Kidnap, Ransom and Extortion and Crisis Solution

A Guide to Insurance for NGOs Operating in Violent Environments


Policy intention

Common areas of cover

Kidnap, ransom and extortion

Kidnap, ransom and extortion insurance policies are indemnity policies. This means that they reimburse the loss incurred.

Kidnap, extortion, wrongful detention, hijacking.

Crisis solution

Crisis response policies are also indemnity policies, but offer cover for a broader set of circumstances.

Kidnap, express kidnap, extortion, wrongful detention, hostage crisis, hijacking, disappearance, threats.

As the above table indicates, kidnap, ransom and extortion policies provide less areas of cover than the newer crisis solution policies, which is why most organisations now opt for a crisis solution policy.

Do not focus (only) on the ransom

These policies provide much more than reimbursing insured ransom payments. Understanding exactly what the policies provide and in which situations the responder will provide it is critical to using them correctly. It is also possible to purchase these policies without the ransom element. This is a requirement for some organisations, as specific donors do not allow the purchase of ransom cover with their funding. These policies are still worthwhile purchasing without the ransom cover if your staff could be exposed to the threat of detention, extortion, etc. Robust policies will normally include (financially limited) cover for travel, accommodation, communications, child care, rest and rehabilitation, medical services, increased security, legal liabilities, interpreters, accidental death and disability benefits, salaries and job retraining for affected persons. They can provide a vital boost to an organisation’s own crisis response capabilities.

Interview the responders before purchasing the policy

Professional response consultants offer many of the same services in the same way. However, some specialise in working with specific sectors, and others offer slightly different, but potentially important, elements of cover (e.g. a willingness to deploy two consultants simultaneously to your national and international crisis management teams). As such, organisations should spend an appropriate amount of time discussing the scope of the services and the response consultant’s sector-specific experience.

Despite having global application, most insurance policies are based on the legal jurisdiction (or location) in which they are issued. As such, the laws of that country will apply to the policy. This is especially important in relation to ransom payments, as different governments take different stances on this issue. The long-standing policy of the British government, for example, is not to make substantive concessions to hostage takers. In addition, the payment of ransoms to terrorists is illegal in the United Kingdom under the Terrorism Act 2000, which has ‘extra-territorial effect’, meaning that the law applies wherever the ransom is paid. The United States government’s policy is similar in that they will also not make ransom payments or substantive concessions and prohibits the payment of ransoms to foreign terrorist organisation (FTOs). However, a change of policy in August 2015 opened the door to the payment of ransoms by the families (not employers) of citizens of the United States. These may seem like minor differences, but they have potentially major implications. As such, organisations should consult their insurer’s crisis responders to ensure that they have a full and complete picture of the relevant legal requirements that apply to the jurisdiction of the policy, the nationality of any affected individuals and the laws of the host country.

Ensure that response consultant’s fees and expenses are ‘unlimited’

Probably the most useful element of these policies is the access that they provide to response consultants. Every major insurer that offers these policies has an exclusive – and sometime opaque – agreement with a response consultancy to provide this element of the policy. Currently, Hiscox use Control Risks, AIG use Neil Young Associates and XL Catlin use Terra Firma, for example. These response consultants are private security companies that specialise in this area and have extensive capabilities, long case histories, access to perpetrator statistics and teams of consultants who can advise you throughout the crisis. As such, it is important that the policy provides unlimited financial cover for these consultants and their expenses.

Response consultants advise; they do not manage and they do not negotiate

It is a common misconception that an organisation facing kidnap or other crisis situations can call their insurers who will send a response consultant to manage and negotiate the crisis for them. This is simply not the case (in the United Kingdom at least). Response consultants will advise your crisis management team(s), outlining strategies, options and scenarios, but all the decisions and the contact with the hostage takers remains the Insured’s responsibility.

These are indemnity (reimbursement) policies

Indemnity is a compensation for damages or losses. As such, these policies will only reimburse the losses incurred. If your payment meets all of the legal and policy conditions, your insurers will reimburse your costs (usually quite quickly). However, this means that if you decide to pay a ransom, you must have the money to do so. In practice, there is some ability to negotiate this with insurers, but it should not be presumed that they will provide funds for you to pay a ransom from the outset.

Restrict knowledge about the existence of the policy

It is a requirement of these policies that organisations take all possible measures to restrict the knowledge of the existence of the policy. This requirement works on the basis that the ransom payments are usually lower and the negotiations will simpler and swifter if the hostage takers are not aware of the existence of the engaged response consultants or the ransom element of the policy.

Get to know your responders and write their details into your crisis management plan

It is critical to meet your responders once your policy is in place. You can request a briefing designed to help you understand how to engage with them during an incident and how their services can fit into your internal crisis management processes. Once this is understood, you should write this engagement process into your crisis management plan or abduction protocols.

Utilise the pre-incident services or subvention kitties

All good kidnap, ransom and extortion and crisis solution policies will include pre-incident services. Sometimes called a ‘subvention kitty’, this allows your organisation to spend a nominated amount (usually 10% of the policy fee) on crisis management training. While insurers will encourage you to spend this money with their responders, organisations can approach their insurers and gain approval to spend the money with other (perhaps more sector-relevant) security risk management providers.

Inform the insurers and responders of an incident as soon as possible

It is a condition of most policies that you must inform both the insurers and the responders of a relevant incident as soon as is practically possible. Failure to do so may result in lack of cover.

Organisations must also ensure that they provide a fair presentation of the risk, ensure adequate cover and be aware of sanctioned countries or regions as outlined in relation to travel and personal accident in the previous section.

Last updated