For nonprofit organizations, the directors and officers (D&O) liability risk landscape looks increasingly similar to what private and public companies have faced for years, only with fewer resources to absorb the shock.
In 2026, economic uncertainty, heightened regulatory scrutiny, and escalating employment and cyber claims are reshaping nonprofit D&O risk, according to Nicole Murphy (pictured), nonprofit D&O product manager at Travelers Insurance.
Murphy told Insurance Business that the dominant force behind today’s nonprofit D&O exposure is prolonged economic uncertainty. Inflation, higher borrowing costs, and tighter public funding have made achieving revenue stability harder for mission-driven organizations.
“For nonprofits, securing funding and diversifying funding sources has become critical,” Murphy said.
Heavy reliance on a single revenue stream, such as government grants or donor contributions, increases board-level risk if that stream dries up. Navigating government funding itself is also becoming more complex, with varying federal, state, and local compliance requirements.
“For executives, worrying about how you’re going to keep the lights on can take your focus off the mission, or at least distract from it,” Murphy noted. “If you’ve relied on one revenue source for a long time, you have to think about other ways to bring money in the door.”
This pressure adds an extra layer of concern about whether funding is coming in and, for D&O insurers, translates into greater exposure tied to financial oversight, disclosure, and decision-making during periods of stress.
Unlike for-profit entities, nonprofits also face a unique combination of regulatory and reputational risks. Compliance spans not only employment and corporate governance laws but also fundraising regulations that vary significantly by jurisdiction, said Murphy.
“Donor expectations are different from shareholder expectations,” Murphy explained. “Nonprofits have to closely monitor fundraising laws and donor accountability in ways that for-profits don’t.”
Missteps in donor accountability or fundraising compliance can quickly escalate into regulatory actions or reputational harm, both common triggers for D&O claims.
Financial oversight is another pressure point. Boards must ensure compliance with loan covenants, grant requirements, and government oversight, often without the sophisticated internal controls available to larger commercial enterprises.
One of the most striking developments in nonprofit D&O, according to Murphy, is the rise in employment practices liability (EPL) claims. The Travelers specialist said both claim frequency and severity are now approaching levels seen in private and public companies.
Common allegations include discrimination, harassment, retaliation, and wrongful termination. Tight budgets often mean lean staffing, leaving employees overworked and frustrated. When alignment with the organization’s mission breaks down, disputes escalate more quickly.
Social inflation, the trend of rising jury awards and litigation costs, has also erased the historical perception that nonprofits are “softer targets.” “Just because you work for a nonprofit doesn’t mean you can’t bring the same claims,” Murphy said.
Cyber exposure has emerged as one of the most significant management liability risks for nonprofits. According to the 2025 Travelers Risk Index survey, cyber risks ranked among the top concerns for US nonprofits, with security breaches and hackers cited as the number one threat.
The data revealed a preparedness gap:
While cybercriminals do not necessarily target nonprofits specifically, Murphy said attackers go after vulnerability. Nonprofits often lack the resources to invest in advanced cyber hygiene or employee training, making recovery from an attack far more damaging.
For insurance brokers navigating nonprofit D&O, Murphy’s advice is to ask more questions and educate clients. D&O coverage alone cannot address the full spectrum of nonprofit risk.“You don’t get what you don’t ask for,” she said.
“Agents need to stay on top of trends and actively ask for the appropriate coverages. More importantly, it’s a best practice to educate nonprofits about their exposures and explain that certain risks like cyber can’t be fully addressed through D&O alone. A dedicated cyber policy provides much better protection.”
Dedicated EPL and cyber policies are increasingly essential, she stressed, much like EPL coverage became non-negotiable years ago. Brokers who understand nonprofit-specific exposures and proactively work with underwriters to address them will be best positioned to help clients navigate a more volatile risk environment.
“Having D&O, EPL, and cyber policies in place are all excellent measures. They’re not a replacement for having the right internal controls, but they’re a very good place to start,” Murphy said.
