Business interruption: the number one risk for SMEs – How to quantify your operating loss and adapt your insurance coverage

Business interruption: the number one risk for SMEs – How to quantify your operating loss and adapt your insurance coverage

Introduction

For an SME, the risk of business interruption is not theoretical. A fire, a major breakdown, a cyberattack, or the failure of an IT provider can halt production, block invoicing, or prevent access to critical data.

According to the Federal Statistical Office, small and medium-sized enterprises (SMEs) represent the vast majority of businesses in Switzerland (FSO, “SMEs”, https://www.bfs.admin.ch ). This means that the Swiss economy relies heavily on structures whose financial resilience is often more limited than that of large corporations.

In this article, we address business interruption for SMEs as a strategic risk. You will learn how to quantify your business interruption losses, analyze your SLAs and IT dependencies, and adapt your insurance coverage within a management and governance framework.

1. Understanding SME Business Interruption

1.1 Operational definition

Business interruption refers to a reduction or temporary cessation of activity following an insured event, resulting in a loss of income and the persistence of fixed costs.

Swiss insurers describe business interruption insurance as coverage intended to compensate for lost earnings and fixed costs during the recovery period following material damage (e.g. AXA Switzerland, “Business interruption insurance”, https://www.axa.ch ).

1.2 Beyond the physical damage: IT dependencies and service providers

Traditionally linked to fire or water damage, business interruption is now often triggered by:

• A computer failure

• A cyberattack

• The failure of a key supplier

• A logistical disruption

Mapping dependencies becomes central: cloud hosting, ERP, billing provider, single subcontractor.

2. How to calculate your operating loss

2.1 Key components

To quantify the operating loss, a distinction must be made:

• Unrealized revenue

• Variable costs saved

• Fixed costs that continue to run

The method generally used is based on the analysis of historical accounts and the projected budget.

2.2 Compensation Period

The compensation period is crucial. It corresponds to the time needed to return to the financial situation prior to the loss. This period must be consistent with your technical restart timelines.

Mini case study 1

An industrial SME suffered a fire in its main workshop. Repairs took several months. Without business interruption insurance tailored to the actual reconstruction timeframe, the company itself bore a portion of the lost revenue. Prior analysis of the reconstruction timeline would have allowed for an adjustment of the compensation period.

3. SLA and restart times

3.1 IT SLA and Business Continuity

Service Level Agreements (SLAs) define the response and recovery times for critical systems. If your ERP is outsourced, your contractual recovery time directly impacts the duration of the outage.

A theoretical SLA of a few hours does not have the same impact as a delay of several days.

3.2 Alignment between SLA and insurance

It is essential to align:

• The contractual IT recovery period

• The insured compensation period

• The internal business continuity plan

A misalignment can create a “coverage gap”.

4. Critical Dependencies and Risk Mapping

4.1 Supplier Dependencies

An SME dependent on a single supplier is exposed to the risk of indirect disruption. Some policies cover losses related to the failure of a key supplier, subject to certain conditions.

4.2 Digital Dependencies

Cloud, hosting, cybersecurity: IT dependency transforms business interruption into systemic risk.

Mini case study 2

A small service company is entirely dependent on a cloud provider. A major outage at this provider blocks access to customer data. The insurance policy covers business interruption resulting from a disaster at an identified critical provider. The provider's failure to notify the company beforehand could have voided the coverage.

5. Adapt insurance coverage

5.1 Insured amount and underinsurance

An insufficient insured amount may lead to a proportional reduction of compensation in the event of a claim, according to the principle of underinsurance, applied in property insurance.

It is therefore crucial to update regularly:

• Revenue

• Fixed costs

• Growth scenarios

5.2 Coordination with cyber insurance

If the interruption is caused by a computer incident, cyber insurance can cover the loss of digital business. The coordination between property insurance and cyber insurance needs to be clarified.

Box – What needs to be documented

• Annual accounts and provisional budgets

• List of fixed costs

• Mapping of critical dependencies

• IT SLAs and supplier contracts

• Business continuity plan

• General and specific terms and conditions of the policies

Guidelines and actionable checklist

Axis Element to analyze Recommended action

Financial Revenue and Margins - Annual Update

Technical aspects, restart times, and SLA compliance checks

Contractual Supplier Dependencies Identify Key Suppliers

Insurance Compensation Period Adapt to the realities on the ground

Governance Business Continuity Plan Regular Testing

Common mistakes and how to avoid them

1. Underestimating the actual duration of business recovery.

2. Do not include IT dependencies in the analysis.

3. Forgetting to update the insured amount after growth.

4. Confusing property insurance and cyber insurance.

Questions to ask your insurer/broker

1. How is business interruption loss calculated in my policy?

2. What is the maximum compensation period?

3. Are losses related to a key supplier covered?

4. Are interruptions of cyber origin included or excluded?

5. Is there a risk of underinsurance?

6. What fixed costs are taken into account?

7. How is the gradual resumption of activity handled?

8. Are the additional costs to accelerate the recovery covered?

9. How to coordinate property and cyber insurance?

10. What information needs to be updated annually?

Conclusion

Business interruption for SMEs is a strategic risk that goes beyond simple insurance considerations. It affects financial management, IT dependency, and risk governance.

Accurately quantifying your business interruption loss, aligning your SLAs with your compensation period, and documenting your critical dependencies allows you to transform a major exposure into a manageable risk.

The next step is to integrate this topic into your portfolio audit and test the consistency between your crisis scenarios and your current guarantees.