How to Navigate Insurance Needs in Vendor Relationships
Estimated Reading Time: 9 minutes
By Rachel Sams
Lead Consultant and Editor
Imagine that at your organization’s next event, a guest trips over a cord for the audiovisual equipment, falls, and sustains a serious injury. The guest makes a claim for damages.
Who would be liable for any damages awarded? Your nonprofit? The event venue? The audiovisual company?
Some leaders believe if their nonprofit contracts with an event vendor, they don’t need to worry about risk and insurance. But, while having a written contract with an event vendor is an important step in protecting your nonprofit from claims that could be damaging, it’s not the only step.
The example above illustrates the importance of considering insurance and liability issues in your nonprofit’s relationships with vendors. Of course, your nonprofit should strive to take reasonable measures to assess and mitigate operational hazards, including at your events. But when you work with third parties, some risks are not within your control. It’s important to work with vendors to mitigate those risks for everyone involved.
Risk management includes ensuring your vendors have proper protection for risks that may arise in their work with your nonprofit. That will help you avoid the costly consequences of a claim and focus on your mission. In this article, we’ll share how to assess and mitigate the risks of services third parties provide to your nonprofit.
Make Your Vendor Relationships Official
Nonprofits sometimes need to hire external vendors to access expertise their team doesn’t possess. Many nonprofit teams don’t have experience in audiovisual technology, catering, legal services, floral design, payroll management, accounting, landscaping, or a host of other areas.
Vendor relationships can bring your nonprofit lots of benefits. Contracting with a top-notch event vendor can cement your organization’s reputation for having quality events that meet community needs. Hiring a great IT contractor helps ensure your employees can perform their work smoothly and securely.
Great vendor relationships start with a strong position on contracting. We encourage nonprofit organizations to require the use of written contracts that are reviewed and executed per a clear process. A clearly-written contract is a powerful risk management tool, delineating the roles and responsibilities of the parties. The process of drafting and negotiating the contract often reveals concerns and expectations that may not be explicit or clear during planning discussions.
Many nonprofits are attentive to this area. In 2023, NRMC surveyed readers of our Risk eNews newsletter about their contracting experiences. Among the 46 respondents, nonprofit sizes represented ranged from less than $10 million in annual revenue to more than $100 million. 64% of respondents were from nonprofits with annual revenues under $50 million, while 36% of respondents were from large organizations, with annual revenues above $50 million.
Most respondents, 66 percent, had no in-house attorney to review contracts. Just under two-thirds indicated they had a contracting policy.
The most common element of those written policies or procedures is language clarifying who is authorized to execute contracts. Contracting policies also frequently designate contract review by a non-attorney staff member and specify the level of review based on the contract size or scope. Only 22% of organizations with a contracting procedure required that all contract signers participate in contract process training.
About 17 percent of respondents reviewed and revisited standard contract language annually, 52 percent reviewed it periodically, 19 percent never reviewed it, and 12 percent reviewed it on some other schedule.
More than 80 percent of respondents didn’t use a third-party vendor for contract review and management.
If you have a contracting policy, what are the best ways to build on it? Some of NRMC’s favorite contracting tips include:
- Never sign a contract with terms you don’t understand. Ask the other party to explain anything that is unclear. Try to reach a compromise on asks that are impractical.
- Similarly, understand what you are asking of your vendors. If you don’t understand a vendor’s insurance requirements, ask. You should be able to confidently answer any vendor’s questions about what you will require it to do.
- Make it clear to staff in your nonprofit who has the authority to sign contracts binding your nonprofit, and who does not.
- Include an ‘escape hatch’ in every contract. Wherever you can, build in flexibility to cancel the contract if circumstances make it impractical or unwise to proceed.
- Complete all due diligence (including reference-checking!) on new vendors before contract signing.
Insurance (and More) in Vendor Agreements
NRMC often receives questions from nonprofit organizations about contracts and insurance. Many nonprofit leaders long for blanket guidance on whether to require all vendors to carry certain types of insurance, what limits to require, and when to request indemnification. As with many things in risk management, our answer is “It depends!” Each nonprofit’s situation will vary, and there may be differences among your vendor relationships as well. Good vendor management requires considering your needs in advance and creating a robust vetting process that allows both your organization and your vendors to ask questions.
Potential liabilities that can arise from a vendor relationship include bodily injury, property damage, professional errors, cyberbreaches, and more. Assess your vendor relationships and reflect on the range of risks associated with each relationship. Then, take steps to understand those risks, reduce their downside consequences, and ensure readiness if a risk materializes. If you have questions about how insurance applies to the risks raised during your review, bring your questions to your insurance advisor or consult counsel.
Here are some of our top tips for navigating insurance needs in vendor agreements.
Get indemnified. Make sure vendors will bear legal and financial responsibility for any claims or damages that arise from the work they perform for you. Include an indemnification agreement in your contracts with vendors. Indemnification is a commitment to cover the losses stemming from an individual or organization’s service. Conversely, when your nonprofit is asked to indemnify another party in writing, review the request carefully, ask questions, and negotiate as needed before proceeding. As a rule of thumb, resist indemnifying a counterparty for anything that’s not within your own direct control or resulting from your own negligence.
Establish insurance requirements. Insurance is the financial backstop that guarantees a contractor’s ability to fulfill its indemnification covenant, and should be required for the full term of the contract—and in some instances such as construction, even beyond completion. For many vendors, that includes general liability coverage and workers’ compensation. Depending on the nature, scope, and location of services, it may be advisable to require additional forms of insurance. If you contract with a transportation provider, for example, you want assurance that it has adequate liability coverage on the vehicles they will be using to transport your clients or staff. If you’re consigning donor data to a cloud-based technology services provider, you’ll want to insist on cyber insurance to cover breach response costs and liability or regulatory claims, including defense. Require in your contract that the vendor provide an acceptable certificate of insurance evidencing the coverages you require, but bear in mind that the certificate is nothing more than a high-level abstract; the fine print of the contractor’s policies will govern in the event of a claim.
Request Additional Insured status. Some liability policies—for example, Commercial General Liability, Auto Liability, and some Professional Liability forms—enable the policyholder to designate contractual counterparties as Additional Insureds, giving them limited rights of protection if targeted in claims arising from the policyholder’s negligence. This simple step can enable you to piggyback onto your vendor’s insurance and preserve your own loss experience. Note, however, that the vendor’s insurance will only apply when your organization, as an innocent party, is brought into a claim arising from the contractor’s negligence. It won’t protect you against your own comparative negligence.
Set limits. The amount of insurance you’ll want from vendors will vary according to the type of work being performed, the potential consequences of an adverse event, and the location, recognizing that some jurisdictions are more litigious and generous than others. A common guideline is to require a minimum general liability policy limit of $1 million per occurrence, $2 million in total, but your nonprofit’s needs may differ significantly. In instances with catastrophic loss potential such as vehicular use, habitational services, and direct interaction with vulnerable persons, Umbrella/Excess Liability insurance may be advisable as a safety net of additional protection.
Obtain a waiver of subrogation. This provision prevents a vendor and/or its insurer(s) from suing your organization to recover claims payouts they make because of the contracted work.
It’s a game of “Let’s Make a Deal.” Lawyers and insurance advisors may draft the ideal indemnification and insurance specifications but, as the Rolling Stones’ popular song says, “You Can’t Always Get What You Want.” “In our experience, the sticking points usually involve liability limits,” notes Scott Konrad, North American Nonprofit practice leader for global broker HUB International. “We take a pragmatic, real-world view of risk but sometimes our clients’ contractors don’t have the robust liability limits we suggest,” Konrad notes. In such instances, you may need to compromise on your insurance request or even consider other service providers.
Establish a point person(s) to handle contracts. Most nonprofits do not have a contracts or even legal department, although a growing number have at least one lawyer on staff. Contracting in nonprofits is sometimes coordinated by the finance department. Remember that it’s important to be clear about who initiates contracts, reviews contracts, and tracks contract execution. And if these important roles have been assigned to an individual, ensure that a back-up has been trained and can step in as needed.
Limit the number of vendors you work with. The more vendor relationships you form, the more potential third-party risks you introduce. With a carefully curated vendor pool, you’ll have fewer contracts and compliance requirements to manage—and you can spend more time building valuable relationships.
Consider using RFPs (requests for proposals) to solicit vendors. When they read the detailed requirements of your RFPs, vendors that can’t meet those requirements will likely self-select out of the process. While many nonprofits have adopted a practice of requiring bids and RFPs for contracts over a certain amount, if you’re considering doing so keep in mind that this practice can also lead to staff consistently hiring vendors at amounts just under the threshold to avoid triggering the process. Another approach is to use RFPs selectively, with contract amount as one of several possible triggers.
A strong vendor agreement requires thought, effort and negotiation up front. But if you and your vendor put in that work in good faith, it can yield a relationship that anticipates difficulties, builds in needed flexibility, and ensures a shared understanding of key issues and concerns. Those elements are sound risk management and will benefit all parties for years to come.
Rachel Sams is Lead Consultant and Editor at the Nonprofit Risk Management Center. Reach her with thoughts and questions about vendor relationships and insurance at rachel@nonprofitrisk.org or (505) 456-4045.
Resources:
Insurance Myths & Facts for Nonprofits – Nonprofit Risk Management Center
Contemplating Coverage: Insurance for Nonprofits – Nonprofit Risk Management Center
Glossary of Risk Management and Insurance Terms – Nonprofit Risk Management Center
“First let me congratulate you on a conference well done. I had a great time at the Nonprofit Employee Benefits Conference and walked away with some valuable tools and questions that we’ll need to be addressing in both the short and long term. Thanks to you and your staff for all you do to provide us with quality resources in support of our missions.”
— Scott Brown, Mohonk Preserve
“BBYO’s engagement of NRMC to conduct a risk assessment was one of the most valuable processes undertaken over the past five years. Numerous programmatic and procedural changes were recommended and have since been implemented. Additionally, dozens (literally) of insurance coverage gaps were identified that would never have been without the work of NRMC. This assessment led to a broker bidding process that resulted in BBYO’s selection of a new broker that we have been extremely satisfied with. I unconditionally recommend the Center for their consultative services.
— Sidney Abrams, BBYO
“Melanie Herman has provided expert, insightful, timely and well resourced information to our Executive Team and Board of Directors. Our corporation recently experienced massive growth through merger and the Board has been working to better integrate their expanded set of roles and responsibilities. Melanie presented at our Annual Board of Director’s Retreat and captured the interest of our Board members. As a result of her excellent presentation the Board has engaged in focused review which is having immediate effects on governance.”
— Pamela Mattel, Basics Promesa Systems Inc
“The Nonprofit Risk Management Center has been an outstanding partner for us. They are attentive to our needs, and work hard to successfully meet our requests for information. Being an Affiliate member gave us access to so many time- and money-saving resources that it easily paid for itself! Nonprofit Risk Management Center is truly a valued partner of The Community Foundation of Elkhart County and we are continuously able to optimize staff time with the support given by their team.”
— Jodi Spataro, Community Foundation of Elkhart County
“The board and staff of the Prince George’s Child Resource Center are extremely pleased with the results of the risk assessment conducted by the Nonprofit Risk Management Center. A thorough scan revealed that while we are a well run organization, we had risks that we never imagined. We are grateful to know that we have now minimized our organizational risks and we recommend the Center to other nonprofits.”
— Marti Worshtil, Prince George’s Child Resource Center
Great American Insurance Group’s Specialty Human Services is committed to protecting those who improve your communities. The NRMC team has committed to delivering dynamic risk management solutions tailored to nonprofit organizations. These organizations have many and varied risk issues, hence the need for specialized coverage and expert knowledge for their protection. We’ve had Melanie speak on several occasions to employees and our agents. She is always on point and delivers such great value. Thank you for the terrific partnership and allowing our nonprofits to focus on their mission!