Service
Management liability review for mid-market operators.
D&O ABC structure, Side-A limits, EPLI, crime, and fiduciary coverage reviewed against the actual board composition, regulatory exposure, and financing history. The line where the wording matters more than the limit.
Overview
Management liability is bought on form, not on price.
Two D&O policies with the same limit and the same retention can behave very differently at claim. The conduct exclusions, the definition of "claim" and "loss," the regulatory investigation grant, the priority of payments, the entity-vs-individual allocation, and the Side-A DIC features each carry meaningful coverage value or meaningful coverage drag. The premium delta between forms is often a small fraction of the difference at a real loss.
For venture-backed companies, the additional dimension is the directors themselves. Independent directors join the board because the indemnification agreement and the D&O tower back them. If either side is weak, the seat is harder to fill and the existing board's protection is thinner than it looks.
What we review
The whole management liability stack.
- D&O ABC structure
- Side A, B, and C insuring agreements, definition of claim and wrongful act, conduct exclusions and severability, regulatory investigation coverage, and the Side-A DIC features that protect individual directors when the underlying tower fails to respond.
- Side-A excess and DIC
- Limits, broader-than features, drop-down conditions, presumptive indemnification, and bankruptcy priority. For independent directors, this is the layer that matters most.
- Priority of payments
- Non-indemnifiable Side-A loss paid first, then indemnifiable Side-B loss, then entity Side-C loss. Without the clause, entity loss can starve individual directors.
- EPLI
- Definition of insured, third-party coverage for non-employee claims, wage-and-hour sublimit treatment, immigration practices, and the carrier's defense panel structure.
- Crime and social engineering
- First-party employee dishonesty, computer fraud, funds transfer fraud, third-party crime, and the social engineering / fraudulent instruction sublimit. Verification protocol requirements that would void coverage at claim.
- Fiduciary
- ERISA exposure for the 401(k) plan and any health-and-welfare plan committee, voluntary settlement program coverage, and HIPAA defense costs. The line that gets ignored until a Department of Labor audit lands.
Common gaps we find
Where management liability programs fail.
- No Side-A excess. Independent directors relying on a single ABC tower with no dedicated Side-A protection if the entity becomes unable to indemnify.
- No priority of payments clause. Entity Side-C loss eroding the shared limit before individual directors see a dollar.
- Conduct exclusion without final adjudication. Older D&O forms allowing a carrier to deny coverage based on allegation, not final adjudication, of fraud or willful misconduct.
- EPLI third-party omitted. Consumer-facing operations with no third-party EPLI, leaving discrimination and harassment claims by customers uncovered.
- Social engineering sublimit too small. A $250K social engineering grant on a company that wires seven figures monthly through accounts payable.
- Pre-funding D&O carried into a Series B. Entity-only D&O written for a five-person seed-stage company still in place after independent directors joined the board.
When this matters
Triggers we hear from boards and CFOs.
- A new financing round, IPO, direct listing, or major recapitalization.
- Independent directors are joining and asking for a copy of the D&O policy.
- An EEOC charge, regulatory subpoena, or DOL investigation has been served.
- A wire-fraud or BEC incident exposed the limits of the existing crime program.
- The 401(k) plan is moving to a new recordkeeper or facing a participant complaint.
Placement
How placement works through Rush Insurance.
Vetted Risk is not licensed to sell, solicit, or negotiate insurance. The consulting work, including form review, Side-A structure, and tower design, sits with us. When the file moves to market, it moves to Rush Insurance, our licensed placement partner. Rush handles carrier submissions across primary and excess management liability markets, MGA placements where appropriate, and policy issuance.
Compensation related to placement flows to Rush Insurance. Vetted Risk receives no commission, no override, and no contingent compensation. The recommendation on whether to switch primary D&O carriers, add a Side-A excess, or restructure the EPLI retention is independent of who writes the binder.
FAQ
Common questions about management liability.
- What is the ABC structure in D&O coverage?
- D&O policies divide coverage into three insuring agreements. Side A reimburses individual directors and officers when the company cannot or will not indemnify them. Side B reimburses the company for amounts it pays to indemnify its directors and officers. Side C, where applicable, covers the entity itself for securities claims (public companies) or specific entity claims (private). The premium and the limit interaction across A, B, and C drive what individual directors actually have available in a worst-case scenario.
- Do I need a Side-A excess or DIC layer?
- Side-A excess and difference-in-conditions layers exist to protect individual directors when the underlying ABC tower is exhausted, when bankruptcy interferes with payment to the entity, or when the underlying form has exclusions that the Side-A DIC does not. For venture-backed companies and any operator with independent directors, a dedicated Side-A excess is usually how outside directors get the protection their indemnification agreement promised.
- What is order or priority of payments?
- When a single retention or limit is shared across the entity, the indemnified directors, and the non-indemnified directors, the order in which the policy pays matters. A well-drafted priority of payments clause requires the carrier to pay non-indemnifiable Side-A loss first. Without that clause, entity loss can erode the limit before individual directors see a dollar.
- Does EPLI cover third-party claims?
- EPLI is built primarily for employee claims. Many forms now include third-party coverage for claims by customers, vendors, or other non-employees alleging discrimination or harassment by the insured. The grant is sublimit and varies by carrier. For consumer-facing operations, third-party EPLI is often the difference between coverage and a denial letter.
- What's the difference between first-party and third-party crime?
- First-party crime, traditionally called employee dishonesty or commercial crime, covers the insured against theft by employees, computer fraud, and funds transfer fraud. Third-party crime extends coverage to losses suffered by the insured because of acts committed against a customer. Social engineering coverage, for fraudulent instruction losses, is usually a sublimited extension and not present on every form.
- How does management liability change after a venture round or IPO?
- A new financing event materially changes the exposure profile. Pre-funding D&O is usually a slim entity-only or mini-tower, sufficient for early-stage governance. Post-Series B or post-IPO, you need a full ABC tower with Side-A excess sized to the board, regulatory exposure scaled to the new disclosure regime, and EPLI tuned to the headcount growth. The transition has to be planned in advance, not retrofitted after the closing.
Related services
Adjacent reviews.
-
Professional Liability
Retro date, definition of claim, and consent-to-settle review for service firms and tech companies.
Review E&O → -
Cyber Liability
Sublimits, war exclusion, and incident-response panel pressure-tested against current threat patterns.
Review cyber → -
Property & Casualty
Property valuation, GL, and excess tower review for the operating side of the program.
Review P&C →
Next step
Send the D&O policy and the indemnification agreement.
One business day response. Independent review. Placement coordinated through Rush Insurance.