Private to public: A changing risk profile

The journey from a private to public company is one of increased challenges, with multiple risks and evolving coverage needs to consider. Let us help you explore what’s possible.

You’ve gone public, now what?

Pursuing an IPO is a great way for growing companies to access additional capital. But while going public can be an exciting milestone for a company, it brings a new set of risks that could affect the business as well as its directors and officers.

From the threat of securities class actions and derivative lawsuits to increased regulatory enforcement activity, companies that go public face a broad set of risks. Without sufficient insurance coverage, the personal assets of directors and officers could be in jeopardy.

When starting their journey as a public company, organizations need to consider multiple challenges and identify the most effective and customized risk mitigation and transfer strategy to help them continue to grow and protect both the company assets and those of their directors and officers.

A changing risk profile

The journey from a private to a public company is one of increased challenges, with multiple risks to consider. These risks will evolve and intensify after the IPO is completed and the company enters its first year trading, and draws increased scrutiny from the public, shareholders, and regulators.

Public companies will be subject to federal securities laws — the Securities Act of 1933, the Exchange Act of 1934, Sarbanes-Oxley Act of 2002, and the Dodd-Frank Wall Street Reform and Consumer Protection Act, among others — intended to improve public trust and strengthen corporate governance.

Private companies face some degree of oversight from the Securities and Exchange Commission (SEC) even prior to a public listing. However, as soon as a company starts on the path towards an IPO, any documents and discussions — including registration statements, prospectuses, and roadshow presentations — that are shared with potential investors will come under increased scrutiny, and any misleading statements could result in post-IPO securities claims. Marsh research shows that these claims are often made within three years of an IPO and may include:

  • Class-action suits by shareholders alleging misstatements or omissions during the IPO process. These claims do not require plaintiffs to show an intent to defraud investors.
  • Allegations of intentional misstatements or omissions made in financial reports, such as 10-K, 10-Q, and 8-K filings, leading to securities fraud lawsuits, as well as regulatory enforcement actions by the SEC and the Department of Justice.
  • Shareholder derivative suits against individual directors and officers, typically alleging violations of fiduciary duties or other wrongdoing. Our analysis of publicly available data shows that these derivative actions — which may be triggered by a high-profile event, such as a cyberattack or sexual harassment allegation — have grown in frequency and becoming costlier in recent years. 

Increased scrutiny on internal management

Public companies face increased scrutiny by shareholders, regulators, and other stakeholders on a wide range of management issues. Private companies seeking a public listing are often in the early stages of their overall journey and may have focused less attention and resources on issues beyond financial performance. This will change in the post-IPO environment.

For example, the 2021 Excellence in Risk Management survey found that public companies have made significantly more progress when it comes to diversity, equity, and inclusion (DE&I) initiatives than their private counterparts. As they finalize the IPO process, new public companies can expect to come under a brighter spotlight. They must be prepared to respond to the scrutiny by ensuring that proper DE&I structures are embedded within their culture.

Similarly, environmental issues — including sustainability efforts, carbon footprint, and supply chain matters — may be questioned and challenged not just by activist shareholders and regulators, but by consumers and other stakeholders.

Companies also need to consider other risks, such as data security and privacy, and determine whether an incident, such as a cyber breach, should be disclosed. Shareholders and regulators may inquire about a company’s mitigation strategy for such events, for example, the cyber safety measures shared with employees and relevant contingency plans.

Shareholders also are focused on ensuring that board members have the right expertise for a particular industry and are kept aware of mission critical risks that could impact the organization. Cyber risk has become such a significant topic for boards that directors and officers (D&O) liability insurance underwriters inquire about these matters and may even seek to confirm that cyber insurance is in place.

Evolving coverage needs

As organizations’ risks evolve, so do their insurance needs. Before the first insurance renewal as a public company, it is important to review existing policies with your insurance broker and determine whether sufficient coverage is in place, or if other changes are needed based on your evolving risk profile.

For example, depending on a company’s post-IPO market capitalization growth, additional policy limits may be warranted to protect against the potential impact of litigation. And, as companies expand their operations internationally, a program including foreign policies should be considered to protect the full reach of the organization. Further, depending on a company’s operations, there are a range of coverage extensions and enhancements to consider to match D&O coverage to a company’s risk profile.

The first public company renewal can be particularly complex as companies must explain to underwriters their growth, progress as a public company, and any changing circumstances. This may also be the time when companies decide to purchase additional coverage to address new risks, including other management liability lines such as employment practices liability, fiduciary liability, and cyber or crime policies.

A qualified insurance broker can help you understand whether your existing coverage portfolio is suitable for new risks and engage in customized coverage wording negotiations with underwriters.

Being prepared for your underwriting meeting is crucial and can materially impact the final program that is put in place. It is important to start preparations early and to be ready to answer underwriters’ questions, including any related to existing claims.

Especially in the first few years as a publicly traded company, regular communications with underwriters may be critical. Off-cycle underwriting meetings not only assist with relationship-building, but can help keep underwriters informed of changes in a company’s risk profile. Ongoing engagement with the insurance community, outside of the renewal process, can further differentiate companies from their peers and potentially lead to more favorable outcomes from a coverage and pricing standpoint.

Further, companies that are engaging in transactions, expanding operations, or offering new products may require changes to their insurance program. These should be addressed immediately rather than waiting until a renewal, making off-cycle discussions with insurers critical.

Protecting your people

Attracting leadership talent in the C-Suite and board-level is crucial for a public company. As companies settle into their publicly traded position, their insurance programs should provide the right protection and comfort level to prospective and current executives. This allows individuals to discharge their duties effectively, with confidence that their personal assets are not threatened.

While a traditional D&O policy with a shared limit of liability may protect both the company and its directors and officers, the limits could be exhausted from a single large claim. Most businesses opt for dedicated Side-A coverage with separate limits for individual directors and officers, specifically to address the critical issue of protecting individuals’ personal assets. Side-A coverage has dedicated limits that cannot be depleted by claims against the company. And, there is no retention applicable if Side-A coverage is triggered, which prevents an insured individual from paying out of pocket if a company cannot — or will not — indemnify them against a covered loss.

To support coverage decisions on limits and structure, companies should consider a wide range of data analytics, including benchmarking of peer company limits and purchasing decisions, detailed claims trends, and a customized analysis of potential exposure to all forms of securities litigation. These analytics are indispensable when building the most suitable program with the appropriate limits for your risks.

Finally, in light of the recent Delaware law allowing captives to provide Side A D&O insurance, companies should explore whether alternative risk funding approaches may make sense either now or in the future.

You’ve gone public, now what?

The journey from a private to public company is one of increased challenges, with multiple risks and evolving coverage needs to consider. Let us help you explore what’s possible. 

Related insights