Commercial Crime Insurance Guide
Matt McKenna
Underwriting Manager
Underwriting Manager
With 84% of investigated fraud cases spanning multiple industries, no one sector is exempt from financial crime. Keep in mind; these outlaws aren’t masked bandits robbing a dusty train freighting gold bars. Instead, they’re lounging comfortably in their own homes.
It’s no small task to keep up with the aggressive tactics and innovative technology many cybercriminals employ. From international gangs to crime syndicates to terrorist groups, the risk for economic offenses has dramatically increased.
IBM’s financial crime and fraud statistics are astounding…but not at all in a positive way.
Protecting your brand, customer confidence, and profits is a crucial part of any modern-day operation. For this reason, here’s everything you need to know about commercial crime insurance.
Gone are the days where thieves opted to sort through your dumpster in search of vital information. Nowadays, bad actors give fraudulent transfer information directly to employees. Mainly, criminals use stolen information to steal money.
Although such a simple scheme might seem obvious on paper, it’s a highly effective tactic used by plenty of scammers.
Crime insurance is fundamentally designed to cover money theft. Because fraud comes in various shapes and sizes, commercial crime insurance covers numerous situations, including:
As mentioned, financial crime can occur in a variety of complicated ways. For the sake of pride, we’d be thrilled to declare that no two scams are alike—except they are. Many similarities exist between scams, schemes, and other tactics.
Crime complexities might offer comfort to those who’ve “fallen” in the past. Knowing the basics of commercial crime, however, is critical to the success of your business. After all, no one wants to fall prey to criminal activity. Here are a few popular tactics in a criminal’s ultimate playbook.
Unlike a traditional (and simple) con, social engineering is where crime and cyber intersect. This particular fraud scheme involves more complex steps than many other types of illegal activity.
People are often exploited to gain system access or other vital information useful to carry out the crime.
Phishing also falls under the umbrella of social engineering. Plus, it’s a tactic you’ve probably seen in real-life hundreds of times. Phishing occurs when a criminal sends an email from what looks to be a valid business. The email typically requests sensitive information, and many employees comply to “fix an urgent problem.”
Social engineering could even be as blatant as a criminal pretending to be an authority figure (i.e., sending an email as the CEO after hacking their account). Doling out urgent instructions, employees often fail to question the validity of the email’s content.
It’s no surprise that organized crime and shoplifting takes the blame for much of inventory shrinkage. Up to 30% of inventory loss, though, is due to internal employee theft, or otherwise known as asset misappropriation.
Some of the most common types of employee theft include:
Although employee theft is often as simple as taking cash from the cash register, it could become far more complicated than that.
To name a few examples, employees could funnel funds through fraudulent accounts, forge signatures, launch billing schemes, or inflate expense reports. Another concerning strategy is for an employee to release confidential business information to a competitor.
Despite it frequently making headlines, cyber crime is anything but harmless. Plus, the number of records stolen doesn’t dictate the amount of damage a data breach can cause. In one instance, a single stolen file was reported to cost $1.5M – $2M in damages.
Fortune 500 companies aren’t the only ones impacted by data breaches. Criminals actually prefer to target small and mid-market companies with less robust cybersecurity programs.. With that said, the average breach cost is well over $500K with financial services and retail taking the brunt of the blow. Furthermore, the legal fees for defense and settlement could quickly skyrocket into the millions.
Hackers and malware cause significant loss—ransomware making the biggest dent. Unfortunately, ransomware tricks many unsuspecting victims because it appears as a legitimate file. Sometimes, the malware doesn’t even need interaction to travel between computers.
As with most insurance policies, commercial crime insurance isn’t merely a catch-all policy. Exclusions do exist, and it’s crucial to know what crime insurance won’t cover.
For example, crime insurance won’t cover:
Remember, social engineering describes situations where criminals often pretend to be executives to gain access to private business information. When an executive does commit a crime, however, the act falls outside of coverage.
As imagined, indirect loss or loss that can’t be traced back to a specific crime isn’t covered either.
Furthermore, commercial crime insurance may cover the following, but you’ll need the right enhancements compared to a typical policy:
Nowadays, underwriters often have a difficult time determining risk regarding crime insurance, and therefore pricing, in some regions. Mostly, this trend is because of the sophisticated crimes committed in areas formerly categorized as “good risk” zones.
For example, the overall crime rate could be low in a region and yet, mounds of cyber crime occurring “under the radar” bumps up the risk level.
As mentioned, one stolen file could cost a company millions of dollars. And, most business policies don’t cover crime-related losses. Many companies opt to add coverage to one of their existing policies as standalone crime insurance is pricier.
Although plenty of factors contribute to your final number, some elements that may impact your commercial crime insurance premium include:
It’s safe to say that the criminal landscape is rapidly changing, becoming more sophisticated and harder to fight. Companies are tightening up defenses to battle complex cyber threats. It’s a good thing, too! Tactics such as phishing are becoming more prevalent daily.
Criminals are now scouting companies with fractured processes and technology. If your company lacks enhanced IT, you’re a flashing light to criminals, as well. By 2021, cybercrime is estimated to cost the world $6T in damages.
Small businesses are frequently in the crosshairs of criminals. Mainly, cybercriminals target small businesses because of the organization’s culture. In other words, the companies don’t believe cybercriminals will target them. Or, they fail to provide their employees with cybersecurity training.
In light of the stark facts surrounding commercial crime, it’s vital to arm your business with a broad enough policy to cover any criminal attack. Founder Shield specializes in knowing the risks your operation faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll help you find the right policy for you.
Want to know more about commercial criminal insurance? Talk to us! You can contact us at info@foundershield.com or create an account here to get started on a quote.
Canadian tech companies face unique exposures — but tech E&O insurance helps to mitigate risks. Here’s what you should know.
Canadian tech companies face a slew of challenges — but five primary E&O and Cyber claims stick out. Here’s a look at these themes.
A cyberattack could devastate your fast-growing business quickly. With cybersecurity a real concern, here’s how to protect your mid-market business from a data breach.
In the context of e-scooter safety, we’ve teamed with ACTON to identify and mitigate the most significant risks operators face today.
PCI DSS compliance and cyber liability can seem confusing, but we break it down for you so you can keep your business booming.
California is well-known for spearheading fresh trends, innovative ideas, and game-changing regulations. It’s no surprise that the California Consumer Privacy Act (CCPA) originated in The Golden State.