Lesto is a licensed P&C broker — specialized in fast-moving companies.
LESTO
Back to guides

Insurance after a funding round: what changes and what to do

A funding round doesn't just change your treasury. It changes your risk profile, your contractual obligations, and your personal exposure as a founder.

Sami Zarzour·6 min read

Most founders come out of a funding round with a to-do list: hire, accelerate the product, build processes. Insurance is almost never on that list. That's a mistake — and often an expensive one.

A funding round simultaneously changes three things: your risk profile (you're managing more cash, more employees, more clients), your legal structure (with investors on the board), and your contractual obligations (the clauses in the shareholders' agreement). Your insurance program needs to adapt to all three.

What really changes

Before the raise, you were perhaps the founder of a lean structure with few assets and risk concentrated on your operational activity. After the raise, you become the director of a company in which third parties have invested. These third parties have rights — and they can exercise them against you if management is deemed deficient.

Your professional liability policy covers your liability toward clients and vendors. It does not cover your personal liability as a director toward shareholders, employees, or third parties harmed by a management decision. That's exactly what D&O insurance covers.

D&O becomes non-negotiable

Directors & Officers (D&O) insurance protects executives from the financial consequences of personal claims arising from their management decisions or actions. It covers defense costs, damages, and in some cases unintentional administrative fines.

After a funding round, three situations multiply that justify this coverage. First, your investors can sue you if they believe you made decisions harmful to the value of their investment. Second, mass hiring increases the risk of employment disputes involving management decisions. Third, an insolvency proceeding — even if it remains a minority scenario — can expose the personal assets of the director.

A founder who has raised money without D&O insurance hasn't realized that their personal assets are now directly exposed to the decisions they make every day.

Sami Zarzour, co-founder Lesto

Cyber: often a contractual obligation

If you process personal data, host systems for enterprise clients, or if your activity depends on critical digital infrastructure, standalone Cyber insurance quickly becomes an operational necessity — and often a contractual condition required by new clients or partners.

A Cyber policy covers three main risk families: business interruption in the event of an attack (ransomware, DDoS), notification and crisis management costs in the event of a data breach, and third-party claims from individuals whose data was compromised. After a raise, your growth typically means more data, more clients, more interconnected systems — and a larger attack surface.

  • You process health, financial, or identity data → Cyber mandatory
  • Your enterprise contracts include security clauses → check the required minimums
  • Your cloud infrastructure hosts client data → cover interruption and reconstruction
  • You've signed a DPA (Data Processing Agreement) → Cyber covers potential penalties

Clauses to watch in your term sheet

Most term sheets and shareholders' agreements contain insurance clauses that founders don't read carefully at signing. These clauses can condition the maintenance of the investment or trigger contractual obligations if not respected.

The most common clauses relate to: the obligation to maintain D&O coverage with a minimum limit (often equal to the amount raised), the obligation to cover independent board members (fund representatives are often covered by their own policy, not yours), and the obligation to notify the insurer of any major change to the business.

One frequently overlooked point: most D&O policies include a "run-off" clause — they cover acts committed during the term of the mandate, including after policy cancellation. This continuity of coverage is negotiable and must be anticipated from the initial subscription.

Not sure your current coverage is still right for you?

Upload your policies. We'll analyze them and get back to you within 48 hours.

The right time to act

Ideally, the review of the insurance program should happen within 30 days of the closing — before mass hiring begins, before signing the first major client contracts, and before investors realize that the shareholders' agreement clauses are not being respected.

In practice, a full coverage audit takes 48 to 72 hours at Lesto. We review your existing program, identify gaps against your new risk profile, and submit an adapted program with the terms we've negotiated with our insurer partners.

Don't leave your insurance program on autopilot after a funding round. This is precisely the moment when your exposure changes — and where the gap between what you think you're covered for and what you're actually covered for can be costly.

Tags

  • #fundraising
  • #D&O
  • #directors officers
  • #cyber
  • #startup
  • #financial lines
Sami Zarzour

Sami Zarzour

Co-founder, Lesto

Sami is a co-founder of Lesto. He writes about insurance brokerage, business risk management, and the transformation of the industry.

LinkedIn →