Hunton Insurance Recovery Blog

If recent years have taught insurance practitioners anything, it is that the most consequential coverage disputes rarely turn on novelty alone. In 2025, courts continued to resolve high‑stakes insurance disputes by returning to first principles—examining when claims are related, how losses and occurrences are defined and aggregated, and how policy language allocates risk across time and conduct. D&O coverage and other core insurance law issues again occupied center stage, while decisions in property, cyber, and liability disputes reinforced a familiar theme: policy interpretation remains the decisive factor in determining whether coverage is available in an increasingly complex claims environment. As the decisions discussed below demonstrate, 2025 confirmed that even as risks evolve, coverage disputes remain grounded in careful, policy‑specific analysis.

On November 10, 2025, Chairman John Boozman (R-MT) and Senator Cory Booker (D-NJ) of the Senate Agriculture, Nutrition and Forestry Committee released a discussion draft of legislation regulating crypto markets in the United States. The draft is similar in several ways to the Clarity Act, which the House of Representatives passed in July 2025.

On September 29, 2025, staff in the SEC’s Division of Investment Management issued no-action relief for certain crypto asset custodians. Specifically, the relief will, under certain circumstances, allow SEC-registered investment advisers (Registered Advisers), registered investment companies and business development companies (collectively, Regulated Funds) to treat a state-chartered trust company as a “bank” (for custody purposes) with respect to crypto assets and related cash or cash equivalents, without fear of enforcement under the SEC’s custody rules.

In today’s digital world, data breaches due to vendor failures are becoming increasingly common, often resulting in costly fallout. While insurance can provide a safety net, the interaction between cyber insurance and vendor contracts is crucial for effective recovery and risk management. Vendor contracts should not be treated as mere formalities but as vital frameworks that contain specific, detailed provisions regarding data security obligations to ensure accountability and minimize vulnerabilities.