessing D&O exposure
  • No coverage for retired directors.

D&O and Cyber

Cyber claims come in many different guises. In addition to ensuring adequate cyber cover is in place, directors may also look to their D&O  insurance programme to respond to any investigation or claim against them  ersonally in the event of a cyber event.

A typical D&O policy covers individual directors for all acts, errors and omissions arising from their conduct as directors, which could include matters relating to a cyber incident.

Companies should consider whether there is cover under the D&O policy in the following areas:

  • Investigation costs – regulatory investigations arising out of a cyber incident, and at full policy limits.
  • Insured individuals – all persons who are involved in significant cyber-related decisions and implementation on behalf of the company.
  • Investigation of cyber circumstances – costs incurred investigating any circumstance resulting from a cyber event where litigation is anticipated.
  • Allocation – clear demarcation between the entity and the individual. As the D&O policy is for the benefit of the individuals, consider how joint costs will be allocated between the cyber and D&O policies. The loss attributable to the directors should be allocated appropriately.
  • Shareholder actions – shareholder actions against the company which arise as a result of a cyber-related incident (e.g. following a stock drop). 
  • Reputational damage costs for directors – costs of mitigating any reputational injury resulting from a cyber incident.