1. SUMMER 2015 alarm-uk.org 1
UNLOCKING
CYBER RISK
Changing volunteering
Alarm Forum previews
SMART GUIDE
Social media
Child protection
outsourcing challenges
CSE long tail claims
SUMMER 2015
alarm-uk.org
2. 2 alarm-uk.org SUMMER 2015
IS Y UR RI K
M NA EM NT
PR V DER
M SS NG
SO ETH NG?
We do the thinking…
Risk Management Partners
020 7204 1800
www.rmpartners.co.uk
We don’t cut corners. That’s one thing we never do. We’ll give you a dedicated account director.
And a claims manager who understands your organisation. You’ll receive real-time access to your
claims data. We continually monitor claims trends. We do all this to deliver a bespoke programme that
reduces total cost of risk. It’s why we are one of the UK’s leading public sector insurance organisations.
Maybe it’s time to ask yourself the question, is your risk management provider missing something?
We like to think so.
3. SUMMER 2015 alarm-uk.org 3
A link between failings, and
checks and balances?
CHAIRMAN’S COMMENT
ROBIN POWELL
CHAIRMAN, ALARM
Please forgive the slightly angry and perhaps controversial
tone of some of this column. I’m no Jeremy Clarkson so
rest assured I’m not going to get involved in any kind of
‘fracas’. I also ought to preface this column with the
usual comment that the views expressed in this article
are entirely my own and don’t represent the views of my employer or
indeed, Alarm.
Some elements of the public sector just seem to lurch from one
muck-up to another. In my introduction to the Spring edition of Public
RM I referred to the Kerslake report about governance failings at
Birmingham City Council. Just after we went to print on that edition,
the Louise Casey report on Rotherham Council was published with
hard hitting words shouting at me from the pages, such as ‘not fit for
purpose’ and ‘failing in its duties to protect’. Government appointed
commissioners are now running that Council aiming to rectify the mistakes of
the previous regime, moving towards full council elections in 2016. I also now hear
about child sexual exploitation elsewhere and a perceived ‘head in the sand’ mentality of officers and councillors
who appear in a state of denial.
Is it me, or does nobody else see a link between these well published failings and a lack of checks and balances
that a fully resourced and well governed publicly funded organisation would have were it not for cuts in resources
and the continued need to demonstrate efficiency savings? It is too easy to cut corners, especially on areas of
responsibility that don’t deliver front line services or generate income, such as governance, audit, risk and insurance
management. There are lessons to be learned here for all of us, even if it is only a salutary reminder to avoid
complacency in all that we do in our risk management activities.
By the time you read this we will have endured months of electioneering, media debates and gnashing of political
teeth. I don’t know now what shape or colour of government we will be experiencing but no doubt there will be
negotiations and promises made with the sole aim of wielding political power. Will this result in a better outlook for
the public sector? I’m not convinced: what’s good for politicians may not be good for those they govern. I
wonder what future lies ahead for all of our publicly funded organisations? What we do know is that risks
won’t go away, despite changes to government, and new risks will emerge. The debate continues as to
how well those risks will be managed to avoid the type of headline grabbing situations I mention above.
Our new guide on FOI is included with this issue of Public RM. We all recognise that transparency
and openness is extremely important and sits at the heart of good governance but let’s ensure that
the legislation is used for its intended purpose, not to circumvent recognised due process, especially
in respect of civil claims handling.
This edition of Public RM again contains something for everybody in the Alarm family. Articles
on social media, cyber security and children’s services’ risks highlight matters concerned
with modern ways of communicating and new service delivery methods.
The 2015 Alarm National Educational Forum is being held in Birmingham, at a new venue
at Aston University in June. I look forward to welcoming Members and sponsors to a
Forum that’s packed with insightful and useful workshops appealing
to more sectors and covering a broader range of special interest
subjects that ever before. Please come and say ‘hello’ and tell me
what you think of Alarm.
Our feature on
volunteer risk on page
11 may have wider appeal
than the third sector, with
organisations increasingly
reliant on voluntary
contributions to maintain
community services.
CHAIRMAN’S COMMENT
4. 3 CHAIRMAN’S COMMENT
A link between failings,
and checks and balances?
4 CONTENTS
5 ALARM UPDATE
Forum Doing defence
differently
Forum Making an impact
7 ALARM UPDATE
Forum practitioner
sessions - Delivering the
legacy of innovation
Forum practitioner
sessions - Risk sharing and
risk management in a
consortium
8 ALARM UPDATE
Forum practitioner
sessions - How many elastic
bands does it take to survive?
Alarm Highways Report
9 ALARM UPDATE
Chairman’s farewell
FOIL focus
11 CHARITIES
Changing volunteering
14 INSURANCE
The Insurance Act: fair
presentation
16 INSURANCE
CSE long tail claims
19 INSURANCE
Collaborative working
20 CHILDREN
Child protection outsourcing
challenges
22 STRATEGIC RISK
Unlocking cyber security
25 PERSONAL DEVELOPMENT
Linking learning
26 LEGAL UPDATE
How to manage social media
risks
28 LEGAL UPDATE
Keeping the faith on Coventry
30 LEGAL UPDATE
On the case
32 HIGHWAYS
Pothole partnership
33 MEMBER PROFILE
Finding the value in risk
35 MEMBER AREA
Events
36 MEMBER AREA
Supplier Directory
CONTENTS
4 alarm-uk.org SUMMER 2015
The views expressed in Public RM are the
authors’ own and may not represent the views of
Alarm. Detailed specialist advice should be sought
before taking or refraining from any action as a
result of the comments made in this publication
which are intended to give an overview of the
particular subject.
Alarm is grateful for the support of the following
Platinum Corporate Sponsors: Risk Management
Partners and Zurich Municipal.
Alarm, Ashton House, Weston,
Sidmouth, Devon, EX10 0PF
Editor: Adele Cherreson Cole. Please
submit ideas or articles for publication to
adele.cherreson-cole@alarm-uk.org
Advertising Sales: To place display or
directory advertising,
please call 0333 123 0007 or
email admin@alarm-uk.org
All content and images in this publication
are copyright protected.
5. SUMMER 2015 alarm-uk.org 5
ALARM UPDATE
Kerry Underwood of Underwood
Solicitors writes one of the most widely
read blogs on public sector insurance
claims. He will be challenging the norms,
presenting his unorthodox views and
offering up ‘sacred cows’ for debate at
the Alarm National Educational Forum at
Aston University in Birmingham.
During his session, Kerry will challenge beliefs on claims
management, raising the question of whether corporate
defendants could slash their legal costs by adopting a
fundamentally different approach to defending claims.
With all three major political parties approving a massive
increase in court fees (600% plus in some cases) it may
be a good time to take stock. After all, a £10,000 court
issue fee will end up on the defendant’s doorstep if the
claimant wins.
Kerry will talk about the following issues:
• Should we consider abandoning the courts to set up a
private mediation or arbitration system that actually works?
• Do costs negotiators do anything except massively
increase costs?
• Is the war of attrition a hopelessly expensive battle
that neither the claimant nor defendant can win?
• Are we conducting litigation on the same lines as the
First World War?
• Are the losers, the foot soldiers, being massacred
while the leaders appear not to care about the
damage they are doing?
• Is it in everyone’s interest now to concentrate
legal resources, (that is solicitors and barristers) at
the beginning of a case, for example by making one
really good early Part 36 offer and always going to
trial if it is not accepted?
• Is Qualified One Way Costs Shifting a rogue’s
charter or a licence for defendants to under-settle,
or both?
Defendants have been slow to realise the days of claimant
solicitors fattening up a file like a pig for market are passing
and that an early settlement (with lower fees for much less
work) is in everyone’s interest.
Claimants’ representatives have failed to realise that
those representing defendants are often under-paid and
overworked and in the case of public bodies, under the
same type of attack from the political parties as lawyers.
Rather than coming together to find common ground the
respective camps have been driven further apart by the
relief from sanctions fiasco and the harm it inflicted on long
standing good relations.
Those newly born costs twins (contingency fees and fixed
recoverable costs) mean that for claimants every minute
spent unnecessarily on a file is a minute wasted; no longer
is it more food for the pig.
Kerry Underwood is the Senior Partner at Underwood
Solicitors, a Living Wage firm in Hemel Hempstead and Cape
Town. A former employment judge and consultant to various
countries and law firms, Kerry is current Editor of the Costs
and Funding section, Butterworths Personal Injury Litigation
Service, author of Fixed Costs and No Win No Fee No
Worries, and the ATE chapter of Insurance Disputes. Kerry’s
blogs (at kerryunderwood.wordpress.com) have attracted half
a million visits. Follow Kerry on Twitter @kerry_underwood.
2015 Alarm National Educational Forum
Tuesday 23 June, 10:30 – 12:15
Aston University, Birmingham
Doing defence differently
The public sector is undergoing
transformational change and the need
to adapt communication styles to
new teams, cultures and sectors is
becoming increasingly important.
The ability to customise a message
and influence decisions is a powerful
quality to possess.
This session will focus on personal presence and
impact, as well as the value in tailoring your content
to your audience. Often time with senior colleagues is
limited, so getting the key information across effectively
is vital to success.
In 2012 Gavin Oattes won Young Entrepreneur of
the Year. Through his experience as a primary school
teacher, motivational speaker and award-winning
businessman, Gavin has witnessed first-hand the
positive results that fun, motivation and engagement
can have on individuals and among teams. Over the
past decade Gavin has worked with hundreds of
thousands of people and some of the world’s leading
organisations. He can often be heard on the radio and
writes a weekly column for a leading newspaper.
2015 Alarm National Educational Forum
Sunday 21 June, 16:00 – 17:15
Conference Aston, Birmingham
Soft Skills workshop kindly provided by Zurich Municipal
Making an impact
6. 6 alarm-uk.org SUMMER 2015
2015 Alarm
National
Educational
Forum
21st - 23rd June 2015
Aston University, Birmingham
Managed Risk,
Resilient Future
3 for the price of 2
delegate places
CPD approved by Alarm,
CIPFA & IRM
BOOKINGS
NOW OPEN
Delegate place from
just £215 +VAT
Find out more at www.alarm-uk.org
Session streams include
INSURANCE
RISK
HOUSING
BLUE LIGHT
7. SUMMER 2015 alarm-uk.org 7
ALARM UPDATE
The Alarm National Educational Forum 2015 offers a variety
of learning opportunities across many aspects of public
sector risk. It features sessions on; insurance, management
of risk, housing and blue light. Here is a glance at what to
expect from three practitioner-led sessions on 22 and 23 June
in Birmingham. To find out more, go to: www.alarm-uk.org.
Delivering the legacy of innovation:
Dynamic approaches to learning
lessons and reducing risk, Session 8C
Risk management can be overlooked as a powerful tool
in delivering innovation. Sometimes complex opportunities
emerge that appear too challenging to embrace. In these
circumstances, risk management can quantify the critical
risks and suggest innovative solutions. The case study
being presented is an excellent example of creative risk
management in action.
This session focuses on the risk management approach
used by Manchester City Council to deliver new house
building in the city, and the subsequent project evaluation to
identify successes and issues from the initial phases of the
Housing Investment Fund project.
This pilot project was a completely new way of financing
homes, investing £24 million across five sites, building
240 new homes for sale and market rent. In April 2014,
Manchester City Council and the Greater Manchester
Pension Fund set up Matrix Homes, an innovative
partnership for residential development, which has set
the precedent for new investment projects in the City. As
the session will demonstrate, ‘lessons learned analysis’
is a logical outcome of good risk management, ensuring
project outcomes can be replicated. Attendees will be
shown how such analysis can be used at project initiation
and conclusion stages, and how it can assist in both the
delivery of the project and its legacy.
Joe Corr (j.corr@manchester.gov.uk) Project Manager,
Strategic Housing, Growth and Neighbourhoods
Directorate, Manchester City Council.
Risk sharing and risk management in a
consortium, Session 9D
Nine fire and rescue authorities have worked together
for the last ten years to deliver improvements in their risk
management and to gain a better understanding of the
losses when claims do arise. The long-term aim is that
they will continue to deliver cash savings back to their
authorities. In the Fire and Rescue Insurance Consortium
(FRIC) these authorities have bought insurance together
and worked on risk management in key areas, for example,
the management of operational road risk.
The consortium members are organisations that should
understand risk: over the last decade the UK fire and rescue
services have halved the number of life threatening incidents
in their communities and have reduced their need to respond.
This has been achieved through a long-term approach,
increasing prevention activities and supporting improvements
to protection. As a result fire and rescue authorities need to
respond to fewer incidents. This approach is a core factor
that underpins the way FRIC works and is the professional
language of the fire service, which supports communities in
reducing all road traffic collisions.
FRIC members can demonstrate innovation in a number
of key areas such as the use of video when training
firefighters to respond to incidents, or the benefits of
externally fitted cameras on appliances in managing claims
liabilities and costs. In 2014 FRIC worked with Alarm
to support the special interest group for Fire, holding a
two-day conference on managing operational road risk. In
addition FRIC has worked with Zurich Municipal to develop
significant improvements to the analysis of the costs of
insurance claims.
The next stage of this shared journey is to move from
common insurance to a pooling arrangement, where more
of the risk is shared between the authorities. Not only will
this deliver future savings in the overall costs, but will also
directly benefit all consortium members from sharing best
practice in risk management and reducing our corporate
risk incidents in the same way that we have reduced
community risk in the last ten years.
Mike Clayton (mike.clayton@essex-fire.gov.uk) Finance
Director & Treasurer to Fire Authority, Essex Fire Authority.
Alarm Forum practitioner sessions
8. 8 alarm-uk.org SUMMER 2015
ALARM UPDATE
How many elastic bands does it take to
survive? Session 10D
Since 2010, Hampshire Constabulary has suffered a total
budget cut of £55 million with a further £25 million to save
between 2015-17. 33 police stations will have closed by
2018 and everything about how the Constabulary does its
business has changed since April 2015.
The Forum session will look at the challenges Hampshire
Constabulary has in managing the risks around a
decreasing estate. There will also be discussion on what
practical resilient opportunities are being put into place and
how tight our elastic bands are being stretched.
The session will examine case studies of business
continuity interruptions Hampshire Constabulary has
experienced, such as the 2014 flooding of Winchester
City Centre, power outages across the estate that have
shown maintenance regime assumptions and tanker driver
dispute planning. These have made the Constabulary look
at reducing the stretch and how to prevent, where possible,
events from reoccurring.
‘Future resilience’ has been a golden thread throughout the
Estate Change Programme. The session will take delegates
through some of these mitigations, including proposals for
sharing of bulk fuel provisions with partners, ensuring new
builds have built in future resilience such as flood proofing
membranes, generator specifications, location of critical
departments and implementing processes for ensuring that
high risk items are not brought to site in the first place.
Penelope Page (penelope.page@hampshire.pnn.police.uk)
Risk & Resilience Advisor, Management of Risk,
Hampshire Constabulary.
In the last edition
of Public RM we
featured an article on
Highways and Pothole
Management; this
is followed up by a
further article in this
edition on page 32-33.
In a recent CIR article,
Alarm Vice Chairman,
Wayne Rigby also
commented on the
topic of potholes
being of particular
interest to the media,
who use the subject
to highlight negative issues with the road network. The
article went on to advise that rarely does a local or national
news story highlight the excellent work that is being
achieved by local authorities in maintaining the highway
network and ensuring road users have safe journeys when
walking, cycling or driving. Nor does it detail the Highway
Authority’s duty under the Highways Act.
The highlighting of ‘issues’ with the road network, and
the absence of an objective view of what is reasonable,
often gives the impression that a local authority will be
responsible for any damage or injury that occurs on the
highway. This in turn can create an increase in insurance
claims and FOI requests, putting additional pressure on
resources that could be utilised elsewhere. Many local
authorities have high repudiation rates for these claims,
however there are still lessons to be learned.
Alarm has been working with a number of sponsors
on an extensive highways guidance document for
Members. This guidance covers:
• Highways liability, including the current legal position,
duties placed upon highway authorities and the
statutory defence available.
• Highways management, covering the code of practice,
what you need to know in relation to insurance claims,
and how to apply the code.
• In depth advice on handling highways claims proactively.
• Managing highways issues with outsourced providers.
• The roles of risk and insurance managers in relation
to highways.
The Alarm highways claims management manual will be
launched at the Alarm National Educational Forum in
Birmingham on 21-23 June 2015.
Alarm Forum
practitioner
sessions
Alarm’s highways
guidance
Highways
Claims
Management
Manual
9. SUMMER 2015 alarm-uk.org 9
ALARM UPDATE
Well, that was quick! I can’t believe 12
months have passed since taking on the
role of Chairman and I’m now handing the
reins of leadership back to Wayne Rigby.
The role for me has been made that much
easier as Wayne has maintained and overseen a number of
key responsibilities under my chairmanship, namely leading
on sponsor engagement, and communications. I can’t write
a column like this without recognising the part played by
Wayne over the last year in ensuring that our organisation
remains in a fit and sustainable state. My personal thanks
go to him, especially in respect of a time earlier this year
when I had a few health and family issues to deal with.
My time as Chairman has seen Alarm’s reputation as thought
leaders in public sector risk and insurance management
grow. Alarm was consulted by Michael Wade, the Crown
Representative for Insurance, about the state of the
local authority insurance market and our contribution has
hopefully resulted in a greater understanding (within central
government) of the pressures that local government face from
a limited insurance market place. Co-incidentally, Maven,
a new insurance carrier specialising in local government
insurances, launched to market not long after those
discussions and their place in the local government insurance
market is very welcome. We have also been consulted by
the media about a number of high profile insurance and risk
matters, for example we were asked to contribute to the
media discussion about insurer involvement in high profile
children’s services enquiries. Ongoing discussions with our
sponsor organisations will see Alarm move further towards
being known as the ‘go to’ organisation about public sector
risk and insurance management.
Effective board
Much of my effort this past 12 months has focused on
ensuring the effectiveness of the Board. This is especially
important bearing in mind that we don’t have a chief
executive officer. We have a robust business plan which
is driving significant change within the organisation, the
outcomes of which will become apparent in the coming
months. The Board has examined the most effective models
for membership and also how we can continue to operate
an effective and sustainable model of delivery for our annual
flagship event. We’ve also examined how we deliver our
business plan priorities and what additional support, if any,
we need to achieve the outcomes we have agreed.
At the beginning of this year the Board re-examined our
priorities, having regard for the feedback we received from
our Member survey. It is clear that our Members and their
employers continue to see Alarm as an organisation that
adds value to their development; however we must not
be complacent and must ensure our sustainability. Our
priorities are the continued development of educational
content and products to meet the aspirational needs
of our existing Members and improving our exposure
in a number of other public and community focused
sectors, for example the third sector and higher education
establishments. Nothing can be taken for granted and as
could be expected, difficult conversations have to be had to
steer these changes through.
I’m very grateful for the spirit of diversity and alternative
thinking that is shown by my fellow board members, which
leads me to thank them all for their hard work and loyalty
to Alarm. It’s a big ask for the chairs of our committees
as they are responsible for the delivery of all our business
plan actions. I must also thank Keith Southwell and Team
Alarm at Sidmouth for all their contributions to Alarm. A
huge amount of work goes on behind the scenes to ensure
all our events run smoothly and the organisation operates
effectively. One example of this hard work was the running
of last year’s Autumn Forum in the South East. Excellent
feedback was received and it was pleasing to see how we
could run a national event in a more informal atmosphere.
Chairman’s farewell
10. 10 alarm-uk.org SUMMER 2015
ALARM UPDATE
Members survey
A number of comments we received through the Members’
survey indicated the Board needed to have more visibility.
When I took on the role of Chairman I promised myself
that I’d endeavour to get to see as many of the regions as
possible. While I have not attended all, I did get to events in
the South East and Wales last year and the North East and
Yorkshire, and Anglia this year, as well as my own patch of
the Midlands. Other board members attended Scotland,
the North West and South West. I’m greatly encouraged
and exceedingly grateful for the efforts all our regional
committees put into the running of regional events. These
local events are one of the most important deliverables of
Alarm and are most valued by our Members.
Lastly, we could not function in the way that we do if it were
not for the continued involvement of all our sponsors. Long
may it continue and my thanks go to them for their ongoing
support and their contributions to our educational content.
I’m certain that Alarm has the strong foundations that it
needs to ensure both sustainability and
growth and I know that Wayne will carry on
the good work where he left off one year ago.
I wish him all the best for 2015 and beyond.
Robin Powell
Chairman, Alarm
020 7086 3366
enquiries@mavenps.co.uk
Insurance and Risk Solutions
for the Public Sector
In the Spring issue of Public RM the Foil Public Sector
Focus Team provided an overview of the October 2014
Horizon scanning meeting. The group met to update and
reflect on the activities from the event and we were keen
on feedback from the Portal Behaviour’s Committee.
We asked the Committee two questions, firstly: did the
behaviour committee want issues to be reported on a
case-by-case basis, or was it better for local authorities
and their insurers to collate information on claimant
practices, then feedback? Secondly: did they analyse
information provided and if so, could we have access to
that analysis?
The response is: firstly, they want issues sent in on a
case-by-case basis. The difficulty we foresee is that
trends may not be spotted so information cannot be
used to take action - such as reporting a firm or adjusting
tactics. Secondly: we cannot access Committee data.
We have not settled for these answers and have gone
back to the Committee to exert further pressure. We will
keep the Group and Alarm abreast of developments.
Bridget Tatham, Browne Jacobson LLP,
Vice Chair Public Sector Focus Team
FOIL focus
11. SUMMER 2015 alarm-uk.org 11
CHARITIES
Where would we be without volunteers?
Volunteering is long established in the UK; it goes back to
Victorian times and the development of the civic society. Many
charities rely on volunteers and some operate along volunteer-
only models, with few or no paid staff to deliver services.
The Blue Cross has around 3,500 volunteers compared to
a paid workforce of around 750. When volunteer hours are
converted into a measure that equates to full-time employee
numbers, around one in five of our workforce is unpaid.
While traditionally perceived as the sole preserve of the
not-for-profit sector, recently people are being employed
in an unpaid capacity more extensively in public and
other sectors. Some of this has been prompted by the
introduction of austerity measures, which have reduced
staffing and other budgets, with gaps being filled by those
who don’t seek payment but care deeply for the continued
existence of valued services.
This development has led to an increase in competition
in recruiting volunteers from a growing number of
organisations and from a diversity of sectors. Despite
a steady growth in the UK population, studies have
shown that the overall level of
volunteering in the UK has
not altered significantly.
Whilst the success of
the Olympics Games
saw a peak in people
giving time to good
causes, this was short-
lived, with the usual
patterns and volumes of
volunteering eventually
settling back to pre-
Games levels.
The increasing demand for volunteers
in an environment of static levels of giving time creates
a supply and demand pressure: around three in ten
volunteers provide about 90% of all volunteer time. This
starts to take on a familiar look that parallels the risks
for paid staff. Regardless of whether an organisation’s
workforce is paid or unpaid, the competition to attract
talented, experienced people and retain them is growing.
The challenge for organisations that rely on volunteers is
made harder as the usual levers of salaries, pensions and
other perks can’t be applied to attract such a workforce.
Changing volunteering
Richard Hollands, Director of Business Assurance at Blue Cross, discusses the
challenge of making the best use of an unpaid workforce in a changing environment.
Around three in 10
volunteers provide
about 90% of all
volunteer time.
12. 12 alarm-uk.org SUMMER 2015
CHARITIES
Where volunteers represent significant levels of resource on
which organisations rely, this can have implications for the
continuity and quality of services. However, there is some
good news. Surveys within the charitable sector show that
many people believe strongly in ‘giving something back’ and
contributing to the social good. There is a well of goodwill
and commitment to be tapped into by organisations.
If this is the future model of work for organisations
across a range of sectors, how can this be
managed effectively?
Out with the old
The traditional approach of ‘build it and they will come’ is
no longer workable. If charities and similar-minded bodies
were to be self-critical of their approach, in the past it
has been that volunteer recruitment has been addressed
solely on the basis of what their organisation needs. These
organisations have, not unreasonably, set strategic aims
and developed business and operational plans in pursuit
of those aims. In charities that employ significant numbers
of paid staff, the emphasis of approach can often start
from their perspective. In the worst cases, volunteers can
be used to fit in and address gaps in the overall skills or
experience needed. Many organisations are now realising
the value of building the volunteer contribution into the
business models from the start.
Some working arrangements are now considered to be
rigid and inflexible. Many people volunteer because they
are time rich and a routine,
structured approach
often suits many
situations: charity
shops make
extensive use of
volunteers and
without their
contribution,
most charity
retail units would
be unviable. The
use of volunteers
working set rotas and
hours provides valuable
consistency and stability in
an environment where shop opening times are known and
predictable. However, increasingly there are many parts
of a charity’s business where flexibility and adaptability are
fundamental and the unbending adherence to a set model
does not allow talented and scarce people to always make
an impact.
If this scenario were adopted for paid staff it would become
an unsustainable way of working very quickly. In the 21st
century the old-school image of the civic-minded person
wanting to put something back has changed, largely due to
social factors.
While not exhaustive, specific developments have had
an impact:
• People are working longer. Recent changes to
retirement age means that disposable time is declining.
While people are living longer, they are retiring later and
when they do have the time, they may be less active
than they were.
• People live more complex lives. Many individuals have
more commitments now with different work patterns and
other pressures, such as caring. When organisations
come calling for help, it is often in direct competition with
important personal aspects of their lives: however
strongly they might feel about volunteering.
• For some, the economic downturn has meant that time
previously available to volunteer has reduced as
individuals have taken on secondary paid employment to
make ends meet. This limits the amount of time and
energy they can give to causes they care about.
In with the new
Social and technological change is also driving new
opportunities and ways of working that affects the use of
volunteers and their management. Volunteer requirements
Many organisations
are now realising the
value of building the
volunteer contribution into
the business models
from the start.
13. SUMMER 2015 alarm-uk.org 13
are becoming more unpredictable and old working
patterns are giving way to shorter, more episodic forms.
This makes planning and delivering services much more
difficult where there is a reliance on volunteers. Charities
are seeing an increase in the number of volunteers offering
time and expertise as a one-off contribution, rather than an
ongoing and regular commitment. If this is happening in the
charitable sector, it is almost certainly being replicated in
the public and private arenas that are starting to use people
in an unpaid capacity.
The pace of change seems to be accelerating with an
increase in short term project help as opposed to an
ongoing commitment. Deploying volunteers in ways that
make specific use of skills and expertise for short, single
use events can be managed well. For charities, a natural
home for this is on project work where there are temporary
arrangements for the delivery of change.
Technological developments mean that physical models of
work are not the only way someone can make a contribution.
There is an increasing use of technology in charities to
carry out their purpose. Examples include social media and
website checking, and testing content management.
Attracting and keeping talented people
With a changing world and increased competition for
unpaid talent, what can be done? Although charities have
many years of experience of working with volunteers, some
new approaches are starting to have a positive effect.
Importantly, the cause of an organisation or its overriding
purpose is a powerful way of attracting and retaining talent.
Many people offer their time and expertise because they
want to make a difference to something they care about.
Cause-related marketing is well established by charities
as a fundraising vehicle and many organisations are now
using this principle in recruitment.
Building the volunteer offer into business and operational
planning from the start means that the contribution of
all elements of the workforce can be considered and
integrated into the organisation’s strategy and approach.
As service provision changes in response to external
stimuli, revised ways of working can ensure that talented,
unpaid people are planned into an organisation’s future.
In many respects volunteers have the same status as
paid staff, so changing the perception of a volunteer will
have a positive impact. Adopting this mind-set can move
organisations positively towards different approaches. A
number of charities now base volunteer recruitment on their
paid models with professionally developed job adverts, job
descriptions and interviews. These are often supported
by structured programmes for induction, training and exit.
This also means developing an experience that they want
(see point above about ‘the cause’) and striking a balance
between a volunteer’s and the organisation’s needs.
Volunteering is a social experience and a powerful factor
is to meet new people. Many organisational models are
based on single volunteer experiences, which are not
always attractive to volunteers. A number of charities
are experimenting with group and family versions of the
volunteer model that recognises this change.
There’s one last example that speaks powerfully to a
changed world where people give their time. In August
2011 many areas of the UK experienced social unrest and
riots resulting in damage to buildings, businesses and
communities: London was hit particularly hard.
Shortly after the riots ended a clean-up operation started:
• A call to action to clean up the damage started on
social media and soon went viral.
• People, caring deeply about their homes and places of
work, identified completely with the cause and gave
their time freely and willingly.
• There were no traditional managers and supervisors
to organise roles, responsibilities or working hours: the
assembled masses, as far as observers could tell, were
self-organising, although it’s likely that some natural
leaders emerged (as is often the case).
• People came to make a specific contribution: some with
brooms, some with shovels, some made mugs of tea,
etc. As far as we know, no one was turned away.
• It’s likely that new friendships and connections were
made that will last beyond the life of the clean-up event.
• The work required was specific, episodic and short-
lived. When it was completed the group disbanded.
This story might just offer the seeds of a model for
successful volunteering in the 21st century.
Richard Hollands (richard.hollands@bluecross.org.uk)
is the Director of Business Assurance for Blue Cross,
the animal welfare charity. www.bluecross.org.uk
Blue Cross online monitoring
Blue Cross has long been concerned with the online
sale of pets and the associated lack of welfare.
Working with like-minded charities, Blue Cross has
lobbied successfully to introduce minimum codes of
operation through online routes. A team of monitoring
volunteers, who work remotely from their PCs, check
online adverts for compliance. Standards are being
maintained and concerns highlighted in this way. To use
paid staff at irregular hours and times would be difficult
in operational and financial terms. Quite simply, paid
models of working would not fit at Blue Cross, which
couldn’t work successfully without its volunteers.
14. 14 alarm-uk.org SUMMER 2015
INSURANCE
The Act received Royal Assent on 12 February 2015 and
takes effect in 12 August 2016. The Act applies to all classes
of non-consumer insurance and reinsurance and in part
to consumer insurances in England, Wales, Scotland and
Northern Ireland. The Act brings into force the Third Parties
(Rights against Insurers) Act 2010, with minor corrections.
The new law doesn’t take effect until next year, however
practitioners should understand the new regime and start
planning now. You need to ensure you are able to satisfy
the new law, for example the new Disclosure Rules (see
panel over the page). Internal corporate governance and
communication protocols must be adequate and effective,
so that individuals with responsibility for making the fair
presentation to brokers and insurers are fully conversant
with the changes. As the industry digests the Act, we
expect insurers will start to alter policies and procedures,
which could take effect before August 2016.
With the exception of the Basis of Contract provisions,
parties to an insurance agreement can contract out
of the requirements of the Act, provided that any
disadvantageous amendment is drawn to the insured’s
attention clearly and unambiguously.
The duty of fair presentation
The existing duty of disclosure is replaced with a duty to
‘make a fair presentation of the risk to insurers’. The
duty applies to disclosure before the contract is concluded
(for both new contracts and renewals) as well as mid-term
variations. It requires the insured to disclose every material
circumstance that the insured knows or ought to know, or
which gives the insurer sufficient information to put a prudent
insurer on notice that it needs to make further enquires for
the purpose of revealing those material circumstances.
What ‘the insured knows’ is deemed to include knowledge
held by the insured’s senior management: those who make
decisions about managing and organising the insured’s
activities, as well as staff with responsibility for
the insured’s insurance. This includes risk
managers, insurance officers and any
employee who assists in the collection
of data or negotiates the terms of
the insurance. It also includes the
insured’s agent who is responsible
for placing the insured’s insurance.
This does not include confidential
information acquired through a
business relationship un-connected
with the contract of insurance.
Insurance and reinsurance protecting
the same risk is regarded as ‘connected’
so confidential information acquired through
association with the underlying insurance must also be
disclosed to the reinsurer.
What an insured ‘ought to know’ is that which would have
been revealed by a reasonable search of information available
to the insured (and its agent). This includes what the insured
suspected but deliberately refrained from confirming or
refrained from making further enquires about, known as
‘blind eye knowledge’. The insured is not required to disclose
material circumstances that diminish the risk, or that the
insurer knows, ought to know, or is presumed to know.
What is ‘material’ is unchanged from current definition. It
is still something that would influence the judgement of a
prudent insurer in determining whether to take the risk and,
The Insurance Act: fair presentation
Nigel Cooper, Public Sector Practice Leader at Aon Risk Solutions, provides a
practitioners’ guide to the significant Insurance Act, which alters the legal framework
for insurance contracts.
The existing duty of
disclosure is replaced
with a duty to make a
fair presentation of the
risk to insurers.
15. SUMMER 2015 alarm-uk.org 15
if so, on what terms. For example, special or unusual facts
relating to the risk; any particular concerns which led the
insured to seek insurance cover for the risk; or anything
which those concerned with the class of insurance and field
of activity in question would generally understand as being
something that should be dealt with in a fair presentation of
risks of the type in question.
The insured must also ensure that information supplied
is substantially correct and that any representations as to
matters of expectation or belief are made in good faith.
The fair presentation of risk requires the insured to make
the disclosure in a manner that is reasonably clear and
accessible to a prudent insurer. It can be contained in more
than one document or oral presentation.
From an insured’s perspective, this change may seem
subtle, however it means:
• The insured needs to ensure a reasonable search is
undertaken to reveal material information.
• The insurer should be more actively engaged and
make an adequate assessment of risk prior to
conclusion of the contract. (It seems likely insurers
will be more proactive, thorough and inquisitive before
accepting a risk).
• Data-dumping a large volume of information with
insufficient direction or structure would not be considered
‘fair’. All material information will need to be clearly
presented, structured, indexed and signposted.
Remedies
Proportionate remedy
Where an insured is found to have breached their duty of
fair presentation, the insurer has a number of different
remedies available depending on the type of breach.
Deliberate or reckless breach of duty of fair presentation
For this type of breach, insurers can still avoid the
insurance. This will normally be from inception except
where breach relates to a variation of the insurance, for
example, a mid-term adjustment, in which case it will be
from the date that adjustment takes effect. The insurer may
retain any premiums paid.
A deliberate breach includes supplying false or inadequate
information as well as fraudulent behaviour. A reckless
breach occurs if the insured did not care whether or not
it was in breach of the duty. For example, if the insured
was irresponsible and did not take care to ensure the
information supplied was correct. It is for the insurer to
show that a qualifying breach was deliberate or reckless.
Any other breach of duty of fair presentation
Other breaches of the duty, for example, an innocent
breach, will also give insurers a remedy if the insurer
can show inducement. The remedy is based on what
the insurer would have done if the qualifying breach had
not taken place; that is if the insured had made a fair
presentation of the risk.
For example:
• If the insurer would not have written the insurance on
any terms, then the insurer may avoid the policy and
refuse all claims. The insurer must return the premium.
Where this relates to policy variations, the insurer can
treat the policy as if the variation was never made and
the insurer must return any extra premium paid.
• If the insurer would have written the insurance but on
different terms (other than premium), the policy will be
treated as if those different terms apply.
• If the insurer would have charged a higher premium,
the insurer may proportionally reduce any claim
payment e.g. if the premium charged is 75% of what
the insurer would have changed, the claim payment
will be written down to 75%.
The special position under compulsory third party motor
insurance contracts would appear the same. Insurers
undertake to compensate injured third parties in full
regardless of whether the insured has breached any
conditions of the insurance contract. However, the
Key provisions of the Act are:
• Insureds will be under a new duty of fair
presentation, replacing the general obligation to
disclose all material facts. The insured has to
disclose; every material circumstance that the insured
knows or ought to know; or sufficient information to
put a prudent insurer on notice that it needs to make
further enquires to reveal the material circumstances.
• Warranties are to be treated as suspensive
conditions, meaning that an insurer’s liability will only
be suspended during a period of breach and a
breach of warranty will no longer automatically
terminate the policy. The breach of the warranty must
have some bearing on the actual loss by increasing
the risk of the loss occurring.
• New proportionate remedies are available to
insurers following a breach of the new duty of
fair presentation.
• Basis of contract clauses are abolished. (These
clauses currently operate to turn the insureds
pre-contractual representations, including answers
to proposal form questions, into warranties).
• Insurer remedies for fraudulent claims are clarified
so they will remain liable for all legitimate losses
suffered before the fraud. Insurers will still be able
to avoid policy liability where there is a deliberate
or reckless breach of the duty of fair presentation.
For other breaches, for example, innocent
breaches, there are a number of proportionate
remedies available short of avoidance.
• The duty of good faith remains, but the remedy of
avoidance will be lost.
16. 16 alarm-uk.org SUMMER 2015
INSURANCE
insurer has the right to pursue the insured for an outlay
in circumstances where the insurer would otherwise be
entitled to avoid payment. (Or in the case of a failure to
make a fair presentation, where the insurer is entitled to
reduce the amount of any claim payment.)
What next?
Disappointingly, the Act fails to include insurer penalties
for late payment of claims as had originally been proposed.
This may be revisited at a later date.
With regards to current policies, continue as before but
resist and remove Basis of Contract clauses on all policies,
and wherever possible resist inclusion of any onerous
conditions; warranties; Conditions Precedent and Due
Observance clauses.
It seems likely that insurers will now be more amenable to
altering policies to follow the spirit of the Act, for example,
removing basis of contract clauses and improving warranty
language, which is good. However, if insurers want to make
changes to a policy or to the disclosure process, which is
described as being Insurance Act compliant, please seek
clarification or talk to your broker.
Nigel Cooper (nigel.cooper@aon.co.uk) is Public
Sector Practice Leader at Aon Risk Solutions. Aon is a
leading advisor to over 260 public sector bodies, is an
active participant on a number of frameworks, and has
over 40 years of specialist public sector experience.
www.public-sector.aon.co.uk
The NSPCC statistics show that one in three children
abused by an adult did not tell anyone, and one in twenty
children in the UK have been sexually abused. The Jay1
and
the Casey2
reports both make clear that child abuse and
exploitation happens everywhere. All local authorities need
to be aware of the potential for claims to develop.
The interaction of public sector employees with members
of the public inevitably means there is greater potential for
a claim to arise under a public
liability policy, than for a
commercial enterprise.
It is not unusual for
a metropolitan
or city council
to generate
in excess of
1,000 claims a
year. However,
in the case of
public liability
claims it can be
years before any
notification of a claim
is made. As recent
cases show, historic abuse cases from 10 or 20 years ago
are only now reaching the courts. In another case of abuse
that occurred when the claimant was one-year-old, they will
be over 16 by the time the legal process is complete.
In insurance terms, these are long tail risks, where claims
are submitted long after the original period of insurance.
Typically it takes around 10-12 years before a public sector
liability book of business is complete in terms of the claims
to be reported and final payments to be made.
CSE long tail claims
Chris Gill, Client Risk Manager at QBE outlines current issues affecting local authorities
regarding child sexual exploitation (CSE) claims from an insurer’s perspective.
Promoting a culture
in which individuals are
encouraged, supported
and rewarded for flagging
suspicious activity can also
greatly minimise the risk of
systematic abuse.
The Act defines the insurer
knowledge as:
• ‘Knows’ - what is known to the individuals involved
in that particular underwriting decision.
• ‘Ought to know’ – information readily available to
the underwriters or known by an employee or agent
of the insurer (for example, information held by the
claims team or reports produced by surveyors) who
ought reasonably to have passed it on. As with the
insured, this also includes ‘blind eye knowledge’.
• ‘Presumed to know’ – what is common knowledge,
and what an insurer offering insurance of the class
in question to insureds in the field of activity in
question, would reasonably be expected to know in
the ordinary course of business.
17. SUMMER 2015 alarm-uk.org 17
Risk managing the issues
The outcome of many CSE related claims is largely pre-
determined by the effectiveness of risk management
disciplines applied in the past. From our experience we do
know that prevention strategies can be effective.
Acknowledgement is the first step to risk managing CSE
risks. All local councils need to recognise that this is a
nationwide issue with financial, reputational, moral and
legal implications. The culture of an authority and the
attitude toward addressing the issue of CSE (determined
by a chief executive, leader and executive) is one of the
biggest drivers of success or failure and quality of decision
making within an organisation. Top down strategic risk
management is critical.
The Casey report2
states that: ‘There needs to be a shared
ethos that no department or team can regard itself as
serving its community well if the council is failing its most
vulnerable people. All parts of the council must play a role
in tackling that failure’.
We see a need across many of the authorities with whom
we work to move away from a silo mentality to achieve
a robust response to social care responsibilities and the
development of a multi-agency approach to influence
the holistic CSE risk profile positively. Some authorities
have seen significant results from initiatives to break silos
through commissioning a joint working team.
Some of the highlighted benefits have alluded to the
following improvements:
• Defined strategic risk management and leadership
of change.
• Recalibrating CSE risk tolerance for well managed and
calculated risk taking.
• Improving capabilities in managing risk.
• Accurate CSE horizon scanning with an improved ability
to address uncertainties and emerging risks.
• Consistent positive influence on culture and behaviour.
• Board level focus on the things that matter.
• Clear ownership and accountability for risks.
• Evaluation costing.
• Feedback of lessons learned.
Representatives of a joint working team can be resourced
from social workers, police, council representatives
(including risk and insurance managers) local health
services and other specialist workers including drugs and
alcohol teams, the voluntary sector and others with a focus
on the community and working with parents.
Certainly information sharing is critical. Authorities should
ensure they have the operational capability to facilitate
enhanced information sharing across departments and
services and that they have a robust, frequently tested
process for checking that it is functioning healthily.
Information sharing, process and protocols should be
embedded across the authority. They should be designed
to help prevent abuse by raising awareness and protecting
children at risk, identifying and disrupting perpetrators, and
prosecuting them through the legal process.
A review of social workers’ caseloads to ensure they are
manageable will enable intensive and persistent work with
children to build trusting relationships and support disclosure.
Promoting a culture in which individuals are encouraged,
supported and rewarded for flagging suspicious activity
can also greatly minimise the risk of systematic abuse.
Mechanisms for reporting suspicions need to be in place and
clearly communicated to all individuals.
Claims
For insurers, CSE related claims are no different to any other
claim in the sense that the outcome is heavily dependent
on the availability and quality of witness evidence and
documentation relating to an alleged incident. The long tail
nature of this type of claim however does present additional
challenges; accurate record keeping and monitoring which
may not have been a priority in the past or was not designed
to capture relevant data may only provide scant detail.
Maintaining an open dialogue around risk management
with your insurer is key to inspiring confidence that, as
an authority:
• You have a good understanding of your own
organisation’s risk profile.
• You have the right strategies in place.
• You can provide examples or cases to demonstrate
that Social Service files are well organised, evidencing
consistent forensic investigation containing signed and
date notes, which record clear reason for the decisions
being taken.
• Your senior management is fully involved in the process
and alert to the issues.
Finally, be open and honest with your insurer. Our
experience tells us that utopian organisations do not exist,
so be confident in sharing information. The role of an
insurer should not just be viewed as the last line of defence
for when things go wrong, but instead a partner who can
offer risk management support with a view to help improve
your own decision making and risk profile.
[1] Independent Inquiry into Child Sexual Exploitation in Rotherham
1997 - 2013, Alexis Jay OBE, August 2014
[2] Report of Inspection of Rotherham MBC, Louise Casey CB, February 2015
Chris Gill (chris.gill@uk.qbe.com) is Client Risk
Manager for Casualty Risk Solutions at QBE European
Operations. As a business insurance specialist,
QBE underwrites Casualty and Motor lines for Risk
Management Partners’ (RMP) public sector business,
from local authorities to emergency blue light services.
www.qbeeurope.com/crs
18. 18 alarm-uk.org SUMMER 2015
STRATEGIC RISK
CALL FOR ENTRIES
DEADLINE: 17 JUNE 2015
Awards Gala
Dinner & Ceremony
Thursday 12 November 2015
Millennium Hotel,
Mayfair London
For organisations, innovation,
people, services and professionalism
Tweet us: @CIRRiskAwards
#RiskMangement Awards#RiskMangement Awards#RiskMangement Awards#RiskMangement Awards
FREE
TO ENTER
cirmagazine.com/riskmanagementawards
19. SUMMER 2015 alarm-uk.org 19
FORUM
Negotiating contracts and managing supplier relationships
can be a daunting prospect for contracting authorities,
particularly when facing pressure to secure the most cost
effective deal while ensuring excellent service delivery. With
authorities spending in excess of £600 million annually
on public sector insurance, they need to achieve value
for money. Price and quality are paramount, but services
also have to be fully compliant with procurement rules and
regulations set out by the EU.
Historically, the approach to insurance procurement
within the public sector has been fragmented, with little
aggregation: there has not been a national agreement
covering all classes of insurance across the UK.
Recognising the demand for a single national agreement,
the Crown Commercial Service (CCS), Yorkshire
Purchasing Organisation (YPO) Eastern Shire Purchasing
Organisation (ESPO) and North East Procurement
Organisation (NEPO) collaborated to develop one
arrangement to meet public sector requirements.
The aim of the national agreement is to increase savings
for public authorities, delivering an estimated £40 million
throughout its Framework lifetime of four years. It also allows
for tailored procurement documentation and an increased
use of e-technology, delivering a simple and auditable
competition route, saving time for customers and suppliers.
Ultimately, the agreement improves efficiency. It is just
one single national agreement with the public sector,
providing a simple, easily accessible, cost effective route
for customers. By March 2015, over 300 public sector
organisations had accessed the agreement, saving £12
million. Blackpool Council alone has saved £500,000
through the agreement.
Since it launched there have been several service
improvements through positive relationships and supplier
management, including insurers increasing their classes of
insurance and brokers reducing their daily rate by at least
30%. The agreement is enabling public sector customers
to reduce lead-time by up to six weeks, compared with the
Official Journal of the European Union (OJEU) process,
saving both time and resource.
As well as supporting customers through their
procurement process, a comprehensive set of guidance
packs have been developed to help customers understand
how the framework agreement operates. Customers can
also review case studies from similar organisations that
have used the agreement, to gain feedback and learn
valuable lessons.
In addition to developing the agreement to deliver savings
and streamline processes, the collaborative partners
wanted to drive further efficiencies within the public sector.
Working with the market, the partners have run a number
of free market insight events, which provide customers with
information on how to get the best value for money in their
insurance procurements. Topics have included emerging
risks and how to get the best cover for your property, and are
led by suppliers.
Following the success of the agreement, there will be a
second-generation insurance service agreement. Again this
will be developed in collaboration with CCS, YPO, ESPO
and NEPO. They aim to have a new insurance framework
agreement by the end of October 2015. The collaborative
partners aim to build and improve on the current agreement
through expanding the scope to capture the full requirements
of the public sector. Additional categories of risk will be
added and streamlined supporting documents will be
developed with an aim to make the procurement process
easier and quicker for both buyers and suppliers.
A comprehensive pre-market engagement programme has
begun with suppliers and customers. The collaborative
partners are establishing a stakeholder group including
representatives from all sectors. The partners have
engaged with the industry and intend to increase the
markets available on the new agreement. Supplier and
customer feedback will be used to define the specification,
agreement structure and the evaluation process to ensure
a comprehensive and easy to use solution that meets the
diverse requirements of the public sector.
Collaborative working
David Pyle, Category Lead at the Crown Commercial Service (CCS) updates Public
RM on the Collaborative Insurance Services agreement in advance of exhibiting at
the Alarm National Educational Forum 2015.
David Pyle (david.pyle@ccs.gsi.gov.uk) is Category
Lead at the Crown Commercial Service. Tel: 0151 672
2164. www.gov.uk/government/organisations/crown-
commercial-service. Anyone with an exhibition pass for
the Alarm National Educational Forum 2015 will be able
to speak to the team at the CCS stand on 21 or 22
June at Aston University, Birmingham.
20. 20 alarm-uk.org SUMMER 2015
CHILDREN
Child Sexual Exploitation (CSE) and the claims against
the police and local authorities are in the media. Local
authorities are the organisations usually in the frame when
it comes to any claims for damages made by alleged
victims. It is not just the failings of local authorities that
result in children falling through the child protection system.
If the police decide not to pursue their enquiries and not
to share information with child protection agencies, there
is an inevitable risk that avoidable abuse and exploitation
will continue. A recent example is the Independent Police
Complaints Commission’s investigation into historic sex
abuse claims involving politicians and other public figures,
where it is alleged the original investigations were shut
down and information covered up.
Common themes arising out of the reports of various
inquiries into CSE are that even today, policies, culture and
attitudes within and between agencies are incompatible
with good practice. Unfortunately it is precisely those
agencies; police, schools and nurseries, primary healthcare
providers, accident and emergency units and youth
groups that child protection practitioners rely on to flag
up behaviour indicators or signs of sexual, emotional and
physical abuse.
With increasing budgetary constraints and pressure on
local authorities to provide adequate services to protect
children, it comes as no surprise that many local authorities
are looking at how their children’s services can be delivered
differently. Some local authorities are considering whether
their children’s services can be delivered by the private
and/or third sectors, with the aim to improve services
and assist in efficiency savings. Given a local authority’s
statutory duty to protect vulnerable children and the need to
also protect its own reputation, outsourcing is not always a
popular choice. This may be a supremely sensitive service
to outsource but it is part of a culture change, with many
other public services, including parts of the criminal justice
system, benefits assessment, schools and health services
leading the way.
Many reports on outsourcing public services cite the lack
of evidence that it will, as predicted, drive improvement
or innovation, and there is a significant amount of disquiet
about the possibility of organisations making a profit out of
such arrangements.
On the other hand there are some parts of the country
where there is a belief that the existing arrangements
cannot improve under an in-house delivery model, so
outsourcing options have to be considered. In 2014
Staffordshire, and Kingston and Richmond Councils
were discussing outsourcing of these functions.
(www.whatdotheyknow.com Freedom of Information
Requests.)
What works for one area may not be suitable for another,
but inspiration can be drawn from, among others:
• The Hampshire and Isle of Wight Partnership – under
which Hampshire has taken over the running of the Isle
of Wight’s children services.
• Doncaster Children’s Services Trust.
• Evolve YP in Staffordshire – a partnership owned by its
staff that provides services for Looked After Children.
Can you outsource the risk?
In principle the idea of outsourcing the delivery of children’s
services to the private and third sectors can, in the right
circumstances, deliver not only service improvements but
also cost savings. However, when it all goes wrong and
a claim follows, in many cases the local authority will not
be the only organisation in the frame. Historically the list
of intended defendants could include a council, a mental
health trust and GP practice plus others. But in the current
environment, where civil claims arising out of a social care
setting are increasingly common, future claims are likely
to be brought solely against the local authority, even if the
service is contracted to another body or the failing may
be in the practice of other services. It is critical that this
is taken into account before contracting out the service
delivery as there is a real risk that the local authority will end
up meeting the cost of such claims in any event.
The reason it is so important that this is considered is
the well-documented case of Woodland v Essex County
Council. Following the principles set out in this case, it is
clear that the duty of care that is owed by the local authority
to the children in its care is often non-delegable. As such,
regardless of who provides the services, a significant
portion of liability for any negligence or failure to protect
may well lie with the local authority. It is therefore essential
that, prior to entering into any contract for the outsourcing
of child protection services (or indeed any similar services),
clear and unambiguous agreements are made outlining the
nature of the relationship. These should address claims
management explicitly if any claims arise in the future. There
are some important considerations.
Who will handle complaints?
Claimant lawyers often suggest their clients initially pursue
a complaint, without always telling the local authority why
that complaint is being pursued. If a formal complaint report
acknowledges shortcomings in the service provided, this
will often be relied on as evidence of a breach of duty.
Child protection outsourcing challenges
Sarah Erwin-Jones, Partner at Browne Jacobson discusses some legal and risk
management considerations when contracting out children’s services.
21. SUMMER 2015 alarm-uk.org 21
These shortcomings
can form the basis
of a claim. If external
providers could be
affected by this process they
need to be aware of how the
complaints process works, and how
this could affect their operation. They also need a practical
understanding of how their practice may come under
scrutiny in the context of Serious Case Reviews, Domestic
Homicide Reviews and Inquests.
What are the arrangements for sharing information?
Frequently, the shortcomings identified in child protection
and abuse inquiries stem from different agencies having
different policies, attitudes, and adherence to information
sharing. It should be remembered that the Data Protection
Act is a tool to enable agencies to share information safely,
not a barrier to sharing it. Policies should be co-ordinated
so they are consistent with each other. They should be
widely and regularly communicated to front line staff.
Who will handle any claims arising?
Ultimately the local authority owes a duty of care to children
in its area, regardless of who is looking after them. A local
authority may wish to remain in control of any potential
claims made by such children and therefore may elect to
handle all incoming claims themselves. Conversely, if an
agreement is made between parties that the third party will
be responsible for the making of any payments in relation
to a claim, then it is likely that they may wish to retain some
control of the matter and therefore, may want to handle
claims themselves.
What about insurance provision?
It is important to ensure that the party responsible for
making payments has adequate insurance provision in
place. As part of this, it will be essential that policy wording
is checked carefully to ensure any potential claims are
covered and that such checks are made regularly.
Is a covenant required between parties?
When an agreement is made between parties that the third
party will be responsible for making payments on a civil
claim, this agreement should be reflected in the contract
made between the two.
Is further security required?
In some cases it may be necessary for further security to be
taken, for example a parent company guarantee.
The above is not an exhaustive list of considerations
but goes to show the complexity of the relationship that
contracting out creates.
The privatisation of child protection is not an exact science.
The agreements made between third parties and various
local authorities are likely to differ depending on local
needs. Those involved will need to obtain adequate legal
advice and enquire about insurance products that are
available at the outset of the relationship.
If such considerations are not made and adequate
protection is not put in place at the start of an outsourcing
relationship, the short-term cost saving of privatising child
protection may be lost entirely to the long-term potential
costs of damages in civil claims.
Ultimately the
local authority owes
the duty of care to
children in its area,
whoever is looking
after them.
Sarah Erwin Jones, (sarah.erwin-jones@
brownejacobson.com) is Partner at Browne Jacobson.
Browne Jacabson specialises in social services, the care
sector, education and negotiating legal costs; advises
on risk management issues including data protection
matters. www.brownejacobson.com
22. 22 alarm-uk.org SUMMER 2015
STRATEGIC RISK
For risk and insurance managers within any organisation,
the important challenge of cyber security (including the
identification, evaluation, and mitigation of cyber exposure) is
one that might be unfamiliar and somewhat daunting. Public
service organisations share this challenge as entities of all
shapes, sizes, and functions seek to embrace technology to
enhance service delivery and efficiency of process.
In the same way that a retailer now seeks to interact with its
customer base through a multichannel retail strategy, public
bodies look to find the optimum balance of communication
with end customers through bricks-and-mortar facilities,
telephone, web, and mobile applications. This allows
the public to access services more conveniently and
efficiently, moving from one delivery channel to another,
while maintaining the continuity of experience. This level
of multichannel activity establishes a new digital estate
for those managing risk to get to grips with: one where
the threat levels are significant and of a different nature to
those that might have been considered in a more traditional
business delivery model.
A brief look at some of the background factors that are
driving the adoption of multichannel services shows how
tempting embracing this new approach can be. For example,
Ofcom reported in 2014 that 77% of adults in the UK
have broadband and spend an average of nearly 37 hours
browsing
online each
month.
Furthermore,
more than
90% of people
own or use a
mobile phone,
and 57% use
one to access the
internet. This enhanced
level of connectivity is not
wasted, with 74% having bought
goods or services online in 2014 according to the Office for
National Statistics, and 53% of adults are now using internet
banking. In fact, people living in the UK are the most likely in
the European Union (along with Denmark) to buy products
online. This is the environment into which public bodies are
now delivering their services, and the public expect online
offerings to match those of the private sector.
Local authorities
The opportunity for local authorities to enhance
communications and the ease of access through digital
platforms is immense. This diversity presents those
managing risk and insurance with particular challenges.
Unlocking cyber security
Stephen Wares, EMEA Leader at Marsh Cyber Risk Practice, reviews the current
cyber risk landscape for local authorities, universities and charities.
Commonly
available, commodity
hacking tools are the
normal expected breach
mechanism for most hackers.
These can be relatively easily
repelled at the network
perimeter by adopting
accepted good practice
in IT security.
23. SUMMER 2015 alarm-uk.org 23
Not only is the digital estate diverse but so is the nature of
the threat. A common starting point for analysing cyber risk
is to identify who might want to target the organisation and
for what purpose.
Looking externally; criminals; hacktivists; dissatisfied
customers; and random attackers, all might have a reason to
pick a local authority as a target. For criminals, there is the
potential to access payment card data through transaction
services like online council tax payments or parking permits.
Hacktivist groups may view the authority as representing
part of an establishment they oppose. Like any other
online operation, a local authority is exposed to random
opportunistic attacks that might range from the vandalism of a
website to the introduction of malicious and destructive code.
The range of possible attackers and motives, combined
with the wealth of digital services and data assets, is likely
to generate a significant number of risk scenarios for
consideration. The confidentiality of personal data is clearly
one risk that immediately leaps to the forefront of most
people’s minds. Authorities handle high volumes of personal
data, ranging from payment card details, to highly sensitive
personal information collected and stored digitally by
social services. While both sets of data share the common
problem of being transmitted and stored securely, breaches
of confidentiality clearly lead to very different outcomes.
While the first places the data subject at some risk of
financial harm, the later may directly impact mental health or
even present a physical threat. This shows the importance
of data classification as a means of determining the
information that requires the highest level of protection. For
those managing risk and insurance, the different outcomes
of confidential data need to be understood and documented
so that in addition to appropriate protection, the authority
can prepare and test its response plans and ensure the
insurance programme is fit for purpose in relation to these
new exposures.
Clean up costs
In December 2013, a joint letter from the Chairman of
the Local Government Association and the Information
Commissioner’s Office (ICO) highlighted the £1.5 million
in fines that had been collected from local authorities in the
previous five years. This included less sinister scenarios
than cyber attacks, including lost portable devices and
negligently sending details to the wrong recipient. While
it is often the fine that generates a headline, the additional
costs of handling a data breach incident can be significant,
and regularly outweigh any sanction.
A forensic investigation and cleanup of infected or
breached IT systems can be costly, depending on the
scale of compromise and the time during which hackers
may have had access to the network. Individual data
subjects will need to be informed of the breach, services
may need to be purchased to help protect individuals’
identities, and a communication centre established to deal
with inbound calls from affected data subjects. The strain
on resources, as well as the additional cost of an incident,
can be significant: one UK study by the Ponemon Institute
estimated the cost to the public sector at £60 per record.
With well in excess of 50 incidents being reported to the
ICO each quarter (second only to healthcare), this is an
area of risk where there is still opportunity to improve
practices. Meanwhile, the transfer of both the risk and the
operational burden of running a data breach incident to
insurance may also be a consideration.
Universities
In common with local authorities, the education sector
suffers from a high frequency of data breach incidents,
coming third in the ICO’s Data Breach Trends report, with
an average of more than 30 reported incidents per quarter.
However, for universities, the issue of confidentiality expands
beyond personal data and encompasses the critical research
that contributes significantly to university funding.
Global security
Managing cyber risks in an interconnected world (Key
findings from The Global State of Information Security
Survey 2015) by PwC describes one of 2014’s most
far-reaching incidents as the Heartbleed defect.
‘It impacted almost two-thirds of web servers around
the world, including some of the most popular email
and social networking sites. It is believed to have
compromised millions of websites, online shopping
destinations and security applications, as well as
software like instant messaging, remote access tools
and networking devices. In the first intrusion… a US
hospital chain reported theft of 4.5 million patient
records in August 2014.’
‘It will always be difficult to know exactly which
organisations have been compromised because many
simply don’t know they have been under attack.’
‘The European Union Data Protection Regulation, is
on track to being finalised in 2015. The regulation
is expected to add new requirements for breach
notification to individuals, require organisations that
handle personal data to conduct risk assessments and
audits, and increase fines for compromised businesses.’
‘Today’s interconnected business ecosystem requires a
shift from security that focuses on prevention and controls,
to a risk-based approach that prioritises an organisation’s
most valuable assets and its most relevant threats.’
http://www.pwc.com/gx/en/consulting-services/
information-security-survey/assets/the-global-state-of-
information-security-survey-2015.pdf
24. 24 alarm-uk.org SUMMER 2015
STRATEGIC RISK
Cutting-edge research in
fields such as engineering,
life sciences and
computing attracts
another potential
adversary: the state-
sponsored hacker
looking to gain an
advantage for key
national industries, or
directly from a private
sector company.
The addition of state-
sponsored espionage in
particular, moves the level of
sophistication and technical capability of the adversary way
beyond that of other hacking groups. Commonly available
commodity hacking tools are the normal expected breach
mechanism for most hackers. These can be relatively easily
repelled at the network perimeter by adopting accepted
good practice in IT security. However, a state-backed attack
is likely to succeed by exploiting a zero-day vulnerability. This
is a flaw in software, hardware or firmware that is exploited
as soon as, or before, it becomes known.
Under these circumstances, there is a potential conflict
between the natural free flow of information and open
collaboration universities would naturally foster, and the
requirement to lock down critical and valuable data. In
such circumstances, the focus could shift from securing
the perimeter of an internet-connected system, to
removing those points of connectivity and working within
a segmented offline environment for certain tasks. For
the risk manager, the challenge will be to identify the data
crown jewels within a university’s research programme and
determine the financial and reputational impact of that data
being compromised or destroyed.
Charities
Charities came fifth in the ICO’s data breach league table,
averaging slightly more than 15 reported incidents per
quarter. Clearly, the loss of personal information is a key
concern. While many of the dynamics and motives for
attacking a charity might be the same or similar to local
authorities, there is one very important distinction when it
comes to the outcome. Individuals freely choose to interact
with a charity, whereas they have little choice, short of
moving home, to interact with their local authority. A data
breach is a breach of trust between the organisation
and the individual who has consented to their data being
collected, stored, and processed.
While the impact of a data breach may include many of the
cost items already noted in relation to local authorities, for
a charity the impact could continue to be felt in a drop in
transaction revenue and a reduction in membership, due
to enduring harm to reputation and/or credibility. Another
key risk for charities relates to the availability of web and
mobile payment systems through which donations are
collected. Most charities will run specific campaigns or
enjoy periods of peak activity when awareness is at its
highest. Any failure of critical transaction-based services
during these times could cause severe financial harm for
many charitable organisations.
Conclusion
The digital estate of public sector bodies will continue to
evolve to allow more opportunities for convenient access
and effective communication. With the cost of contact
estimated to be less than one per cent of a face-to-face
transaction, the movement to embrace technology will
only grow to exploit these vital cost efficiencies, while the
reported threat level continues to rise. For individuals with
the responsibility for arranging insurances to protect the
organisation from financial harm, these digital developments
and new exposures must be incorporated into an
organisation’s risk financing strategy. Where insurance
forms a key component of that strategy, its protection has
to remain current.
The UK insurance market leads the way in innovative cyber
insurance product design. To take advantage of these
developments in insurance, the buyer must be able to
articulate their risks and requirements clearly. Insurance
can form a central part of a plan to mitigate the impact of
an event, but prevention and incident response planning
should always take precedence. Each organisation should
consider what is most appropriate, based on their profile
and threats.
A few common considerations include:
• Executive level ownership of the risk, recognising that a
cyber breach or attack is a potential threat to the viability
of the organisation.
• Create, update and test an incident response plan
specific to IT security breach events.
• Implement a formal process of data classification to
ensure appropriate controls can be applied in
accordance with the criticality and confidentiality of
data assets.
• Undertake a regularly updated process of employee
security awareness training to ensure that good technical
controls are not undone by poor human practices.
• Consider implementing an appropriate set of security
controls for suppliers to ensure that they do not become
the weak link that allows access to your network.
Stephen Wares (stephen.wares@marsh.com)
is EMEA Leader at Marsh Cyber Risk Practice.
Marsh works with leading cyber risk insurers to
develop cyber risk insurance protection for a wide
range of Internet and network exposures.
uk.marsh.com/RiskIssues/CyberRisk.aspx
A common
starting point for
analysing cyber risk
is to identify who might
want to target the
organisation and for
what purpose.
25. SUMMER 2015 alarm-uk.org 25
RISK MANAGEMENT
M_o_R® Certification - Management of Risk
Governing body
APMG International
www.apmg-international.com
Content and format
M_o_R® (Management of Risk) is part of the Best Practice
Guidance portfolio published by the Cabinet Office.
M_o_R considers risk from different perspectives within
an organisation; strategic; programme and project; and
operational, as well as business continuity, security and health
and safety.
M_o_R provides best practice guidelines and techniques for
risk analysis and management, the documents necessary
for managing a risk programme and a maturity model. It also
shows people how to embed these practices, review them,
and where necessary adapt them to changing circumstances.
M_o_R is aimed at business change managers, programme
or project managers, risk management professionals,
business and programme or project support staff, and others
with responsibilities for identifying, assessing, planning, or
managing risks, or reporting onrisk management activities
across the organisation.
Alarm offers significantly discounted fees to Members.
Alarm Members - £995 +VAT Non-members - £1195 +VAT
Risk Management National
Occupational Standards (NOS)
Governing body
Skills CFA
www.skillscfa.org/images/pdfs/Risk-Management.pdf
Content and format
Skills CFA has worked with a range of Risk
Management organisations and professionals, including
the Institute of Risk Management (IRM) throughout the
development of the National Occupational Standards
(NOS) that were launched in 2014.
The Risk Management NOS are designed to be
used in all sectors and cover a range of key risk
management functions. These evidence based
standards can be turned into a module on a business
risk qualification like a Level 5 managers qualification.
The NOS cover occupational functions at a number of
levels of responsibility and complexity. They are relevant
to anyone involved in the risk management process.
The suite includes:
• Develop a risk management strategy
• Develop risk management policies and procedures
• Raise awareness of risk management within
an organisation
• Identify, analyse and assess risk
• Manage, monitor and report risk
• Monitor and review risk management strategies,
policies and processes.
NCRQ Level 6 Certificate in Personal
Injury Liability
Governing body
National Compliance and Risk Qualifications (NCRQ)
www.ncrq.org.uk
Content and format
This is a new certificate, launching in summer 2015. (A
Certificate and a Diploma in Applied Health and Safety are
also being launched this year.) It has been developed with
representatives from large employers and local authorities,
including the BBC, Royal Mail and Siemens plc, as well as
leading barristers and academics.
Students will learn to:
• Understand the law of negligence, and be able to apply
it to any personal injury scenario.
• Determine the likely outcome of a scenario, in terms of
liability and approximate compensation.
• Appreciate that both negligence and lack of evidence
may cause a civil claim to be paid.
• Understand the role of insurance, claims handling,
solicitors and others in the civil claims processes.
• Be able to develop strategies to reduce the total costs
of civil claims to an organisation.
• Provide advice to an employer on specific control and
documentation methods to reduce potential liability in
areas that typically result in a high number of claims.
• Incorporate the social value of an activity into a risk
assessment, ensuring that the possibility of civil
claims are used to implement only sensible, risk-based,
proportionate controls.
The qualification:
• Distance learning with full tutor support.
• Study with a workbook, online activities and videos.
• Assessment is by short assignments based on
realistic scenarios.
• Completion of the Certificate in Personal Injury Liability
forms part of the NCRQ Diploma in Applied Health
and Safety.
Linking learning
Acquiring accredited skills in risk management and claims handling is not
straightforward, with only a small pool of learning opportunities to dip into. Here is a
roundup of three of the latest professional courses and topic specific modules.
26. 26 alarm-uk.org SUMMER 2015
SMART GUIDE
Whether or not your organisation uses social media,
you can be sure that your customers and employees
do. Unless managed properly, social media can cause
organisations and individuals considerable harm.
Social media is a risk because it is everywhere. After all, it
is a simple, easy way of communicating with other people.
The vast majority of people in the UK use social media:
Facebook alone has around 24 million people in the UK
using it every day.
There’s the culture too. Many people see social media
as informal, and that leads them to think that somehow ‘it
doesn’t count’, or that if anyone complains it is an easy
matter simply to delete the offending post. Wrong. Dozens
of court cases have shown that anything written on
social media can count legally. Once someone shares
something you have written then you cannot delete it.
Some information can be ‘forgotten’ however. Google
recently lost a case where an individual claimed a ‘right
to be forgotten’ and had to delete data to comply with
this ruling. The impending draft EU regulation on data
protection also includes the principle of the right to be
forgotten. The new challenge is that organisations will
now need a means of identifying such instances and be
able to action them.
Another problem is that on social media, personal and
professional identities collide. State who you work
for on a social media profile, then write something
inappropriate, and your employer (and your career)
could be seriously damaged.
What are the main risks?
Perhaps you think that social media is
something for your PR people to handle?
Unfortunately social media risk impacts
on the whole of your organisation. At the
very simplest there are risks to efficiency
if staff spend too much time on social
media. (It’s probably pointless banning
them though as they will use their
smartphones to get a Facebook fix).
There are also considerable
reputational risks, even if you
are not running social media
marketing campaigns.
Who is saying what about your organisation, or your
employees, on Facebook? How well are you responding
to customer questions and complaints on Twitter? In many
organisations it is the intern that handles social media for
the simple reason that they are the youngest person in
the office: the (probably erroneous) assumption is that
they must understand how to use it better than anyone
else! At another level, how is your senior team presenting
themselves on LinkedIn or Twitter? Do your policies cover
them too? Would they be sacked for inappropriate posts?
It’s not just reputation at stake. Many other things can go
wrong. It’s easy to leak strategic information accidentally
on social media forums. HR professionals need to take
particular care when deciding whether to use the analysis
of social media profiles as part of recruitment or disciplinary
processes. Procurement and commissioning departments
are affected too: it is just as easy to enter into, or vary, a
contract on social media as it is on email or on paper.
Perhaps the most serious concern is cyber security. The
more information your employees expose about your
organisation on social media the easier it is for fraud.
Scammers can fool employees into parting with information
and data (including login details) by sending them credible
phishing emails tailored to their work.
Social media is a risky place. But an awareness of the
risks, coupled with common sense, good management
processes, and the appropriate tools and training, will help
your organisation to avoid the worst of those risks and to
minimise the damage when something does go wrong.
Ten top tips: protect your organisation from social
media risks
1. Don’t use social media for marketing just because it
seems on-trend. If you don’t have SMART goals for your
activities then you will almost certainly waste time and
money and probably damage your reputation too. Many
organisations have no reason to use social media beyond
listening out for, and responding to, serious complaints.
2. Develop a social media policy. It should explain to
employees when and how they can use social media at
work, and when and how they can talk about work-related
matters on social media. For instance you might want to
stop people from mentioning they work for your
organisation on social media, except perhaps on LinkedIn.
Remember that people may be using social media sites on
personal devices such as smartphones and home
computers as well as on your organisation’s computers.
How to manage social media risks
Alarm has invited back digital business consultant, Jeremy Swinfen Green to
create this Smart Guide on how organisations should recognise and manage
risks arising from social media.
27. SUMMER 2015 alarm-uk.org 27
Your policy needs to make clear that it applies when
people talk about work-related matters on personal
devices (BYOD risk) and outside the organisation, just as
much as it does when they use company equipment and
are at work.
3. Train everyone in what your social media policy means
and why it is important. For example you might want
to remind employees that the internet is public domain
so the things they write may well be read by people they
don’t expect to read them. And don’t forget to explain
any sanctions for failing to follow the policy.
4. Make sure your organisation’s social media accounts
have strong passwords. There really is no excuse
for using ‘Password’ or the ubiquitous ‘1234’! Even
‘P455w0rd’ can be broken in seconds.
5. Restrict access to your social media accounts. If you need
to allow more than one person to access an account then
you should implement a sign-in system that will allow you
to track exactly who is posting what and when.
6. Make sure you listen out for customer complaints and
comments about your services. There are plenty of free
tools about to do this although you get what you pay for.
The more expensive ones will be more comprehensive
in their coverage of social media and provide you with
better management tools.
7. Ensure that experienced people manage your social
media responses. Take care with tone of voice as well as
the detail of what you say. Everything you say counts so
don’t promise what you can’t deliver. Don’t ignore
people. If you don’t have a 24/7 team responding
to social media (and you probably don’t) take care
with automated responses and never pretend they
come from a real person!
8. Make sure you are compliant with privacy and data
protection rules. Double check marketing material
and content. Archive your social media activity.
9. Take seriously social media cyber security risk. A scam
delivered via a message on LinkedIn can look very
credible, but it could be a way of fooling employees to
part with login credentials. Adverts on social media can
lead people to sites that download key-logging software.
In addition it is relatively easy for people to give strategic
information away accidentally when posting on social
media forums. Educate employees about these risks.
10. Understand that your organisation is likely to get damaged
via social media one day. Vengeful ex-employees, political
hacktivists, unhappy customers or citizens will get back
at your organisation. Prepare for those unpleasant
incidents by auditing risks and identifying likely damaging
scenarios. Implement processes to triage and allocate
social media problems. Make sure you have clear lines
of communication and responsibility. And don’t panic: not
everything that goes wrong on social media is a crisis.
Jeremy Swinfen Green (jeremy@mosoco.co.uk) is a
Director of Social Media Risk Consulting, a specialist
consultancy providing audits and advice in the area
of social media risk and the human elements of cyber
security. www.socialmediarisk.co.uk
It’s time for something new
For claims expertise and solutions tailored to your needs, then you
need the best of both Crawford and GAB Robins. Together we offer
a broad range of services designed with you and your stakeholders
in mind and delivered with absolute care.
• Claims Handling
• Property Loss Adjusting
• Casualty Loss Adjusting
• Major & Complex Loss
• Surveying Services
• Construction & Engineering
www.crawfordandcompany.com
To find out how we can help you, contact:
Margaret Clubley on 01908 302030
or margaret.clubley@broadspiretpa.co.uk
28. 28 alarm-uk.org SUMMER 2015
LEGAL UPDATE
The hearing of Coventry v Lawrence (see Public RM Winter
2014) took place before the Supreme Court in February
2015. The Judgment is yet to be handed down, and it
would be foolish to predict the outcome as the arguments
on both sides are compelling.
At stake is the possibility of a deluge of claims, most
likely against the Government, by paying parties who,
in certain cases, may have had their human rights
breached by being ordered to pay success fees and
insurance premiums.
The background
The issue was first raised before the Supreme Court by
the Defendants (who were Respondents in the appeal).
They had been ordered to pay 60% of the Claimant’s very
substantial costs.
It was argued that the success fee under the Claimant’s
Conditional Fee Agreement (CFA) coupled with the
After the Event Insurance (ATE) premium should not be
recovered from the Defendant. It was viewed to be a
disproportionate interference with the Defendant’s rights
under Article 6 of the European Convention on Human
Rights; the right to a fair trial; and Article 1 of the First
Protocol; the right to peaceful enjoyment of their property.
Lord Neuberger expressed only a provisional opinion
because it was based on only one side’s submissions but
nevertheless, said that the Respondents may be right. He
also recognised it would be wrong for the Supreme Court
to decide the point without the Government having the
opportunity to address the Court on the issue. This led to the
further hearing in February this year.
Given the significance of the issues at stake, a number of
parties intervened. Arguments were advanced not only by
the Appellants and the Secretary of State for Justice but
also by, among others, The Law Society, The Bar Council,
the Association of Costs Lawyers and the Asbestos
Victims Support Group Forum UK. The involvement of the
Asbestos Victims Support Group is particularly notable
because, of course, recoverability of additional liabilities
remains in place in mesothelioma claims.
The submissions
The submissions of the parties and interveners are long and
complex and raise many arguments. It is not possible to set
out all the arguments but
it is worth focusing on
a number of the more
interesting and
significant ones.
It is common
ground among
most of the parties
and interveners
that the primary
legislation is not
incompatible with the
Human Rights Act. The
question is whether or not the
Civil Procedure Rules (CPR), the Costs Practice Directions
(CPD) and the application of those rules is incompatible
with the Human Rights Act.
The Respondents accepted the principle that, in litigation,
the loser should pay the costs of the winner, and that the
recovery of success fees and insurance premiums had the
legitimate aim of widening access to justice. However, they
argued that the system as a whole is an unfair, irrational
and disproportionate means of achieving that aim because
the system, as a whole, interfered with the Respondent’s
human rights.
The essence of the argument was that the CPR, the CPD
and the way in which the courts interpreted and applied
those provisions, were incompatible because they did not
take into account the reasonableness and proportionality
of incurring the success fees and insurance premiums,
nor the ability of the payer (the loser) to meet them.
Accordingly, although the system of recoverability had
the aim of widening access to justice, the application
was disproportionate (in human rights terms rather than
costs terms).
The system would not be unfair, irrational and
disproportionate if the application of the CPR and the
CPD considered: (1) whether the total costs including
success fees and premiums were proportionate; (2)
the means of the paying party; and (3) the means of the
receiving party.
The appellants took the opposite view. The Secretary of
State argued that the courts have already made it clear that
considerable weight must be given to the Government’s
informed legislative choices and that they must be allowed
Keeping the faith on Coventry
David Abraham, Consultant, and Dean O’Connor, Costs Lawyer, at Clyde & Co,
explain the latest thinking in the landmark Coventry v Lawrence case as we await
the Supreme Court ruling.
It is common ground
among most of the
parties and interveners that
the primary legislation is
not incompatible with the
Human Rights Act.