Your Directors Are Voiding Your Insurance (And Don't Know It)

A US-based director went to a conference in Bogotá. She had no idea her morning walk would void the entire insurance program.

TL;DR: Your D&O policy has warranty provisions most directors don't know exist. A single protocol breach can void your entire policy. After 20 years protecting executives globally, I've seen this happen too often. The UnitedHealthcare shooting made this a domestic issue too. Here's what you need to know.

It was 6:47 AM in Bogotá.

Your Director of Marketing slipped out for coffee. She's US-based, travels internationally 1-2 times per year, and had no idea security protocols existed.

That 15-minute walk just voided your $50 million D&O policy.

THE CLAUSE NO ONE READS

I've been providing security for executives worldwide for over 20 years. Investment bankers, pharma executives, manufacturing leaders, marketing directors attending conferences, and plenty of people who don't think security applies to them.

The problem is universal: Nobody tells people their insurance policy controls their every move abroad.

Buried in your D&O policy are "warranty provisions." Not suggestions. Contractual requirements.

Breach one, the entire policy can be voided.

For two decades, this was mostly an international issue. Then the UnitedHealthcare CEO was assassinated in Manhattan and it became a domestic problem too (a topic I wrote about here).

HOW IT ACTUALLY WORKS

Your policy specifies security requirements by city and region:

Bogotá: Accompanied movement outside approved perimeters required

São Paulo: Hotel perimeter exit requires security liaison

Mumbai: Approved transportation only

London: Varies by borough

The carrier's risk database is more granular than State Department warnings. They know which neighborhoods, which times, which routes are approved.

And they track compliance.

THE CASCADE

Here's what happened after that coffee run:

Day 1: Your marketing director has a severe allergic reaction at a street café. She's unconscious. The security liaison back at the hotel doesn't know where she is. Local EMS takes 40 minutes. She's taken to the nearest hospital, not the approved facility.

Day 2: You notify the carrier. They ask: "Was she in compliance?" The answer is no. She left the hotel unaccompanied.

Week 1: The $85K medical evacuation claim is denied. Worse, the carrier issues notice that your entire policy is under review. Their reasoning: had she been with the liaison, they would have known about her allergies and coordinated proper care.

Week 2: Your CFO asks: "She's a marketing director. Why would she need security?" Your broker pulls up the policy language: "All officers, directors, and designated key personnel." There's no distinction between CEO and director.

Week 3: Your GC briefs the board. They ask: "Are we covered?" The answer is unclear. HR pulls the data: 47 directors traveled internationally last year. 41 had no idea protocols existed.

Month 2: The family files a duty of care claim. The company failed to inform, train, and ensure compliance. Your D&O insurance, meant for exactly this scenario, is now in dispute.

Month 3: Policy renewal time. Every carrier sees the same thing: major breach, 87% of traveling directors unaware of requirements, active litigation. Premiums increase 350%. Three carriers refuse to bid.

The math:

• Denied medical claims: $2M

• Duty of care settlement: $3M

• Increased premiums over 5 years: $18M

• Legal defense costs, uninsured: $8M

• Shareholder litigation: $12M

• Compliance overhaul: $4M

Total: $47M

A US-based marketing director. At a conference. Getting coffee.

WHY THIS KEEPS HAPPENING

I've seen these patterns for two decades across every industry:

People don't know they're covered. 70% of directors have never read the D&O security appendix. Most don't even know they're covered by the policy.

"I'm not that important." Directors think K&R policies are for CEOs. Wrong. The policies cover officers, directors, and key personnel. The marketing director at a conference creates the same enterprise risk as the CEO.

"This feels ridiculous." You're going to a conference hotel in a major city. The policy doesn't care how safe you feel.

Nobody told them. The CEO might get briefed. The person who travels quarterly might know. The US-based director going to one conference per year? Nobody told her.

WHAT CHANGED AFTER UNITEDHEALTHCARE

For 20 years, this was an international problem.

After the UnitedHealthcare assassination, carriers began rewriting domestic coverage. Some policies now require protocols for:

• Major investor conferences

• High-profile speaking engagements

• Publicly announced executive appearances

• Travel to certain US cities

The coverage gap is expanding. Many executives are operating in a gray area with unclear requirements, in cities they thought were safe.

WHAT ACTUALLY WORKS

Companies that handle this well do three things:

Make it impossible not to know. Mandatory pre-travel briefing for all covered personnel. Annual certification that states: "I understand my non-compliance can void everyone's coverage." Don't assume people know.

Build flexibility within guardrails. Perimeter-based tracking, not constant monitoring. Discrete security liaison, not close protection. Clear approved zones where people can move freely.

Reframe it. Don't say "you need a bodyguard." Say "our insurance requires a local liaison who knows emergency protocols, approved medical facilities, and can handle problems if they arise." For infrequent travelers, frame it as: this person ensures that if anything goes wrong, you have expert local help.

MONDAY MORNING ACTIONS

CEOs: Pull your D&O policy and read the security appendix. Ask HR: "How many directors traveled internationally last year? Do they know they're covered?"

General Counsels: Audit the last 12 months of travel. Who knew they were covered? Who received briefings? Document any breaches before the carrier finds them.

Board Members: Add this to your audit committee agenda: quarterly compliance review. Ask: "How many people are covered by our policy and don't know it?"

CFOs: Do the math. $500K annually on compliance protocols versus $47M in exposure. It's not even close.

Directors and Managers: Before your next international trip, ask three questions:

• Am I covered under the D&O policy?

• What are the protocols for where I'm traveling?

• What happens if I don't follow them?

Don't assume you're "not important enough." Don't assume someone will tell you. In most companies, they won't.

THE BOTTOM LINE

Your director's morning walk isn't personal. It's a corporate decision with enterprise-wide consequences.

The insurance policy isn't a suggestion. It's the contract that determines whether you're actually insured or just paying premiums for coverage you've already voided.

I've spent 20 years protecting people across six continents. Different industries, different risks, same fundamental problem: the gap between what policies require and what people actually do.

Most people don't even know they're subject to these protocols.

That's not a communication problem. It's a liability time bomb.

The companies that survive the next crisis won't be the ones with the best security teams. They'll be the ones where everyone, from CEO to director, knows they're covered, understands the protocols, and realizes: when you go for that walk, you're not just risking yourself. You're risking everyone.

After 20 years in executive protection, I help companies build compliance programs that keep them insured. If your directors don't know they're covered, or you're not sure whether they do, reach out. We can fix this before it costs you $47M.