by Fredric L. Shenkman, Esq., LL.M.

This primer is intended to outline the fundamentals of directors and officers insurance (“D&O”) for non-publicly traded entities.

Historically, corporations could not indemnify their officials against personal losses arising out of their duties as directors or officers. A precipitous increase in litigation against officers and directors, who often serve gratis, was the genesis for widespread  D&O coverage.

D&O insurance is a form of professional liability insurance. It protects corporate officials from personal losses arising out of the fulfillment of corporate duties and responsibilities.

There are no standardized policies for D&O insurance. The reasons for this lack of standardization include: the differing  requirements of public versus private entities, particularly with regard to exposure for securities law violations; varying size of the entities; and varying types of exposures, depending upon the entity’s involvement in a particular industry or undertaking.


Typically, a D&O policy will define “directors and officers” as past, present or future duly elected or appointed directors or officers. Coverage is normally afforded only when the officer or director is acting in discharge of his or her corporate responsibilities. Coverage may extend to “mixed” acts, where the acts on behalf of the corporation are inextricably linked with non-covered acts.


D&O insurance, traditionally, has three possible facets of coverage. The first protects individual directors by paying defense costs and settlements arising out of a lawsuit. This facet is colloquially known as “Side A” coverage. This type of coverage applies when the entity is unable or not allowed to provide indemnity for its officers and directors.

The second type of coverage provides indemnity for the entity to the extent it has paid for the defense and indemnity of its directors and officers. This is known as “Side B” coverage.

The third type of coverage provides indemnity for the entity itself; this is “Side C” coverage.

Recently, claims related to sexual harassment have come to the forefront. A director or officer can face liability for engaging in such conduct or permitting and/or fostering a corporate culture that is conducive to such conduct. These types of claims are typically covered under employment practices liability insurance (“EPLI”). EPLI coverage can be provided separately or as part of D&O coverage. The coverages should dovetail. For example, a D&O policy may exclude coverage for wrongful termination while an EPLI policy insures same based on the conduct being “employment related.”

Cyber liability may also implicate D&O coverage. The coverage comes into play  when officers and directors are alleged to have failed to take reasonable steps to protect  an individual’s privacy. If a data breach occurs and the entity is sued, typically same is a “wrongful act” covered by the D&O policy. There have been attempts to implicate D&O coverage for direct losses for data breach independent of any suit. Although these claims are the subject of coverage pursuant to a cyber liability policy, policy-holders attempt to obtain coverage for these issues from the D&O policy when the cyber liability policy is inadequate or there is no cyber liability policy.


Exclusions of D&O policies are of two broad categories: claims related to corporate governance and claims related to matters covered by other types of insurance.

The exclusion related to corporate governance includes directors’ and officers’ dishonest acts.  Corporate governance exclusions include  “wrongful acts” such as an officer engaged in discriminatory acts. Suits by and between officers and directors are typically not covered.

Exclusions based on the availability of other coverage include claims for  bodily injury and property damage.

More specific exclusions include: fraud; willful conduct for personal profit or advantage; pending litigation; breach of contract; and circumstances noticed to the prior carrier. See “Reporting Period.”


D&O policies are almost all “claims-made.” Such policies cover claims that are made during the reporting period, not when the alleged wrongdoing occurred. The insurer’s purposes in writing claims-made policies are to reasonably estimate losses likely to be paid and to prevent the coverage of claims made years after the policy expired.

The reporting period for a claims made policy is governed contractually. Some policies require notice “as soon as practical.” Other policies specify a number of days in which notice must be given after the policy period ends. Some policies require notice as soon as practical and within the policy period; this has the practical impact of denying coverage for claims made late in the policy period.

If a D&O policy is claims made, and the coverage lapses, there would be no coverage for conduct that occurred during the insured period because the claim would not be noticed until the reporting period has ended. This situation is normally dealt with by the D&O policy including “prior acts.” In the absence of the availability of coverage for prior acts, an extended reporting endorsement can be available as part of the lapsing policy.

If an insured learns of wrongful acts or circumstances which could give rise to a future claim,  most D&O polices allow the insured to give notice of the potential claim during the policy period. If the actual claim is made after the policy period, it will be treated as having been noticed during the policy period. Essentially, by notifying the carrier of potential claims, coverage is extended beyond the term of the policy. However, same comes at the cost of an impact on premiums and a heightened scrutiny as to whether coverage will be renewed.


Unlike D&O policies for public entities, certain policies for private entities provide that defense costs do not deplete a policy’s liability limit. The usual policy does not have a retention as to Side A coverage; there is usually a retention as to Sides B & C coverage.


D&O coverage is, effectively, a form of malpractice insurance. The scope of coverage can include the individual director or officer, the entity to the extent it expends money for defense and indemnity of an director and officer, and the entity itself. Coverage is claims made. Coverage may not extend to employment issues or cyber security issues.