Crime Insurance

Increased Need for Crime Insurance for Small Businesses

Diligence is the key to preventing losses

Since the 2008 economic decline, there has been a sharp rise in crimes by employees and third parties. Fueled by the fear of unemployment, workers are fighting back against their employers. They’re more likely to take what they feel they deserve because of the work they’ve done for their company over the years. Not surprisingly, many companies are taking a closer look at risk controls to cut unnecessary costs and uncovering theft issues that may have been undetected in the past.

The majority of people who commit these crimes are not professional criminals. Rather, they’re in a financial  bind and tend to rationalize such behavior as borrowing the money until they can pay it back.

Small businesses must take all necessary precautions to prevent employee theft and fraud. To this, they must address the fraud risks or their policy limits to adjust for the related losses. Only one in four private companies buys crime insurance. Stand alone crime policies are better than crime coverage added to Business Owners Policies (BOPs).

One way to determine an appropriate crime limit is to assume 5 percent of the company’s revenue will be the cost of fraud, and include that amount in the limit. Another way is to use organizations like Advisen that can evaluate a client’s cash flow, number of employees and business locations, employee turnover rates, and effectiveness to its internal risk controls.

Risk controls to minimize employee fraud:

  • Use prenumbered checks typed or numbers written in permanent ink
  • Be aware of employees who object strongly to new policies concerning financial, inventory, or supply matters
  • Employees with duties that  include check preparation or distribution should not reconcile the bank checking account
  • Improve background checks of job applicants
  • Separate receiving, store keeping, and shipping functions. Complete physical inventories annually and assign them to an individual who is not responsible for inventory records.
  • Be aware of employees who exhibit signs of compulsive gambling, persistent borrowing, or repeated requests for salary advances.
  • Separate mail opening and posting functions
  • Record checks and cash in appropriate registers and stamp checks for deposit only
  • Be aware of employees who suddenly want to work late

Source: Russ Banham, Independent Agent

5.00 avg. rating (87% score) - 1 vote
Categories: Crime, Risk Management, Small Business, Technology, Theft

Escalating threats from digital exposure

Vigilance required to combat ever-emerging risks

News broke of what is currently the biggest collection of stolen digital information to date. As more and more industries and businesses become more information-based, the information value and ease with which it is transmitted creates new risks. Criminals apparently never lack for creative ways to turn stolen data into profits, finding increasingly sophisticated ways to collect personal and proprietary information from corporate networks.

Fallout from stolen information

Failure to adequately protect sensitive information can result not only in lost sales and customers, but in claims and lawsuits for the losses sustained by customers and the general public. Fears about privacy and identity theft have resulted in state and federal legislation regarding the collection, management and protection of sensitive data. These new regulations have had a significant impact on businesses, which now face heavy fines and lawsuits in the event of security failures. Businesses also risk damage to their reputations because of laws requiring require them to publicize such breaches.

Realize the value of your information

Criminals look at corporate websites as gateways to massive information from which they can profit. While businesses spend billions of dollars to strengthen their security, criminals stay one step ahead, developing new methods of attack. Companies spend years, or even decades, gathering data. This data is an extremely valuable asset that must be protected. Businesses can no longer depend on traditional insurance policies to protect against technology risks. Most insurers exclude electronic theft from their standard policy forms. To deal with these risks, businesses need coverages specifically aimed at the inherent risks of our digital economy.

In upcoming articles I will discusses the vulnerable areas that require diligent attention by business owners, tips for improving security, and what the insurance industry is doing to help protect against these ever-evolving risks.

If you would like assistance in assessing coverage to protect your business or have questions regarding your current coverage, please call us at 800-622-7370

0.00 avg. rating (0% score) - 0 votes
Categories: Breach Of Security, Crime, Loss Control, Risk Management, Theft
Crime Insurance

Keeping your trade secrets a secret

Protecting your information and preventing leaks

If your company’s unique formula, recipe, or manufacturing process sets you apart from everyone else on the market, you have a trade secret. Unfortunately, secrets are hard to keep.

We’re not talking intellectual property protected by patents and copyrights. Trade secrets are technical information that gives you an economic edge, or the potential for one, over the competition. These can be techniques, processes or formulas. Most companies take steps to protect themselves from patent and copyright infringement, but many mid-sized firms neglect to take steps to secure confidential and sensitive information, such as trade secrets, business strategies, financial records, customer data, and employee contracts terms.

All of these are valuable assets to your company and need to be safeguarded.

Where leaks occur

Sadly, research shows that employees are the biggest source of confidential information misappropriation. Attorneys at O’Melveny & Myers say 78 percent of cases between 1995 and 2009 involved defendants who were either employees or former employees. Third-party contractors and service providers were involved in 20 percent of thos??e cases.

Ownership of trade secrets aren’t protected by law the same way patents and other intellectual property are. However, individuals and competitors can be sued in civil court under federal laws , such as the Economic Espionage and Computer Fraud and Abuse Acts.

 The rise in trade secret litigation surpassed that of other trademark and other intellectual property infringement cases by double-digits in 2013, according to American Intellectual Property Law Association.

 Taking steps toward protection

Chances of successfully proving legal ownership of confidential information and trade secrets improves drastically if you have taken reasonable steps of protection.

Protection begins at home.  All employee and contractor agreements should include policies on non disclosure clauses for proprietary, secure, sensitive information. The best security is maintaining a strict need-to-know policy, sharing sensitive information only with those who have signed a nondisclosure agreement. All employees should be given intellectual property security training upon hire. It doesn’t hurt to update and review that training annually.

We encourage you to call one of our Sadler insurance experts at 800-622-7370 if you have questions about intellectual property and trade secrets. They’ll be happy to provide answers and discuss the insurance needs of your unique business.

Source: Matt Dunning, “Trade Secrets,” Business Insurance. 16 Mar. 2014

1.00 avg. rating (47% score) - 1 vote
Categories: Advertising Injury, Breach Of Security, Intellectual Property Infringement, Theft

Employee theft

Websites offer workers help with new techniques

Employee TheftEmployees are using new services and technology to defeat employer risk management controls. Pre-employment references are the mainstay of employee dishonesty risk management.  However, employees can now tap into reference scam websites that will, for a fee, provide falsified prior employment reference letters and phone numbers where operators will falsely verify prior employment.

Anyone seeking to submit falsified expense reimbursement reports can pay a fee to websites that will fabricate bogus expense receipts in any format needed. Employers are turning to data analysis to help to fight employee fraud.  Data analytics software uncovers unnatural expense patterns (amounts, dates, and other information) that may be an indication of fraud.

Vendor fraud is old school, but fertile ground for dishonest employees.  Employees can set up fictitious vendor accounts and submitting invoices.  Employers should be wary of vendor names that are identified by abbreviations or initials or by a post office box address.

Employee theft claims can be difficult to uncover and can accumulate over a number of years.  Therefore, its critical to carry a Crime Policy with sufficient limits.

The video below offers an 8-point list of ways you can detect and deter employee fraud.

Source:  “The Fight Against Employee Theft,” Doug Karpp. Insurance Journal, Nov. 4, 2013.

0.00 avg. rating (0% score) - 0 votes
Categories: Crime, Theft

Your Cyber Insurance Policy

What may not be covered

Below are examples of types of risks that are not covered or only partially covered by most Cyber Risk policies:

  • The cost to implement security upgrades after an attack
  • A comprehensive written security program that is typically paired with a regulatory fine or penalty
  • Damage, corruption, or deletion of intellectual property
  • Audits performed periodically that are most likely required for several years after a data breach
  • Restoration of a business’ damaged reputation

For example, coverage under a Cyber Risk policy for the damage, corruption or deletion of intellectual property is typically limited to the cost of restoration or replacement, not taking into consideration its asset value to the company. In addition, most Cyber Risk Policies will not provide coverage for upgrading security after an attack has occurred.

The average cost of a data breach is $200 per record, according to the 2013 Ponemon Institute study. This average cost includes notification, defense, credit monitoring, services of a call center handling client complaints, as well as the cost of hiring a public relations firm. However, because most of these costs are not covered by insurance, this could cause a damaged reputation, including a falling stock price and loss of customers. Therefore, companies should address their potential exposures before a breach occurs by implementing risk management procedures to enhance best practices for network security.

Source: “Cyber insurance not always enough,” Joanne Wojcik; Business Insurance, April 16, 2012

3.00 avg. rating (67% score) - 1 vote
Categories: Breach Of Security, Cyber Liability, Intellectual Property Infringement, Risk Management, Theft

Cyber Liability Claims Not Covered Under Most General Liability Policies

General Liability policies cover lawsuits alleging bodily injury, property damage, personal injury, and advertising injury.  The property damage coverage requires damage be to tangible property as opposed to intangible property.

Most data breaches include damage to intangible property stored on hard drives.  As a result, General Liability carriers argue that there is no coverage for data breach.  However, General Liability carriers are increasingly providing endorsements for Data Breach.

The purchase of stand-alone Cyber Risk policies are becoming increasingly common for businesses with data breach exposure.  Of course, these policies cover a lot more than just data breach.  Other coverages include Media Liability, Cyber Extortion, Denial of Service, and loss of business income.

Source:  Business Insurance, April 2, 2012

4.00 avg. rating (77% score) - 1 vote
Categories: Breach Of Security, Cyber Liability, Identity Theft, Theft