EPIC Risk Advisory Bulletin

Volume 1, Issue 26

In this issue, we take a focused look at:

  1. Supply Chain and Business Risks
    • TSA Extends HME STA Exemption Through End of Year
    • Cargo Theft Spikes Continue
    • FMCSA Outlines Plan for Service Relief, New Pilot Programs
  2. Insurance Products and Coverage Information
    • Renewed Effort to Secure Pandemic Insurance for Entertainment Industry
    • Surprising Effect of the Pandemic on Live Events
    • How the Pandemic is Impacting M&A Activity
    • Cybercrime Puts Hospitals in the Crosshairs
    • Presumptive Compensability Update
    • News of Note
  3. Human Resources and Employee Benefits
    • OSHA Levies More Than $1.6 Million in Fines
    • CDC Releases Guidelines for Celebrating Thanksgiving Safely
    • Updated Assistance on Monitoring States’ Pandemic Guidance
    • Insights from Across the Firm

The information presented here is intended to provide a high level overview of critical areas of concern for businesses around coronavirus. Consult your EPIC insurance broker for more in-depth guidance.

Supply Chain & Business Risks

TSA Extends HME STA Exemption Through End of Year

The Transportation Security Administration (TSA) is extending the exemption from Renewal of the Hazardous Materials Endorsement Security Threat Assessment for Certain Individuals through December 31, 2020. Originally published on July 31, it had been set to expire on October 30.

This notice pertains to motor carriers transporting hazardous materials requiring placarding, the operation of which requires a commercial driver’s license (CDL) with a Hazardous Material Endorsement (HME).

Under this exemption, states may extend the expiration date of HMEs that expire on or after March 1, 2020, for 180 days, due to restrictions and business closures in place in response to the coronavirus pandemic.

If a state grants an extension, the individual with an expired HME must initiate the process of renewing his or her security threat assessment (STA) for the HME no later than 60 days before the end of the state-granted extension.

Federal partners, state licensing agencies and related associations have reported ongoing difficulties in executing timely renewals of expiring HMEs and asked the TSA to consider extending the exemption until the end of the year. The agency determined that it is in the public interest to extend the exemption and has done so, in alignment with similar waivers issued by the U.S. Department of Transportation.

The TSA may elect to extend this exemption at a future date, depending on the status of the coronavirus crisis.

View the official notice 

Additional information about enrollment services for the Transportation Worker Identification Credential (TWIC)

For any questions, contact an EPIC broker.

Cargo Theft Spikes Continue

Cargo theft continues to rise around the world, both fueled and made more complex by the ongoing pandemic. According to a new report, the pandemic has created complex and varied responses from governments and businesses and caused havoc on supply chain continuity. In the third quarter, CargoNet recorded 365 supply chain risk events in the U.S. and Canada. There were 223 cargo theft events, an increase of 23% from the third quarter of 2019.

SCREEN insights revealed the following trends during the third quarter of the year:

  • There was a global increase of cargo theft of pharmaceuticals and medical supplies, which was particularly sharp in Mexico
  • Warehouse and facility theft peaked, particularly in Europe
  • Climate change and natural disasters created increased transportation disruptions
  • Food and beverage products were the most stolen commodities in Asia
  • Lockdowns in India prompted an uptick in cargo theft
  • Rail freight theft in Mexico posed a significant threat to its supply chains

A further increase in cargo theft is expected during the fourth quarter, when peak shipping season arrives.

FMCSA Outlines Plan for Service Relief, Under 21 Pilot Programs and New Truck Safety Tech

Since the onset of the pandemic, keeping supply chains open and moving has been one of the primary objectives of the Federal Motor Carrier Safety Administration (FMCSA). One of the ways the FMCSA has kept goods moving is by implementing new hours of service (HOS) rules and relaxation of some regulatory activity.

Now, in an effort to get more truck drivers on the road, the FMCSA is starting two pilot programs for drivers under 21. Additionally, it is extending additional HOS relief for commercial drivers and is working to encourage the adoption of new safety technologies across the trucking industry.

One HOS rule currently open for public comments until November 2 is a proposed Split Duty Period Pilot Program that would allow truck drivers to take an up to three-hour pause during their shift to manage fatigue and still complete their workload. Additionally, the FMCSA is considering two pilot programs to allow drivers under 21 to operate commercial vehicles – an under 21 military CDL program and an under 21 program for nonmilitary drivers. The former has been in place since June with limited interest from potential drivers. The latter is a proposal through the DRIVE-Safe Act that has public comments open through November 9 and would recruit younger drivers to participate in the pilot program in two ways:

  • Category 1 – 120 hours of on-duty time and participate in an apprenticeship program. Drivers must have 80 hours of drive time, while completing specific requirements.
  • Category 2 – 280 hours of on-duty time with 160 hours of driving, as well as completing specific requirements.

Finally, the FMCSA is encouraging those in the trucking industry to adopt new technologies that improve safety through the TECH-Celerate Now partnership. Developed to encourage the adoption of advanced driver assistance systems, it advises drivers to use vehicles with automatic emergency braking, lane departure assistance and forward collision avoidance. Those who have installed such safety measures in their fleets have experienced a 60% reduction in rear-end collisions.

The FMCSA is also exploring automated driving systems that may further improve safety by reducing fatigue and accidents that result from it.

Insurance Products & Coverage

Renewed Effort to Secure Pandemic Insurance for Entertainment Industry

While live events and theater continue to remain largely shuttered due to the ongoing pandemic, movie and TV production has resumed, albeit in fits and starts. Safety protocols agreed upon by unions and studios include measures like coronavirus compliance officers on set and rigorous testing and masking protocols.

Some shows with live audiences, such as “Ellen,” have resumed production with distancing and testing protocols in place. Scheduling challenges and travel restrictions continue to interrupt production, and proper insurance coverage remains a concern. An effort in May by Rep. Carolyn Maloney to introduce PRIA, an insurance backstop, has met much resistance from multiple industries. As of a month ago, business groups were proposing an alternate solution. Without pandemic insurance, an estimated 250 to 400 films have died in or before production.

With many insurers withholding support from the PRIA, a group of two dozen industries representing more than 50 million workers called the Business Continuity Coalition (BCC) is proposing its own blueprint for public-private business continuity insurance. While no policy details have been released, a hearing set for November 19 with the House Committee on Financial Services titled, “Insuring against a Pandemic: Challenges and Solutions for Policyholders and Insurers,” could reveal some specifics and points of differentiation between the BCC’s approach and that of the PRIA.

The BCC has said it favors a public-private business interruption insurance program that would let employers keep payrolls and supply chains intact in the event of a future government-ordered shutdown. It says specialized products addressing the unique needs of film and TV production companies will be considered in its approach. The implementation of a solution is critical for production to resume at pre-pandemic levels. This is particularly true for independent producers, who are looking to Congress to pass a coronavirus relief package that would provide the funds they so desperately need to continue operations.

A number of governments around the world have established compensation funds to help production companies struggling from shutdowns caused by coronavirus. As a Media Insurance Network (MIN) member, EPIC has access to global market information about worldwide production coverages being tracked by MIN and will continue to monitor the situation and bring the best options to clients.

For more information, contact an EPIC broker.

The Pandemic Could be Having This Surprising Effect on Live Events and Entertainment

It is clear the pandemic has drastically altered live events and entertainment in many ways. From drive in concerts, movies and political rallies to seating people in small groups called “pods” a safe distance apart, live events do not look the same. Some areas of the industry, such as live theater, remain closed, unable to operate live performances at profitable levels, if at all.

When live events do return, one question on many minds is, ‘what will they look like?’ It is plausible, if not highly likely, that performances will play to smaller, distanced audiences who have paid higher prices to see those performances. In some states, attendees may be required to register for contact tracing and undergo temperature checks before being admitted. Plexiglass dividers may separate guests, restroom capacities will be reduced and hand sanitizer will abound. Both in terms of how live concerts and festivals feel, as well as what they cost, they will be drastically different for the short term, with some industry insiders predicting a return to pre-pandemic experiences taking several years to occur.

While most of the changes mentioned may negatively impact the live event experience, one area that may be positively affected is lines. The pandemic has propelled queue technology advanced and honed at theme parks like Disney World into a broader application. No one has ever enjoyed waiting in line, but now that lines are viewed as a health and safety risk, finding ways to eliminate them has become crucial for many businesses, even outside of the live venue arena.

Target now allows shoppers to make digital reservations to shop at local stores and one Giant Eagle location created a checkout-free experience; when shoppers have all their items, they simply pay in the app on their phone and leave the store, echoing experiences in place for years at Disney World and other theme parks.

Other avenues ripe for queue overhaul include airports, mass transit depots and bathrooms. In short, the new fear of close physical contact while the pandemic persists could translate into the end of physical lines. That is one welcome change brought on by the coronavirus crisis.

How the Pandemic is Impacting M&A Activity

The Mergers and Acquisitions (M&A) market is no stranger to ups and downs. It has endured and recovered from past economic crises, including the dot-com bubble in the early 2000s and the Great Recession of 2007-2008. While the coronavirus crisis and ensuing economic turmoil has tested the M&A market, recent analysis shows it is impacting it differently than have past economic downturns.

Uncertainty generally causes buyers to delay or reduce acquisition plans. The coronavirus pandemic is impacting M&A deals in more nuanced ways. Deal terms themselves along with novel due diligence issues and the lengthened time it takes to obtain necessary regulatory and other third-party approvals are all impacting transactions.

This reveals a complex picture of the market, where uncertainty and activity coexist together. Liberty Global Transaction Solutions examined the past ten years of claims notifications and found the pandemic impacted them in a unique way. While the virus initially halted many deals, the third quarter of 2020 brought the largest quarter ever for Liberty GTS, which experienced record numbers of M&A deals as well as premium volume. The company’s researchers found that 19% of policies received notifications, which was a noticeable uptick over the number seen over the past few years. However, no more than a quarter of those notifications resulted in actual claims.

Additionally, the report revealed that smaller M&A deals (valued at $250 million or less) led to more notifications and accounted for the largest paid claims when compared to deals valued at more than $1 billion. This may be due to the fact that smaller businesses tend to have less robust processes in place and may not have record-keeping and compliance issues where they should be.

A mid-year outlook from PWC confirmed that the number of M&A deals dropped by 29% from a year earlier, making it the single largest year-over-year decline in deal activity since the dotcom recession of 2001. The report noted that the market was beginning to stabilize, confirming Liberty’s report by showing deal volumes increased in May and June, with a few large deals in July. PWC also confirmed that deal size has declined considerably, with only three megadeals occurring in the second quarter as opposed to 18 during that same period in 2019. PWC noted that it does not expect a return anytime soon to the record high deal values seen in 2019. Their report also noted that cross-sector deals were on the rise and that it expects private equity deal volume to return to its long-term average of 20% to 25% of total U.S. deal volume for the remainder of 2020.

While there are many factors to consider with an M&A deal, one area of increasing concern is cyber theft. Sophisticated ransomware and other cyber attacks have risen during the pandemic and can impact potential M&A deals. Part of the due diligence of a transaction includes assessing the history of cyber events endured by a business as well as the controls in place and assets at risk. Cyber breaches can be difficult to discover; however, leaving both parties blind to the impending risk.

“Cyber breaches may go undetected for months and even years,” says Kelly Geary, EPIC Cyber Leader. “Protecting this risk in a sale, even in an assets-only deal, can spare purchasers from experiencing significant financial loss.”

EPIC recently announced exclusive access to a unique cyber product, Berkley Purchaser ProtectSM, designed to help protect companies involved in merger, acquisition or asset purchase transactions. It helps protect against “dwell time,” the critical time that transpires between a cybersecurity breach and its discovery. During dwell time, hackers lie undetected behind firewalls.

Developed by Berkley Cyber Risk Solutions is designed for organizations planning to make multiple, strategic purchases. With this coverage, policyholders are insured against financial loss from certain events that occur prior to a transaction closing date and are only discovered post-close.

Companies may find the policy valuable even in cases where acquired companies have existing Cyber policies and tail coverage, because it may not apply to first party breach response expenses.

Geary added, “At a time when many stand-alone policies are narrowing coverage, Berkley Purchaser ProtectSM fills a critical gap.”

Learn more about the product by contacting an EPIC broker.

Cybercrime Puts U.S. Hospitals in its Crosshairs

On October 28, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) warning of an imminent cybercrime threat to U.S. hospital and healthcare providers. It describes the tactics, techniques and procedures (TTPs) used by cybercriminals to infect systems with Ryuk ransomware. CISA, FBI and HHS are advising all entities within the healthcare sector to take immediate precautions to protect their networks from these threats.

The healthcare sector has always been a prime target for cybercriminals, but the percentage of healthcare entities impacted by ransomware has significantly increased in recent months. Typical ransomware demands range from several hundred thousand dollars in to the millions. Hospitals, specifically, are often targeted because cybercriminals believe they are more likely to pay the ransom (quickly) to avoid negative impact on patient care.

In September 2020, a woman in Germany died during a ransomware attack that impacted the Duesseldorf University Hospital. The target of the attack was Duesseldorf University, but the University Hospital network was impacted as well. The woman presented to the hospital in need of urgent treatment but because of the attack, the hospital could not accept emergency patients and the woman had to be sent to a health care facility in another city. The woman’s death appeared to be the first specifically connected to a ransomware attack involving a hospital.

Key recommendations provided by the CISA, the FBI, and HHS include:
  • Establish and practice out of band, non-VoIP, communications
  • Rehearse IT lockdown protocol and process, including practicing backups
  • Ensure backup of medical records, including electronic records, and have a 321-backup strategy – three backups on two different media, one of which is offline at all times
  • Expedite patching response plan within 24 hours
  • Prepare to maintain continuity of operations if attacked
  • Check that your anti-virus and endpoint detection and response (EDR) are running; a stopped state may indicate compromise
  • Be prepared to re-route patients if patient care is disrupted
  • Report all cyber-related incidents to the FBI 24/7 CyberWatch Command Center at 855-292-3937

No entity is immune from a ransomware attack—preparedness is key. Reach out to EPIC for assistance in preparation and risk mitigation.

Presumptive Compensability Legislation

An ongoing issue affecting workers’ compensation is presumptive compensability legislation from states. Many have proposed workers’ compensation bills related to coronavirus, including an expansion of coverage for either frontline, essential or all workers. Some states have issued executive orders, bulletins, emergency rules and directives on workers’ compensation coverage for certain workers. It is a dynamic situation that warrants monitoring by employers.

Ogletree Deakins has assembled a searchable table to track which states have implemented or proposed amendments to state workers’ compensation statutes. The table also addresses workers’ compensation benefits for health care workers and first responders. Access the table

For more information, contact an EPIC team member.

News of Note

The passage of another two weeks has brought forth more developments across the insurance world. Here is a rundown of recent news stories of interest.

HR & Employee Benefits Insights

OSHA Levies More Than $1.6 Million in Fines for Coronavirus Violations

The U.S. Department of Labor announced that since the start of the pandemic through October 15, the Occupational Safety and Health Administration (OSHA) has cited 112 establishments for violations relating to coronavirus. Those citations have resulted in proposed penalties totaling more than $1.6 million.

OSHA inspections have resulted in the agency citing employers for violations that include failures to:

  • Implement a written respiratory protection program
  • Provide a medical evaluation, respirator fit test, training on the proper use of a respirator and personal protective equipment (PPE)
  • Report an injury, illness or fatality
  • Record an injury or illness on OSHA recordkeeping forms
  • Comply with the General Duty Clause of the OSHA Act of 1970

While the citations are notable, the National Employment Law Project (NELP) released a report showing that OSHA failed to protect coronavirus safety whistleblowers who filed retaliation complaints. The organization analyzed OSHA’s public data, which showed 1,744 coronavirus-related retaliation complaints were filed by workers from April through August, and found that only one in five complaints (348) were docketed for investigation. Additionally, only 2 percent of complaints were resolved during that period. Fifty four percent of complaints were dismissed or closed without investigation.

For more information on responding to the coronavirus at your workplace, contact an EPIC team member.

CDC Releases Guidelines for Celebrating Thanksgiving Safely

As people begin to plan for fall and winter holiday celebrations, the Centers for Disease Control (CDC) has published considerations to lower the risk of contracting and spreading coronavirus.

These considerations are meant to supplement, not replace, any state, local, territorial, or tribal health and safety laws, rules, and regulations with which holiday gatherings must comply. Before holding a party, it is advisable to assess the current coronavirus levels in your community.

Thanksgiving is a time when many families travel long distances to celebrate together. Travel increases the chance of getting and spreading the virus that causes COVID-19. Staying home is the best way to protect yourself and others. If you must travel, be informed of the risks involved.

Consider these lower risk activities:
  • Hosting a small dinner with only people who live in your household
  • Preparing traditional family recipes for family and neighbors, especially those at higher risk of severe illness from COVID-19, and delivering them in a way that doesn’t involve contact with others
  • Planning a virtual dinner and sharing recipes with friends and family
  • Shopping online rather than in person on the day after Thanksgiving or the next Monday
  • Watching sports events, parades, and movies from home
Moderate risk activities to consider:
  • Plan a small outdoor dinner with family and friends who live in your community
  • Visit pumpkin patches or orchards where people use hand sanitizer before touching pumpkins or picking apples, wearing masks is encouraged or enforced, and people are able to maintain social distancing
  • Attend a small outdoor sports event with safety precautions in place
Higher risk activities that should be avoided to help prevent the spread of coronavirus include:
  • Going shopping in crowded stores just before, on, or after Thanksgiving
  • Participating or being a spectator at a crowded race
  • Attending crowded parades
  • Using alcohol or drugs, which can cloud judgement and increase risky behaviors
  • Attending large indoor gatherings with people from outside of your household

Updated Assistance on Monitoring States’ Orders and Guidance

As the country enters a renewed surge of coronavirus infections, states are responding in various ways. Some counties and cities are issuing closure orders and other regulations, while others are not. It is important to continue to routinely monitor the Closure and Reopening Orders as well as Orders and Guidance to Screen Employees for COVID-19 in effect. Links to two documents, provided by Ogletree, are helpful in monitoring local conditions.

For more information about preparing your workplace or protecting employees, contact an EPIC team member.

Insights From Across the Firm

EPIC thought leaders have written numerous articles on matters relating to coronavirus, all of which are available on EPIC’s website. The most recent articles include:


Our understanding of coronavirus and its impact around the world continues to evolve at a rapid pace. This newsletter briefly touches on issues that businesses may want to consider as they approach their response to novel coronavirus. More topics will be considered in future issues as our understanding of the virus and its impact continues to evolve. Please reach out to your EPIC broker for more information.

For all of EPIC’s coronavirus coverage, visit epicbrokers.com/coronavirus 

Disclaimer: This has been provided as an informational resource for EPIC clients and business partners. It is intended to provide general guidance on potential exposures and is not intended to provide medical advice or address medical concerns or specific risk circumstances. Due to the dynamic nature of infectious diseases, EPIC cannot be held liable for the guidance provided. We strongly encourage readers to seek additional safety, medical and epidemiological information from credible sources such as the Centers for Disease Control and Prevention and the World Health Organization. Regarding insurance coverage questions, whether coverage applies or a policy will respond to any risk or circumstance is subject to the specific terms and conditions of the policies and contracts at issue and underwriter determinations. 

Sign up for our Emergency Response Alerts

With this subscription, you’ll receive important updates from our team as we continue to cover global outbreaks and natural disasters impacting the business community, both locally and abroad.