Tag Archives: D

Cannabis Industry Insurance Outlook for 2020

By , T.J. Frost
No Comments

Cannabis businesses have a lot to look forward to in 2020. After a bipartisan push through the House, the Safe Banking Act currently awaits passage in the Senate and then the president’s signature. If all goes well, the bill will allow the financial sector to finally service cannabis businesses – from banking to investments and insurance.

What else can cannabis business look forward to this year? Check out HUB’s Top 5 cannabis industry predictions for 2020.

  1. Hemp/CBD products go to market in droves. The passage of the Farm Bill and the ease of shipping hemp across state lines has led to a production boom for the crop. With little federal regulation around manufacturing and distribution, hemp/CBD products from edible oils to clothing and anti-inflammatory lotions are extremely profitable. Expect final federal Domestic Hemp Production Program rules on acceptable levels of THC in hemp/CBD products to be published sometime in 2020. These will be based on the current rule draft. There’s a strong push to move industrial hemp into the federal crop insurance program, which is also likely to happen in 2020.
  2. Product liability insurance is no longer a luxury. Thanks to significant vaporizer, battery and contamination claims currently in the courts, cannabis business can expect higher product liability premium rates in 2020. Expect rates to jump as much as 30 to 40%, depending on the resolution of these cases. For this reason, carriers will be more diligent about underwriting and may even ask for certification of insurance from vendors, and additional insureds on third-party policies. Exercising more caution and oversight when selecting vendors is a must for cannabis businesses operating in 2020 under this premise. It’s critical for all organizations to take a hard look at business practices before entering partnerships moving forward.
  3. Phase II industry growing pains surface. Now that the cannabis gold rush is dying down, businesses are poised to enter Phase II of their growth.Those who failed to institute proper hiring processes, including background checks, as well as protocols to promote security and prevent theft are currently facing challenges. Significant industry consolidation is making way for cannabis conglomerates to become multi-state operators. Directors and officers that made poor investments or acquisitions are facing scrutiny at the hands of the SEC or business investors. Without D&O insurance, or adequate limits, directors and officers could find their personal finances drained. Insisting on adequate D&O protection going forward is a best practice for cannabis executives.  
  4. Product and state regulatory testing expands. High-profile manufacturers and distributors of cannabis are standardizing their cannabis, hemp and CBD ingredient labeling. However, many others are taking advantage of the lack of rules currently surrounding cannabis production by falsifying labels and misrepresenting THC content in products. This has led to recent lawsuits and claims. As a result, states will begin to administer product testing and license regulations and enforce carrying time limits, track and trace and bag and tag rules. Get ready for fines, penalties and increased non-compliance liabilities in 2020.
  5. Increased availability of policies and limits. Both the cannabis industry and the number of insurance carriers entering the market continue to grow steadily. Businesses are enjoying higher liability limits as a result – to the tune of $15M on product liability and $60M on property. Coverage for outdoor cannabis crop is now a possibility, and workers’ compensation coverage can function as a blanket policy for businesses across state lines as well. Should the Safe Banking Act pass soon, stay tuned for additional insurance opportunities as well.

2020 Growth and Beyond

The 2020 presidential election will bring the federal legalization of cannabis to the forefront of public discourse. While the law may not change yet, passage of the Safe Banking Act and increased regulatory action at the state level will highlight the successes and failures of the 33 states and the District of Columbia that have legalized cannabis in some capacity. These will serve as a guiding light for federal legalization down the road.

Soapbox

Cannabis Growers and Distributors: Your Cyber Risk is Growing Like Weeds

By Emily Selck
No Comments

Cannabis growers and distributors are “green” when it comes to cyber security. Unaware of the real risks, cannabis businesses consistently fall short of instituting some of the most basic cybersecurity protections, leaving them increasingly vulnerable to a cyber-attack.

Cannabis businesses are especially attractive to hackers because of the vast amount of personally identifiable and protected health information they’re required to collect as well as the crop trade secrets they store. With businesses growing by leaps and bounds, and more and more Americans and Canadians purchasing cannabis, cybercriminals are likely to increase their attacks on the North American market in the coming year. Arm your cannabis business with the following best practices for growers and distributors.

Distributor Risk = A Customer’s PII

Cyber risk is the greatest for cannabis distributors, required to collect personal identifiable information (PII), including driver’s licenses, credit cards, medical history and insurance information from patients. State regulatory oversight further compounds the distributor’s risk of cyber-attack. If you’re a cannabis distributor, you’ll want to make sure to:

  • Know where you retain buyer information, and understand how it can potentially be breached. Are you scanning driver’s licenses into a database, or retaining paper files? Are you keeping them in a secure area off site, or on a protected network? Make sure a member of your management team is maintaining compliance with HIPAA and state statutes and requirements for cannabis distribution.
  • Institute strong employee oversight rules. Every employee does not have to have access to every sale, or your entire database of proprietary customer information. Delegate jobs behind the sales desk. Give each employee the access they need to do their job – and that’s it.
  • Distributors have to protect grower’s R&D information too. Most cannabis distributors have access to their grower’s proprietary R&D information so they can help customers understand which products are best for different medical symptoms/needs. Make sure your employees don’t reveal too much to put your suppliers in potential risk of cyberattack.

Grower Risk = Crop Trade Secrets

For cannabis growers, the risk is specific to crop trade secrets, research and development (R&D). If you’re a cannabis grower, you’ll want to:

  • Secure your R&D process. If you’ve created a cannabis formula that reduces anxiety or pain or boosts energy, these “recipes” are your competitive advantage – your intellectual property. Consider the way you store information behind the R&D of your cannabis crops. Do you store it on electronic file, or a computer desktop? What type of credentials do people need to access it? Other industries will use a third party cloud service to store their R&D information, but with cannabis businesses that’s typically not the case. Instead, many growers maintain their own servers because they feel this risk is so great, and because their business is growing so fast, there are not yet on the cloud.
  • Limit the number of people with access to your “secret sauce.” When workers are harvesting crop, or you’re renting land from farmers and planting on it, make sure to keep proprietary information in the hands of just the few who need it – and no one else. This is especially important when sharing details with third party vendors.

Cyber coverage is now ripe for picking

Although cannabis businesses are hard to insure – for just about every type of risk – cyber insurance options for cannabis companies have recently expanded, and come down in price. If you’ve looked for cyber coverage in the past and were previously unable to secure it, now is the time to revisit the market.

Know that cyber policy underwriters will do additional due diligence, going beyond the typical policy application, and ask about the types of proprietary information you collect from customers, as well as how you store and access it at a later date. Have this knowledge at your fingertips, and be ready to talk to underwriters about it when you’re bidding for a new policy – and at renewal time.