Category Risk Management

Directors and officers still unprepared, despite increasing risks

02 August 2023 Myra Knoesen

An international study reveals almost half of small businesses choose not to purchase executive risk coverage like D&O, EPL and Fiduciary Liability, and the most common reason mentioned was that they believe they are too small to need it.

Are directors and officers still unprepared, despite increasing risks? FAnews spoke to Kim Rew, Partner at Webber Wentzel, Matt Williams, Candidate Attorney at Webber Wentzel and Tebogo Leshilo, Underwriting Head of Complex Financial Lines at SHA Risk Specialists about this and the risk trends directors and officers need to watch in 2023. 

Directors' fiduciary duties

Directors, according to Rew and Williams, can be held liable, among other things, for breaches of their fiduciary duties or for the negligent performance of their duties. Generally, directors are subject to fiduciary duties of good faith, honesty, and loyalty.

“Directors' fiduciary duties are embodied in the common law and have also been partially codified in the Companies Act, 2008. However, their common law fiduciary duties are not stagnant. They evolve to respond to the changing business environment. In addition, the judicial interpretation of whether a director's conduct was negligent and wrongful for purposes of delictual liability will also vary, depending on the convictions of society,” they said.

A false sense of security

“A 2020 broker survey conducted by SHA revealed a low purchase rate with results showing that less than 20% of small businesses purchase D&O cover. This leaves significant room for growth of D&O purchases, especially given the current pressures facing businesses such as threatening bankruptcy and liquidation, governance failures and increased M&A activity. Results of a 2022 SHA survey of small businesses showed that 22% of local directors did not have a good understanding of D&O exposures. This highlights a need to increase training and awareness regarding corporate governance and obligations of directors and officers as well as senior leaders in business,” said Leshilo. 

According to Leshilo, “should they breach their fiduciary duties and cause harm to either the company or stakeholders said directors and officers can be held liable in their personal capacity for the breach. Note that these liabilities may extend to the personal assets of their spouses and estates. It is, therefore, a misconception and a false sense of security that small businesses do not need D&O insurance.” 

“The sources of D&O claims may arise from a variety of sources, ranging from shareholders, employees, customers, creditors, vendors, competitors, and regulators. The breadth of this cover sees directors and officers potentially exposed to a wide range of allegations of wrongdoing, including but not limited to i) anti-competitive behaviour, ii) misrepresentations and misleading statements, iii) breach of laws and regulations and iv) failures to perform due diligence around business transactions,” she added. 

The purchase of D&O insurance, as well as the management of key risks that may lead to D&O claims, ought to be an important focus for small companies, said Leshilo. 

Risk trends in 2023

According to Leshilo, increased awareness and activism globally around Environmental, Social, and Governance (ESG) issues has seen senior leaders and directors and officers held accountable, by employees, stakeholders, regulators, and the public, for upholding their companies’ commitments to environmental and social initiatives. “A strong ESG framework is a key component of corporate governance; failure to address these matters can be detrimental to their businesses legally, financially, operationally, and reputationally. Regulatory action and litigation can be driven by failures in making adequate disclosures or misrepresenting topics such as diversity and inclusion, human rights violations, and climate change.” 

“Global concerns such as supply chain weaknesses, the war in Russia, increased inflation and stock volatility will impact the overall macroeconomic environment. This, combined with local factors such as load shedding, political failures and the increased chance for business rescue and liquidations will see many businesses operating under distress (global and economic uncertainty). Directors face the pressures of managing and adjusting their strategy and operations to navigate businesses through the current climate,” she added. 

“Boards of directors can no longer afford to sideline the management of cybersecurity risk as we continue to see an increase in the frequency of cyber incidents across various business sectors. A cyber breach can potentially close the company down while introducing significant reputational risk, financial loss and the potential for regulatory fines. Failures to take the requisite steps in overseeing a robust cyber security risk management strategy, where adequate controls are implemented to detect and prevent and manage cyber-attacks, will see directors in breach of their fiduciary duties and lead to a rise in D&O claims. The board of directors has a further fiduciary duty to comply with data protection and privacy regulations in the face of rising cybercrime levels,” continued Leshilo. 

For Rew and Williams, fraud and corruption are at the forefront. “The judicial commission of inquiry into state capture unveiled rampant fraud and corruption across South Africa, in both the public and private sectors. This type of business environment poses several risks for directors in terms of breaches of their fiduciary duties, delictual liability and criminal liability.”

“A director who has knowledge of fraud or corruption which affects the company has a duty to disclose that information to the board at the earliest practicable opportunity. A failure to disclose it amounts to a breach of the director's fiduciary duty, which entails the director's liability to the company. In addition, a director who has knowledge of fraud or corruption involving R100 000 or more has a duty in terms of the Prevention and Combatting of Corrupt Activities Act, 2004, to report the information to the Hawks. A director who fails to comply with this reporting obligation commits a criminal offence,” they added.

“However, after-the-fact reporting may not be enough to reduce civil liability risk. When a director has failed to ensure appropriate procedures and safeguards are in place within the company to mitigate, among other things, fraud, corruption and money laundering, and such failure has caused the company loss, the director could be held liable in delict for that loss, provided all the elements of delictual liability are satisfied,” they continued.

Still unprepared, despite increasing risks

As Rew and Williams mentioned at the beginning of this article, fiduciary duties evolve to respond to the changing business environment.

Leshilo added that the existing misconceptions about the need to purchase D&O insurance by small businesses, together with the ever-changing business landscape in which they operate certainly gives credence to a measure of unpreparedness in directors adequately managing all exposures which present in their business. 

“One of the keys to managing these exposures lies in the ability to attract qualified and experienced directors who are able to effectively execute their fiduciary duties. Directors and officers ought to be well-informed about the business, its competitive and regulatory environment, and the legal landscape in which it operates. In the event that there may be limited resources and knowledge; businesses should invest in engaging experts to support their decision making. Managing these business risks and exposures internally may see small businesses benefit from the recruitment of more qualified and talented outside directors, improved corporate decision making and better governance practices. This, together with the addition of a D&O policy as a form of risk transfer, will see a robust risk management plan in place to provide increased measures to protect both the company balance sheet and personal assets of director and officers,” concluded Leshilo. 

Writer’s Thoughts

With the ever-changing business landscape, it is a misconception that small businesses do not need D&O insurance. As fiduciary duties evolve to respond to the changing business environment it is imperative that directors have a good understanding of D&O exposures and proper risk management strategies in place. Do you agree? Comment below, interact with us on Twitter at @fanews_online or email me -


Added by Myra, 02 Aug 2023
Hi Humphrey, thank you for commenting.

You don't have it wrong, you are entitled to your own opinion, although i tend to agree with some of what you said.
Report Abuse
Added by Humphrey, 02 Aug 2023
In economics one has "supply and demand" influencing pricing.

In insurance one has "Risk materialization" and "Maslow's hierarchy of needs" affecting insurance purchases from available funds of the policyholder.

Cyber insurance and D & O were originally offered only as specialist policies through specialist UMA's (the same UMA's generally offered both of these covers). To grow their books these UMA's did 2 things:

1. Huge advertising through the media by means of scare articles on the exposures and the potential size and frequency of claims (the amount of cyber risk articles in the media is amazing. There are so many that i just do not read them anymore0.

2. The UMA's then went to their carriers and orchestrated that the core commercial polices (the old Multimark type policies) be enhanced to include both D & O and Cyber as sections. The UMA would then receive an income from such sales 9it was hoped that such incomes would be substantial). Point 1 above (scare articles) took on the approach of specifically targeting SME's.
Two of the major insurers i worked for took this approach (or incorporating these covers into their normal commercial policies) and sales have been dismal (for both insurers0.

I have no doubt that there is risk and the potential for loss (and i know the landscape has been changing - although this same point has appeared in articles for the past 15 years or so), but I would say (my opinion) is that due to relatively low Risk materialization (actual losses of note in terms of both frequency and quantum) and the actual need (as opposed to want) for this cover from available money in the SME policyholder's business is generally low - relative to losses in other conventional insurance covers such as fire, theft, motor etc.

Maslow's hierarchy of needs simply results in these covers not being purchased by SME's as excess available funds to purchase insurance reduce due to a number of factors (legal compliance costs, additional costs due to government inefficiencies - e.g. additional security protections, generators, inverters etc. etc). Money for insurance covers is restricted to where (relatively) the losses materialize.

If it were not so these covers would sell themselves and do so in large quantities (brokers and policyholders would see the losses and the word would spread - the cover would be purchased, and the risk transferred to the insurer).


Report Abuse

Comment on this post

Email Address*
Security Check *
Quick Polls


Which aspect do you think is most critical for the future success of financial advisory firms?


Embracing technological advancements
Rethinking fee structures
Focusing on inter-generational wealth transfer
fanews magazine
FAnews June 2024 Get the latest issue of FAnews

This month's headlines

Understanding prescription in claims for professional negligence
Climate change… the single biggest risk facing insurers
Insuring the unpredictable: 2024 global election risks
Financial advice crucial as clients’ Life policy premiums rise sharply
Guiding clients through the Two-Pot Retirement System
There is diversification, and true diversification – choose wisely
Decoding the shift in investment patterns
Subscribe now