For D&O liability insurance, 2024 represented a year of continued market improvement. Although the extent of reductions tapered, competitive market dynamics endured throughout the year due to a sustained availability of capacity.
But is change on the horizon? From an incoming presidential administration with decidedly different policy priorities than the outgoing administration, to the rapidly expanding influences of artificial intelligence, interconnected cyber and D&O risk, macro-economic factors, among other forces, organizations and their directors and officers face more uncertainty in the year ahead.
Heading into 2025, the predominant message is one of a persistent, competitive marketplace, tempered by pressures toward rate stabilization. While D&O insurer claim losses do not appear to be driving the message, there does seem to be a resonant theme that continued reductions have reached the point of unsustainability. This is not to suggest that rate increases are imminent. Although reductions may still be available on a case-by-case basis, we anticipate the most likely renewal outcome in 2025 to be flat for stable risk profiles.
The story of our 2025 outlook, however, does not end with conclusions or predictions on rate. To the contrary, we believe strongly in “driving value in a stable environment.” Where insurers may be less able to agree to more favorable pricing, they should be pressed to differentiate their offerings with other areas of value, such as enhanced coverage – entity investigations costs coverage, as just one example, and/or increased sublimits where feasible. With advancements that WTW has achieved in coverage analytical modeling, numerous additional areas of policy and program improvements are possible.
Securities class action (SCA) filings were up nominally year-on-year, with 222 filings in 2024,[1] as compared to 212 total filings in 2023. [2] Full-year analyses of filings and settlements are pending, but we note the average SCA settlement in H1 2024 was $26 million, reflecting a steady decline from 2023 ($35 million) and 2022 ($40 million). [3] The median settlement in H1 2024 was $9 million, down substantially from $15 million in 2023 and $14 million in 2022. [4]
The Securities and Exchange Commission (SEC) filed 26% fewer enforcement actions in fiscal year ending September 2024 than in FY 2023 – 583 in FY 2024 versus 784 in FY 2023. [5] Recoveries, however, were a different story: the SEC recovered $8.194 billion in penalties and disgorgement in FY 2024, higher than the average annual recoveries of $4.853 billion over the five previous fiscal years. [6]
While the data suggests claim trends are not likely to have a material impact on market conditions in 2025, we caution that settlement and recovery sums in any given year may not be reflective of current D&O conditions. In fact, they are lagging indicators, often more accurately revealing facts specific to cases filed in previous years and without reference to the amount of D&O insurance used to resolve the matters. This last point is especially true with enforcement actions, where D&O coverage for corporate entities, and for fines and penalties on a broader basis, may be more restricted.
With a change in presidential administrations coming in January, the president-elect announced in December his intention to appoint former SEC commissioner, Paul Atkins, as Chair of the SEC. [7] With Atkins being a critic of the Biden Administration’s regulatory approach, companies and their directors and officers may anticipate diminished regulatory risk under an Atkins-led SEC. We expect changes at the SEC to include, among other things, rollback of cyber and ESG enforcement and disclosure requirements, and an emphasis away from agency-imposed corporate penalties. Whether the latter will result in greater individual accountability remains to be seen. Changes may also include sizable reductions in staff and agency resources.
Given Atkins’s background as an advocate of cryptocurrencies (he is currently the CEO of consulting firm Patomak Global Partners, which has clients across the financial and cryptocurrency industries [8]), the agency is anticipated to have a lighter regulatory touch to this emerging industry.
Of course, it is too early to gauge the extent of regulatory relief companies may experience in the coming year and its potential effect on the D&O market. Lest anyone assume liability exposures to companies and their directors and officers will be reduced overall, however, it is always possible that the reverse may be true – that the lessening of regulatory risk may give rise to a more aggressive plaintiffs’ bar eager to act on purported wrongdoing against which the SEC may be reluctant to act. Time will tell.
The U.S. economy was resilient in 2024. Fears of recession diminished, GDP growth exceeded the expectations of many, unemployment remained below historic averages, stock market indices hit record highs and, despite a downward tick late in the year, overall 2024 market growth reached into the double digits. Nevertheless, interest rates, lingering inflation, supply chain issues, and global hostilities are among factors that may adversely impact businesses into this new year. The change in presidential administrations is also likely to generate difficult-to-predict crosscurrents brought on by anticipated policy changes that are expected to include, as examples, the easing of regulation and enforcement activity, and the imposition of tariffs, among other shifts in policy.
Business bankruptcy filings totaling 22,762 through the fiscal year ending September 2024 reflected a 33% increase year-on-year, continuing an upward trend since 2021 [9]; however, 2024 figures are relatively flat compared to the number of filings in the pandemic year of 2020. [10] We continue to monitor these developments, as bankruptcy claims can impact both private and public companies and can be among the most severe.
Bankruptcy-focused D&O coverage specialization is essential in times of uncertainty. Companies should reach out to D&O brokerage distressed risk teams – such as WTW’s Strategic Solutions Group – for guidance on program structure, policy language relating to insolvency and restructuring, runoff considerations, claims specialization, and M&A-focused solutions.
From traditional AI to augmented to fully autonomous AI, artificial intelligence presents risks to companies across numerous lines of coverage. As a D&O risk, AI is used to provide data and support to corporate decision makers, leading potentially to questions of the sufficiency of oversight and due diligence. The adequacy and accuracy of investor disclosures relating to the use and scope of AI are also areas of potential risk.
The SEC initiated enforcement actions in FY 2024, including a settlement with investment advisor firms related to alleged practices known as “AI washing,” [11] or the overstatement or the misleading of investors as to a company’s AI capabilities, or the extent to which the company has incorporated AI into its operations or products. Charges were also brought against a foreign investment adviser for purportedly making false statements about the firm’s AI technology and its ability to generate above-market returns. [12] In October 2024 (FY 2025), the SEC settled another AI-washing matter involving an investment advisor. [13]
Beyond SEC activity, shareholders filed AI-washing related SCAs against companies and their directors and officers, with 13 such cases filed in 2024. [14]
To date, allegations surrounding AI issues appear to be primarily limited to misrepresentations about the role of AI in business operations, but while the totality of potential AI-related D&O liabilities is less known, plaintiffs and regulators will no doubt find other claims to bring. Any entity may be second-guessed about over- or under-using AI, and failures caused by hallucinations (which occur when an AI system generates false information or inaccurate outputs) or other technological shortfalls may lead to claims against the entities and humans behind the AI being used. Directors and officers who don’t fully understand how their entities are using AI and how the AI works may find it difficult to defend themselves against such claims.
Environmental, social and governance (ESG) issues have been a prominent area of discussion related to D&O risk for several years. Initially, organizations faced pressures from shareholders, regulators, and other stakeholders, to address ESG from operational, cultural and investment perspectives. Globally, ESG-focused regulation expanded, including SEC rulemaking and legislation in California and the EU. [15] In the U.S., however, more recent ESG backlash has pressured the SEC to scale back the scope of its final climate rule, [16] with the agency formally delaying implementation pending completion of judicial review of consolidated proceedings in the Eighth Circuit challenging the rule. [17] Authorities in several U.S. states have pushed back on ESG initiatives, [18] and the new presidential administration is expected to seek to roll back many of the Biden Administration’s climate policies at the federal level. [19]
In March 2024, we wrote about the SEC’s final climate risk disclosure rule. [20] More recently, we wrote about how, with some exceptions specific to industry, D&O underwriting focus on climate risk, in particular, never really took off, perhaps because of the lack of related D&O litigation losses, perhaps a function of soft insurance market conditions. [21]
Given the proliferation of anti-ESG forces in the U.S., it might be difficult for many domestic companies in 2025 to imagine climate change disclosure to be a meaningful ongoing risk. We caution companies, however, not to overlook what has become a web of global regulatory complexity around the subject, where much of the world may require compliance with comprehensive disclosure schemes just as, domestically, similar requirements may be disappearing.
One exception may be California’s legislation, Senate Bill 219 – “Greenhouse Gases: Climate Corporate Accountability: Climate-Related Financial Risk” – signed into law in September 2024. [22] As a general matter, the legislation requires companies with significant revenues in California that do business in the state to publicly disclose greenhouse gas emissions data and climate-related financial risk reports. Although predictable legal challenges to the law are pending, disclosure deadlines are still slated for 2025 and 2026.
With the tug and pull of conflicting global efforts to address climate risk, it’s essential that companies confer with qualified in-house and outside counsel on the adequacy of their regulatory compliance.
Another element of ESG risk, that of diversity, equity and inclusion (DEI), is also marked by backlash and uncertainty, with some businesses announcing rollbacks to DEI programs or, at least, diminishing their maintenance and promotion of quantitative, time-bound DEI goals within their sustainability reports. [23] In addition, three states restricted DEI offices at public universities in 2024, and three additional states prohibited colleges from requiring diversity statements in hiring and admissions. [24] Lawmakers in at least 10 other states proposed legislation related to DEI in higher education. [25] The new presidential administration has proclaimed dismantling DEI programs to be a “day-one priority,” [26] and activists have filed numerous lawsuits targeting DEI initiatives. [27] Most recently, the Fifth Circuit Court of Appeals struck down SEC-approved Nasdaq rules designed to encourage more diverse company boards, [28] holding that the SEC, in approving the rules, failed to establish the rules were related to the “purpose” of the Securities Exchange Act of 1934, which is to, among other things, “prevent fraudulent and manipulative acts and practices,” and “to protect investors.” [29]
D&O risk relating to cybersecurity exposures is not new, of course, with securities litigation arising from large scale cyber events going back to at least 2017. Since then, no less than 34 cyber-related SCAs have been filed [30]; however, this figure does not include related derivative litigation, government investigations or enforcement proceedings.
In fact, D&O risk relating to cyber incidents may be more pronounced than earlier thought. WTW has undertaken research into the relationship between cyber and D&O risk. Below are a few key takeaways:
Recently, several insurers have been willing to offer coverage enhancements for cyber and D&O policies (for example, coordinated retention credit on D&O policies, SEC disclosure costs on cyber policies) which perform optimally when coordinated.
01
In June 2024, the U.S. Supreme Court issued its decision in the Jarkesy v. SEC litigation, [31] ruling against the SEC in a case challenging the agency's ability to use administrative law tribunals to seek civil penalties against defendants for securities fraud. The Court found that, in cases alleging fraud, the agency must bring civil penalty actions in federal court, where the defendant is entitled to a jury trial, and cannot do so in in-house administrative courts.
On the following day, the Court in Loper Bright Enterprises et al. v. Raimondo, Secretary of Commerce, et al. [32] held that the Administrative Procedure Act requires courts to exercise their independent judgment in deciding whether an agency has acted within its statutory authority. In overturning longstanding Supreme Court precedent from the 1984 decision in Chevron USA Inc. v. Natural Resources Defense Council, Inc., the Court held that courts may not defer to agency interpretation of the law simply because a statute is ambiguous.
The Jarkesy and Loper decisions are unambiguous wins for those who have sought to diminish the scope of regulatory agencies’ rulemaking and enforcement powers. The immediate impact on companies and their directors and officers is less evident, but it is foreseeable that overall exposure may diminish if defendants have greater success in federal court or if the possibility of that reduces the severity of pre-trial settlements. It will also be interesting to see if enforcement proceeding filing frequency diminishes if the SEC, in fact, becomes more scrutinizing in the cases it decides to assert. This could be impacted futher with a change in administration.
02
In April 2024, the U.S. Supreme Court issued its opinion in Macquarie Infrastructure Corp. v. Moab Partners. [33] The Court held that a failure to disclose information required by Item 303 in Regulation S-K cannot support a private action under Rule 10b-5(b) as long as the failure does not render prior statements misleading. In order to reach that conclusion, the Court found that Rule 10b-5(b) does not create liability for pure omissions.
The decision is a win for companies and their directors and officers, likely to stem the previously rising tide of securities class actions resting on Item 303-related allegations. However, the decision may turn out to be even more of a loss for plaintiffs than might be immediately obvious. In this regard, it seems to call into question the continued vitality of the Court’s decision in Affiliated Ute Citizens of Utah v. United States, a case often cited for the propositions that a claim for liability under Rule 10b-5 can be predicated purely on omissions, and that such a claim doesn’t require positive proof of reliance.
We wrote on the Macquarie decision, [34] an article that was re-published in the D&O Diary. [35]
03
Litigation filed under the False Claims Act (FCA) can be costly to defend and resolve, and there are often limitations on relevant D&O insurance coverage. Healthcare, managed care and defense contractor entities have disproportionately borne the brunt of these claims. In September 2024, the court in U.S. ex rel. Zafirov v. Florida Medical Associates, LLC [36] held that the qui tam provisions of the FCA are unconstitutional on the grounds that the qui tam process violates the Appointments Clause of Article II of the U.S. Constitution. The court reasoned that a relator in an FCA case in which the government did not intervene might well be acting as an “officer of the United States,” but has not been duly appointed to that role. [37]
The Zafirov decision was issued by a lower federal court and could be reversed on appeal. Even if the decision is affirmed, however, it will not affect the government’s ability to bring FCA claims itself. As a consequence, the holding may put pressure on the government to bring claims itself and rely less on relators. In such instances, particularly in the context of the incoming administration where we can anticipate lighter government FCA enforcement, it is foreseeable that affected companies may experience substantially diminished FCA liability risk.
2025 is sure to be a year of transition and change for D&O risk, but with insurance market conditions expected to stabilize following years of steady rate reductions. We encourage readers to follow WTW FINEX on social media [38] and on our Insights page [39] for regular updates and other thought leadership.