The potential damage from terror attacks affects individuals, structures and businesses and has the ability to destroy lives. As Martin Singleton writes, small to medium-size enterprises need to have a prepared disaster recovery strategy in place to maximise employee safety and minimise business disruption.
In the wake of the recent terrorist attack in Glasgow and the foiled attack in London's West End, there is an even greater need for businesses — especially small to medium-size enterprises — to ensure they have adequate cover and plans to avoid terrorist acts, or at least minimise consequences that could include going out of business.
Damage resulting from acts of terrorism is a standard exclusion under most commercial property policies in the UK, and policyholders must ensure that they purchase terrorism insurance separately to obtain cover.
Most UK commercial property insurers are members of Pool Re, a mutual reinsurance company through which they can offer cover for acts of terrorism in Britain to their policyholders.
Through Pool Re, member insurers are able to obtain reinsurance for damage to property and consequent business interruption losses resulting from acts of terrorism in Britain. Therefore they can offer, at an additional cost, such cover to their own policyholders.
In the case of an incident where there is no damage to property, such as the recent foiled attacks in London, Pool Re terrorism cover will not apply so policyholders must ensure that they have purchased adequate 'non-damage' business interruption extensions that can provide suitable cover. Many SMEs may not be aware of this cover, which might leave them open to problems.
'Police action' extensions provide cover for businesses that have been closed or where police have prevented access to the premises for customers and employees due to a danger or disturbance in the vicinity of the policyholder's premises. This is a non-damage extension and only applies where no actual damage has occurred.
With the Glasgow airport incident where damage to property did occur, many businesses will have been affected by the disruption and nearby road closures, although such businesses will not have suffered any direct damage themselves.
Such losses resulting from this act of terrorism are likely to be excluded from standard BI policies and businesses in the vicinity of the damaged airport will only have insurance cover if 'prevention of access' or 'loss of attraction' extensions to BI covers have been purchased, together with Pool Re terrorism cover.
While the right level of insurance protection is vital, SMEs can also protect themselves by ensuring they employ adequate risk management measures, including a business continuity plan. General security is a must and should be in place for all entrances and windows. A good quality intruder alarm system should be considered for sensitive or unmanned areas of the building.
Areas that are not normally open to the public can also be controlled with the use of security personnel, CCTV and security lighting. Staff should be made aware of the need for vigilance. Any suspicious objects, persons or vehicles should be reported to the police immediately. Full and written guidance should be incorporated in staff handbooks including clear instructions to reception staff and telephonists for handling bomb threats.
Space both inside and out should be kept clean and tidy to reduce the opportunity for an explosive device to be planted undetected. Should a search need to be conducted it is advisable that this is carried out in pairs.
There are a number of products available that can help to reduce the possibility of injury and damage in the event of a terrorist explosion. For example: laminated glass, security/anti-shatter window film and anti-blast curtains. Obviously these may be costly for small businesses in the short term but in the long run they may well be worth their weight in gold.
Businesses also need to identify designated safe areas where people can gather in case evacuation is not the best solution; preferably an area that has access to drinking water and toilets and is located away from windows and glazed areas.
In addition, all fire fighting equipment should be regularly checked, in working order and readily available for use. Sprinkler systems have also proved to be effective in limiting the extent of damage from incendiary devices.
Particular attention should be paid to computer and communications systems and a plan of action should cater for the replacement and re-siting of equipment or records. This should also include recovery of data from back-up resources, which ideally should be kept off the premises.
It is necessary to regularly review and rehearse plans to ensure they remain workable, particularly in light of changes that often take place within a business; whether involving the structure, personnel, equipment or processes. These measures can and will assist in protecting assets, staff and customers from a terrorist attack or other major incident, and could assist the business' survival should such an event occur.
The overall advice to SMEs, and in fact any business, is that, before creating any additional measures, review what is already in place — implement good basic security practices and test them regularly. Businesses are often reluctant to create contingency plans because of the perceived cost that may be involved. However, often the cost of doing nothing outweighs the cost to the business when an incident occurs. Statistics show that even minor incidents can cost small companies an average of two days lost business to the sum up to £10 000.Martin Singleton is technical manager, property, for Norwich Union
- Loss-making GRP spent £112.6m on acquisitions over its last financial year
- Hiscox names former claims boss as UK CEO
- Hiscox's James Brady on why cyber knowledge remains a barrier
- Mike Bruce promoted to GRP group managing director
- CBL shareholder in bid to save troubled firm from liquidation
- Top 100 Insurtech: Quarter four update
- Marsh boss joins GRP-backed Marshall Wooldridge