Cyber Threat Scenarios – What might an attack look like?

Edited June 6th, by Kyle Langan

What is a business email compromise or email account compromise?

These cyber risks are financially damaging digital crimes. It exploits the fact that so many professionals rely on email to conduct business. “In a business email compromise (BEC) scam, criminals send an email message that appears to come from a known source making a legitimate request.” [1] According to a new report from Arctic Wolf, 70% of organizations faced business email compromise threats, with nearly 30% falling victim to at least one attack. [2]

Scenario: Email Compromise

Threat: Funds Transfer Fraud

An accountant at XYZ Inc. received an email from a familiar customer. The client’s Chief Financial Officer (CFO) frequently provides contracted services for XYZ in business-to-business transactions. In this email, the CFO instructed XYZ to conduct an ACH transaction for $160,000 owed on a recent invoice. The accountant tells the CFO, that to send and receive ACH transactions, XYZ must follow its procedure of approval, and reconciliation. Believing the request to be legitimate, the accountant proceeds with the transaction and initiated the transfer of company funds.

CFO: “I will notify you once payment is received and credits are applied to your account.”

Accountant: Payment for the 160k is in process at the bank, as soon as it is confirmed I will send a proof of payment.

Following up, the payment is confirmed by the bank so it is approved… will send the proof of payment as soon as it is available. In the meantime, I have attached a screenshot from the bank system stating the payment is confirmed.

CFO: Thanks so much!

Accountant: I have just sent another PDF showing it went through.

CFO: OK thank you, very good.

CFO: Our team has confirmed payment is in and approved from our side.

What went wrong:

The deceptive email came from a cybercriminal inside XYZ’s system, only posing as the client’s CFO through a manipulated email domain (this example also includes Spoofing). The $160,000 wire transfer landed in the criminal’s private bank account.

The accountant realized the request was fraudulent through a phone call with the client’s true CFO on a phone call the next morning. Realizing XYZ got deceived, he scrambled to call the bank, but the transfer had already gone through, making recovery increasingly difficult; 48 hours later, the cybercriminal moved the funds and dispersed them across multiple crypto accounts, making them even harder to track. At this point, the accountant had reported the incident to their manager. Facing financial losses, the organization plans “to react swiftly to prevent possible business disruptions and limit further damage.” [3]

Mitigation Strategy:

  • Detection and research
  • Submission of claim to XYZ’s Funds Transfer Fraud insurer
  • Containment
  • Recovery
  • Communication
  • Post-incident analysis [4]
  • Improvements like Mutual Authentication

What is Spoofing, Phishing?

Spoofing: disguising an email address, sender name, phone number, or website URL—often just by changing one letter, symbol, or number—to convince victims they are interacting with a trusted source. [5] Criminals count on being able to manipulate victims into believing that these spoofed communications are real. Their goal is to lead victims “to download malicious software, send money, or disclose personal, financial, or other sensitive information.” [6]

Phishing schemes often use spoofing techniques to lure and get victims to take the bait. In a phishing scam, a victim may receive an email that appears to be from a legitimate business and is asking you to update or verify your personal information by replying to the email or visiting a website. The web address might look like one you have used before. The email may be convincing enough to get you to take the action requested. [7]

But once you click on that link, you are sent to a spoofed website that might look nearly identical to the real thing—like your bank or credit card site—and asked to enter sensitive information like passwords, credit card numbers, banking PINs, etc. These fake websites are used solely to steal your information. [8]

Scenario: Phishing

Threat: Data Exfiltration, Ransom

A long-time employee and recently promoted director, William, at an international wholesaler received a text from a friend and trusted co-worker, Nikita, on chat through WhatsApp messenger. Nikita is one of the owners at their company.

The text encouraged the employee to download and review an attachment linked in a text, to prepare for an upcoming assignment. The following chat messages explained the assignment:

Nikita: Hey! Are you available?

William: Hey, morning, yeah, I have some time now!

Nikita: I am just finishing a call with my lawyer. I need your help, currently engaged in an acquisition and working on securing an offer for the group. I am part of an NDA and so for compliance purposes all exchanges regarding this offer must be monitored here over WhatsApp until the official announcement. Can you please review? I want you to manage the deal.

William: Of course, I will do everything I can.

Nikita: Your support is much appreciated. Thanks

What went wrong:

Upon downloading the attachment, William instantly launched malware on his device. [9] He was messaging with a criminal, not Nikita. Within minutes, the malware program infiltrated several systems and “encrypted a wide range of sensitive data, including confidential customer information and financial records. From there, the cybercriminal responsible for sending the phishing email and deploying the malware program displayed a message on the employee’s device, explaining that they had compromised the organization’s data and would only restore this information via digital encryption key in exchange for a wire transfer of $1 million to a private bank account, with a payment deadline set for Friday.” [10] At this point, William reported the attack to his manager. “Facing the potential loss of critical data, the organization needed to react swiftly to minimize widespread operational disruptions and reduce the risk of severe reputational damage.” [11]

Mitigation Strategy

  • Containment
  • Eradication
  • Submission of claim to Cyber Insurer
  • Recovery
  • Communication
  • Post-incident analysis. [12]

References

[1]

Business Email Compromise. (n.d.). https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-scams-and-crimes/business-email-compromise

[2]

Arctic Wolf. (2024, May 21). The State of Cybersecurity: 2024 Trends Report. Arctic Wolf Networks. https://arcticwolf.com/resource/aw/the-state-of-cybersecurity-2024-trends-report

[3-4]

Cyber Incident Response Scenario – BEC SCAM. Zywave. (2024, May). https://content.zywave.com/

[5] – [8]

Spoofing and Phishing. (n.d.-b). https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-scams-and-crimes/spoofing-and-phishing

[9][12]

Cyber Incident Response Scenario – Ransomware Attack. Zywave. (2024, May). https://content.zywave.com/

What could the financial impact of a cyber loss event cost?

Published April 24, 2024 by Kyle Langan

Are smaller companies targeted with attacks?

Have you seen attempts at Funds Transfer Fraud, through phishing? Sinister sources send these attempts out frequently, and may be experienced the most by small businesses [1]. Weaker security measures are targeted, which is why lower sized operations could find themselves susceptible. [2] However, large entities, like Change Healthcare, are also targeted: “Large Scale Cyberattacks Disrupt Essential Substance Use and Mental Health Services.

How should an operation mitigate its cyber risk?

How can we help? The team at Conrey Insurance Brokers and Risk Managers specializes in risk transfer. This transfer offers protection for the recovery from tangible or intangible losses related to a security breach or similar event arising from digital risks. [3] Cyber insurance allows companies to resume normal business operations faster, minimizing the cost of recovery. [4] Although we are not technology experts, we can also assist with the mitigation of cyber risk and tech errors and omissions, as we are paid by the insurer to help you.

Ranked by expected severity

Cyber events could be categorized into the following sub-domains. [5] These all should follow a mitigation strategy:

Ransomware

Composite

Funds Transfer Fraud

Data Breach

Loss estimates (less than $25 MM Total Revenue):

 

“Data is from multiple sources, including Coalition’s own global data. Actual numbers may vary significantly from calculator estimates based on additional factors for a given business. The data provided is for informational and educational purposes only.”

References

[1, 2]

Rahmonbek, K. (2024, February 1). 35 alarming small business cybersecurity statistics for 2024. StrongDM. https://www.strongdm.com/blog/small-business-cyber-security-statistics

[3, 4, 5]

Cyber Insurance: Active Insurance & Cybersecurity. Coalition. (n.d.). https://www.coalitioninc.com/

 

Where does commercial auto exposure start and stop?

Kyle Langan, May 24, 2024

Navigating the Commercial Auto Risk Domain

Vehicles represent a nexus of risk for a business. Hazards include deliveries, client meetings, or simply the daily operation. The “ownership, maintenance, or use of vehicles creates liability loss exposures.” [1] To mitigate them, a business should optimize its strategies for titling and insuring vehicles. The goal is to transfer or finance risk arising from bodily injury or property damage perils.

Does your risk manager help your team identify and mitigate these liability loss exposures? Not understanding the technical side of Commercial Auto coverage can leave you exposed!

Components of Liability Coverage

How is coverage determined? Symbol 1 has the broadest type of liability coverage available; it applies to ‘Any Auto’ that is used for commercial purposes.

Hired autos (Symbol 8) refer to autos leased, hired, rented, or borrowed. However, “the term does not include any auto the named insured leases, hires, rents, or borrows from any of its employees, partners, limited liability members, or members of their households.” [2]

Non-owned autos (Symbol 9) “apply to vehicles owned by employees and used for company business.”  [3]

Symbols 8 and 9 usefully expand upon Symbol 7, which is for specifically described autos. This protection follows vehicles specifically named in the policy and for which a premium is charged. Operations may not need Symbol 1, and it may not be available in every situation. Symbols 7, 8, and 9 may adequately protect an entity for all relevant auto exposures.

Why would a business need coverage for more than specifically scheduled autos?  Non-ownership liability. Companies should seek protection for their liability stemming from employees’ operation of personal autos within the purpose of the employer’s business. For example, if an employee drives a personal vehicle for the purpose of company business, and hits another car, employers’ non-ownership liability coverage can help pay for the loss of the 3rd party’s property damage and potential bodily injury. If the 3rd party files suit for further damages later, this coverage can also help your company pay for those defense expenses. However, this protection is liability insurance for the entity; it will not pay for damages from an accident while employee drive for personal reasons that are not related to business. It is intended to cover liability damages, including settlements or judgments, attorney fees and other court costs that arise because of an auto accident for which you or an employee is responsible. The normal, daily commute to work in their personal auto is employees’ responsibility.

Lastly, executive officers may not carry personal auto insurance if he or she is furnished a company auto. In this situation, the commercial auto should include a “Drive Other Car” endorsement, so the individual named in the endorsement (including resident spouse) is driving a non-owned auto for personal use. [4]

Protecting Assets, increasing Cash Flow

How do you know if your current commercial auto insurance program is proper?  Why not utilize a seasoned risk manager to help you design an optimal, tailored strategy? Our team can help you achieve proper protection, while reducing costs and increasing your profits. Contact us today.

References

[1]

Survey of Commercial Insurance. The Institutes (April, 2018).

[2]

Hired automobile. IRMI. (n.d.). https://www.irmi.com/term/insurance-definitions/hired-automobile

[3]

Nonowned automobile. IRMI. (n.d.). https://www.irmi.com/term/insurance-definitions/nonowned-automobile

[4]

Drive other car endorsement (DOC). IRMI. (n.d.). https://www.irmi.com/term/insurance-definitions/drive-other-car-endorsement

What trends has the National Council of Nonprofits seen?

Challenges From Rising Yields

Higher yields could impact the cash flows of nonprofits that depend on loans or credit lines; because the cost of financing in the U.S. remains the highest since 2008, expense reduction becomes even more vital for nonprofits. [1]

Talent Competition, Shortage

“74.6% of respondents report job vacancies,” so the frequency of nonprofit job vacancy remains.” [2] By comparison, only 33% of private businesses had job vacancies at any time between August 2021 and September 2022, according to U.S. Department of Labor data.” [3]

The severity of the vacancy has pulled back since the 2021 survey reading of 76%, yet 33.8% of the responding nonprofits with vacancies reported 20% or more of their jobs were going unfilled. [4] Nearly another third 32.7% identified vacancy rates of between 10% and 19%. [5]

The root cause lies in the challenge to provide “competitive salaries and benefits, then “they may lose employees and candidates to higher-paying jobs in the for-profit sector.” [6]

Goal: Minimize Costs, Survival and Success

An intelligent insurance broker may have the capability to reduce operational expenses through data analytics, risk management, and insurance.

References

[1]–[6]

2023 Nonprofit Workforce Survey Results. Communities Suffer as the Nonprofit Workforce Shortage Crisis Continues (April, 2023). https://www.councilofnonprofits.org/files/media/documents/2023/2023-nonprofit-workforce-survey-results.pdf

 

How is Commercial General Liability Premium Exposure Rated?

What are the rating and premium basis options for Commercial General Liability exposure? Which cost basis provides the most favorable outcome for your risk management and insurance contracts?

  • (S) GROSS SALES
    • Exposure Rated per $1,000/Total Revenue
  • (A) AREA
    • Exposure Rated per 1,000/Sq. Ft. of space
  • (M) ADMISSIONS
    • Exposure Rated per 1,000/ADM
  • (P) PAYROLL
    • Exposure Rated per $1,000/Annual Payroll
  • (C) TOTAL COST
    • Exposure Rated per $1,000/Total Expenses
  • (U) UNIT
    • Exposure Rated per unit
  • (T) OTHER

Source: ACORD 126 (2016/09)

Directors and Officers: An Overlooked Exposure?

Edited February 6th, 2024 (Originally created November, 2019, by Kyle Langan)

Case: Elon Musk and Tesla vs. SEC

In August 2018, “Musk tweeted that he had funding secured for a plan to take Tesla private [traded publicly since 2010]. It turned out that was not entirely true — something the SEC objected to, given that Musk was the CEO and chair of a publicly traded company” (Marshall). The agency sued, and penalties included “$20 million fines for both Musk and Tesla, Musk stepping down as chairperson for at least three years (though would remain CEO), and Tesla would have its lawyers ‘pre-approve’ any of its execs’ written communications ‘that contain, or reasonably could contain, information material to the company or its shareholders’” (Marshall). The sanctions uncover unique risks for public companies that require well thought-out loss control and prevention techniques in order to limit exposure to these risks. Although Musk is a genius, he failed one of his primary duties and gravely overlooked the possible repercussions of his statements as a director and officer of Tesla. His failure resulted from inadequate risk management for the loss exposures in the actions and words of an officer at a large public company.

Shannon Tornoe says the “primary duty in the responsibility of managing a company is to always act within the best interest of the company and accurately represent key financials.” Musk’s duty is to protect his company as an officer; showcasing a loud virtual mouth on social media is within the scope of this duty and he is solely responsible for being aware of avoiding this. In addition, Musk faced harsh backlash from the public and numerous lawsuits from investors. The vital takeaway from Musk’s mistakes is the high level of risk when insuring actions of Directors and Officers (D&O). Despite the need to protect against severe litigation, coverage for D&O can easily be overlooked by risk management teams in large public companies because they are not correctly evaluating loss exposures. Executives represent their companies to the public at all times because stocks fluctuate based on what they say. The SEC enforces high control and oversight over publicly traded companies. As a result of this regulation, they can be sued over anything; high risk exposures exist if companies lack cautious and proactive loss control systems with liability policies. D&O exposure is a dynamic risk with the ever-changing landscape of technology, social media and news outlets. Investors in public companies “make decisions based on what key executives say and that information can be shared as quickly as a tweet” (Tornoe). News spreads rapidly and can sometimes be shared in a negative light. To offset this, risk management departments, or the representing brokers must complete proper research of exposures the company may face and practice adequate loss control techniques. Tornoe thinks “Musk failed in his legal duties when [a director/officer] joins the board of a company. Duty of loyalty and duty of care are significant.” Musk did not act within the best interest of Tesla nor did he accurately represent financials. Tesla had loss control measures in place with D&O coverage policies paying for penalties as a result, but proactive loss prevention programs teaching risks of not maintaining accuracy or acting within the best interest of Tesla would have aided their officers significantly. Tornoe also says “accuracy is key. Twitter and other public social media platforms are not casual backyard barbeque talk; if directors and officers are not clear on this fact, they are misunderstanding the responsibility of their roles.” The risks of having everything executives do and say under watch could be a reason a company chooses not to go public. Tornoe’s CCIB policies have proactive loss control/prevention measures in place such as quiet periods for 48 hours until earnings releases (directors and officers have to watch what they say about financials) in order to limit and control the risks of losses.

Case: Quintus, Unify, and Legato vs. SEC

Tornoe’s extensive knowledge of D&O coverage also recalls a 2002 SEC case that brought financial fraud charges against executives at three publicly traded northern California Software Companies: Quintus, Unify, and Legato (n.d.SEC). Some officers were arrested and charged with crimes for materially misrepresenting their companies; bankruptcies and massive lawsuits followed. D&O liability coverages in place defended officers, but proven guilt for any crimes would cease coverage and officers would be uninsured (Severability is key: coverage ends if the officers are proven in court to be crooks. This clause separates the good people from the bad). Many individuals claimed they were owed money, but the policy wording made clear that the company’s insurance for D&O payed settlements to individuals first and the company second. Insurance was vital because it was covering expensive defense cases; this makes the importance of policy wording extremely clear. In the case of disasters, policies need to adapt to pay out settlements in the best way possible. Order of payments in any policy is vital but it is another exposure overlooked by directors and officers in many companies.

Case: Boeing 737 Max jetliner crashes

10.29.18: Lion Air flight crash kills 189 people after takeoff in Indonesia, 3.10.19: Ethiopian Airlines Flight 302 crash kills 157 people shortly after takeoff in Addis Ababa (Chicago Tribune).

Lastly, Tornoe cited catastrophes caused by Boeing crashes and struggles with automatic safety systems pushing planes’ noses down during the 2018 development of 737 models. Two different planes nosedived and killed all on board in both crashes. Lots of controversy ensued over whether or not the officers of Boeing knew anything or not. Lawsuits and scrutiny followed these catastrophes as they always do (ultimately CEO Dennis Muilenburg lost chairman post on 10.14.19) and many questions were asked: Did the CEO know there were clear defects in the aircrafts? How or why did he keep selling the planes? It shows extreme ignorance if he didn’t know and it would be a failure of his primary duty. His head was deservingly on a platter for the public; it is his duty to know better. This case demonstrates the need for key executives to improve and inculcate loss exposure management proactively and intensely. Boeing’s problems resulted from a loose culture that did not put nearly enough stress into managing potential catastrophes.

Interview with Joseph Brennan

For a close look onto the reverse side of Directors and Officers, Joseph Brennan, can provide valuable insight. Mr. Brennan is the Global Chief Risk Officer at Vanguard. “He is responsible for the firm’s current enterprise risk management organization in addition to all facets of enterprise security and investment risk management” (n.d.V). He has been in this role for over a year now, and he is an officer on Vanguard’s Board of Directors. Brennan says this is a position “where your decisions get scrutinized, and risks come with every decision. However, value doesn’t come without taking risk. We cannot manage everything because of so many moving parts, but we are still ultimately responsible.” Large public companies need a culture that will get them almost all the way there. Brennan believes the best method of control over these exposures is great ethics and an enforced culture that limits risky behavior. These exposures occur more often in looser cultures, so that is why ethics should be at the front of directors’ and officers’ minds. Sound operation and compliance with tight procedures also prove critical. Tesla, Quintus, and Boeing – here are your solutions! Set the tone by doing the right thing, then a lower frequency and severity of losses will follow. Litigious people in our world love hunting big targets; therefore, it makes sense to have viable coverage in a role like Brennan’s. He’s dealt with nothing internally at Vanguard, but he’s seen many different companies use D&O coverage all the time.

Beyond enforcing a stable culture, Brennan utilizes lots of different types of coverage to combat strategic risk, fraud, cyber risk and various more that he manages for his team of 850 employees. His coverage financing ranges from Vanguard’s reserves, insurers underwriting Vanguard, self-insurance, to captives with associations such as Investment Company Institute. This diverse set of insurance methods displays Brennan’s ability to adequately assess risks proactively and with a purpose. Although many directors and officers in public companies do in fact overlook the risks they face, Mr. Brennan is a perfect example of an officer taking the necessary steps to manage the often-underestimated loss exposures of a large organization.

Conclusion:

Do directors and officers of public companies face too much pressure or scrutiny? Mr. Brennan asserted that “the rules are pretty clear. The SEC has made them very clear actually… we are no longer in the 1970s or 80s, so we can look up what can and can’t be done.” When disaster strikes, it is meaningless whether key executives were oblivious to exposures or did know of exposures and didn’t care to act. The result will be undesirable both ways because they either didn’t know what was happening or neglected it; this causes damaged parties to pursue litigation. Brennan stated “it’s not a pressure. It’s pretty easy for [Vanguard] officers to deal with the things happening. These exposures usually stem from ignorance or poor choice.” Brennan is obviously not one of the officers in a public company ignoring the importance of proper exposure control for public companies, but he still acknowledges the dangerous level of risk that comes with high-profile key executives.

Works Cited

Chicago Tribune. (2019, October 14). Timeline: Boeing 737 Max jetliner crashes and aftermath. Retrieved

November 14, 2019, from https://www.chicagotribune.com/business/ct-biz-viz-boeing-737-max-crash-timeline-04022019-story.html.

Marshall, A. (2019, March 19). SEC: Elon Musk Fully Ignored a Key Term of Settlement. Retrieved

November 14, 2019, from https://www.wired.com/story/elon-musk-tesla-sec-lawsuit-twitter-court-filing/.

(n.d.SEC). Retrieved from https://www.sec.gov/news/press/2002-71.htm.

(n.d.V). Retrieved from https://institutional.vanguard.com/web/c1/our-experts/.

 

Contacts:

Shannon Tornoe – Coast to Coast Insurance Brokers (Owner)

Joseph Brennan – Vanguard (Global CRO)

Strategies that may help limit rising property insurance cost

Edited January 30th, 2024

The acquisition of adequate property policies remains expensive and complex. [1] Many insurers have “struggled to maintain profits in recent years, leading to increased premiums and even withdrawals from certain markets, such as Florida and California.” [2] For consumers, “understanding how its factors can affect homeowners is crucial for accurately assessing and addressing coverage needs.” [3]

Failing to carry an adequate policy could leave even the most responsible and diligent homeowners without the capacity to repair or rebuild their homes or otherwise manage the aftermath of a loss. [4]

Strategies for securing affordable property insurance:

1. Weather protection — “This may include upgrading a roof, installing storm shutters, trimming or removing trees and brush, and making use of nonflammable building materials.” [5]

2. Security upgrades — “By protecting their property from potential criminal acts, homeowners may also be able to reduce their perceived risk levels and access lower coverage costs. Installing smart technology, such as water leak detection systems, fire alarms and security cameras, could help lower premiums.” [6]

3. Tailor protections — “For example, increasing a policy’s deductible may reduce regular payments, although homeowners will need to pay more out of pocket in response to covered incidents before submitting a claim for financial aid.” [7]

4. Arbitrage — “Many homeowners can garner lower overall insurance costs by purchasing multiple types of coverage from the same insurance carrier. For example, an insured may package property, auto, and liability together. In addition, bundling policies may make it less likely for an insurance company to decline renewal or cancel policies in response to claims.” [8]

5. Discount possibilities — “There may be several ways to qualify for homeowners insurance discounts. Many insurance companies may offer lower rates if a homeowner has not filed a claim against their policy for a certain amount of time (three to five years). In addition, retired people, military personnel and members of various organizations and associations may be eligible for reduced premiums.” [9]

6. Credit score — Underwriters may use credit scores as an important factor; “keeping up with bills, limiting debts and balances, and maintaining a diverse credit portfolio, homeowners may enjoy lower premiums.” [10]

“Often, increases over a certain threshold are subject to government approval. Bureaucracy can slow the rate increase process, meaning insurers may be unable to charge an appropriate price for coverage. This may seem like good news to consumers, but it can actually lead to more issues—namely, scarcity of insurance options and higher prices for more limited coverage. Insurance companies are legally required to remain solvent. If they risk losing profitability, they may limit the scope of their coverage or withdraw from an area entirely. This is the cause behind a lack of affordable insurance options.” [11]

References:

2024 Zywave, Inc. (2024). 2024 Homeowners Insurance Market Outlook. Zywave. cms.zywave.com

Higher Exposures and Shrinking Risk Appetite

Edited December 22nd, 2023 by Kyle Langan

Exposure Growth and Global Reinsurance Capital: 2022 Results

After Hurricane Ian, traditional and alternative capital declined by around 20-25% at 2022’s close, compared to 2021’s close. [1] After adjusting for the interest rate impact of mark-to-market losses on fixed income securities, Swiss Re estimated a “decline in capital of around 5%. [2] However, exposures – proxied by GDP – continue to rise fast. [3] This has created a gap between supply and demand.” [4] Exposure refers to the “state of being subject to loss because of some hazard or contingency.” [5]

With these conditions, what is the impact on the insurance market?

“Higher exposures and shrinking risk appetite typically result in rising prices, higher retentions and tighter terms and conditions.” [6] The prospect of still-elevated catastrophe losses and constrained capacity come as geopolitical, economic and environmental uncertainties remain omnipresent.” [7] Analysts may downgrade financial ratings, like Scottsdale Insurance Company, which A.M. Best lowered to ‘A’ on December 7, 2023. [8]

Tail risk from infectious diseases should remain a risk management priority; a lurking systemic cyber event with destructive potential is another tail exposure to monitor. [9]

Capital (GAAP Reporting)

2021 = 116.3

2022 = 96.6

Decrease = 17%

Capital (Solvency Reporting)

2021 = 113

2022 = 108.1

Decrease = 4.3%

Exposure (~GDP)

2021 = 112.2

2022 = 122.1

Increase = 8.8%

Source: AM Best, Swiss Re Institute

References

[1-4]; [6-7] Continued high losses from natural catastrophes in 2022: Swiss re. Continued high losses from natural catastrophes in 2022 | Swiss Re. (2023, November 14). https://www.swissre.com/institute/research/sigma-research/sigma-2023-01/5-charts-losses-natural-catastrophes.html

[5] Exposure. IRMI. (n.d.). https://www.irmi.com/term/insurance-definitions/exposure#:~:text=Exposure%20refers%20to%20the%20state,of%20some%20hazard%20or%20contingency.

[8] Scottsdale Insurance Company – Ratings.ambest.com. (2023, December). https://ratings.ambest.com/disclosurepdf.aspx?ambnum=3292

[9] Cirillo, P., & Taleb, N. N. (2020, May 25). Tail risk of contagious diseases. Nature News. https://www.nature.com/articles/s41567-020-0921-x

Why Older Driver Safety Awareness Week Matters

December 4-8, 2023 is Older Driver Safety Awareness Week. It serves as a critical reminder of the importance of road safety for our aging population (NHTSA).

With longer life expectancies, older adults are more likely to continue driving into their 70s, 80s and beyond. Recognizing challenges such as slower reaction times and medical conditions is crucial to ensuring road safety (NHTSA).

Factors like increased vehicle ownership increase the difficulty to navigate complex traffic situations (NHTSA). Decisions about your ability to drive should never be based on age alone; however, changes in vision, physical fitness and reflexes may cause safety concerns. By accurately assessing age-related changes, you can adjust your driving habits to remain safe on the road (NHTSA).

Resources:

Driving Safely While Aging Gracefully is a resource developed by the USAA Educational Foundation, AARP and NHTSA to help you recognize warning signs and pick up useful tips on what you can do to remain a safe driver.

How to adapt a motor vehicle to accommodate the unique needs of an older driver and discussing it with your loved one.

 Find out whether your state defines “Older Drivers” at a certain age, and what that means for driver’s license renewal and restrictions, including tests: KEY PROVISIONS OF STATE LAWS PERTAINING TO DRIVER LICENSING REQUIREMENTS 

 how medical conditions can impact your ability to drive safely

References

Keeping our older drivers safe on the road. NHTSA. (n.d.-a). https://www.nhtsa.gov/older-drivers/keeping-our-older-drivers-safe-road

Older drivers. NHTSA. (n.d.). https://www.nhtsa.gov/road-safety/older-drivers

 

Strategies for Employment Practices Risk Mitigation

Edited November 30th, 2023 by Kyle Langan

Accommodation and avoidance of adversarial relationships

In the event of a complaint filed against an employer alleging wrongful termination, what are employers’ options to finance this loss? The matter may resolve at mediation, where a settlement is negotiated.  Still, wrongful termination is difficult to resolve in low financial ranges, with many above $120,000.  Improper documentation can act as a hazard for employers. A contemporaneous method of documentation and compliance, along with adversarial avoidance are best practices for employment practices risk mitigation. Accommodation is a key strength for avoiding litigated claims, for which the “average jury award is about $250,000; if a case settles, the judgment averages $75,000. And the cost of defense averages about $120,000 per claim. If a business loses its case, it must also pay for the claimant’s legal fees – averaging $200,000” (the Hartford). Luckily, Employment Practices Liability Insurance exists for employers to strategically transfer this risk to an insurance carrier.

Scenarios:

  • Elk Grove, California: Chevy dealership settled a religious discrimination lawsuit against an employee. The dealership failed to accommodate the employee, who was instead harassed, disciplined, and discharged. The settlement = $158,000 loss for the employer (US EEOC, 2013).
  • Tulsa, Oklahoma: a woman won an age discrimination dispute after she was fired, and the CEO characterized her as old and ugly. The settlement = $140,000 loss for the employer (US EEOC, 2013).

If an event caused a suit like one of these to arrive, how would a company finance it? What are the best ways to avoid them arriving in the first place? For help, the author can be reached at kylel@conreyins.com.

References

EPL Insurance: Risks and Exposures scenarios | the Hartford. (n.d.). https://www.thehartford.com/business-insurance/strategy/epli/risks-exposures-scenarios

Kanbar property management to pay $140,000 to settle Eeoc Age Discrimination Lawsuit. US EEOC. (2013, September 6). https://www.eeoc.gov/newsroom/kanbar-property-management-pay-140000-settle-eeoc-age-discrimination-lawsuit

Maita Chevrolet settles EEOC Religious Discrimination Suit. US EEOC. (2013, September 27). https://www.eeoc.gov/newsroom/maita-chevrolet-settles-eeoc-religious-discrimination-suit

COPYRIGHT © CONREY INSURANCE BROKERS & RISK MANAGERS, INC. 2019. ALL RIGHTS RESERVED.