“TOBA traps” - general exposure risk under existing TOBAs

In February’s edition of The Word we explored TOBA risk mitigation, specifically with reference to early exit protections where relationships don’t work out. Following an increase in recent instructions, in this edition we consider exposure more generally under existing TOBAs, which often follow standard template form. 

Exclusivity

Many TOBAs inadvertently give insurers or brokers exclusive or sole rights to distribute specified, listed products, target specified customers or work in certain markets. This is often not the intention and getting this wrong badly limits capacity, restricts the ability to work with other brokers, target other customers, operate in certain markets or release other products.

The solution is to ensure that “exclusive”, “sole” or “only” are only used where this is the intention. Exclusivity clauses are interpreted literally, so these must be drafted correctly. 

Data compliance

Insurers and brokers have relied on data for as long as insurance has existed, so this is a big issue. The regulatory landscape changed since May 2018. Additionally, ‘big data’ from myriad sources (telematics, social media etc) is used to underwrite more accurately, price risk and incentivise risk reduction. With more information available on consumers than ever before, TOBAs needs to accurately reflect the data flows and ensure that risk follows the data.

All participants in the distribution of insurance products will process personal data and share personal data with each other and various third parties. Many insurers, brokers and other intermediaries are therefore fined by the regulator (the ICO) each month for failing to do this properly. 

In the past 12 months alone, Seaview Brokers (£15,000), HomeSure Solutions (£100,000), UK Appliance Cover Ltd (£100,000), Boiler Cover Breakdown Limited (£120,000), Repair Plans (UK) Ltd (£70,000) and TempCover Ltd (£85,000) have received fines for improper personal data use, i.e. making or sending unsolicited marketing calls and messages or sharing data without appropriate transparency. 

Since 2018 strict rules have applied to contracts between parties who share personal data. It is therefore that your TOBAs need to be compliant and accurately reflect the data flows involved. Whilst many standard templates and model TOBAs are available, these will not set out the correct data flows applicable to your specific relationships. You therefore need to make sure that your TOBA sets out (as minimum):

1. What personal data you process (and why);
2. What happens to that personal data on termination (i.e. is it returned or securely deleted); and
3. Who is liable for data breaches / data repatriation / compliance with the rights of data subjects.

You should use the TOBA to carefully set out what personal data is being used and shared, why, and whether it is being done in a compliant manner. If you don’t, you can lose your control over your customer/policyholder data and you risk both ICO and FCA sanction. 

Termination and client ownership

Weigh up the work you have done onboarding the relationship and consider the minimum length of time you would want or need the relationship to run to make it commercially viable – then make sure the relevant TOBA is for a fixed minimum initial period, preventing termination without cause before that date to ensure you aren’t brought back down too fast.

Also remember to use the TOBA to agree who manages and “owns” the book of business. It will reinforce rights to contact policyholders following termination.

Contact with policyholders

If you are the broker / intermediary, you want to protect your customer base. Therefore, your TOBA needs to restrict your capacity provider’s ability to contact your customers (other than for regulatory purposes) and set out the remedies available to you (such as fixed payments) if they breach the terms.

Poor drafting

Many TOBAs fail simply because they don’t say what they need to (or, what the parties think they are saying). If you are using standard form TOBAs that have not been negotiated, you need to ensure that all clauses are clear. The main area where this is challenged, and often the most contentious part of any TOBA, is in relation to payment of commission. Most TOBAs are too vague when there are many issues to consider:

1. Basic information - do they correctly specify when commission is paid and how it is calculated;
2. Amendments - if the rate varies at any time and what happens to commission rates for policies that are cancelled mid-term, or the reconciliation process for mid-term adjustments; and
3. Renewals – is commission still payable for existing customer renewals as well as new customer referrals? Does this continue post-termination if capacity is still provided by the same insurer?

Ensure that you are paid for work done and make sure you are entitled to commission on policies incepted during your contractual relationship that will continue to renew following termination.

The primary contractual rule for non-negotiated, standard form contracts is that any clauses that don’t make sense, or are either contradictory, confusing, or unclear will be interpreted against the party that drafted them. However, this should not apply to TOBAs that have been negotiated between the parties

Redundant terms

We see many TOBAs and binders that contain terms that don’t make sense and simply shouldn’t be there, or reference other terms that haven’t been defined. This is usually because the contract was initially pulled together from a range of documents without consideration or review. Such provisions are dangerous because they can impose obligations on a party that are neither necessary nor relevant, such as provision of various documents or letters of undertaking. They also make it much harder to enforce your contract. 

This is intended as a high-level summary only; it is not an exhaustive list of common issues nor is it a substitute for legal advice.