It’s not exactly a straight line from a small town in Arkansas to General Counsel of DXC, a global IT company in the Fortune 500. But Bill Deckelman made it happen. For over 40 years, he’s been practicing law in the IT world. And while he’s seen vast technological shifts take place firsthand, he’s also been around long enough to know that certain parts of the job – namely, the importance of human relationships – are still fundamental.
Bill is the recipient of the Financial Times’ Most Innovative GC in North America award and has become a prominent thought leader regarding the transformation of the legal industry. In what follows, we discuss Bill’s upbringing, his role at DXC, how he navigates corporate insurance matters in the IT space, and more.
Where did you grow up? Is there anything about coming from a small town in Arkansas that helps you do your job better today?
I grew up in a small town – not far from where President Clinton grew up – called Crossett. It was one of those ‘Leave It to Beaver’ kind of communities, very caring, very hardworking. It was a paper mill town. My dad worked there for 44 years, and they used to let college kids work in the mill when they came home on breaks. So hard work became part of my makeup.
You also learn in a small community how to connect to people. It was a fairly diverse place, and I picked up some fundamental human relations skills during my childhood.
What drew you to law practice representing IT companies?
After law school, my first job was with a firm in downtown Dallas. Right across the street was a client’s service bureau, which is the original name for a data center. I used to walk across the street to meet them there, go into the data center, explore it, talk about it with interesting people. I fell in love with the field. After about four years with that law firm, I wanted to be closer to business so I went in-house with the client.
How has IT changed since you started out? How hasn’t it?
IT is an incredibly interesting part of our economy that’s changing constantly. In some ways, though, the issues I work with haven’t really changed. There’s the basic contractual relationship between IT providers/data centers and the customer. The basic terms of a service contract, like the limitation on liability for example, is generally the same as what we worked with 40 years ago.
In other ways, of course, the IT business is a lot more complex now. Cybersecurity, for instance. Back then, basic security was something we thought about, but in today’s world it’s a whole new ballgame.
Fundamentally, it still comes down to customer relationships. IT is a service you’re providing. So it’s about providing a valuable service the customer needs, and you learn those needs from personal relationships. Those human issues don’t change.
From where you sit, what do you see as an IT company’s most significant liability exposures?
Cybersecurity is No. 1. as I would assume it is for everyone in the IT world. As a public company, securities litigation against our board and executives is also something we’re concerned about. It may not happen every year, but it does happen in the career of a GC.
A third category, having to do with customer service issues, is also infrequent, but involves disputes that arise when certain projects go south. For those cases, it’s important to look over your errors and omissions (E&O) policy to make sure you’re backed up by coverage when you need it.
Does your job involve forming and maintaining relationships with DXC’s insurers?
I learned pretty early on – probably because of that client I worked in-house with back in the ‘80s – that insurance was important, and that it was important to understand it. In those days especially, everything we did was so relationship-oriented. Building trust with your carriers really mattered. Over the years, you get to know who the key people are at those carriers, and you develop relationships with them over dinner or coffee. I’ve found that pays off in the sense that, when it comes time to file a claim, there’s a basis for having a candid conversation with someone you’ve know a long time – rather than an arm’s length negotiation between lawyers.
Those relationships still matter, but I do wonder whether that’s changing now to some degree.
Do you have a role in meetings with DXC’s brokers and insurance underwriters ahead of annual renewals?
Yes. As they’re doing the underwriting, we put quite a bit of effort into trying to give a clear all-around picture of the company and its risk functions. We try to be really transparent about that, because it’s important that the carrier have a good working knowledge of what our business is about.
Are you involved in the process of getting insurers to pay claims? If so, what’s your role in this process?
We work with outside counsel who specialize in these disputes, and they lead the charge. But most of the time we do end up in a conference room with the carriers and their lawyers to discuss the claims. And at that point, I’ll be the spokesperson for the company. While the outside counsel lays out our legal position, I try to convey the message of: “We are your client, we have expectations here when we pay our premiums. We want to have a twoway discussion where you, the carrier, are treating us like a partner, not just hiding behind your lawyers.” I tend to end up in that role quite often.
How have insurance companies met or fell short of your needs since you first became a general counsel?
Generally speaking, they’ve been good, reliable partners. This is especially true of the carriers we deal with in the lower layers of an insurance tower.
It’s when you get to those excess layers higher up along the tower that you don’t always run into the partnering attitude. For instance, there are times in a GC’s career when a black swan event will come along, and you’ll get into those excess layers, and carriers will find an obscure clause in the coverage and say, this is an exclusion. When in reality they know – if they understand our business – that what caused us to file the claim was the very reason we bought the policy in the first place. These instances are rare, thankfully, but they’re very disappointing when they happen.
I see this occur higher up in the tower because smaller carriers are coming in, and they may only be there for a year or two before moving on. It’s very different from the established carriers lower down that we’ve had relationships with for decades. Companies have to watch, now, who’s coming in and out of the industry and where they may play in the tower. Of course, you hope never to have a claim that high up in the tower, but when you do you still expect to be covered.
What about insurance brokers? In general, are they reliable partners in helping to get difficult claims paid?
They’re in an interesting role as intermediaries between us and the carriers. We want them to be very clear about where the lines are between advocating for us versus discussing with the carriers. It’s all about transparency and trust. We want them to be proactive in helping us avoid conflicts that might come up and in getting claims paid. You don’t want to have to push every single day.
How has your experience with insurance companies changed the way you do your job?
I’ve grown to have a much more sophisticated appreciation for the nuances of policy language. For instance, when it comes to cybersecurity, we’re not only negotiating with our end customer but potentially our cloud provider as well. Then when you start looking at the responsibilities and accountabilities for a data breach, you need to look at customer scope, third-party scope, and our scope. There are a lot of ambiguities there, and our transactional lawyers need to be very attuned to that. They have to understand that they might be negotiating something that makes perfect business sense, but runs contrary to our insurance interests.
This article was originally published in the 2020 edition of Corporate Policyholder Magazine.
