FMJ, the official magazine of the International Facility Management Association (IFMA), is written by and for workplace professionals and is published six times a year. FMJ is the only magazine that draws on the collective knowledge of IFMA’s global network of thought leaders to provide insights on current and upcoming FM trends. For more information on FMJ, visit

Protecting yourself from downstream risks

Three tools to help FMs mitigate risk

by Cheryl L. Kozdrey and  Jeremiah M. Welch — This article originally appeared in the May/June 2020 issue of FMJ

Effective risk management processes, including contractual risk transfer and insurance protections from downstream parties, are essential for a successful facilities management practice.  Yet, the industry’s heavy reliance on third-party vendors and creates a complex risk management system that can be difficult to navigate without the proper resources and expertise.  Specialized legal counsel can provide guidance regarding industry-specific risk transfer procedures, but, as a general practice, FMs can mitigate risk using three simple tools:

  1. Effective contractual indemnification and defense agreements,
  2. Vendor-specific insurance requirements, and
  3. Ongoing insurance review protocols.

Utilizing this three-step risk process to optimize risk management will not only provide financial protections to the FM, but will also serve as a selling point to business owners and prospective customers who, as a result, will benefit from pass-through risk transfer to downstream vendors.

Contractual Indemnification and Defense Agreements for Effective Downstream Risk Transfer

Contractual indemnity and defense agreements are a critical component of facilities manager-vendor contracts and/or service level agreements (SLA).  The purpose of such a provision is to shield the indemnitee – usually the FM – from losses flowing from third-party claims related to the SLA.  This is accomplished by shifting financial responsibility for such claims to the indemnitor – typically the vendor.  This risk transfer structure makes business sense because the vendor, acting as an independent contractor and specialist in its respective trade, is in the best position to control the risk associated with its services.

Consider the following scenario:  An FM is implementing a new open Wi-Fi network for customers to use freely while on the premises. The FM contracts with Wi-FiVendor to set-up the hardware and equipment, and to provide ongoing maintenance of the same.  The FM also contracts with TechVendor to provide data management software and ongoing service of the same. The FM serves hundreds of customers each day, many of whom enjoy using the open Wi-Fi network.  Two years later, while one of the FM’s construction subcontractor, SubVendor, is onsite performing building repairs and renovations, the power goes out and, the next day,  a major network security and data breach has occurred, resulting in the dissemination of sensitive customer information.  The impacted customers commence a class-action lawsuit against the business owner and FM.  It is initially unclear what caused the security breach, but it’s almost certainly related to the services provided by Wi-FiVendor, TechVendor, and/or SubVendor.  The business owner and FM begin to incur substantial attorneys’ fees to defend against the suit, as well as multi-million-dollar settlement obligations.

The business owner will want to shift its financial obligation to the FM, and the FM will want to shift its obligations to one or all the potentially at-fault vendors.  Because the FM may have damages caps on its own insurance policies, he or she will also want to assist the business owner with obtaining pass-through risk transfer to the at-fault vendors by way of additional insured coverage on their policies.   However, shifting third-party risk downstream ex post facto (i.e., after a claim has arisen) can be difficult, especially when the stakes are high and it is not immediately clear who is at fault.

One way to preemptively resolve these issues is with effective indemnity agreements written into each SLA at the inception of the FM-vendor relationship.  These provisions should be carefully drafted, with two goals in mind – establishing adequate risk transfer between the parties and ensuring enforceability in the state in which the vendor services will be performed.  Specifically, vendors and service providers should be required to assume liability to the full extent permissible under the law, including defense costs, settlements, and judgments, associated with any claim or lawsuit brought by a third party against the FM and/or business owner.  The failure to impose a duty to defend in the indemnity provision is overlooked far too frequently.  Defense costs can be exorbitant especially when related to catastrophic loss events, like the class-action lawsuit described above.

FMs should also take care to draft indemnity provisions in compliance with the anti-indemnity statute applicable in the state where the vendor will be performing its work.  These statutes vary significantly from state-to-state and are intended to limit the scope of indemnity one party can legally require from another.  States fall somewhere on a spectrum from “broad,” to “intermediate,” to “limited,” with respect to permissible indemnity agreements.  Broad indemnity states generally have no governing statute and may permit an FM to require contractual indemnity from its vendor for all negligence, up to and including the FM’s own sole negligence.  In intermediate states, the FM can hold the vendor liable for full indemnity even if the vendor is only partially at-fault.

If the FM’s contracts had a full-indemnity provision, it could immediately shift 100 percent of its defense and settlement obligations, as well as the business owner’s obligations, onto SubVendor, even if  it were later determined that the power outage caused by SubVendor’s work was only a small contributing factor that, in conjunction with Wi-FiVendor’s grossly outdated hardware and TechVendor’s unencrypted data management software, ultimately led to the security breach.  This provides the FM and business owner with prompt and complete protection from financial exposure and forces the vendors to use their own resources to fight amongst themselves about what each party should have to contribute toward the loss.

Alternatively, some intermediate states only permit partial indemnity, whereby the FM can only hold the vendor liable to the extent of its fault (e.g., if SubVendor is only 45 percent responsible for the loss, it will only pay that portion of the defense fees and settlement value, and the FM will have to pursue WiFiVendor and TechVendor itself to recover the remainder of its losses).   Finally, in limited states, the vendor can only be made to indemnity the FM for negligence that the vendor solely at fault for (i.e., where there is no concurrent negligence).

In addition to scope limitations, anti-indemnity statutes also vary in their application to certain industries.  For example, several states only impose restrictions on indemnity provisions in construction and/or maintenance contracts or in a select group of other industry-specific contracts.  In such states, the FM and business owner from the above scenario may only be permitted to seek partial or limited indemnity from a construction contractor like SubVendor.  Meanwhile, the FM could potentially impose broad or full indemnity on Wi-FiVendor and/or TechVendor.  Further, in some states, an indemnity provision that does no t scrupulously comply with the state’s anti-indemnity statute may be rendered unenforceable and stricken from the contract altogether.

These are all strategic considerations that must be understood and implemented from the outset of the FM-vendor relationship, before the SLA is drafted and signed.  Often, FMs oversee vendor work in different states and may benefit from the advice of counsel to determine which contractual indemnity and defense agreements are valid and enforceable for each SLA.

Essential Vendor-Specific Insurance Requirements

Despite proactive efforts with respect to contractual indemnity and defense agreements, financial solvency can nevertheless inhibit an FM’s accessibility to resources from its at-fault vendors. Accordingly, it is critical that FMs implement adequate insurance coverage requirements and actively vet their vendor’s policies before executing an SLA.

Vendor-specific insurance requirements should be expressly stated in the SLA, including the types of coverage, policy limits, and additional insured coverage in favor of both the facility manager and the business owner on a primary and non-contributory basis.  Insurance requirements should not be drafted in a one-size-fits-all boiler plate provision.  Instead, they should be detailed and tailored to each contract, considering the unique risk posed by each vendor.

For example, it may seem obvious that Information Technology vendors, such as WiFiVendor and TechVendor, should be contractually required to carry a cyber liability insurance policy.  It is less intuitive, however, that SubVendor should be required to provide cyber coverage as well.  Yet, cyber loss is precisely the type of risk triggered by the hypothetical fact pattern above.  Although it still may not necessarily make sense to require the identical scope of cyber coverage from SubVendor and the other two vendors, who are solely engaged in IT operations and maintenance.

As a baseline, all vendors should be required to carry commercial general liability insurance, including excess or umbrella coverage, with policy limits commensurate to the value of risk associated with the scope of work set forth in the SLA.  All vendors who own and operate commercial automobiles should also present proof of business auto coverage, even if only using those vehicles to drive to and from the facility.  These policies should be verified by the FM to ensure that, at a minimum, the policies provide proper additional insured designations, primary and non-contributory coverage with respect to policies held by the FM and business owner, and waivers of subrogation.  In addition, verifying that the vendor holds workers compensation coverage, with limits and terms consistent with the statutory guidelines of the state in which the work will be performed is imperative.  Beyond these bare-minimum requirements, the FM should work alongside specialized legal counsel to evaluate the unique risks posed by each vendor and determine whether additional insurance requirements or coverages types (e.g., cyber liability, employment practices liability, professional liability, etc.) should be imposed on its vendors.

Establishing and Maintaining Ongoing Insurance Review Protocols

Even with a carefully drafted vendor contract, the FM cannot guarantee continuous downstream insurance protection for itself and the business owner without establishing a system for vetting subcontractor insurance policies from the outset of the FM-vendor relationship and maintaining those practices on an annually recurring basis.  This is a critical tool for mitigating the consequences of vendor-related risk on a continuing basis. Unlike a vendor contract or SLA, which are stagnant documents that typically remain unchanged throughout the course of the vendor’s work, insurance policies may change annually.  Those changes may be the difference between coverage and no coverage for the FM and business owner.

Some FMs rely on cert-tracking companies to collect and catalog certificates of insurance, and select endorsements, from vendors on an annual basis.  While convenient, these digitized systems can lack the sophistication necessary to ensure proper insurance placement and coverage.  For example, all additional insured endorsements are not created equally.  Simply verifying the mere existence of an additional insured endorsement on a vendor’s policy is not enough.  The additional insured endorsement is quite possibly the single most important policy provision to ensuing coverage for the FM and business owner. Yet the specific terms and conditions are seldom analyzed with any degree of scrutiny, and deficiencies in the language of the endorsement can quickly negate or severely limit the FMs and/or business owner’s scope of coverage.

For example, “blanket” additional insured endorsements are intended to provide coverage to all parties owed coverage under a written contract.  However, undesirable privity language can limit the scope of coverage to only those parties that have an executed contract directly with the vendor.  Usually, this is sufficient to cover the FM, with whom the vendor directly contracts with, but it would not provide coverage for the business owner.  This can be problematic to the FM who has contractually promised the business owner that it will require all vendors to provide additional insured coverage to both the FM and the owner, thereby leaving the FM open to a breach of contract suit by the owner.

Causation triggers can also significantly reduce the scope of coverage available to the FM and owner.  For example, language triggering coverage for losses “caused in whole or in part” by the vendor is far broader than coverage that is triggered “if and only to the extent” that losses are caused by the vendor’s negligence.  Accordingly, the FM should consider supplementing or finding alternatives to simple digitized cert-tracking systems that typically provide only a cursory review of minimum policy requirements.


About the authors

C KozdreyCheryl L Kozdrey is an associate at Saxe Doernberger & Vita, P.C., a national insurance coverage law firm dedicated exclusively to policyholder representation and advocacy. She provides advice regarding optimal risk transfer strategies and insurance solutions, and represents policyholders through the life of a policy, including dispute litigation against insurance carriers. She is admitted to practice in the State of California.



J WelchJeremiah Welch serves as Managing Partner of Saxe Doernberger & Vita, P.C.’s California office and as a member of the firm’s Executive Committee. He has represented major stakeholders in some of the most significant construction disasters of the past decade. He also consults insured corporations and retail and wholesale brokerages.

FMJ, the official magazine of the International Facility Management Association (IFMA), is written by and for workplace professionals and is published six times a year. FMJ is the only magazine that draws on the collective knowledge of IFMA’s global network of thought leaders to provide insights on current and upcoming FM trends. For more information on FMJ, visit

Articles in FMJ are the exclusive property of IFMA and are subject to all applicable copyright provisions. To view abstracts and articles not shown here, subscribe or order individual issues at Direct questions on contributing, as well as on permission to reprint, reproduce or use FMJ materials, to Editor-in-Chief Bobby Vasquez at

IFMA, founded in 1980, is the world’s largest and most widely recognized association for facility management professionals, supporting 24,000 members in more than 100 countries. IFMA advances collective knowledge, value and growth for Facility Management professionals. IFMA certifies professionals in facility management, conducts research, provides educational programs, content and resources, and produces World Workplace, the largest series of facility management conferences and expositions. To join and follow IFMA’s social media outlets online, visit the association’s LinkedIn, Facebook, YouTube and Twitter pages. For more information, visit