Spring World 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 30, Issue 4

Full Contents Now Available!



JUser: :_load: Unable to load user with ID: 62

Terrorism (11)

Monday, 29 October 2007 11:31

Terrorism Coverage Elsewhere

Written by

Northern Ireland

Terrorism coverage has been excluded in Northern Ireland for a number of years. In 1977, the British Insurance Association announced a standard form of exclusion relating to terrorism losses in Northern Ireland. This led the Irish government to introduce the Criminal Damage (Compensation) Northern Ireland (Order of 1977).
In order to be able to benefit under this act, a claimant must show that the damage incurred was unlawfully, maliciously or wantonly caused to property either by a riotous assembly or as a result of an act committed maliciously by a person acting on behalf of or in connection with an unlawful association. Under the act, a justification for a claim is a certificate issued by the Chief Constable of the Royal Ulster Constabulary indicating that the loss falls under one of these headings. Insurers have not in fact excluded riot losses from their coverage but many claims under the other section of the order can effectively be considered terrorism claims.


In Spain, terrorism is one of the catastrophe perils covered by the Corsorcio system, which is both obligatory and financed by the government. Premiums are collected by statutory rates on property values. Corsorcio also covers other catastrophes, including floods, and earthquakes, but the system does not include business interruption coverage. There is no restriction on the private market providing this catastrophe perils coverage, but the contributions must still be made to the Corsorcio pool. Companies operating in Spain have no difficulty buying adequate limits of terrorism coverage for property damage and business interruption, and the market tends to provide for coverage other than Corsorcio’s on a difference-in-conditions basis.


In France, full terrorist coverage is available for property damage insurance, and in fact legislation requires insurers to provide this protection. Under this arrangement, the direct insurer has the option to retain the risk, reinsure it on the commercial market or reinsure the risk with the CCR, which is the French state-controlled reinsurer. This flexible arrangement allows direct insurers to vary the percentage that they reinsure on a year-by-year or case-by-case basis. This obligation to insure does not apply to business interruption, although in practice both property and business interruption can be purchased to very adequate limits in the open market. These insurers have not however, experienced losses as large as those that hit London and New York in recent years.

France also has a pool to which insurers are obligated to contribute. This pool provides protection for personal injury to anyone harmed in a terrorist attack. France also has a catastrophe reinsurance program colloquially referred to as CAT NAT. This scheme supported by the government reinsurer, applies a levy of nine percent to all property premiums which pays for catastrophe perils losses. If the problems that the United Kingdom now have were to develop in France, it is likely that an adjustment would be made to the CAT NAT system.

South Africa

In South Africa, there is obviously a very considerable threat from terrorism. In 1976, following riots in Soweto, the insurance market determined that it could not cover terrorism risks and advised the South African government that they were canceling cover. However, a cooperative deal was worked out between 15 of the largest direct insurers and the government. This involved the 15 companies effectively capitalizing a pool called the South African Strikes and Riots Insurance Association (SASRIA); the original capitalization was five million rand spread proportionately according to the size of the 15 companies, which was subsequently raised to 10 million rand.

The arrangement’s main feature, however, was the government’s backing as a reinsurer of last resort. Soon after the pool was established, the reinsurance market became involved in excess of loss protection, and SASRIA is now very significantly funded at four billion rand, or approximately $75 million. Clearly, the pool has very significant exposures, but it seems that the stated objective of the arrangement is to build up the pool to approximately 20 billion rand. Although there are limitations to this system, it seems to meet the needs of most businesses.

This article is reprinted by permission of Risk Management magazine.

Monday, 29 October 2007 11:31

Terrorism Coverage in the United Kingdom

Written by

Bombs blast through buildings, leaving destruction and rubble in their wake. Booby traps, planted with evil intent, rocks through cars, killing their intended targets and damaging surrounding structures.

Mortar rockets, screaming through the air, strike buildings, causing serious injuries to innocent bystanders and resulting in property damage. These descriptions, although indicative of battle, do not depict scenes from some hideous war. Instead, they describe the consequences of terrorist activities perpetrated by organizations, such as the Provisional Irish Republic Army, that have long victimized companies in the United Kingdom.

Monday, 29 October 2007 09:40

Oklahoma City Bombing

Written by
On Wednesday April 19, BMS CAT dispatched their advance command team to Oklahoma City. A BMS CAT Operations Manager and Team Leader assessed damage to four of the major buildings peripheral to the Alfred P. Murrah Federal building, and met with government officials at midnight to give them a damage report and recommend emergency mitigation procedures. The following day, BMS CAT Special Technologies Division and Senior Project Management personnel arrived to provide a technical assessment of the contaminants generated, to recommend restoration cleaning protocols for critical computer equipment, telecommunications equipment, and other critical contents of GSA buildings, and to plan the restoration projects to return the buildings to operation within the time frame dictated (four days) by the needs of the occupant agencies.

Around 9 a.m. on April 19, I was getting ready to leave the Myriad, our convention center, when I felt a terrific blast. I thought we had experienced an earthquake except that the ground was not vibrating.

The shock wave from the blast was so powerful that many building occupants miles away thought that their building was the victim of a disaster.

Wednesday April 19, 1995 started like any other day for the residents of Oklahoma City. People were just beginning their daily routine when suddenly, the unimaginable happened. At 9:04 a.m. CT a bomb was detonated in front of the nine-story Alfred P. Murrah Federal Building in downtown Oklahoma City. The sound from the blast was heard up to 15 miles away, but the repercussions of what had happened traveled around the world. The worst act of terrorism on U.S. soil had just happened deep in America's heartland.

In the aftermath of a tragedy as senseless and horrifying as the bombing in Oklahoma City, any discussion of legal issues tends to be viewed negatively: who, after all, will ever forget the images of grief and devastation beamed all over the world, and how could such destruction ever be viewed analytically within the context of a factual legal approach? While such an approach may seem heartless, it is a sad reality of American life that the legal proceedings arising out of this monstrous act will go on far beyond the physical repair and restoration efforts currently being undertaken. Consequently, I will examine several of the considerations likely to be litigated over the coming months with the hope that the legal "lessons learned" from the bombing of the Alfred P. Murrah Federal Building can be of some benefit to others in the future.

Framing the Issues

In the aftermath of a disaster, legal issues typically revolve around the question of harm or damage. What damage was done? Who was framed? From a lawyer's perspective, answers to these questions are at least important as the issue of causation (who or what caused the event(s) that resulted in the damage done). Looking at the Oklahoma City situation, it is immediately obvious that many of the occupants of the building at the time of the blast suffered harm - either injury or death. Many people near the blast zone also were injured, and these fatalities and injuries clearly constitute an affected class of persons that have a potential cause of action. However, the concept of "injury" goes far beyond these obvious instances to include many others. Families that lost a "bread winner," businesses that lost use of their facilities and critical activities that were either disrupted or terminated tell the financial toll of this horror, not to mention the utterly indescribable impact of losing loved ones. Numerous other instances of harm suffered as a result of the Oklahoma City bombing will surface, often weeks or even months after the event; in all, the list of victims will continue to grow long after the names of the dead and physically injured have been disclosed. Thus, one of the first major issues to be addressed will be a complete accounting of those individuals and businesses having suffered harm of some kind resulting from the bomb blast.

The second issue will entail qualification of the damage done by the explosion and the ensuing events. Once harm caused by the truck bomb has been established, the legal questions become "what kind(s) of harm" and "how much harm." These questions shape the legal right of the damaged parties to compensation for those damages. On the question of "what kinds of harm", many effects of the bombing are obvious: destroyed or damaged property, medical expenses associated with treating injured victims, the huge cost of cleanup and restoration, and the expenses associated with insurance claims resulting from the blast. Not quite so obvious, however, are many other consequences of this atrocious act: injuries that will leave some victims either partially or completely disabled for life and will require medical attention for indefinite periods, financial damage to local business that will drive some of them into bankruptcy and leave may others struggling to maintain solvency and the terrible emotional and financial traumas suffered by families having lost a loved one to the explosion (in some instances the one person who was the sole means of support for the family).

Qualification of losses suffered will be undertaken in many different ways. For businesses, damage will be calculated in financial impacts: the price of repairing, restoring, or replacing damaged property; revenue streams which were either reduced or eliminated because of the effects of the blast on critical business functions; increased business expenses resulting from coping with the aftermath of the explosion; possibly even losses of market share or competitive positioning caused by the bomb.

Some of this loss will undoubtedly be covered by various forms of insurance, although it is possible that insurance companies may assert defenses against a number of claims (one already being discussed is the "act of war" exclusion, which exonerates insurers from payment of claims resulting from damage caused by the actions of powers hostile to the United States government; while this defense sounds tenuous at best, it may well bring on clarification of the "hostile powers" basis for the exclusion).

Other losses will be borne solely by the businesses themselves. It will undoubtedly be of value to the contingency planning industry to gather information on the levels of planning on the part of affected businesses that existed at the time of the bomb blast, and the ultimate effectiveness of this planning; however, it is likely that these "lessons learned" will always be overshadowed by the terrible personal toll of the explosion, a toll which is more difficult to calculate.

This damage will be reckoned in what seem to be cold-blooded ways; pain and suffering expressed in dollar amounts, the monetary value of lost years of wage-earning potential, and the ultimate distillation of human misery into dollar damages, a process that has caused many to question the humanity of the legal system (not to mention of lawyers). In the final analysis, calculation of the true toll of this tragedy will be accomplished over time and through many means; the final result will be a frightening testimony to man's inhumanity to man.

Who is Responsible?

The issue of causation - who/what played roles in causing this terrible blast - will be hotly contested in courts over the coming months (possible even years), especially since this issue will dictate an answer to another critical question - who pays the damages?

Clearly the person or persons involved in the construction, delivery and detonation of the truck bomb are responsible, however, it is highly unlikely that these twisted individuals will have the financial resources to cover more than a small fraction of the ultimate cost of the bombing. Thus the lawyers will search for responsibility on the part of other parties having "deep pockets" (legalese for the financial capability to pay large damage awards or settlements). Who might some of these "other parties" be, and what kinds of connections to the blast could they have?

For answers to these questions, it will be necessary to reconstruct the entire chain of events leading up to the bombing. Such a reconstruction is not currently available; nevertheless, it is still possible to speculate on possible avenues that legal researchers will take.

For instance, where did the bombers obtain the materials for the bomb, and did the makers and distributors of those materials violate any responsibility to keep such potentially hazardous products from being used as they were used in Oklahoma City? Also, where did the bombers obtain the know-how to construct such a bomb? In moving the bomb to its target, were the bombers able to rent a vehicle because of an actionable lapse in judgement or security procedures on the part of the rental company?

From a different angle, was anyone other than the criminally responsible parties in possession of information that, had it been given to appropriate parties, might have prevented the bombing itself? Again from a somewhat different angle, could the damages resulting from the explosion have been reduced had certain steps been taken that any reasonable person would have taken, but which were in fact not taken? All of these questions and many, many more will be asked as extremely complex issues of accountability are addressed. Only one thing in this process is certain - the final resolution of the legal issues arising from this terrible tragedy will take years to achieve.


It is an ironic reality that tragedies such as the explosion in Oklahoma City underscore the inherent value of our industry, and that such events often serve to provide us with the most valuable "lessons learned."

Certain effects of the bombing are occurring today as ripples from the blast spread outward: increased security at high-risk facilities (federal buildings and other high visibility establishments), scrutiny of the availability of bomb components and bomb-building expertise, and higher levels of surveillance of individuals and groups that represent substantial threats of violence.

Let us hope that, in the wake of such a clear and terrible demonstration that catastrophes can occur at any time and in any place, we as contingency planners can play an increasingly important role in helping to reduce the awful consequences of disaster.

John Copenhaver, JD, CDRP is the Director of Business Continuity Services for BellSouth Businesss Systems. He is also a member of the Disaster Recovery Journal's Editorial Advisory Board.

When a disaster strikes an industrialized area, numerous small businesses with no contingency plans are often affected and must struggle to survive. For many businesses near the recent explosion site in Oklahoma City, Okla., this was the case.

More than 300 businesses in a 15-square-block area were damaged, with 14 condemned. Of those, many were small businesses.

These small businesses are often unprepared for a disaster. With few employees, there is usually no one designated to create a contingency plan, and with small budgets, there is often no money to fund a plan even if it's created.

Though this absence of contingency planning can also be found in larger companies, it is not as widespread. For example, many of the large businesses in the Oklahoma City area had recovery plans in effect which helped them stay in business following the bomb's explosion on April 19, 1995.

The Social Security Administration, which was housed in the Alfred P. Murrah Federal Building, was able to continue client's claims with no interruption, despite the fact that their business site was destroyed in the blast. Because of contingency planning, almost all information on Oklahoma's 100,000 social security clients is stored at a computer center on the East Coast. When the disaster occurred, workers in Dallas immediately reassigned the workload to other offices and calls were routed to other offices where they were handled by "specially briefed" staff members.

The only information which may have been lost was information that had not been entered into the computer, or documents like medical records submitted for claims. That information would have to be submitted again, officials said.

The Federal Employees Credit Union, housed in the federal building, also reopened quickly following the bombing. Within eight hours of the blast, officials of the credit union selected a new site, arranged for telephone and computer systems and retrieved account data which was stored off-site. They reopened in their new location on April 21, just two days after the blast. Volunteers and temporary workers staffed the business, since 18 of the credit union's 33 employees died in the explosion and five were hospitalized.

In addition, most area banks - which are required by law to have backup plans - were back to business as usual by Thursday, April 20. The blast caused temporary shutdown of most downtown banking activity, including key industry services provided by the Federal Reserve Bank. However, by Thursday, the Fed was operated by a skeleton crew and the doors were again opened at most downtown banks. Checks were processed at the office after they were delivered to a remote site. Though two downtown Bank of Oklahoma locations were damaged or inaccessible, employees from those two locations were reassigned to other areas.

The large businesses' fights for recovery were in no way easy, but, because of contingency planning, they were manageable. The story is very different for many of the smaller businesses around the blast site. Most did not have any type of recovery plan in place before the bombing.

“Large businesses tend to be more organized,” said Jim Atkins, public information officer with the Small Business Administration. He noted that in his six years with the SBA he has not seen any small business with any real disaster recovery plan.

As a result of the OKC bombing, 201 businesses in the downtown area have sought applications for assistance, said Mr. Atkins.

The applications are for two types of business loans offered by the SBA. Business Physical Disaster Loans are loans to businesses to repair or replace disaster damages to property owned by the business, including real estate, machinery and equipment, inventory and supplies. Businesses of any size are eligible. The Economic Injury Disaster Loans (EIDL) provide loans for working capital to small businesses and small agricultural cooperatives to assist them through the disaster recovery period. EIDL assistance is available only to applicants with no credit available elsewhere.

A small business is classified as such by comparing its recorded sales or number of employees against predetermined standards for each industrial field. For example, in the manufacturing field, a wire and cable manufacturer would be classified as a small businesses if its recorded sales or its number of employees matched those standards set for that field.

As of mid-May, Mr. Atkins said 68 applications for Physical Disaster Loans and 74 applications for Economic Injury Disaster Loans were returned to his office.

The filing deadline for applicants for physical damage was June 24, 1995, while those filing for economic injury have until January 26, 1996 to return their application.

Cecil Elliott, an employee of Hale Photography, said his business would be one of those needing assistance. The businesses' owner, Delores Hale, would determine whether the firm could stay open based upon how much assistance was available, said Mr. Elliott.

The photography shop, located at 622 N. Broadway Ave. - one block from the explosion - had some structural damage, but was able to reopen the day after the blast.

They were kept busy selling film and other photography supplies. But, Mr. Elliott said he felt the brisk business was temporary. The mainstay of their business - processing film - has been halted because of damage to the developers. Mr. Elliott also fears structural damage at the building could be worse than originally estimated.
Mr. Elliott said he did not know of any contingency plan in effect at the business. “You just don't think things like this will happen,” he said.

Some small businesses located outside the downtown area of Oklahoma City area also suffered affects of the bombing, even though they were not near the bomb site.

The Oklahoma City office of Trader Publishing Company, which publishes four magazines - Auto Trader, Truck Trader, Bargain Post, and Boat, Bike, and RV Trader, was unable to print some of its magazines after its printer's building was damaged in the blast. The Journal Record, located directly across the street from the Murrah Federal Building, was in the process of printing Auto Trader and Truck Trader when the bomb exploded.

“Our "boards" (blueprints) for the two magazines were inside the Journal Record building along with the finished books for Boat, Bike and RV magazine when the explosion occurred,” said Sandy Bale, office manager for Trader Publishing Company. “We do not have a "backup" copy of the boards in our office, so printing elsewhere could not occur until we were able to re-enter that building and retrieve the boards.”

The publishing company, which had no established contingency plan, needed to take steps immediately to recover their losses.

The firm first notified available commercial customers and inquiring private advertisers that the two magazines would not be available on their normal distribution day.

“We had to give all our advertisers in the Auto and Truck magazines credit for the week that we were unable to print,” said Bale. “Circulation and commercial revenue were down for the two books that didn't make it at all that week.”

Company officials next made arrangements for a Journal Record administrator to enter the damaged building and retrieve the "boards" for the two magazines. These were then sent to an alternate printer in Kansas for publication.

“The magazines were available by the following Monday,” said Bale.

Now that the immediate problem had been solved, company officials turned their attention to finding a long-term solution to their printing dilemma. It would be months before the Journal Record could resume business, so another printer had to be located. Because of the size of Trader Publishing's printing job, a local printer could not be used. Instead, officials at the Journal Record arranged for a printer in Gainesville, Texas, to take over the job.

This meant extra time would have to be allotted for delivery of the magazines to and from the printer. To accommodate this, Trader Publishing rearranged their distribution and delivery route schedules. Although company officials admit the scramble to find alternate printing was difficult, the disaster could have been much worse.
“At least we didn't lose any people or have property damage,” she said.

And the event has made Trader Publishing, and many other small businesses in the area, think about contingency planning for the future.

Janette Ballman is an editor with Disaster Recovery Journal.

This article adapted from V8#3.

By now, you know the story. On April 19, 1995, shortly after 9:00 AM, Oklahoma City endured the most brutal terrorist attack in American history. The blast that laid waste to the Alfred P. Murrah Federal Building in downtown Oklahoma City was so intense that it shook the countryside for miles. The horrific and shocking image of the disaster seared itself into the minds of millions of Americans. Every floor of the Murrah building became a tragic story. This is the story from the third floor, where the Federal Employees Credit Union (FECU) once stood.

Monday, 29 October 2007 07:11

The New Face of Terrorism

Written by

When United States’ companies first decided to develop contingency plans for extended unplanned outages in the mid 1970s, the compelling reasons were natural disasters and the resulting power outages that usually accompanied them. The basis of their concern and the reason for taking action was to protect the heart of all businesses; the data center. There were not enough computers integrated into businesses in 1965 when the first great Northeast Power Outage occurred to stimulate much activity in contingency planning. However, a second similar event in 1974 served as a wake-up call to many companies as they witnessed their business operations come to a screeching halt as evidenced by the fatal silence of their power-starved computer rooms.

Business recovery planning and awareness have matured substantially in most companies since that time. An entire new industry has been created to provide for the new and more complex recovery requirements of American businesses. It is not difficult today to find alternate recovery sites, consultants, software, education and publications dedicated entirely to products and services for contingency-minded companies. The business recovery industry has evolved to include the wherewithal to provide for total business recovery; including end-user recovery and a wide variety of resumption services. For all these advances in requirements and capabilities and for all the maturity and sophistication that has characterized business contingency planning in recent times, the specter of terrorism as a meaningful and realistic threat has begun to pose some new and very unique problems.

International terrorism has been around for some time. There have been over 6,500 documented incidents since 1980 resulting in more than 5,000 dead and 12,000 injured. While terrorism may take many forms, the one that concerns businesses the most is the terrorist bomb. Customers in the United Kingdom cite “bombings” as the number one threat to their businesses and the primary reason they engage in contingency planning. The statistics bear that out. Of the 467 most recently documented international disasters (excluding the United States), 6 percent were caused by bombing. Until the incident at the World Trade Center in February 1993, this category did not even appear in the statistics for the United States in a significant way. After the World Trade Center incident, “bombing /sabotage” jumped to 8% of all causes of declared disasters, the fourth most frequent cause behind power (29%), storm (11%) and flood damage (10%).

Monday, 29 October 2007 07:10

Waging the War on Terrorism

Written by

Ostensibly, the crisis in the Gulf was terminated with the unconditional cease-fire of Iraq in late February. While the American-led Coalition did achieve its goal when Iraq succumbed to all of the terms set out by the U.N., a new, and perhaps more subversive threat has quietly slipped into the forefront--the threat of terrorism. While the war against Iraq was relatively straightforward and confined to the Gulf region, the war waged by terrorists is completely unpredictable, it is indiscriminate in choosing its victims, and it knows no boundaries. As with civilians, businesses may find themselves to be involuntary participants in a war that may or may not materialize into reality.
According to U.S. intelligence, Saddam Hussein has a hard core of professional disciplined terrorists scattered around the world, waiting for his orders to strike. The Abu Nidal Organization (ANO), which has been held responsible for several terrorist acts worldwide, has the highest potential for carrying out terrorist acts. Furthermore, the ANO, as well as some other terrorist support groups, have rudimentary structures in the U.S.

Although terrorist acts increased during the Gulf crisis relative to a comparable period last year, only one was demonstrably connected to the Iraqi government. However, while direct linkage to the war is loose, “the fact that there has been an increase indicates that there is a connection,” says Johnathan Tal, President and CEO of Infortal Associates, security consultants and investigators in California for high-tech and multi-national industries. There has been a definite increase in terrorist acts against American businesses, though not as prevalent in the U.S., he adds.

Given both the increased exposure of the U.S. in worldwide affairs and the unsettled climate in the Middle East, American businesses may put themselves at great risk if they do not take prudent measures to protect themselves. Despite the current cessation of hostilities in the Middle East, the State Department has issued a statement that “terrorism remains a serious concern in the postwar period. Previous wars in the Middle East have frequently been followed by a terrorist aftermath.” Tal agrees that terrorism remains a feasible threat, explaining that “terrorism will be the only outlet for the frustration of people who feel their honor has been diminished.”

Although businesses should be aware of and prepared for possible terrorist activity, they should be careful not to overreact to the threat. “We advocate caution, but not paranoia,” says Karen Berg, CEO of CommCore, a New York management development communications firm specializing in crisis planning and training. “People should be aware of the possibility, but not suddenly give a knee-jerk reaction and alarm their employees.”

In order to guarantee the security of your business to the best of your capacity, you need to first assign as many resources as possible to defining your risk, build a plan that is targeted to combatting that risk, and finally, put your plan together and test it.