Acera Insurance

Personal vs. business auto insurance: What Canadian business owners need to know

Nichole McKenzie — Tue, 17 Mar 2026 21:33:23 +0000

If you use your vehicle for business, your auto insurance premium is influenced by more than just your driving record. From how your vehicle is used to what you haul, where you travel and how much coverage you need, commercial auto insurance covers risks usually excluded under personal policies. Here’s what Canadian business owners need to know.

It’s easy to compare your auto insurance rates to friends, family and coworkers – especially if you drive similar vehicles, live in the same area and even share the same insurer.

But if you’re a small or medium-sized business owner using your vehicle for work, your insurance premium is calculated very differently. Commercial use introduces additional risks, responsibilities and coverage requirements that don’t apply to personal auto policies.

In this article, our commercial insurance advisors share key factors insurers consider when determining your auto insurance premiums and why yours might be higher.

Personal vs. commercial use

A personal-use vehicle is typically limited to everyday activities like commuting to a fixed workplace, running errands or taking weekend trips.

Using your vehicle for commercial purposes often include:

Increased time on the road.
Making deliveries or service calls.
Hauling equipment, tools or materials.
Having an adapted unit with permanently attached equipment such as a slip tank, crane, etc.
Transporting employees or clients.
More than one authorized driver.

Each of these factors increase the likelihood of a claim. As a result, the risk profile of commercial use vehicles alters the risk exposures which can raise your premiums.

If you are using your vehicle for commercial or business purposes and only have personal auto insurance, your policy may be void in the event of a claim.

Different vehicles, different risks

Not all vehicles are assessed the same way by insurers.

A compact SUV, cargo van and heavy-duty truck carry different risk profiles based on factors like size, repair costs, mileage and historical claims data. Even small fender benders can impact your premiums.

That means even if you and a friend both use your vehicles for business, different makes or models result in different insurance premiums.

Territory and travel considerations

Personal auto policies generally provide coverage only within Canada and the United States.

You may need specialized coverage if your business involves:

Transporting goods across borders.
Regular long-distance travel.
Operating in multiple provinces or jurisdictions.

These travel and territorial risks are factored into your premium and won’t be reflected in a friend’s personal auto policy.

Higher coverage limits and protection options

Most personal auto insurance policies offer full collision and comprehensive coverage – especially for leased or financed vehicles. Some clients can start removing coverage if the vehicle is older, fully paid off and the value is less than what is worth insuring it for in the event of a collision. Premiums will also be determined by the driver’s history and vehicle type.

For business use, Acera Insurance advisors typically recommend collision and comprehensive coverage that includes:

Higher liability limits, often $2 million or more.
Physical damage coverage, including collision and comprehensive for theft, vandalism and non-collision losses.
Optional endorsements tailored to how you use your vehicle and your industry.

It’s easy to assume that $2 million in liability coverage is enough, but legal fees, settlements and court awards can quickly exceed that amount when an accident involves grievous injury or death.

It’s important to remember that commercial auto insurance is designed to protect your business from liability and vehicle related losses, not just damage to your vehicle.

Want to learn more?

Speak with our small business insurance team to make sure your vehicle is properly insured and your livelihood fully protected.

Talk to an advisor today.

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Information and services provided by Acera Insurance, Acera Benefits and any other tradename and/or subsidiary or affiliate of Acera Insurance Services Ltd. (“Acera”), should not be considered legal, tax, or financial advice. While we strive to provide accurate and up-to-date information, we recommend consulting a qualified financial planner, lawyer, accountant, tax advisor or other professional for advice specific to your situation. Tax, employment, pension, disability and investment laws and regulations vary by jurisdiction and are subject to change. Acera is not responsible for any decisions made based on the information provided.

OEMs and integrators: Managing third-party risks in manufacturing

Paula Martin — Wed, 11 Mar 2026 20:44:44 +0000

Manufacturers don’t operate alone; OEMs and integrators are effectively ‘in the house.’ That’s where third‑party risk shows up. OEMs can derail production with bad or late parts, breakdowns, logistics disruption, recalls and remote-access cyber exposure. Integrators can raise your cyber risk even more because they are often granted higher-level access in order to configure systems.

Jen Warman is a Senior Client Executive with more than 14 years of experience supporting manufacturers and other complex Canadian businesses. In this article, she breaks down OEM and integrator risks that can disrupt manufacturing processes, as well as the practical steps to reduce them.

Almost everything that manufacturers do involves a third-party to some degree, be it where you get your supplies from, where you ship your goods to or the partners who touch your operations.

While it’s easy to focus on the risks within your ‘four walls,’ the reality is working with third parties — like OEMs (original equipment manufacturers) and integrators — puts manufacturers in a vulnerable position.

While you can’t control third-party risk, you can control how you react. This starts with understanding the difference between OEM and integrator risk, what can go wrong and how to reduce the impact when things don’t go as planned.

“Third-party risk can be just as crippling as first-party risk.“
Jen Warman, Senior Client Executive, Acera Insurance

OEMs and integrators in manufacturing: What’s the difference?

OEMs make the products or the components, often the machines and parts that manufacturing operations rely on.

Integrators assemble, customize and implement those products into a usable system. They usually configure connections, operations and structure in manufacturers’ environments.

That difference matters because:

OEM risk can hit manufacturers through parts, production, support and defects.
Integrator risk can increase cyber vulnerability through access and configuration.

What risks do OEMs create in manufacturing

When manufacturers rely on an OEM, especially for critical machines and components, risk tends to show up in a few specific ways:

Bad parts or late parts

If your OEM or supplier sends a bad part or a late part, you can’t complete the job. Quality issues and counterfeit parts can sneak in, leaving you to deal with failures you didn’t cause.

OEM breakdowns and service problems

OEM breakdowns can hit you fast. Their machine breaks down, and suddenly you’re not getting parts, so production stops. Plus, there’s a point when most OEMs stop supporting older machines, making it difficult to get parts or repairs.

Design or software problems

A lot of OEM risk falls into design and software problems with their machines. The bigger one people miss is locked‑in technology, which is when only they can do the updates or repairs. If the OEM is slow, unavailable or closed, your investment is at risk.

Logistics disruption and recall exposure

Logistics disruption can delay or stall shipments. And if a defective component that someone else produced ends up inside your end product, you can land in recall territory, because it’s your finished product going out the door.

“OEM risks are anything can impact your ability to produce, ship and stay profitable.“
Jen Warman, Senior Client Executive, Acera Insurance

What risks do integrators create in manufacturing

Integrators assemble, customize and implement systems. This usually means they have the highest level of access, because they’re configuring machines and systems.

As a result, if an integrator’s access isn’t controlled properly, or if their cyber practices are inadequate, you can inherit cybersecurity risks that you didn’t create.

OEMs, integrators and third-party cyber risks in manufacturing

A growing cyber risk right now stems from systems owned and managed by vendors that manufacturers log into themselves. So, you essentially take on the risk of that vendor when you are logged into their system.

Or, on the other side of it, a lot of vendors are now logging into manufacturers’ systems to troubleshoot, update software or manage equipment. This also presents significant cyber risks.

Manufacturers need to be aware of how vendors’ poor cybersecurity practices can cross over to affect their own operations. For example:

If OEMs and integrators use weak or shared passwords, cybercriminals can more easily access systems and disrupt production.
If OEMs and integrators do not remove old accounts, theirformer employees/users may still be able to access your systems.
If OEMs and integrators use unsecured devices, this creates an opening for cybercriminals to enter your environment.
If OEMs and integrators use poorly segmented networks, cybercriminals can more easily jump into and attack your system.
If OEMs and integrators have unpatched software, this creates holes in your own cybersecurity and operations.

7 steps to reduce OEM and integrator risk in manufacturing

You can’t necessarily control third parties, but you can minimize threats by following best practices and ensure you have insurance to fall back on if those precautions fail.

“You can’t eliminate third party risk, but you can greatly reduce it by having the right strategies in place.“
Jen Warman, Senior Client Executive, Acera Insurance

Here are the steps manufacturers should take:

1) Know who your critical suppliers and integrators are

Start with visibility. Know who they are and how critical they are to your ability to produce and ship.

Why: The biggest risk is the unknown. Once you know who your critical partners are, you can plan how you’ll react to potential risks.

2) Use strong contracts with clear expectations and insurance requirements

Your process should always outline clear expectations and clear insurance requirements.

Why: Strong contracts are foundational to reducing third-party risk. Clear contractual language makes it obvious who’s responsible for what and what protection is in place.

3) Make “additional insured” a standard request

Being listed as an additional insured means you’re covered under the vendor’s policy if their work or product causes a loss. Make sure to get a certificate that lists you as an additional insured on their insurance policy.

Requesting to be an additional insured should be part of every conversation when you have someone doing work for you.

Why: Because you don’t want to be on the hook for a vendor’s mistake. Additional insured status can help push the claim through their insurance coverage, not yours.

4) Check if your vendors carry cyber insurance

Cyberattacks are one of the biggest risks leading to lost income these days. If a vendor’s work increases your cyber vulnerability, you need to know they have cyber insurance as an extra layer of protection.

Why: Because when a vendor logs into your system and touches your operations, their cyber insurance policy is one more backstop if cybersecurity precautions fail.

5) Limit and monitor third‑party access to your systems

Limit, monitor and be intentional about who gets access, especially for integrators with higher-level configuration access.

Why: Strict access controls help to reduce the likelihood that a vendor’s cyber issue will turn into operational disruptions for you.

6) Build redundancy so one problem doesn’t stop everything

Maintain backup suppliers, multiple sourcing options across different geographic regions, extra stock on hand and alternative transportation routes.

Why: Redundancy keeps production moving. When one link in the supply chain breaks, you’ve already got another option ready to go.

7) Review your own insurance limits

Regularly review your own manufacturing insurance program limits (particularly for cyber insurance and contingent business interruption insurance) to ensure they remain sufficient.

Why: A quick check can ensure your insurance coverage aligns with the reality of rising costs.

Manufacturing insurance for third-party risks

The following are just some of the coverages that commonly help protect manufacturers from first-party risks, or those within their ‘four walls’:

Commercial general liability insurance (CGL) to cover legal expenses if your operations or products cause bodily injury or property damage.
Commercial property insurance to cover costs for repairing or replacing damaged or destroyed physical assets (i.e., building, machinery, equipment, inventory, furniture).
Business interruption insurance to cover lost income and ongoing expenses when you’re forced to suspend operations due to a covered property loss.
Equipment breakdown insurance to cover the cost for repairing or replacing equipment (i.e., mechanical, electrical, pressure) that suddenly or accidently broke down.

But manufacturers should also consider the following coverages to protect themselves from third-party OEM and integrator risks:

Coverage	What it protects against
Cyber insurance	Can protect against cyberattacks and ransomware, including vendor-caused incidents and outages.
Contingent business interruption insurance	Can cover loss of income related to supplier-related outages, such as supply chain failures that halts productions.
Product recall insurance	Can help cover the cost of pulling products back, which is critical when your product includes pieces produced by someone else.
Product liability insurance	Can help respond if your product injures someone or causes property damage, again a critical coverage when relying on OEM parts.

As always, it’s important to remember that insurance isn’t one-size-fits all, especially when third-party risks are involved. Talk with a manufacturing insurance specialist to review your risks and your policies so you clearly understand what you’re covered for.

OEM and integrator manufacturing risks are manageable

My overarching message to manufacturers is simple: look outside your four walls. Third-party risk can be just as crippling as first-party risk. You can’t necessarily control it, but you can set up best practices to avoid those situations. And you can put the right insurance in place, so you have something to fall back on if those precautions fail.

If you’re not sure where your gaps are today, start with two things:

map your OEM and integrator relationships (and who has access), and;
review your contracts and your coverage so there are no surprises when there’s a loss.

FAQs: Third-party risks in manufacturing

Acera Insurance’s Jen Warman answers six questions about third-party risks in manufacturing:

What is third-party risk management and how is it different from overall risk management?

What are supply chain risks in manufacturing?

What are OEM risks in manufacturing?

What risks do integrators create in manufacturing?

What are third-party cyber risks in manufacturing?

What can manufacturers do to minimize their third-party risks?

Share this article:

Also by Jen Warman:

Jen Warman is a Senior Client Executive at Acera Insurance. With more than 14 years of experience in the insurance industry, Jen specializes in supporting manufacturing companies, contractors and businesses with complex risk profiles. Licensed in both British Columbia and Alberta, she is well-positioned to serve clients across Western Canada. Her mission is simple: to make insurance easy to understand and even easier to manage. Jen takes pride in being a strong advocate for her clients — negotiating the best terms, offering clear advice and delivering a consistently exceptional experience. Whether your business is navigating risk management or looking for a more strategic insurance partner, Jen is committed to helping you thrive. You can connect with Jen at [email protected] or 250.824.2905.

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Steps to take when making an auto insurance claim

Nichole McKenzie — Thu, 05 Mar 2026 21:18:34 +0000

Accidents happen. Here are some steps to protect yourself legally, emotionally and financially.

At the scene

First, make sure everyone is safe.

Check for injuries and call emergency services if needed.
Do not move anyone who is injured.
If possible, move vehicles to a safe location.
Turn on hazard lights and move all uninjured passenger to safety.
Take photos and record what happened.
Get the contact details for witnesses

Exchange information:

Name and phone number.
Insurance and policy number (take a photo of their pink card).

You need to file a police report if:

There are injuries.
Missing documentation.
The vehicles are not drivable.
Damage exceeds provincial threshold (e.g., Alberta’s is $5,000 in total combined damages).

Even if you feel fine, visit a doctor. Injuries can appear later.

Call your insurer and your Acera Insurance advisor

Not sure who your insurer or broker is? Check your pink slip.
Keep all receipts (towing, rentals, emergency repairs).

Your Acera Insurance advisor helps you:
Understand coverage | Advocate for you during the claims process | Protect your coverage long‑term | Identify prevention steps

During your claim

To keep things moving smoothly:

Make sure your contact information is up to date.
Follow your claims adjuster’s instructions.
Keep your Acera advisor looped in. We are here to advocate for you.
Review any settlement documents carefully before signing.

After the claim

Filing multiple claims can affect your premiums and coverage options.

Repeated claims, especially of the same type, make it difficult to find affordable options. We’ll help you understand how to reduce risk going forward.

If you have any questions or need to report a claim, contact your Acera Insurance advisor.

Calling after hours? Our emergency claims reporting lines are available 24/7. After Hours Claims: 1.866.212.3239

Claims lessons Canadian businesses can’t ignore after $11 billion in severe weather losses

Nichole McKenzie — Wed, 04 Mar 2026 19:32:56 +0000

After more than $11 billion in severe weather losses, Canadian businesses are learning that catastrophe risk is no longer driven just by rare events, but frequent, overlapping perils. Drawing on recent hail, wildfire, and flood claims, Leah Wood outlines the claims lessons businesses can’t afford to ignore – from speed and documentation to vendor readiness, valuation accuracy, and practical resilience that reduces downtime and loss severity.

Catastrophic losses are no longer rare. More than $11 billion in insured losses from severe weather events between 2024 and 2025 show that the real challenge for businesses isn’t just the size of losses – it’s how often these events are hitting, across more regions, with multiple perils at once.

According to Leah Wood, Director, Claims & Loss Control at Acera Insurance, the reality businesses are facing is a pattern of rising frequency and increasing scale of losses that are compounded by overlapping perils.

In this article, Leah shares what the past few years have revealed about claims readiness and recovery, and how businesses can prepare for what comes next.

First catastrophe claims lesson: Speed beats perfection

Ensuring that your vendors are prepared should be a fundamental element of any risk management strategy. When severe weather events strike, there is often a significant strain on available resources, including vendors and adjusters.

Reducing downtime through proactive partnerships

Delays compound loss severity and downtime for businesses. By prioritizing vendor readiness and establishing relationships with reliable service providers ahead of time, commercial clients can significantly improve their outcomes after a catastrophe. Fast action helps mitigate losses and accelerates the recovery process, allowing operations to resume sooner and with less disruption.

“Claims rarely occur during regular business hours. They often happen at inconvenient times – overnight, on weekends, or when you’re not prepared.”
– Leah Wood

Streamlining claims with organized records

Maintaining in-depth and organized records prior to a natural catastrophe is crucial for facilitating a swift restoration and repair process. When a catastrophic event occurs, insurers and adjusters must assess urgency and coverage across numerous claims simultaneously. Businesses that keep up-to-date site photos, detailed logs, invoices and “before” records will be able to navigate the claims process quicker.

Why water damage causes most claims to grow in catastrophe situations

Whether it’s hail, wildfire or flood events, water damage is the biggest issue for catastrophe claims. It’s often the hidden driver of severity with mold risk, damage and downtime.

Wildfire claims: Access restrictions and contamination

Even during wildfires, water can be a significant source of damage due to contaminants entering the water system, compromised pipes, erosion and runoff. Wildfire can also cause access restrictions which can slow down recovery times.

Flood claims: Coverage wording and downtime risk

Flooding, whether it’s from flash floods or pluvial flooding, can be especially disruptive because of what the water has come into contact with along its path. Drying time and demolition decisions directly affect downtime and flood claims coverage can vary by wording depending on the policy, such as distinctions between overland water and sewer backup.

Hail claims: High volume, hidden water damage

Even perils with seemingly predictable effects, like hail, often result in hidden water intrusion that extends repair timelines and business interruptions due to the high-volume of claims, repeat damage and water entry. Hail also creates huge repair pressure — Calgary’s 2024 hailstorm generated 130,000+ claims and pushed insured loss estimates to about $3.25 billion, which strained trades amid sourcing the materials needed to repair the damages.

Steps to take for a fast and successful claim in a catastrophe response

It can be easy to feel overwhelmed at the beginning of the claims process, especially following a large natural catastrophe. To be successful, you need to move quickly. Claims advisors will focus on the first 48 hours to get clear coverage path early so decisions don’t stall.

Your checklist for the first 72 hours should include:

First 24 hours

Making sure your site is safe by limiting access and ensuring all power, gas and water are shut off.
Taking steps to minimize further damage by removing standing water, boarding up doors and covering windows with tarps.
Documenting all damage before cleanup begins. Take photos and videos, keep all receipts and maintain detailed records and inventory of all damaged property and restorative work being done.
Contacting your insurer as soon as possible to start the claims process. Keep your records tidy and well-organized so you can easily supply any documentation needed during the repair and restoration process.

Next 48-72 hours

Confirm the plan with all vendors: restoration, glazing, roofing and temporary power.
Separate “emergency work” from “permanent repair.”
Keep a downtime log (what’s closed, what’s partial, what’s reopened).

Even when conditions aren’t ideal, taking early ownership of your business’s catastrophe response before adjusters and vendors arrive can help set you up for success moving forward.

Repair queue management, supply chain disruption and planning for delays

Even with a robust disaster recovery plan, delays are sometimes unavoidable. These setbacks often result from supply chain disruptions, limited availability of tradespeople and adjusters overwhelmed by multiple regions at once.

“We can’t stop the weather, but we can plan for it.”
Leah Wood

Strategies to minimize business interruption

To help reduce potential business interruption, you should develop a comprehensive response plan that includes:

Pre-selecting restoration, roofing and mechanical vendors to ensure quick access to services when disaster strikes.
Having established after-hours response expectations with your vendors so that urgent repairs can begin without delays.
Developing a triage plan for which parts of the business must reopen first.
Regularly reviewing and updating your response plan with your staff so that they are prepared and know the immediate steps that need to be taken following a catastrophe.

Understanding catastrophe claims expectations

One of the greatest challenges in catastrophe claims is managing expectations. It is important to remember that delays are generally caused by capacity strain rather than disputes over coverage. This is particularly true as natural events increasingly occur at the same time across multiple regions, placing greater pressure on all parties involved in the claims and repair processes.

The perils of underinsurance and outdated property valuations

Underinsurance is seldom obvious until disaster strikes. When a catastrophic event occurs, outdated declared values on insurance policies can lead to co-insurance penalties and insufficient coverage limits when you need your protection the most.

Furthermore, unclear policy wording, particularly regarding water damage and business interruption, can result in unexpected coverage gaps.

Understanding true replacement costs

Many property owners are caught off guard by the true replacement costs needed to fully rebuild after a catastrophe. While your building may be insured, it is crucial to consider the additional expenses that are often required, including:

Demolition costs
Debris removal
Permits and planning costs
Rebuilds in remote locations
Professional fees
Code upgrades
Business interruption

As claims remain open for extended periods, expenses tend to escalate. Therefore, it is essential to account for permit, building and municipal delays, which can significantly increase your overall costs. Proactive planning and accurate policy valuations help avoid these pitfalls and support a smoother recovery process following a catastrophe.

Fraud risks rise when stress is high

Fraud spikes when people are stressed out and trying to reopen fast. Red flags to look out for include:

Pressure to sign contracts immediately
Vague scopes of work
Duplicate invoicing
Inflated drying/equipment delays
Discouraging insurer involvement

You can protect you business by selecting reputable vendors and defining clear scopes of work. Implement a straightforward approval process and ensure invoices correspond with photographic evidence and site logs. Your insurer can also provide a list of pre-vetted vendors to better support you and help avoid fraud.

Resilience strategies don’t have to be expensive

There are simple steps that every business can take to be prepared at the beginning of every natural catastrophe season. These are simple, easy and inexpensive loss prevention steps to take for weather related perils. Remember, consistency is key.

“Resilience doesn’t have to be expensive – it just has to be consistent.”
Leah Wood

Hail risk mitigation

Regularly clean and remove debris from your gutters to ensure proper drainage.
Install protective shields or screens to protect any rooftop equipment and skylights.
Ensure your equipment, vehicles and other valuable items are stored in a covered building, wherever possible, to avoid damage during a hailstorm

Water loss prevention

Seal off your building by filling cracks and framing joints with waterproof sealant.
Make sure there is no water staining or mould around windows and doors, at major walls joints and where walls meet the ground.
Install a sump pump (preferably with a battery or generator as a backup in case the power goes out) and a sewer backup valve.
Ensure any drainage systems extend at least two metres from your property.

Wildfire readiness

Install and maintain fire suppression equipment.
Utilize fire-resistant materials.
Ensure emergency services have access to your property.
Properly store all combustible materials.
Perform ongoing landscaping maintenance and vegetation management.

We’re here to support you with comprehensive planning for business protection

Protecting your business, employees and assets requires thorough and comprehensive planning. By taking the right steps to mitigate risk, developing a catastrophe response plan, keeping detailed and organized records, and ensuring vendor readiness, you are positioning your business for long-term success.

Be certain your business is ready for the next round of extreme weather — connect with an Acera Insurance advisor today to review your coverage and strengthen your risk management plan.

FAQs

How does severe weather affect businesses in Canada?

What should businesses do immediately after a storm to support a fast, successful claim?

What should be in a severe weather preparedness and continuity plan for my business?

Life Insurance vs. Mortgage Insurance

Paula Martin — Tue, 03 Mar 2026 16:29:22 +0000

The key difference between life insurance and mortgage insurance is who benefits and how coverage works. Mortgage insurance only pays off the remaining mortgage, while life insurance provides a lump sum your beneficiaries can use however they need.

This guide breaks down costs, control and long‑term value to help homeowners choose wisely.

Life insurance and mortgage insurance may sound similar, as they both provide coverage in the event of a death.

But who they protect and how is very different.

Life insurance protects your loved ones — not the bank

Understanding the main differences between life insurance and mortgage insurance provides the clarity needed to best protect your loved ones:

	Life Insurance Through Acera Insurance	Mortgage Insurance Through a Bank
Who is the beneficiary?	You choose the beneficiaries	The bank or lender
What does the payout cover?	No restrictions; your beneficiaries choose	Only the outstanding mortgage balance
What happens to coverage over time?	Remains level for the life of the policy	Decreases over time as mortgage is paid down
What happens to premiums over time?	Guaranteed for the life of the policy	Not guaranteed and can change without notice
How long does coverage last?	Can continue past mortgage expiry date, if you wish	Ends if you sell the property, transfer mortgage companies or fully repay the mortgage
Who is covered?	Each insured is covered individually for the full value of the policy	Only the first to die is covered; no coverage for the surviving owner
What happens if the mortgage is in arrears?	Policy does not lapse	Coverage automatically terminates
Can disability and critical illness coverage be added?	Yes, both are available with comprehensive coverage	Coverage can be limited or not available at all
When does underwriting occur?	Underwriting is done when the policy is issued, providing clarity upfront on what is covered	Underwriting is done after death, creating uncertainty about what will ultimately be covered
Is the death benefit protected from creditors?	Yes	No

Secure a financial future for your loved ones with life insurance

If you want to provide your loved ones with a safety net in your absence, life insurance is the optimal choice. There are no restrictions on how your beneficiaries can spend the benefit — meaning life insurance can help your family:

**Choose a policy that protects your home and your loved ones. Choose life insurance.**

Speak with one of our expert advisors to discuss which life insurance policy is best for your needs.

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Obesity treatment: How will Canadian semaglutide generics reshape group benefits plans?

Paula Martin — Thu, 26 Feb 2026 16:27:54 +0000

With roughly two-thirds of adults classified as obese or overweight, Canadians are increasingly expecting their employer health plans to cover weight management drugs. The generic entry of semaglutide in Canada in 2026 may lower the price of the costly specialty drug to finally make this a financially viable option for many employers.

For nearly 30 years, Mike Sanderson has helped Canadian businesses balance employee health and group benefits plan sustainability. Drawing from this tenured experience, Mike explains why generic semaglutide may be the game changing scenario that moves obesity treatment into mainstream chronic disease coverage.

A brief overview of semaglutide and GPL-1 drug coverage

Semaglutide — perhaps better known by the brand name Ozempic — is a GPL-1 prescription medication used to treat Type 2 diabetes.

Yet, the speciality drug made headlines for its notorious off-label use to lose weight due to its appetite suppression affect.

While many group benefits plans provide coverage for semaglutide when used to treat Type 2 diabetes, this is not the case when used for weight management — even after a sister-drug (Wegovy) was developed and exclusively classified as weight loss medication.

This is largely because:

Employers have historically been hesitant to classify obesity as a disease state.
The current cost of the specialty drug, which can be upwards of $5,000 a year, presents a significant financial risk for the employer.

Employers are right to carefully approach any high-cost, long-duration therapy — which semaglutide is — especially when the eligible population could be substantial.

But following the recent patent expiration in Canada, the upcoming entry of generic semaglutide is anticipated to drastically cut the drug’s cost. Some estimates are that, once generics are available, the cost will range somewhere between $100 and $150 a month.

Knowing generics are on the horizon, now’s the time for employee group benefits plan sponsors to contemplate an important question: Are we willing to recognize obesity as a disease?

5 reasons group benefits plans should consider obesity as a disease

The most obvious reason is that obesity is a chronic disease.

The stigma surrounding obesity as a lifestyle issue continues to persist. But the World Health Organization, Canadian Medical Association and several provincial medical associations have formally recognize obesity as a chronic disease that deserves medical attention.

Assuming Canadian semaglutide generics significantly minimizes the financial risk for businesses as expected, here are four other cases for covering weight loss treatments in your employee group benefits plan:

Obesity contributes to other chronic diseases affecting employees

Obesity is a risk factor for more than 200 other chronic diseases that require treatments, including:

Type 2 diabetes
Osteoarthritis
Chronic pain
Sleep apnea
Depression
Anxiety
Dementia
Cancer

Obesity affects workplace productivity

A 2025 study from BMC Public Health calculated the economic impact related to not treating obesity in Canada; among its findings were that indirect costs associated with obesity include:

$8.2 billion from reduced workforce participation (i.e., people leaving the workforce earlier, reduced ability to work).
$6.8 billion from presenteeism (reduced energy, focus, mobility, pain, etc. that contributes to lower output).
$682 million from absenteeism (missed workdays due to health reasons).

Willpower is not an effective obesity treatment

Obesity’s classification as a chronic disease shapes what is considered medically necessary where treatments and benefits insurance are concerned.

Obesity Canada lists three effective interventions for treating obesity:

Behavioural (i.e., behavioural therapy, nutrition therapy, physical activity)
Pharmacological (i.e., Health Canada-approved prescription medication, including semaglutide)
Surgical (i.e., metabolic and bariatric surgery)

Canadians expect their group benefits plan to cover obesity treatments

Benefits Canada’s Healthcare Survey 2025 report found:

65% of plan members agree that weight loss medications are an important obesity treatment.
51% of plan members who feel they need to or have been told to lose weight are interested in taking weight loss medications.
Of those plan members interested in taking medication to lose weight, 66% believe their group benefits plan should cover “most or all of the cost.”

To summarize: Your organization is likely already absorbing obesity-related expenses through lost productivity and indirect costs associated with treating other chronic conditions. Covering treatments specifically for weight loss could reduce downstream claims and disability risk over time.

Canadian semaglutide generics may make obesity treatment coverage common in employer health plans

We may be approaching a blockbuster moment for GLP-1s, where affordability forces clarity on obesity coverage in group benefits plans.

Covering semaglutide for weight loss in employee group benefits plans has understandably been treated with caution up to this point, speaking solely from a financial risk management perspective.

This is because the current high cost of semaglutide (a drug that needs to be taken continuously for a long period) and likely high utilization (based on obesity rates in Canada) could put plans at risk of rapid cost escalation.

But if current estimates prove true, and generic semaglutide drives the drug cost down by 50% to 70%, the question for plan sponsors becomes: Can you afford not to cover obesity directly?

FAQs: Canadian semaglutide generic and employer health plans

Will Canadian semaglutide generics automatically expand GLP-1 drug coverage for weight loss?

Why should employers decide whether to treat obesity as a disease state before covering GLP-1 drugs, like semaglutide?

Why are plan sponsors facing pressure to cover weight-loss drugs, like semaglutide?

What cost-containment strategies should employee group benefits plan sponsors consider for Canadian generic semaglutide?

Share this article:

As a group benefits, savings and wellness advisor, Mike Sanderson helps businesses create effective and measurable programs that align with their organization values, goals and budgets. With a passion for development of unique employee rewards plans, Mike is an expert in plan architecture. Mike began his career in 1997 and has held various roles in the employee benefits space, including product development for a number of large Canadian insurers. As part of the Acera Benefits division, Mike is dedicated to delivering an exceptional client experience, a transparent process for measuring ROI, cost efficiencies and best practices for employee onboarding and ongoing employee engagement.

You can reach Mike at 250.869.3921 or [email protected].

Related reading:

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Year-round skiing: Where to hit the slopes every season

Nichole McKenzie — Thu, 19 Feb 2026 18:30:17 +0000

From Japan’s powder filled winters to glacier skiing in Switzerland and spring turns in New Zealand, skiers can find great conditions somewhere in the world year-round. This guide highlights top global ski destinations by season and reminds travellers to plan ahead with appropriate travel insurance.

Ski holidays are one of the best parts about winter. But what if you want to chase snow around the world and hit the slopes year-round?

Below are six destinations to consider when planning a ski trip in every season.

January – February: Japan

Japan might not be the first destination that comes to mind for many Canadians when planning a ski trip, but it offers some of the best snow in the world. The mountain regions of the northern island of Hokkaido get between 25 and 50 feet of snow in some areas and are renowned for deep, dry powder and high-altitude alpine terrain.

You can also immerse yourself in local culture. What sounds better than a steaming bowl of ramen, followed by a soak in an onsen (hot spring) after a day on the slopes? While the season typically runs from November to April, peak conditions usually last from mid-January through February.

March – April: Canadian Rockies

Did you know that March has some of the year’s best snowfall days in areas like Banff, AB? With longer daylight hours and excellent spring conditions, the Canadian Rockies offer something for every skill level.

High-altitude resorts such as Fernie, Kicking Horse and Lake Louise often see deep snowpacks, warmer temperatures and extended daylight hours. Softer snow can be ideal for beginner and intermediate skiers, while milder weather makes it easier to enjoy a drink on a patio between runs.

May – June: Switzerland

Glacier skiing keeps the season going in Switzerland. Zermatt offers the highest skiing in Europe, with terrain reaching nearly 4,000 metres above sea level. The Matterhorn Ski Paradise is the highest ski area in the Alps and remains open year-round.

The runs might be a bit limited depending on snow quality, and strong sunscreen is essential at this altitude, but skiing on a glacier is an experience many travellers aim to cross off their bucket lists.

July – August: Chile

During North America’s summer months, winter is in full swing in the Southern Hemisphere. The Andes provide some of the best powder conditions, and Chile is known for its steep slopes, dramatic scenery and consistent snowfall.

The ski season typically runs from June to September, and many of the country’s top resorts are within one to two hours of the capital, Santiago.

September – October: New Zealand

New Zealand’s peak ski season also falls during the Northern Hemisphere’s summer, but September and October can bring excellent spring skiing. Skiers can expect longer sunny days, softer snow and more relaxed conditions.

Warmer temperatures also mean lighter gear is often sufficient compared with earlier in the season.

November – December: France

Early season skiing begins in late November at Val Thorens, Europe’s highest ski resort. The village sits at 2,300 metres in the French Alps and is part of the world’s largest linked ski area, offering 600 km of downhill terrain and 300 km of cross-country trails.

France is also known as the birthplace of après-ski culture, ensuring plenty of options for food, drinks and entertainment after a day on the slopes.

Remember your travel insurance

Before you book your next ski adventure, don’t forget to factor in adventure travel insurance, especially if you are doing high-risk activities like backcountry skiing. Common coverages include:

Emergency medical expenses
Trip delays or cancellations
Lost luggage

Wherever you travel, Acera Insurance ensures peace of mind. In partnership with TuGo, a leading Canadian travel insurer, Acera offers an online self-serve platform to quickly purchase coverage.

If you have more complex needs, our advisors can help you find the right coverage. Email [email protected] today.

Insurance blind spots facing luxury condo and high-net-worth owners

Nichole McKenzie — Wed, 18 Feb 2026 21:25:16 +0000

High‑net‑worth condo owners often underestimate how condo bylaws affect insurance coverage, deductibles and personal financial exposure. This article explains how master policies, personal insurance and bylaws interact — and why overlooking deductible chargebacks and betterments can lead to costly gaps. Understanding these risks is essential before buying, renovating or making a claim.

When you buy a condominium for the first time, particularly if you’re downsizing, it’s easy to assume condo living will simplify your insurance. In reality, it introduces new layered risks driven by bylaws, deductibles and loss-assessment exposure.

Many owners don’t realize condo bylaws can dictate how losses are allocated, regardless of fault. For high-net-worth individuals, the financial consequences of misunderstanding these rules can be significant.

Christina Windall, Client Executive, Signature by Acera Insurance, explains why it’s important to understand how a condo corporation’s master policy and your personal insurance policy must work together to protect your unit and personal exposures.

The condo master policy myth: Where coverage commonly breaks down

It’s easy to mistake your condo corporation’s master policy for full coverage, but in practice there are often gaps that can leave owners exposed and underinsured after a claim.

Improvements, betterments and personal contents inside a unit are not covered under the master policy. These must be insured under the owner’s personal policy.

“The meat and the potatoes of the risk is in the bylaws – and that’s what people overlook.”
— Christina Windall

For example, after a flood, the corporation typically pays to restore the unit to its original, builder‑grade condition if the commercial policies deductible threshold has been met. If floors, appliances, or countertops have been upgraded, the additional cost to replace those improvements falls to the owner’s personal insurance. Condominium claims are complex due to provincial and territorial legislations, regulations and rules associated with condo buildings.

Rising weather‑related claims have led many luxury condo buildings to increase deductibles on their commercial policies for perils such as flooding and earthquakes to manage premiums. This shifts more financial risk onto unit owners. In response, new standalone products have emerged to help cover deductible shortfalls.

It’s also important to note that deductibles can be charged back to owners – even when they are not at fault. Reviewing both the master and personal policies together is essential to identify and address coverage gaps.

Improvements vs. betterments: How condo renovations become a costly coverage trap

Say your oven breaks and you decide to replace it with a newer model of the exact same oven. You would probably consider the new oven a simple replacement, right? Unfortunately, your new oven may now qualify as a betterment under your condo’s bylaws.

A replacement restores an item’s original function. A betterment improves it by increasing efficiency, capacity or useful life. Some bylaws classify any replacement as a betterment, regardless of materials used. That distinction can create unexpected gaps in coverage.

When making any additions, alterations or renovations to the unit, owners should advise their insurer as soon possible so coverage can be adjusted. Detailed records – such as invoices, plans and photos – are essential to support replacement values with the unit especially in older condos.

Insuring contents and improvements for full replacement costs can remove any ambiguity during a claim. If you feel the full replacement costs of the contents of your unit would be $800,000 that amount should be insured to avoid disputes at a later date.

Condo loss assessments and deductible chargebacks: Where owners pay first

Water remains a leading source of condo claims. In a major water damage event, such as burst pipes, owners are often surprised by the order of payment – and by how quickly personal exposure arises.

Typically, the corporation’s policy responds first with deductibles charged back to the originating unit. If the master policy’s deductible threshold is not met, the client’s personal policy would need to respond.

“People want to know the insurance cost – but they don’t want to read the bylaws, even though that’s where the real exposure lives.”
— Christina Windall

Robust protection means having unit‑assessment coverage with limits high enough to cover potential chargebacks. Personal policy limits for betterments and improvements need to reflect the true value of improvements or betterments in the unit. The full value of personal items in the condo should be insured as coverage is often paid out on a replacement cost basis. Owners should understand any caps that apply.

In some cases, a separate policy may be required to address deductible shortfalls, or owners may need to work with an insurer that offers higher assessment limits. Reviewing bylaws wording with your insurance advisor is strongly recommended and encouraged.

Why condo bylaws matter more than policy wording

Every condo corporation functions like its own small government. No two sets of bylaws are the same.

For high‑net‑worth buyers, reviewing bylaws should be a core part of the purchase and risk‑assessment process. Key documents to examine include:

Claims history: Look for the frequency and severity of past losses.

Unit entitlement documents: These determine each unit’s financial responsibility within the corporation.

Reserve fund reports: Review the timing of major repairs and replacements to common property.

Bylaws: These outline deductible chargebacks, renovation rules and water‑damage responsibility.

Together, these documents provide a clearer picture of potential financial exposure.

Conclusion

For affluent condo owners, effective insurance protection depends on aligning bylaws, the master policy and personal coverage before a loss occurs.

That means reviewing condo documents with the same care as investment statements, matching deductible limits to real exposure and treating condo insurance as an integrated risk strategy – not a checkbox.

FAQs: An overview of insurance blind spots for luxury condo owners

Doesn’t my condo corporation’s master policy fully protect my unit?

Why do condo bylaws matter more than the insurance policy wording?

What’s the difference between a replacement and a betterment – and why does it matter?

Can I be charged a condo deductible even if I wasn’t at fault?

Since 2012, Christina has specialized in building strong client-broker relationships, prioritising her clients’ needs and providing expert support. With over ten years of insurance industry experience, she also operated a drywall company and worked as a construction contractor for two years. Christina holds CAIB and CIP certifications.

You can contact Christina Windall at [email protected] or 604.235.1852

Related reading:

Get weekly tips to protect your business!
Subscribe to our LinkedIn Newsletter. Our advisors’ insights will help you Be Risk Ready.

Subscribe on LinkedIn

When Should You File an Insurance Claim? A Practical Guide

Nichole McKenzie — Thu, 12 Feb 2026 23:19:13 +0000

This article helps you figure out whether filing an insurance claim is really worth it by looking at deductibles, repair costs and how claims can affect your premiums. It also explains when you should file a claim, when paying out of pocket makes more sense and what to do to protect yourself if you do need to file.

Your insurance policy acts as a safety net for your finances. It’s designed to cover incidents you wouldn’t be able to pay for out of pocket and the more claims you have can lead to higher premiums and impact your eligibility for insurance coverage.

How claims can impact your premiums

Every claim you file, regardless of the amount, will be listed on your claims record. Before filing a claim, it’s important to remember:

Claims can increase your premiums at renewal.
Your claims history follows you, even if you switch insurers.
Multiple claims may result in at least 10-20% premium increases or make you ineligible for certain coverages.
Some insurers offer claims free discounts.

Is your claim worth more than your deductible?

Your deductible is what you pay out of pocket for each insurance claim. We recommend filing a claim if it’s at least double your deductible.

For example:

Deductible: $1,000
Damage: $1,200
Insurer pays: $200

In this case, paying out of pocket would make more sense.

When to consider paying out of pocket

There are certain instances when paying out of pocket for a claim would make more sense financially or that your policy would not cover. They can include:

Repair costs that are lower than your deductible.
Damage that is due to wear, neglect, or maintenance issues such as long-term roof leaks or pest infestations.
Being unable to prove ownership or damage (keep receipts, photos and a regularly updated home inventory to avoid this).

When to file an insurance claim

File a claim if:

Damage is significant and costs will exceed your deductible.
Anyone is injured (no matter how minor).
A police report is required.
Another driver is at fault in an accident.

Don’t forget to document everything when making an insurance claim. Take photos, provide receipts and keep a written record of everything to support your claim.

Most insurers have strict time limits for submitting a claim, so it is important to contact your insurer and your Acera Insurance advisor as soon as possible to avoid missing your opportunity for coverage.

Questions?

If you’re ever in doubt about whether or not to file a claim, contact your Acera Insurance advisor. We’re happy to provide you with advice and next steps to move forward in the claims process.

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Geopolitical and business risk trends for 2026: A Canadian perspective

Paula Martin — Wed, 11 Feb 2026 21:31:03 +0000

Trade rules, sanctions, cyber escalation, supply availability and financing conditions are shifting faster than annual planning cycles. As a result, geopolitical risk in 2026 is an operational constraint that changes how Canadian organizations procure, contract, secure systems, move data across borders and access capital.

Aliya Daya, Senior Client Executive, Commercial Insurance, has been tracking geopolitical trends since her first article on the topic in 2024. With more than 25 years’ experience advising businesses on insurance and risk management, Aliya outlines why geopolitics now must be treated as embedded business risk.

Note: This is part one of a three-part series on how to manage geopolitical risk in 2026.

In my November 2024 piece, I framed geopolitical risk as a fast-rising external pressure; one that Canadian businesses needed to take seriously as the global trade, security and diplomatic environment shifted. At the time, the conversation (for many organizations) still lived largely in the “strategic” bucket: important, watch closely, scenario-plan, but often not fully integrated into day-to-day enterprise decision-making.

It’s 2026 — and how the world has changed. The Canadian reality has tightened and not in a theoretical way. Geopolitics has moved from “macro context” to operational constraint. It now shows up inside:

procurement decisions
contract language
cybersecurity posture
cross-border data decisions
financing conditions
board governance expectations

The World Economic Forum’s Global Risks framing reinforces this direction: geopolitical and geoeconomic confrontation increasingly behaves as a systemic driver that interconnects economic, technological, societal and security risks rather than sitting in isolation.

This article sets the foundation for a three-part series by answering one question: why must Canadian organizations reclassify geopolitics as a core operating variable (not a peripheral strategic consideration)?

Reclassifying geopolitical risks in 2026: From strategy to operations

Historically, geopolitical risk was treated as a macro-strategic overlay, relevant to foreign expansion decisions, foreign direct investment or crisis response planning, but largely disconnected from day-to-day enterprise risk management (ERM). That classification no longer holds.

What has changed is not merely “more instability.” It’s that geopolitics now behaves like a systemic risk amplifier, increasing correlation between risk categories that used to be modeled independently (supply chain vs. cyber, regulatory vs. financial, contracts vs. operational continuity). The World Economic Forum captures this directly through its framing of structural forces and interlinked risks across time horizons.

For Canadian organizations, this reclassification shows up in measurable, operational ways:

Volatility in input pricing and availability, especially where supply is concentrated, route-dependent or politically sensitive.
Higher frequency of regulatory and trade policy change, including sudden enforcement shifts.
Elevated cyber threat activity, aligned with geopolitical objectives, not just criminal profit.
Contractual uncertainty, sanctions clauses, export controls, force majeure disputes, payment disruptions.
Greater scrutiny of capital sources, ownership structures and counterparties, especially for critical sectors and sensitive technologies.

In other words: geopolitics now directly influences loss frequency, loss severity and tail-risk exposure across multiple risk categories because it changes the rules of performance, payment and access.

Why strategic competition defines 2026 business risk

The defining geopolitical feature of 2026 is not generalized instability, but strategic competition between major power blocs.

Unlike prior eras of globalization, this competition is not limited to trade volumes or military posture. It extends into the operational mechanics of business:

industrial policy and subsidies (who gets to build what, and where)
export controls and technology restrictions
investment screening and ownership limitations
data localization and digital sovereignty
critical minerals, energy security and infrastructure control

The International Monetary Fund (IMF) describes the rise of geopolitical factors shaping economic conditions and cross-border flows, while the Organization for Economic Co-operation and Development (OECD) highlights geopolitical risk as a driver of trade and investment uncertainty and resilience considerations.

Key implication (and it’s uncomfortable, but useful): strategic efficiency is increasingly subordinate to political reliability.

The “best” supplier, route, jurisdiction or customer is not only the one with the best economics, it’s the one that remains viable under shifting policy and alignment conditions.

For Canadian businesses — particularly in manufacturing, energy, mining, transportation and technology — this creates structural exposure, not episodic risk.

If your margins, timelines or service delivery depend on a narrow set of jurisdictions, routes or restricted technologies, geopolitics is already in your operating model (whether you’ve admitted it in ERM or not).

How geopolitics has changed cyber risks for business

One of the most consequential developments since 2024 is the formal convergence of cyber risk and geopolitical strategy.

The National Cyber Threat Assessment 2025–2026 confirms that state-aligned cyber activity targeting Canadian organizations is increasing in both sophistication and strategic intent. These operations are not purely criminal; they are often aligned with broader geopolitical objectives, including economic disruption, intelligence gathering and strategic influence.

The key point for risk leaders is that cyber incidents should not be modeled purely as opportunistic crime. In a geopolitically tense environment, cyber can be used for strategic disruption, intelligence collection and influence and the private sector is often where those objectives land first.

From a risk perspective, this changes three things:

Threat motivation shifts from opportunistic to strategic (persistence and targeting improve).

Attack timing correlates with geopolitical events (escalations, sanctions, elections, diplomatic flashpoints).

Impact scope expands beyond financial loss to include regulatory, reputational, operational, and national-security implications.

The Allianz Risk Barometer 2026 reinforces this shift, ranking cyber incidents as the leading global business risk (for the fifth year in a row with its highest score ever — 42% of responses) while explicitly linking escalation to geopolitical tension.

And Canada’s cyber guidance also notes that geopolitical events can drive fluctuations in cybercrime activity — useful confirmation that “geopolitical correlation” isn’t just a theory.

For Canadian organizations, cyber risk now needs to be modeled as:

A systemic enterprise risk (not an IT-only risk).
A potentially state-linked exposure (even when the initial entry looks “criminal”).
A board-level governance issue (consequences increasingly span operations, finance, legal and reputation).

Cybersecurity is no longer just defensive posture; it is part of geopolitical risk posture.

The geopolitical nature of modern supply chains

Global supply chains in 2026 are no longer optimized primarily for cost or speed. They are optimized (often imperfectly) for resilience under geopolitical stress.

Key structural changes include:

Multi-jurisdiction sourcing strategies (to avoid single-point geopolitical failure).
Politically informed supplier selection (viability under sanctions/export controls matters).
Increased contractual complexity (substitution rights, termination triggers, compliance representations).
Greater use of inventory buffers for strategic inputs (accepting carrying cost to reduce interruption risk).

The Bank of Canada explicitly notes elevated geopolitical uncertainty and highlights that escalation disrupting supply chains and commodity markets can raise inflation and slow activity, with markets potentially demanding higher risk premiums (raising borrowing costs and weakening confidence).

For Canadian firms in logistics, manufacturing, energy, hospitality, and food supply, the practical shift is this:

Supply chain risk is now strategic, not merely operational.
Persistent, not cyclical.
Board-relevant, not back-office.

Supply chains should be understood as geopolitical systems, not just operational networks because the most consequential failure modes are now often political, regulatory, or security-driven.

Canada’s geopolitical position and business risk in 2026

Canada occupies a distinctive geopolitical position:

Deep economic integration with the United States.
Alignment with major allies and security partners (including NATO, the G7, and Five Eyes).
Resource intensity in energy and critical minerals.
Growing exposure in data-driven and professional services.

This positioning creates opportunity, but also downstream vulnerability. Canadian firms are frequently impacted by geopolitical decisions made by larger actors, particularly in trade, sanctions, technology restrictions and security policy.

The Bank of Canada reinforces the reality that Canada’s outlook carries unusually high risk when geopolitical uncertainty is elevated and North American trade dynamics are under review.

That is why geopolitical risk cannot be outsourced to government policy alone. It must be internalized within enterprise decision-making because the operating constraints show up inside your contracts, vendors, systems, customers, and financing.

Geopolitics as embedded business infrastructure

When I wrote about geopolitical risk in November 2024, the message was fundamentally a warning: the world was shifting and Canadian organizations needed to widen their aperture, especially around trade posture, regulatory volatility and security dynamics.

What’s changed since then is not that geopolitics has become more important, it’s that it has become more embedded. The risk is no longer primarily episodic, where businesses prepare for “events.”

Instead, geopolitical pressure increasingly arrives through mechanisms that can change the rules of performance overnight: sanctions and export controls, technology restrictions, data sovereignty expectations, supply-chain chokepoints and cyber activity that is increasingly aligned with strategic objectives.

For Canadian business leaders, the practical takeaway is straightforward: if geopolitics can alter your ability to operate, deliver, get paid, secure systems or access capital, then it belongs in governance, ERM, cyber strategy, supply-chain architecture and capital planning, not as a quarterly “geopolitical update,” but as a continuous operating assumption.

This is exactly why part 1 focuses on reclassification. In part two, we’ll translate this environment into practical scenario pathways and leading indicators for Canadian sectors.

And in part three, we focus on risk transfer. When geopolitics drives correlated disruption, insurance can’t be a once-a-year transaction — it has to be a layered risk transfer stack aligned to Canadian realities, with wording and triggers that won’t stall claims when the environment shifts. Done well, it turns insurance into strategic infrastructure.

FAQs

What is geopolitical risk in business, and why does it matter in 2026?

How does geopolitical risk affect Canadian businesses differently than global firms?

Why is geopolitical risk now considered an operational risk rather than a strategic risk?

How can Canadian business leaders prepare for geopolitical risk?

Share this article:

Get weekly tips to protect your business!
Subscribe to our LinkedIn Newsletter. Our advisors’ insights will help you Be Risk Ready.

Subscribe on LinkedIn

Aliya Daya, Senior Client Executive, specializes in risk management strategies and insurance solutions for the technology sector, as well as disruptive and emerging industries. With more than 25 years of experience in the insurance industry, Aliya serves as a Cyber Technical Specialist and National Mixed Practice Team Lead at Acera Insurance. She specializes in innovation, technology, cyber insurance and privacy breach, political risk, manufacturing / fabrication / wholesale / distribution, hospitality, non-profit and faith-based organizations.

You can reach Aliya at 403.717.5895 or [email protected]

Related reading:

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Managing geopolitical risk in 2026: Technical frameworks for Canadian organizations

Paula Martin — Wed, 11 Feb 2026 21:29:37 +0000

In 2026, geopolitical risk isn’t a periodic external shock. It’s embedded, showing up as policy constraint and correlated disruption across supply chains, cyber, contracts, capital and governance.

In part one, Aliya Daya, Senior Client Executive, Commercial Insurance, explained why geopolitics is an embedded business risk. Now, drawing from 25 years’ experience advising businesses on insurance and risk management, Aliya breaks down how to integrate geopolitics into enterprise risk management (ERM), replace forecasting with scenario architecture and design controls for effective geopolitical risk management.

Note: This is part two of a three-part series on how to manage geopolitical risk in 2026.

The first part of this series made the case for reclassification: geopolitical risk isn’t a periodic external shock anymore – it’s embedded.

It shows up as policy, constraint and correlated disruption across supply chains, cyber, contracts, capital and governance. The World Economic Forum’s risk framing supports this “systems” view: geopolitics and geoeconomics are increasingly interlinked with economic, technological and societal risk pathways rather than existing as a standalone category.

This second article is about what to do with that reality. Not in the “read more headlines” way, but in the “build a repeatable operating discipline” way.

Effective geopolitical risk management requires integration into ERM, decision-making and governance, with stress testing and control design that matches how geopolitical events actually transmit into loss outcomes.

This is also where Canadian organizations have an advantage: we’re used to operating in a rule-dense environment (cross-border trade, regulated financial markets, privacy / security expectations).

The goal is to turn that institutional muscle into decision readiness, so geopolitics becomes measurable, governable and insurable where appropriate.

Integrating geopolitical risk into ERM

The first step is structural: geopolitical risk needs to be explicitly recognized within enterprise risk management (ERM), not treated as “context.” The WEF’s approach to interconnected risks and the emphasis on scenario planning over linear prediction reinforces why ERM integration matters.

Practical ERM integration for geopolitical risk

Executive ownership (RACI, not vibes)

Assign a clear executive owner (often COO / CRO / GC depending on the organization) and define cross-functional accountability across:

Legal/Compliance (sanctions, export controls, contracting)
Procurement/Supply Chain (concentration, substitution, route risk)
IT/Security (threat posture, incident readiness)
Finance/Treasury (liquidity, cost-of-capital sensitivity)
Communications/HR (reputation, workforce impacts)

A real risk appetite statement

This is the difference between “we care about geopolitics” and “we can make decisions.” Examples of appetite thresholds:

Maximum dependency on a single jurisdiction for critical inputs
Maximum % revenue tied to politically volatile regions
Tolerance thresholds for beneficial ownership opacity in counterparties
Minimum continuity requirements for critical vendors (including cloud/SaaS)

A usable taxonomy (so you can measure it)

Instead of one bucket called “geopolitics,” define sub-risks with KRIs:

Sanctions/countersanctions
Export controls / technology restrictions
Trade policy and customs disruption
Data localization / digital sovereignty divergence
Critical minerals and energy security constraints
Cyber escalation aligned with geopolitical events

Link to the risks you already manage

Geopolitical drivers should be explicitly linked to:

Operational interruption (delivery failure, delay, supplier outage)
Compliance/Legal risk (ability to perform, pay, insure)
Cyber risk (event likelihood and correlation)
Financial risk (liquidity, margin compression, borrowing costs)

Why this matters in Canada: the Bank of Canada explicitly discusses scenarios where geopolitical escalation disrupts supply chains/commodity markets, raises inflation and leads markets to demand higher risk premiums; raising borrowing costs and weakening confidence. That’s not “strategy only;” that is an ERM channel.

Why scenario planning works better than forecasting for geopolitical risks

Geopolitical risk does not behave like a forecastable curve. It behaves like discontinuities — policy switches, enforcement changes and correlated cyber/supply shocks. So, the technical shift is from prediction to scenario architecture.

Build scenarios as decision tools

Your scenario set should include “families” that reflect how geopolitics actually hits operations:

Trade escalation / tariff shock (fast policy changes, customs enforcement)
Sanctions expansion (new listed entities, sector restrictions, payment friction)
Export controls / tech restriction (licensing delays, prohibited transfers, vendor constraints)
Cyber escalation aligned to conflict (disruption, influence, intelligence collection)
Regulatory divergence (data localization/security requirements; procurement restrictions)

Standardize five outputs per scenario

If you want this to be operational (not academic), every scenario should produce:

Exposure map: where you touch it (vendors, routes, customers, jurisdictions, systems)
Impact pathways: how it becomes loss (delay, interruption, illegality, cyber incident, reputational shock)
Decision triggers: what event changes your posture (new sanctions listing, export-control update, threat-level spike)
Control posture: what you tighten immediately (approvals, routing, segmentation, supplier substitution, monitoring)
Insurance implications: high-level assumptions on what might respond, what might have friction (learn more in part three)

The WEF’s “interconnected risks” framing is your justification for scenario architecture: once risks are correlated, you need structured decision readiness rather than one-dimensional forecasts.

Stress test supply chains for geopolitical risks

Supply chains should be tested as geopolitical systems, not just operational networks. This is where Canadian organizations can materially reduce tail risk.

Map tier dependencies (Tier 1–3 and “hidden concentration”)

Identify Tier 1 suppliers for critical inputs
Where feasible, map Tier 2–3 concentration (same region, same upstream producer, same chokepoint)
Flag “single points of geopolitical failure” (jurisdictional or route concentration)

Reverse stress test (start with failure)

Instead of asking “how likely is a disruption,” ask: “What geopolitical event would cause us to fail to deliver within 15/30/60/90 days?” Then work backward to determine minimum resilience measures:

Secondary suppliers approved and contract-ready
Route alternatives pre-negotiated
Minimum buffer inventory for strategic inputs
Pre-approved substitutions and engineering alternatives
Clear customer communication protocols

Contract engineering (contracts are resilience tools)

Build clauses that support survivability:

Substitution rights for critical inputs
Sanctions/export-control representations and termination triggers
Force majeure language aligned to realistic disruption patterns
Vendor continuity and notification obligations

The OECD’s work on geopolitical risks and trade resilience supports the idea that resilience has become a structural requirement as trade faces disruption and fragmentation pressures.

Integrate cyber risk with geopolitical intelligence

Cyber is now one of the cleanest channels through which geopolitical competition expresses itself in the private sector. Canada’s National Cyber Threat Assessment 2025–2026 describes a threat environment affecting Canadian organizations involving both state and non-state actors and emphasizes evolving risks to critical infrastructure and broader targets.

A geopolitically mature cyber program adds four components

Geopolitical threat triggers into cyber posture

Define what events raise your threat level (sanctions escalation, conflict events, diplomatic flashpoints)
Pre-map what changes operationally when threat levels rise (monitoring, access controls, vendor restrictions)

Scenario-based simulations (not generic tabletop exercises)

Run simulations that assume:

Timing aligned with geopolitical escalation
Simultaneous vendor outage or supply disruption
Pressure on communications and executive decision-making

Cross-functional crisis response

Cyber response must integrate legal, communications, operations and leadership, especially if there are regulatory notifications, contractual obligations or reputational narratives to manage.

Insurance alignment

At this stage, the principle is simple: if cyber events are more correlated with geopolitical conditions, you should align incident response planning with policy wording realities and exclusions.

Allianz continues to rank cyber incidents as the top business risk globally in 2026, reinforcing how central cyber has become to enterprise risk posture.

Establish continuous trade, sanctions and regulatory monitoring

Trade and regulatory environments are no longer stable enough for periodic review. Continuous monitoring is now a controls issue.

What continuous monitoring looks like in practice

Sanctions and export-control monitoring with defined escalation paths.
Periodic counterparty screening (including beneficial ownership where possible).
Vendor and customer onboarding controls that include jurisdictional exposure checks.
Engagement with trade counsel and industry associations (especially for exporters).
Financial modeling that includes policy volatility (tariffs, duties, delays, denied transactions).

For Canadian organizations, this is not optional “red tape.” It’s how you protect the ability to perform contracts and avoid compliance-triggered operational failure.

Elevate board and governance oversight on geopolitical risks

Boards increasingly expect management to articulate:

How geopolitical risk affects strategy and operating resilience
Where the organization is most exposed
What controls and mitigation mechanisms exist
How risk transfer aligns (and where it won’t)

Canadian regulators have been explicit that geopolitical tensions connect to integrity and security risks (including sanctions, cyberattacks, foreign interference and money laundering). OSFI’s risk outlook language underscores that these factors are not theoretical, they are supervisory and resilience priorities.

Practical governance mechanisms:

Assign executive accountability and board-level oversight
Include geopolitical scenarios in board education (brief, structured, decision-oriented)
Require quarterly reporting on KRIs and scenario triggers
Stress test decisions (what would we do if X happens next week?)

This is not risk aversion. It is fiduciary competence, especially when the risk can change your legal ability to operate, deliver or get paid.

Using insurance strategically for geopolitical risk

Insurance remains an important tool for geopolitical risk management, but it must be used with precision. In this series, part three will go deep on market realities, wordings and claims friction points. Here, the objective is strategic placement of risk transfer inside your broader resilience program.

Common risk transfer pillars that often connect to geopolitical pathways

Political risk insurance (expropriation, political violence, contract frustration – where relevant/applicable)
Trade credit insurance (counterparty non-payment, political risks affecting payment – structure dependent)
Cyber insurance (incident response and loss pathways; alignment with policy wording matters)
Directors and officers (D&O) liability (governance scrutiny, disclosure expectations, stakeholder actions)
Contingent business interruption / supply chain (structure varies heavily; requires careful dependency mapping)

The key message: risk transfer should complement, not replace, operational resilience. In a correlated-risk world, the best “insurance outcome” is often preventing the event from turning into a cascading failure.

From awareness to advantage in a geopolitically fragmented world

Geopolitical volatility is not a passing phase. It is a defining operating condition, and it is increasingly measurable through the same channels ERM already manages: interruption, compliance friction, cyber events, capital pressure and governance expectations.

Canadian organizations that formally integrate geopolitical risk into ERM, scenario architecture, cyber resilience, supply-chain stress testing and board oversight will reduce downside exposure, but they’ll also demonstrate something underwriters, lenders and counterparties quietly reward: durability.

Resilience isn’t “defensive” anymore. It’s a strategic capability. And for the organizations that build it deliberately, it becomes a competitive signal in a fragmented world.

FAQs

What level of board oversight is expected for geopolitical risks?

Can insurance effectively transfer geopolitical risk for businesses?

How do you integrate geopolitical risk into enterprise risk management?

Share this article

Get weekly tips to protect your business!
Subscribe to our LinkedIn Newsletter. Our advisors’ insights will help you Be Risk Ready.

Subscribe on LinkedIn

You can reach Aliya at 403.717.5895 or [email protected]

Related reading:

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Risk transfer strategy for Canadian businesses facing geopolitical risk

Paula Martin — Wed, 11 Feb 2026 21:29:01 +0000

In the wake of geopolitically driven disruption across supply chains, cyber, contracts, and capital, insurance can no longer be treated as a cost line in 2026. It’s a capital strategy that protects operations and continuity.

In part one and part two, Aliya Daya, Senior Client Executive, Commercial Insurance, explains why geopolitics have become an operational constraint and how to manage it. To wrap up her three-part series, Aliya draws from her 25 years of experience advising businesses on insurance and risk management, to explain how a risk transfer stack can protect continuity and decision-making.

Note: This is part three of a three-part series on how to manage geopolitical risk in 2026.

In part one, I reframed geopolitics as an embedded operating condition for Canadian organizations, not a periodic external shock. Part two laid out the practical architecture: integrate geopolitical scenarios into enterprise risk management (ERM), stress-test supply chains, align cyber with geopolitical intelligence and elevate governance.

This third article is about the part that tends to get flattened into “renewal season admin:” risk transfer.

In a geopolitical era, insurance isn’t just a cost line. It’s part of how you protect cash flow, protect decision-making and preserve the ability to execute strategy when the rules change mid-quarter.

The angle here is deliberately Canadian and deliberately strategic: think of insurance as a risk transfer stack (a set of layers that match different geopolitical loss pathways) built for Canada’s unique position:

deep U.S. integration
allied alignment
resource intensity (energy and critical minerals)
increasing exposure through tech/data-driven services

The World Economic Forum’s current framing reinforces why this matters: geopolitical / geoeconomic risks act as systemic amplifiers that connect and compound risks across domains rather than staying neatly siloed.

Canadian business case study: How geopolitical risk shows up in everyday operations

A Canadian founder I work with once described their risk environment like this: “We’re not ‘international.’ We just sell to the U.S., use a global cloud provider and have a couple overseas suppliers. That’s not geopolitical.”

And that’s the trap. In this operating environment, geopolitics doesn’t require a flag on the invoice. It arrives through:

A supplier delay caused by trade friction or transport disruption
A ransomware campaign that spikes around geopolitical tension
A sanction update that changes who can pay whom and how
A sudden increase in the cost of capital when markets demand a higher risk premium

The Bank of Canada has explicitly highlighted that geopolitical escalation can disrupt supply chains and commodity markets and that financial markets may demand higher risk premiums, raising borrowing costs and weakening confidence.

So, the question isn’t “Do we have insurance?” It’s: “Do we have a risk transfer stack designed for the way geopolitical loss actually manifests in Canada?”

Why Canadian businesses need a layered insurance approach to respond to geopolitical risks

In a stable world, “coverage shopping” can look like competence. In a fragmented world, it becomes fragile.

A risk transfer stack is a layered approach that matches different loss pathways, different time horizons and different stakeholders. It recognizes that not all risks should be transferred and not all risks can be transferred, especially when events are correlated.

Layer 0: The retained layer (your volatility budget)

Before we touch insurance, we need honesty: what volatility can the organization absorb without distorting decisions?

This is where CFOs and boards should pay attention. Retentions are not just pricing levers. They are your self-insured shock absorber, and they matter more when borrowing costs and risk premiums move.

Board-level question: If we had a bad 30 days (cyber disruption + supplier delay + customer penalties) how much can we fund internally before we’re making reactive, expensive decisions?

Layer 1: High-frequency operational resilience insurance

This layer covers the risks that show up most often in modern Canadian operating environments, where the goal is not “catastrophe funding,” but continuity and response speed.

Cyber: response infrastructure plus balance-sheet protection

Cyber remains the top ranked global business risk in Allianz’s Risk Barometer 2026 (highest-ever score, 42%). Canada’s National Cyber Threat Assessment underscores that Canadian organizations face an evolving threat landscape involving both state and non-state actors.

In the stack, cyber insurance is less about “if we get hacked” and more about pre-negotiated access to capability:

Incident response vendors
Breach counsel
Forensics
Crisis communications
Funding for immediate containment/restoration

This is especially important for Canadian firms with cross-border customers and data dependencies, where incident handling rapidly becomes a governance and stakeholder confidence issue.

Crime / social engineering / funds transfer risk

Geopolitical periods tend to correlate with disinformation, impersonation and sophisticated social engineering, especially around payments, vendor changes and executive approvals.

This layer is not glamorous, but it is one of the most practical forms of continuity protection.

Layer 2: Liability and governance protection (where leadership scrutiny lives)

This is the “your decision-making will be judged later” layer.

Directors and officers (D&O): protecting decision-makers in uncertainty

Cyber incidents and operational disruptions frequently create governance scrutiny: what did leadership know, what did they do and how did they communicate? Canadian securities guidance on cyber disclosure (CSA Staff Notice 51-347) reinforces expectations around disclosure of cybersecurity risks and incidents for issuers.

Even when allegations don’t succeed, defence costs and distraction can be material. In a geopolitical operating environment, D&O is not just about fraud or misstatement, it’s about decision-making under uncertainty.

Errors and omissions (E&O) / Professional Liability

For Canadian tech and professional services firms (especially those selling into the U.S.) contract performance, service availability and security representations are increasingly litigated. This layer helps protect the enterprise when the dispute is about “did you meet what you promised?” rather than “did you mean harm?”

Layer 3: Trade, political and “Canada’s cross-border reality” risk transfer

This is where the Canadian angle becomes very real. Canada’s economy is deeply integrated with the U.S., and many Canadian firms are “international” by dependency even if they’re not by branding. That makes trade-related volatility and counterparty friction a strategic exposure.

Trade credit: protecting receivables when defaults have political DNA

In a fragmented world, non-payment isn’t always a simple credit issue. It can be driven by policy constraints, sudden demand shocks or market access restrictions. Reuters reported increased Canadian exporter interest in trade insurance as tariff uncertainty increased risk and highlighted the role of Export Development Canada.

Political risk: not just “emerging markets” anymore

Political risk is increasingly structural: contract frustration, regulatory intervention, forced divestment pressures, currency transfer constraints. Even when Canada isn’t the protagonist, Canadian firms can be downstream of larger geopolitical decisions.

And sanctions compliance is not an abstract concept. Global Affairs Canada provides sanctions guidance for the financial sector (including insurers) emphasizing ongoing monitoring and compliance expectations.

Translation: the legal environment can influence both operations and claims mechanics.

Layer 4: Physical supply chain and interruption realities (where most assumptions break)

Here’s where many organizations discover that they bought the idea of business interruption, not the version that matches their risk.

The Insurance Bureau of Canada explains business interruption insurance in a way that highlights a key issue: business interruption is typically tied to covered events and how the policy is structured, often linked to physical damage concepts unless specialized coverage is arranged.

In geopolitical disruption, interruptions often occur without physical damage:

Port congestion
Route disruption
Embargoes
Regulatory shutdowns
Vendor outages

This doesn’t mean business interruption insurance is “bad.” It means business interruption insurance has to be structured around realistic interruption scenarios, often via contingent/dependent forms and carefully negotiated triggers.

3 ways to engineer a risk transfer stack that withstands geopolitical risk

This is where the thought leadership lives: not “buy all the policies,” but engineer the stack so it holds under stress.

Don’t optimize for premium, optimize for claim mobility

In geopolitically correlated events, speed matters. A program that is technically “broad” but practically slow can create more damage than it prevents.

Treat wording as strategy

The market has tried to clarify boundaries around cyber war/state-linked systemic events; the Lloyd’s Market Association publishes cyber war clauses that demonstrate how wordings attempt to define these boundaries. You don’t need to be a coverage lawyer, but you do need to know which clauses create ambiguity in the scenarios you care about.

Use the stack to support Canada’s strategic opportunities

Canada’s opportunity set (critical minerals, energy and tech-enabled services) comes with geopolitical exposure. A well-designed risk transfer stack is part of how Canadian firms pursue growth while controlling downside volatility.

Building a geopolitically resilient risk architecture in Canada

In a geopolitically fragmented environment, risk transfer can’t be evaluated solely by premium, limits or renewal outcomes. It needs to be evaluated by whether it supports:

Continuity under disruption
Defensible governance under scrutiny
And balance-sheet resilience when capital gets tighter

The World Economic Forum’s systemic framing and the Bank of Canada’s emphasis on elevated geopolitical uncertainty and risk premium dynamics are not just macro commentary, they are signals that volatility is not temporary.

For Canadian organizations, the strategic move is not “more insurance.” It’s better architecture: a risk transfer stack that matches how geopolitical risk actually manifests, through cyber, trade, governance, supply dependencies and legal constraint. That’s how insurance stops being an administrative expense and becomes what it really is in this era: strategic infrastructure.

FAQs

What is a risk transfer stack?

How does a risk transfer stack protect against geopolitical volatility?

How can Canadian businesses turn geopolitical risk into a strategic advantage?

Share this article:

Get weekly tips to protect your business!
Subscribe to our LinkedIn Newsletter. Our advisors’ insights will help you Be Risk Ready.

Subscribe on LinkedIn

You can reach Aliya at 403.717.5895 or [email protected]

Related reading

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

A municipal leader’s guide to cyber maturity and insurability

Paula Martin — Wed, 04 Feb 2026 22:08:16 +0000

Municipal cyber maturity means treating cybersecurity like core infrastructure to keep services running and remain insurable. To secure coverage and speed recovery, underwriters expect: MFA, EDR, secure offline backups, network segmentation, privileged access management, ongoing staff training and a tested incident response plan.

With more than 12 years of insurance and risk management experience, Daniel Tassoni, Senior Client Executive and Municipal Team Lead, shares his expert insights on how municipal leaders can build cyber maturity into their budgets.

Cyber threats have shifted from being an abstract IT concern to an operational and financial risk that can halt municipal services.

Municipalities that plan cyber investment the same way they budget for roads, water systems or fleet maintenance are better positioned to safeguard continuity of operations.

Treating cyber preparedness as core infrastructure, not discretionary spending, can help protect insurability, public trust and service resilience.

5 reasons why Canadian municipalities are prime cyber targets

Ransomware, phishing, vendor breaches and business email compromise routinely target local governments because of the critical services they deliver and the pressure to restore operations quickly.

The result is a higher likelihood of ransom payment, financial fallout and significant recovery costs that extend far beyond the breach itself.

Cyber threat 1: Essential municipal services rely on IoT and OT

The mass digitization of municipal operations means cybercriminals know it can take just one successful breach to rapidly disable phone systems, portals, scheduling systems, citizen-facing services and essential infrastructure.

Unsurprisingly, the Canadian Centre for Cyber Security has noted increasing attacks against municipal governments, with most cases involving:

social engineering
unauthorized network access
ransomware

Case study: City of Cold Lake, AB, ransomware attack

In July of 2024, the City of Cold Lake experienced a ransomware attack, which caused widespread disruption. The breach impacted the municipality’s phone systems, payment processes and email communication across all facilities, including:

City hall
Energy centre
Family and Community Support Services (FCSS)
Public works
Marina
Golf course
Transfer station

The recovery period to reinstate all systems and services took several weeks.

Cyber threat 2: Municipalities store large volumes of personal information

Personally identifiable information (PII) for staff, residents, patrons and donors is kept on file across municipal departments and affiliated agencies. Data theft resulting from a breach can lead to mass notifications, regulatory attention and lengthy recovery times.

Case study: Toronto Public Library ransomware attack

In October 2023, the Toronto Public Library experienced a ransomware attack, in which their data was exfiltrated and encrypted. In addition to months-long system disruptions, Ontario’s privacy regulatory commission reported the breach affected the personal information of approximately:

8,000 staff members
4,100 customers, donors and volunteers
1,800 beneficiaries

Cyber threat 3: Municipalities rely on third-party and shared platforms

The use of shared platforms and third-party IT services for functions such as HR, payroll, public health information, file transfers and more puts municipalities at risk of a breach. Cybercriminals are increasingly coordinating attacks on IT supply chains as it only takes on strike to exfiltrate data from multiple departments and organizations.

Case Study: Cyberattack on Nova Scotia’s MOVEit System

In May of 2023, the Government of Nova Scotia was hit by the global attack on the MOVEit file transfer system. It’s estimated that personally identifiable information (PII) of more than 100,000 Nova Scotians was accessible through the breach, impacting:

government employees
teachers
students
healthcare patients
pension plan recipients

Cyber threat 4: Municipal payables vulnerable to social engineering and financial fraud

Business email compromise, which is when cybercriminals impersonate trusted contacts to divert payments, is of significant risk. One successful scam can quickly rob local governments of significant sums.

Case Study: City of Saskatoon, SK, loses $1 million in financial fraud

In August of 2019, the City of Saskatoon lost more than $1 million after falling for a fraudulent email. The cybercriminal, who claimed to be the CEO of a construction company the city dealt with regularly, successfully convinced the recipient to change the company’s banking information so funds were sent to a fraudulent account.

Cyber threat 5: Municipal resource constraints and old systems make for an easy target

Municipalities often operate with small teams and legacy technology. This translates into slower integration of cybersecurity measures, which insurers require to provide coverage from escalating cyberattacks.

Case study: City of Hamilton, ON, ransomware claim denied

In February 2024, Hamilton experienced a ransomware attack, which disabled approximately 80% of the city’s network. This cyberattack impacted city services for several weeks, including:

business licence processing
property tax
transit planning
finance and procurement systems

While the city had cyber insurance, the claim was denied as the required multi-factor authentication protocols were not put in place. As a result, the city had to spend more than $18 million on response, system recovery and third-party support.

Municipal government cyber insurance checklist: 7 prerequisites for coverage

Insurers have always expected policyholders to share in some of the risk, which is why risk mitigation is a critical requirement for commercial insurance.

This holds true for obtaining cyber insurance for local governments. Underwriters expect municipalities to have specific cybersecurity measures in place.

At a minimum this includes:

Cybersecurity control	What is it?	Why insurers require it
Multi-factor authentication (MFA)	MFA requires multiple verification factors beyond passwords to confirm an individual’s identity.	Insurers expect MFA to be used on email accounts, VPNs, cloud apps, remote access and more because it’s a proven and simple way to minimize breaches.
Endpoint detection and response solutions (EDR)	EDR tools monitor endpoints for suspicious behaviour, detect threats and quickly contain attacks.	Insurers require EDR because it reduces the impact of a breach by stopping attacks before they spread widely.
Secure and offline backups	These create a safe and available copy of critical data and systems for municipalities.	Insurers mandate secure, offline backups because having these accessible can limit business interruption and extortion risk in the event of a cyberattack.
Network segmentation	This divides networks into isolated zones with strict access controls.	Insurers require network segmentation because it limits lateral movement, helping to contain breaches to small segments, thus minimizing the potential severity of a cyberattack.
Privileged access management	This governs who can perform powerful actions, for how long, and under what approvals, with full session evidence.	Insurers require privileged access management as it can sharply reduce ransomware impact, data theft and operational downtime.
Continuous staff training	Human error is the biggest risk when it comes to cyberattacks.	Insurers insist on regular staff training as educated employees are more like to catch a phishing attempt and report anomalies, which helps to minimize the severity of a breach.
A tested incident response plan	A defined and regularly rehearsed response plan outlines who does what, when and how in the event of a cyberattack.	Insurers mandate this because a coordinated response can minimize the spread of a breach and speed up recovery.

The above list provides a high-level overview of the minimally required cyber controls that insurers now expect. Local government should work with an Acera Insurance advisor to determine their cyber insurance needs and to clearly understand and action the cybersecurity measures that insurers require in exchange for coverage.

How can local governments invest against cybercrime?

Municipal governments have what cybercriminals want: Interconnected networks, data, cashflow and old technology.

When it comes to protecting municipalities from escalating cyber risks, cyber insurance and cybersecurity go hand-in-hand.

Cyber insurance provides a safety net for when an attack may breach cyber controls.

And established cybersecurity helps to minimize the risk and is also required to obtain cyber insurance — and to get a claim paid, as evident from the City of Hamilton case study above.

One without the other leaves local governments vulnerable to a cyberattack.

As cybercrime continues to escalate and evolve, municipal financial leaders must prioritize investing in proven risk mitigation measures that can thwart breaches that cause financial, reputational and legal fallout.

FAQs: What municipal finance leaders need to know about cyber risk, required controls and insurability

Acera Insurance’s Daniel Tassoni answers three questions about cyber maturity for municipal financial leaders.

Why should CAOs and CFOs treat cybersecurity as critical municipal infrastructure?

How much should municipal financial leaders’ budget for cybersecurity?

How does cyber insurance fit into a municipality’s risk strategy, and what do underwriters expect to see?

Share this article

Get weekly tips to protect your business!
Subscribe to our LinkedIn Newsletter. Our advisors’ insights will help you Be Risk Ready.

Subscribe on LinkedIn

Daniel Tassoni, Senior Client Executive and Municipal Team Lead, brings more than 12 years of insurance and risk management experience along with specialized expertise serving municipal governments. Connect with Daniel at [email protected]or 250.869.6082.

Related reading:

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

AI adoption in hospitality: A proactive approach to mitigating risks

Annie Lee — Wed, 28 Jan 2026 19:47:30 +0000

AI now plays a meaningful role in how hospitality businesses serve guests and streamline workflows. As reliance on these tools grows, so do concerns around security, compliance and business continuity. Steve Noreen, a hospitality expert at Acera Insurance, explains how to integrate AI effectively while protecting your operations and reputation.

Artificial intelligence (AI) is becoming increasingly embedded in hospitality operations, from chatbots and virtual concierges to mobile check-ins and automated pricing tools. The technology is driving efficiency, elevating guest experiences and helping ease labour pressures. But growing data volumes and systems integration also introduces new vulnerabilities for hotels, restaurants and other hospitality businesses.

What risks should be considered when adopting AI and what steps can leaders take to proactively reduce their exposure? With nearly 15 years of insurance and risk management experience with specialized expertise in hospitality, Acera Insurance’s Steve Noreen shares how organizations can implement AI safely while protecting themselves along the way.

Where is AI driving the biggest shifts in hospitality and what are the AI-driven risks?

AI’s presence in hospitality has moved beyond pilots and experiments. Businesses are leveraging these tools to navigate pressure points and unlock new efficiencies, supported by deliberate investment in weaving the technology into decision-making and service delivery. This rapid uptake is setting the stage for a variety of practical applications that are emerging as central drivers of modern hospitality operations.

Guest-facing chatbots, AI concierges and voice assistants

Hotels are deploying AI to answer customer FAQs, support bookings, enable multilingual service and provide 24/7 responsiveness. Meanwhile, restaurants increasingly rely on automated drive-thru agents and chatbots for reservations and ordering. However, these systems often capture and retain voice or text interactions, triggering obligations around privacy disclosure, transparency and Canada’s Anti‑Spam Legislation (CASL) which requires consent, identification and easy unsubscribe options for any commercial electronic messages. And in jurisdictions like Quebec and B.C., the use of any biometric identifiers (e.g. fingerprints, facial and voice recognition, etc.) face even more stringent expectations, requiring express consent and formal evaluations before they can be used legally.

“Guests often don’t realize they’re interacting with AI, making transparency essential to building and preserving trust in your brand.” – Steve Noreen

Dynamic pricing and automated revenue management

Hotels traditionally rely on staff to manually adjust rates based on occupancy, competitor activity and seasonal patterns. Today, AI can analyze demand, trends and local events in seconds and automatically recommend rate changes or trigger targeted promotional offers through email and text messages to fill rooms. While this speed and precision can significantly enhance revenue performance, particularly during slow periods, these tools require careful oversight. Claims of “AI-optimized savings” and automated discounts must be accurate to avoid triggering deceptive marketing scrutiny and pricing algorithms must withstand audit so businesses can justify how rates were generated.

Frictionless hotel check-in and smart keys

Mobile keys, digital check-in and ID verification kiosks offer guests a smooth, contactless arrival experience – but also increase the stakes if a system is compromised. A breach could allow unauthorized room access, interrupt front-desk operations or expose stored identity information. These risks carry added weight in jurisdictions with strict privacy rules: Quebec’s Law 25 requires formal biometric notices and tight retention controls, while B.C.’s Personal Information Protection Act (PIPA) limits the use of biometric information even when images are publicly available. As these technologies become more common, hospitality businesses must ensure their deployment meets both security and compliance requirements.

Back-of-house operations

Behind the scenes, AI is supporting many of the functions that keep hospitality businesses running smoothly that guests may never see. These tools are helping teams operate more efficiently, anticipate needs and maintain consistency in service within high-pressure, fast-paced settings. Today, AI is commonly used for:

Predictive maintenance for elevators, HVAC systems and refrigeration, helping prevent costly breakdowns.
Housekeeping scheduling that allocates staff resources based on occupancy patterns and turnaround requirements.
Menu engineering and food cost forecasting, enabling more informed decisions about pricing, profitability and preparation levels.
Food safety monitoring through kitchen cameras that detect glove use, cross contamination or temperature issues.
Fraud detection and anomaly tracking that flag unusual transactions or operational inconsistencies in real time.

“Robotics and AI-powered automation boosts productivity, but they also create additional points of equipment failure that businesses must manage proactively to avoid prolonged disruption.” – Steve Noreen

5 ways to minimize AI risks in hospitality

Safely adopting AI in hospitality means approaching it with strategy, structure and a commitment to privacy and compliance. Leaders must ensure that AI tools are implemented responsibly and supported by the right governance frameworks. Building responsible, privacy‑conscious and legally aligned AI practices helps protect both guests and business operations. Below are Steve’s top recommendations, supported by industry best practices and Canadian regulatory context.

1. Conduct a privacy impact assessment (PIA) before launching any AI tool

A PIA identifies what data you collect, how it’s used, stored and shared, and whether it aligns with Canadian and international privacy standards. A thorough PIA evaluates alignment with Personal Information Protection and Electronic Documents Act (PIPEDA) federally and the applicable provincial legislation such as B.C.’s PIPA and Quebec’s Law 25.

A PIA is especially critical when deploying AI tools that handle personal or biometric information, including:

Chatbots that collect guest preferences or conversation logs
Biometric or digital identity check-ins
Loyalty programs that use behavioural profiling
AI-driven marketing systems that generate personalized messages

The EU’s General Data Protection Regulation (GDPR) is considered one of the world’s most comprehensive privacy frameworks – many jurisdictions model their laws after it. As a result, adopting GDPR‑level controls often positions hospitality businesses to meet and exceed requirements under local legislation.

“If you’re implementing AI, a privacy impact assessment should be your first step. It lays the groundwork for transparency, compliance and consumer trust.” — Steve Noreen

2. Strengthen CASL-compliant AI marketing practices

AI-generated emails, SMS offers and automated outreach are subject to Canada’s Anti‑Spam Legislation (CASL). This means that even if content is drafted or delivered by AI, the organization sending out these messages are responsible for ensuring legal compliance. Under CASL, businesses must have:

Express or implied consent before sending any commercial electronic message
Proper identification of the sender and how to contact them
A simple, easy-to-use unsubscribe mechanism (commonly one click)
Records showing when recipients opted in and opted out

Additionally, AI must never automatically harvest emails or send promotions without documented permissions. Businesses are responsible for complying with consent, transparency and unsubscribe obligations, and improper use of AI can lead to significant penalties.

3. Reinforce cybersecurity and prepare for outages

I systems depend heavily on cloud platforms, integrations with point‑of‑sale systems and constant connectivity. That means even a brief disruption to a booking engine, payment processor or mobile‑key system can immediately impact guest experience and revenue.

To build cyber resilience and reduce the operational impact of outages, operators should:

Segment networks from Internet of Things (IoT) devices to limit lateral movement if a system is compromised.
Maintain strong authentication (MFA) and keep PCI DSS 4.0 controls active on all payment‑related systems.
Test backups and incident‑response processes to ensure systems can be restored quickly.
Verify contingent business interruption coverage to protect against outages originating from key third‑party providers such as booking platforms or payment processors.

Additionally, it is important to be aware that business interruption stemming from cyber incidents is not covered under traditional property policies, because data is excluded from standard property wording. Instead, this exposure is addressed under a dedicated cyber liability policy, which provides coverage for system shutdowns, recovery costs and related lost income.

4. Address AI risks in HR and surveillance

AI is increasingly influencing HR and workforce management in hospitality, from resume screening tools that filter out candidates to automated interview platforms that assess tone, word choice and facial cues. AI-enabled monitoring is also becoming more common in kitchen and bar areas, where cameras can track food safety practices, cash handling and staff movement to prevent employee theft or fraud. These types of tools can introduce several risks to the business:

Algorithmic discrimination leading to unfair hiring or scheduling based on biased data.
Privacy breaches (particularly when employee activity is recorded, analyzed and stored without explicit notice or protections).
Unsubstantiated performance decisions such as disciplinary actions based on AI scoring or pattern detection.

Because these issues directly affect recruitment, workplace fairness and employee rights, they fall primarily under employment practices liability (EPL). EPL insurance helps protect businesses against claims tied to discrimination, wrongful termination and other employment‑related allegations.

5. Review relevant insurance policies

AI is accelerating decision‑making and data‑driven workflows, but it’s also expanding the scope of potential liabilities. Risks tied to cyberattacks, system outages, regulatory compliance and AI‑generated errors are becoming more complex and interdependent. Many of these exposures fall into grey areas between traditional coverage lines, making it more important than ever to assess your insurance programs through the lens of emerging AI-related risks to ensure you are aligned with the realities of AI‑driven operations.

Cyber liability covers the costs of responding to and recovering from data breaches and cyberattacks. Unless other specifically excluded, AI-related data loss is generally covered under this type of insurance.

Errors and omissions (E&O) liability (also known as professional liability) protects your business if a third party suffers a financial loss due to advice or professional services you provide. If your business doesn’t provide these services, issues arising from AI use such as incorrect pricing or booking errors are more commonly addressed under cyber liability or contractual liability provisions.

Directors & officers (D&O) liability protects leadership in the event they are personally sued for allegations of wrongdoing in the course of their duties as directors and officers of the organization. This coverage could respond if board members or executives are accused of failing to exercise proper oversight over AI‑driven systems or policies.

Equipment breakdown insurance responds when machinery or technology fails due to sudden and accidental mechanical or electrical breakdown. Pure software or algorithmic failures may not be covered unless specifically endorsed. This type of coverage is increasingly relevant as kitchens, HVAC systems and guest technologies adopt embedded AI.

Helping you navigate AI risks in your hospitality business

The rapid rise of AI in hospitality underscores the need for thoughtful, structured risk management. Privacy regulations are tightening, cyber threats are becoming more sophisticated and automated decisions can carry real operational and legal consequences. By grounding adoption in strong privacy practices, CASL‑compliant outreach, resilient cybersecurity and thoughtful HR oversight, as well as ensuring insurance programs reflect emerging AI exposures, your business can stay ahead of emerging risks while delivering the seamless experiences guests expect.

And while AI may be the headline here, rest assured there’s a real human behind this article who’s ready to help you navigate it all. Connect with me directly to review your AI-related exposures and build a coverage strategy that matches your technology roadmap.

FAQs

Acera Insurance’s Steve Noreen answers four questions about mitigating AI risks in the hospitality industry.

Are AI claims covered under cyber insurance?

Are hospitality businesses in Canada responsible for GDPR compliance?

What AI tools create the highest risk?

Which insurance policies matter most for AI adoption?

Share this article:

Get weekly tips to protect your business!
Subscribe to our LinkedIn Newsletter. Our advisors’ insights will help you Be Risk Ready.

Subscribe on LinkedIn

Steve Noreen is a Senior Client Executive at Acera Insurance. Steve brings more than 13 years of insurance experience and specialized expertise in the hospitality and tourism industry. He works closely with destination marketing and hospitality industry associations nationwide, serving as a trusted advisor and resource to member organizations navigating complex insurance and risk management requirements. You can reach out to Steve at 250.519.2303 or [email protected].

Also by Steve Noreen:

Managing insurance and risks for your hospitality business in 2025

4 Steps to Creating a Home Inventory Checklist

Nichole McKenzie — Wed, 14 Jan 2026 16:12:41 +0000

A home inventory is essential for protecting your belongings and ensuring a smooth claims process in case of fire, theft or other disasters. Here’s how to create and maintain an effective home inventory:

1. Divide your home into sections
2. Keep your home inventory in a secure place
3. Understand your policy limits
4. Review and update your home inventory regularly

Think quick: Are you able to name the complete contents of your living room along with their cash value? Now imagine trying to do this with your entire home following a fire or a robbery. This is why it’s important to create and maintain a home inventory — so that you can be prepared in case disaster strikes.

Whether you are a homeowner or renter, a home inventory helps to simplify insurance claims and ensure your valuables are covered. Here are four steps to take when creating your home inventory:

1. Divide your home into sections

Take the time to thoroughly go through each room of your home and create a detailed list of its contents. Each item should include:

Category (electronics, appliances, furniture, clothing, etc.)
Brief description
Serial numbers for appliances and electronics
Receipts with purchase date and price
Photos or videos of the room and items
Group lower-value individual items together with their estimated value (e.g., workout clothing – $500, nonfiction books – $650, etc.)
Appraisal or valuation documents for high-value items
Any additional notes that are relevant to your insurer

2. Store your home inventory securely

Choose a method that works for you, whether its Excel, a home inventory app, or pen and paper. The key is to keep your inventory safe. You can do this by:

Backing up digital files to the cloud or emailing them to yourself regularly
Storing handwritten lists and paper receipts in a fireproof safe
Keeping more than one copy in different secure locations

3. Understand your policy’s special limits

If you own expensive items such as bikes, handbags or jewellery — it’s a good idea to consider additional insurance coverages. Review the special limits in your policy to ensure you’re not underinsured. For example, if your policy only covers jewellery up to $10,000 and your collection is valued at $15,000, connect with your advisor to discuss updating your coverage.

4. Don’t forget to review and update your home inventory regularly

Every time you make a major purchase, you should add it in your home inventory with the details listed in step one. Aim to review your inventory at least once a year to ensure it’s up to date. Don’t forget to update your insurance policy as soon as possible if there are any significant changes.

Questions? Contact your Acera Insurance advisor

If you have questions about what is covered under your home insurance policy, contact your Acera Insurance advisor. They can provide insights into your current policy limits and make sure that you are properly covered in the event of a claim.

Get a quote.

Simply fill out a few details in our online form and one of our expert advisors will get your quote started.

Request a quote today

Acera Insurance

Personal vs. business auto insurance: What Canadian business owners need to know

Personal vs. commercial use

Different vehicles, different risks

Territory and travel considerations

Higher coverage limits and protection options

Want to learn more?

Get a quote.

OEMs and integrators: Managing third-party risks in manufacturing

OEMs and integrators in manufacturing: What’s the difference?

What risks do OEMs create in manufacturing

Bad parts or late parts

OEM breakdowns and service problems

Design or software problems

Logistics disruption and recall exposure

What risks do integrators create in manufacturing

OEMs, integrators and third-party cyber risks in manufacturing

7 steps to reduce OEM and integrator risk in manufacturing

1) Know who your critical suppliers and integrators are

2) Use strong contracts with clear expectations and insurance requirements

3) Make “additional insured” a standard request

4) Check if your vendors carry cyber insurance

5) Limit and monitor third‑party access to your systems

6) Build redundancy so one problem doesn’t stop everything

7) Review your own insurance limits

Manufacturing insurance for third-party risks

OEM and integrator manufacturing risks are manageable

FAQs: Third-party risks in manufacturing

What is third-party risk management and how is it different from overall risk management?

What are supply chain risks in manufacturing?

What are OEM risks in manufacturing?

What risks do integrators create in manufacturing?

What are third-party cyber risks in manufacturing?

What can manufacturers do to minimize their third-party risks?

Get a quote.

Steps to take when making an auto insurance claim

At the scene

Call your insurer and your Acera Insurance advisor

Your Acera Insurance advisor helps you:Understand coverage | Advocate for you during the claims process | Protect your coverage long‑term | Identify prevention steps

During your claim

After the claim

Claims lessons Canadian businesses can’t ignore after $11 billion in severe weather losses

First catastrophe claims lesson: Speed beats perfection

Reducing downtime through proactive partnerships

Streamlining claims with organized records

Why water damage causes most claims to grow in catastrophe situations

Wildfire claims: Access restrictions and contamination

Flood claims: Coverage wording and downtime risk

Hail claims: High volume, hidden water damage

Steps to take for a fast and successful claim in a catastrophe response

First 24 hours

Next 48-72 hours

Repair queue management, supply chain disruption and planning for delays

Strategies to minimize business interruption

Understanding catastrophe claims expectations

The perils of underinsurance and outdated property valuations

Understanding true replacement costs

Fraud risks rise when stress is high

Resilience strategies don’t have to be expensive

Hail risk mitigation

Water loss prevention

Wildfire readiness

We’re here to support you with comprehensive planning for business protection

FAQs

How does severe weather affect businesses in Canada?

What should businesses do immediately after a storm to support a fast, successful claim?

What should be in a severe weather preparedness and continuity plan for my business?

Life Insurance vs. Mortgage Insurance

Life insurance protects your loved ones — not the bank

Secure a financial future for your loved ones with life insurance

Choose a policy that protects your home and your loved ones. Choose life insurance.

Get a quote.

Obesity treatment: How will Canadian semaglutide generics reshape group benefits plans?

A brief overview of semaglutide and GPL-1 drug coverage

5 reasons group benefits plans should consider obesity as a disease

Obesity contributes to other chronic diseases affecting employees

Obesity affects workplace productivity

Willpower is not an effective obesity treatment

Canadians expect their group benefits plan to cover obesity treatments

Canadian semaglutide generics may make obesity treatment coverage common in employer health plans

Your Acera Insurance advisor helps you:
Understand coverage | Advocate for you during the claims process | Protect your coverage long‑term | Identify prevention steps

**Choose a policy that protects your home and your loved ones. Choose life insurance.**