Coverage 07 · Management Liability

Kidnap & Ransom Insurance.

Indemnity and response services for kidnapping, hostage events, and extortion affecting principals, families, and employees — extended for the modern threats of cyber and IP extortion.

Kidnap and ransom insurance — universally known as K&R — covers ransom payments, in-transit loss of ransom funds, and the wide range of crisis-response expenses that arise when an executive, employee, or family member becomes the target of kidnapping, extortion, hijacking, wrongful detention, or threat. The policy is paired with 24/7 access to a specialty crisis-response firm (typically Control Risks, NYA International, S-RM, or a similar specialist) whose consultants negotiate the response in real time.

The classic perception of K&R is a coverage for multinational corporations operating in unstable regions. The reality of the modern threat landscape is broader. Express kidnapping (short-duration abductions for ATM withdrawal), virtual kidnapping (extortion based on false claims of an abduction), cyber-extortion (ransomware demands branded as ransom), product extortion, and threat-of-violence extortion all sit comfortably within modern K&R forms. Any organization with executives who travel internationally, with high-net-worth principals, with public-facing leadership, or with employees in higher-risk geographies has the exposure.

Definition

Kidnap and ransom insurance — a specialty crisis-response policy that reimburses ransom payments, response costs, additional expenses, and certain legal liabilities arising from kidnapping, extortion, wrongful detention, hijacking, evacuation, and related events. The policy is paired with retained crisis-response consultants who are activated on first notice and manage the incident in coordination with the insured and (where appropriate) law enforcement.

What K&R covers

Ransom payments — the actual ransom or extortion payment, subject to limits and (importantly) OFAC sanctions screening

In-transit loss of ransom — loss of ransom funds during delivery to the perpetrators

Response and crisis consultant fees — the cost of the retained specialty firm, typically without erosion of the policy limit

Additional expenses — medical and psychiatric care for victims and family members, security consultants, public relations management, salary continuation, travel and accommodation for family members

Legal liability — defense and indemnity for claims by the victim, the victim's family, or other third parties arising from the incident or the response

Personal accident benefits — death and disability benefits for the victim arising from the covered event

Rest and rehabilitation — extended recovery support for victims and (often) immediate family

Reward payments — payments to informants who supply information leading to the victim's recovery

What events trigger coverage

Modern K&R forms respond to a broad menu of crisis events:

Kidnap — the seizure and holding of a person against their will for ransom or other demand

Express kidnap — short-duration abductions, typically for the purpose of forcing ATM withdrawals or quick ransom; high frequency in certain Latin American urban centers

Virtual kidnap — extortion based on false claims that a family member has been abducted, increasingly directed at high-net-worth individuals and corporate executives

Extortion — threats of bodily harm, property damage, reputational harm, or disclosure of confidential information, in exchange for payment

Cyber-extortion — ransom demands following data theft or system compromise; significant overlap with cyber liability that requires careful coordination

Product extortion — threats to tamper with products in commerce (food, consumer products, pharmaceuticals)

Hijacking — seizure of an aircraft, vessel, or vehicle while the insured is on board

Wrongful detention — detention by a foreign government, paramilitary group, or other entity without due process

Evacuation — covered evacuation from a country where political instability, natural disaster, or threat against an insured person makes departure necessary

Threat — credible threat of bodily harm or kidnap, covering security upgrades and consultant fees even where the underlying threat does not materialize

Who buys K&R

The classic K&R buyer was a multinational corporation operating in high-risk geographies. The contemporary buyer profile is significantly broader:

  • Multinational corporations with executive travel anywhere outside their home country
  • Mid-market and large private companies with controlling families or high-net-worth principals
  • Family offices and ultra-high-net-worth families, often via personal policies separate from any commercial structure
  • Nonprofit organizations operating in high-risk regions — aid workers, missionaries, journalists, researchers
  • Higher education institutions with study-abroad programs and international research operations
  • Public-figure principals — entertainment, sports, technology executives, public-company CEOs
  • Religious organizations with international missions
  • Construction, mining, energy, and infrastructure firms with personnel in remote or developing regions
  • Maritime operators with crews transiting piracy-active waters
  • Cryptocurrency holders and Web3 founders, who face elevated express-kidnap and virtual-kidnap exposure

The crisis-response partnership — what really matters

The single most valuable feature of a K&R policy is not the limit. It is the on-call crisis-response firm. When a kidnap or extortion event occurs, the named insured contacts the crisis firm directly, typically through a dedicated 24/7 number, and a specialist consultant is engaged within hours. The consultant manages communications with perpetrators, coordinates with the insured's leadership, advises on payment decisions, liaises with local and federal law enforcement where appropriate, and remains engaged through resolution and post-incident debrief.

The retained firm matters. Control Risks, NYA International (now part of GardaWorld), S-RM, Olive Group, and a handful of other specialty firms hold the bulk of the market. Each has different regional strengths, different cultural and linguistic capabilities, and different operational philosophies. Selecting the right firm is part of the placement decision, not just an administrative detail attached to it.

The OFAC question and the legal framework

Ransom payments are legally complex. The U.S. Treasury's Office of Foreign Assets Control (OFAC) prohibits payments to sanctioned persons, organizations, and jurisdictions. The FBI strongly discourages ransom payments as a matter of policy but does not prohibit them in most situations. Following the 2021 Treasury advisory on ransomware payments, OFAC sanctions screening has become a mandatory step in any ransom transaction — both for cyber-extortion and for traditional kidnap.

The K&R policy and the retained crisis firm handle this screening as part of the response. Where a sanctions risk exists, the consultant typically engages outside counsel and, in some cases, files a voluntary disclosure with OFAC before any payment is made. Coverage for ransom payments to sanctioned parties is generally not available; coverage for the cost of compliance and the alternative-response work that follows a sanctions block is typically maintained.

The confidentiality requirement

K&R policies are written with a strict confidentiality term. The named insured agrees not to disclose the existence of the policy to any person not authorized to know — including insured executives and their families. This is not paranoia; it is the operational logic of the line. A would-be kidnapper who knows the target is insured has an incentive to demand a higher ransom; an executive who knows insurance is in place has an incentive to behave with less personal caution. The premium is not disclosed to insured personnel as a matter of policy condition, not a coverage feature. Breach of the confidentiality term can void coverage for any subsequent loss.

Coordinating K&R with other coverages

Cyber-extortion is the cleanest overlap. Modern ransomware demands trigger both K&R (the extortion threat against the organization) and cyber liability (the underlying data and operational consequences of the incident). The two policies are coordinated so that one pays the ransom, the other pays the forensic, notification, and business interruption costs, and the response is managed through a single coordinated panel — typically with the cyber breach coach as primary and the K&R consultant engaged for the negotiation. Product extortion overlaps with product recall coverage. Wrongful detention can overlap with executive protection and certain D&O coverages where the detention arises from an alleged business act.

Coverage application

The Kidnap & Ransom application gathers the information our markets need to quote: applicant operations and SIC classification, ownership structure, foreign exposure (travel patterns by directors, officers, and other employees outside the U.S. and Canada; permanent foreign locations and headcount), safety procedures in place for traveling and resident personnel, foodstuffs and pharmaceutical exposure (which carries product extortion implications), maritime exposure, requested limit and retention, and any prior kidnap, detention, hijacking, or extortion incidents in the past three years. Complete the application and return it to us, or call to discuss before submitting.

Kidnap & Ransom Coverage Application PDF

Common questions

Is K&R only for international operations?

No. Domestic kidnap and extortion events have grown materially in the past decade. Virtual kidnap is now a primarily domestic phenomenon. Cyber-extortion is geographic-agnostic. Threat events directed at public-figure executives are predominantly domestic in origin. Modern K&R forms cover events occurring anywhere in the world.

Does the policy pay the ransom or reimburse it?

The policy is structured as reimbursement to the named insured. The insured (or the crisis-response firm acting on the insured's behalf) makes the payment to the perpetrators; the carrier reimburses against documented evidence of the payment, subject to OFAC compliance and the policy's other terms. Some carriers offer pre-payment arrangements where the operational urgency requires it.

What is the typical limit?

Limits range widely. Family-office and personal K&R policies often run $1M to $10M. Mid-market commercial K&R typically writes at $5M to $25M. Large corporate towers reach $50M, $100M, or higher for organizations with substantial international footprint, cryptocurrency-related exposure, or high-public-profile principals. Crisis-response consultant fees are typically in addition to the policy limit, not eroding it.

How quickly does coverage respond?

The crisis-response firm engages within hours of notice — typically before the carrier is formally notified of a claim. Notification to the carrier happens through the crisis firm and follows the operational response, not the other way around. The architecture is built for speed.

What about cryptocurrency ransoms?

Modern K&R policies cover ransom payments made in cryptocurrency, subject to OFAC screening of the destination wallet and the broader sanctions framework. The crisis firm manages the cryptocurrency procurement, the wallet validation, and the on-chain forensics. For organizations with material cyber-extortion exposure, the K&R policy's cryptocurrency handling capability is now a primary placement consideration.

K&R is the only insurance product where the existence of the coverage is itself a coverage condition — disclose it to the wrong person and you forfeit it. Buy it quietly, place it with people who know the response firms, and treat the confidentiality clause with respect.

Speak to an underwriter

K&R is a discreet, structured placement. Call (800) 373-2804 for a confidential conversation about exposure, structure, and the response firms appropriate for your operations.

Call (800) 373-2804 Send a submission