CalSurance Associates Blog

CalSurance Associates Blog

Friday, September 1, 2017

How to Protect Your Agency or Firm Against Cyber Attacks

The losses resulting from cyber-attacks run into millions of dollars. What’s even more shocking is that nearly 60 percent of small businesses have to permanently close their doors after enduring a cyber-attack. In today’s world where businesses have a big online presence, it’s hard to escape cyber security threats. While threats of a very serious nature do exist, companies can take a few measures to block attacks and mitigate their risks.

Easy Ways to Protect Your Agency from Hackers:

Know Your Risks
As the frequency and scale of data breaches grow, you can’t go without having a plan of counterattack. You need to assess your risks, identify points of weakness in your system, and be aware of the latest cyber threats that are affecting businesses worldwide. It’s important to mitigate your risks and protect your networks by switching to encrypted e-mail providers and using full-disk encryption tools.

Keep Updating Your Software
Most business owners can’t fully control company computers. To curb threats, it’s important to download and update spyware and anti-virus software. Patch management is equally essential. It ensures that each and every computer remains updated with the latest patch releases from OS and application vendors.

Penetration Testing and Website Monitoring
Once you’ve completed all your preliminary measures, run vulnerability and penetration tests on your system to determine how strong they are. Vulnerability scanners protect your software throughout its lifecycle. They identify threats and help you prevent attacks.

Secure Your Hardware
Despite taking all necessary precautions, companies can still succumb to security threats when thieves walk away with electronic equipment. It’s important to secure server rooms and USB drives so your sensitive data doesn’t end up in the wrong hands. Go one step further and backup in the cloud. That way, even if your hardware is destroyed due to fires or other incidents, you’ll have the chance to access your data and resume operations without delay.

Be Prepared to Counter Attack
Make sure you have an incident management team ready to handle breaches. If you haven’t employed data breach specialists, consult a security firm to protect your company. Incident management teams are familiar with compromised systems. They know how to coordinate the recovery process and mitigate further risks.

Employee Training
Small mistakes often lead to big problems. To ensure there aren’t any loopholes in your online system, train your employees and encourage them to undertake preventive measures to block attacks. Employees must know how to handle sensitive data. They need to understand how they can easily become victims of fraud, phishing attacks, and ransomware. Make sure all employees attend security practices training at least once or twice a year.

Purchase Cyber Liability Insurance
Since data breaches have a crippling effect on most organizations, it pays to have a good cyber liability insurance policy in place. Make sure your policy is ideal for your particular company and its unique risks. Cyber liability insurance doesn’t stop malicious attacks, but it covers the hefty cost of breaches and data theft.

Now more than ever, data breaches have become a pressing issue. Without comprehensive cyber liability coverage in place, businesses risk losing everything. Cyber liability insurance covers the cost of forensics investigations, monetary losses experienced because of network downtimes, the cost of managing a crisis, legal expenses, and the cost of credit monitoring.
These are some of the most commonly reimbursed expenses. Policies can also be tailored to offer additional coverage.

Today, cyber security is a real threat to businesses of all sizes. Companies, therefore, need to invest in cybersecurity infrastructure to stay ahead of those that threaten organizations.

All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.

Tuesday, August 1, 2017

5 Tips to Prevent Errors & Omissions for Your Registered Investment Advisor (RIA) Firm

Registered Investment Advisors, or RIAs, are in the business of helping their clients take appropriate risks in order to enjoy the rewards that investing can provide. By comparing the risk with the potential reward of a given investment and aligning that with a client’s investment objectives, RIAs help to grow and manage their clients’ wealth.

When you take a risk, there is always the possibility that things will not turn out as planned. In addition, everybody makes mistakes. This is why it’s important for RIAs to take steps to prevent errors (things you did that you shouldn’t have) and omissions (things you should have done that you didn’t). These five tips can help.

1. Understand your clients. Doing a thorough fact find before you make a single recommendation is critical. Collect as much information as you possibly can about their current situation and what they hope to accomplish, and document everything you find. Providing your client with a written summary of what they’ve told you and asking them to sign it will prevent many claims.

2. Do your due diligence. Before you make a recommendation to a client, make sure you understand the risks of the investment so you can explain them to the client. Then, make sure the client understands all risks involved by asking your client to explain them to you.

3. Document everything. Often, you will find that a client does not remember everything that was discussed at a meeting, particularly the parts they don’t really want to hear. In many cases, you will find that simply reviewing your notes from the meeting with the client will show them that you did, in fact, explain that alternative investments are riskier than money market funds, or that their IRA that’s invested in mutual funds will not grow as fast as the S&P 500.

4. Keep an eye on your technology. RIAs are as vulnerable to data breaches as any other organization. If your computer system is hacked, you could be liable for costs associated with any theft of personally identifiable information. Even if your data is compromised unintentionally and your clients don’t suffer any financial loss, you may be required to provide credit monitoring.

5. Address any complaints immediately. By talking openly with an unhappy client, you may be able to avoid having to go through regulatory channels to resolve the complaint. If you ignore a client complaint, you can be sure they will escalate the matter to the point where it becomes a legal or regulatory issue.

The regulatory landscape for RIAs is becoming more and more demanding, and clients know this. They know that they have the right and the ability to take action if they feel they have been treated unfairly. By maintaining good client relationships, ensuring transparency in all your dealings, and addressing any issues that clients raise promptly, you may be able to prevent your business from being the target of an E&O claim. Sometimes, however, no matter how diligent you are, you may find yourself the subject of a claim. Be sure that you’re adequately insured.

Regulatory requirements do not always indicate that RIAs need E&O insurance. However, any RIA who doesn’t maintain it is playing with fire. Some RIAs will try to do a cost benefit analysis to justify the premium. But taking the total amount that all RIAs pay in claims and dividing by the number of firms is flawed logic. You need to protect yourself against the largest claim, not the average claim, in order to avoid a catastrophic loss.

Preventing a claim in the first place is always preferable from having to defend yourself against one. But if you do find that someone has made a claim against you, having insurance to fall back on will give you peace of mind.


All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied. 

Saturday, July 1, 2017

The Challenges of Multi-Cultural Clients

Dealing with the differing cultures in our communities provides great opportunities for the insurance agent, but presents a number of dangers from an E&O perspective. Insurance carrier studies have confirmed that the vast majority of claims against agents result from either a lack of communication or misunderstanding between the agent and the client. The potential liability exposure related to miscommunication is exacerbated if a language barrier exists.
The primary goal for an agent in such situations is to find a means to effectively communicate with his customer in order to understand their insurance exposures, what coverage they are requesting, and make certain that they understand both the product and the process. Just as in any other client communication, documentation is extremely important.

It is preferable that all written material be in English to avoid potential misunderstanding related to differences in dialects within a language. Many agencies doing business in ethnically diverse areas maintain multi lingual staff to assist in communicating with members of those ethnic groups prevalent in the community. In other situations the customer maybe encouraged to enlist an English speaking adult friend or relative to act as a translator to aid in ensuring that both agent and customer clearly understand the issues and answers. Non-English speakers as well as interpreters may have particular difficulty understanding terminology unique to the insurance industry and the agent must take the necessary time to explain the process, application questions and coverages, and look for any signs that either the customer or the interpreter is confused or does not understand the information being conveyed or requested.

Using an interpreter can be extremely helpful in asking those questions necessary to ascertaining the coverages required and obtaining answers to the application questions. However, the application itself should always be completed by agency staff. The customer, through the interpreter, should then be asked to review the application to ensure that the information supplied has been correctly entered. Contact information for the interpreter should be maintained in the client file to help in resolving any issues that come up during the client relationship.  Always document the items discussed with the client through the interpreter.
Taking the time to implement the steps outlined above will help mitigate the potential E&O exposures and maximizing the potential benefits of establishing a multi-cultural agency.


All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.

Thursday, June 1, 2017

E&O Prevention

Take a look at the below claim scenario to see how you may prevent errors & omissions while conducting business:

Claim scenario: A restaurant and bar owner asked his agent to replace his liability insurance coverage which was being non-renewed by its current carrier. The agent located a market and replaced the coverage for the insured. Unbeknownst to the agent, the policy that he placed contained an assault and battery exclusion. The insured’s prior policy did not contain such an exclusion but the agent never requested a copy of the policy. The insured requested that the agent get the same or better coverage than the expiring coverage provided. The agent represented that the replacement coverage matched the prior coverage but he never reviewed the policy and never pointed out this exclusion. Later that year, the insured’s bartender was involved in a physical altercation with a patron. The patron was injured by the bartender and, as a result, the insured was sued over the incident. When the insured reported the claim, it was denied based on the assault and battery exclusion on the policy. As a result, the insured was surprised to learn there was no coverage for this claim and thus brought a claim against his agent for failing to provide adequate coverage.

Loss prevention tip: When a client requests the “same” coverage as his or her current policy, be sure to thoroughly review the current policy and ensure that the replacement coverage adequately matches the coverage being asked for by the client.


All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.

Monday, May 1, 2017

Your Files Can Help - or Hurt

Will your files help you or hurt you when it comes to E&O? Take a look at the below claim scenario and risk management tip to learn how you may protect yourself with regards to your files.

Claim Scenario: An agency's customer claimed the agency had committed an error in handling his insurance and retained an attorney who subpoenaed "any and all" of the agency's customer files for review. The attorney's goal was to determine whether there were discrepancies in the manner in which the agency handled their client's insurance needs. The agency had no written procedures regarding file handling or business processing, and no formal internal quality control or auditing program to monitor adherence to such procedures. Without formal procedures in place the agency was unable to effectively object to the breadth of the subpoena, resulting in over 1000 customer files being turned over to the claimant's attorney. After reviewing and comparing those files to the claimant's, the attorney discovered multiple inconsistencies in file documentation including the manner in which coverages were offered, written, and documented. As a result he was able to present a compelling case that the agency had discriminated against and breached its duty to the client at trial, resulting in a large adverse verdict against the agent.

Risk Management Tip: Your agency's file documentation is often its first and best line of defense in the event of a claim. This loss could have been avoided had the agency developed, implemented and monitored an internal quality control (QC) program including office procedures regarding documentation of the processing of business. QC Procedures should cover subjects including binders and certificates of insurance, records management and disposal, telephone, claims handling, mail and e-mail, and cash management to name a few. Your quality control program should also include standardized form letters  and in-house forms regularly used by the agency. Even with such procedures in place, the agency must be able to prove that they are followed consistently by all employees and that compliance is monitored on a regular basis.

A formal quality control program including a written office procedure manual should be one of the cornerstones of your agency's risk management program.

All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.


Monday, April 3, 2017

Premium Financing Woes

Claim Scenario:

John and Jane Doe, an extremely wealthy couple, met with their insurance agent who advised that $10 million in life insurance coverage would be appropriate given their financial status and estate planning needs. He recommended a whole life policy that earned dividends and accumulated cash value. Given the couple's age and health concerns, annual premiums for the policy were determined to be approximately $275,000.When the Does advised the agent that they were unable to pay the premiums out of pocket and unwilling to liquidate substantial portions of their investment portfolio to do so he recommended premium financing. Under the plan he outlined for the Does, premiums for the first few years could be borrowed, with future premiums paid by accumulated cash values of the policy. The agent backed up his recommendation with a professional presentation provided by the premium financing company, and the Does agreed to finance the premiums for the first five years of the policy.

Five years later the Does, having incurred loans of over $1.6 million plus interest, discovered that the policy's earned dividends were insufficient to pay the premiums on an ongoing basis, and filed claims against the agent, the carrier, and the financing company. Although the agent responded that he had not guaranteed any level of accumulated cash value or that it would be sufficient to pay premiums after five years he was able to produce no written documentation other than e-mails characterizing the financing scheme as "solid" and "extremely reliable".
Risk Management Tips:

Claims related to premium financing generally involve relatively large amounts as the involved policies have high limits and premiums to match. In many cases collateral is aggressively sought by the financing company and often ultimately lost. Given the foregoing, full disclosure of the risks and mechanics of the transaction must be made to the client and comprehensive documentation provided and maintained by the agent. Agents should consider requesting involvement of the client's own legal counsel to ensure that the financing structure is proper and understood by the clients. Doing so will provide additional protection to the agent in the event of a claim. Bear in mind that in many jurisdictions promoting premium financing may be considered as creating a special or fiduciary relationship with the client which may in turn serve to elevate the agent’s professional standard of care and disclosure.

All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.


Thursday, March 2, 2017

Beware Ransomware

Ransomware is malware that denies users access to their own device. It is increasingly showing up on mobile devices. Mobile ransomware infects the victim's phone by blocking access to apps while displaying a message explaining how to pay the demanded ransom. Various forms can lock the keys and replace the home screen with fraudulent official warnings which state that the ransomware recipient broke the law by visiting illegal websites. The ransomware shows screenshots from the illegal website and the user's browser history, and demands a $500 fine. Attackers are indiscriminate in selecting victims, who simply need to click on the wrong link on a smartphone to be infected.

To defend your agency's devices from ransomware and other malware:

  • Password protect devices.
  • Update software regularly. Malware is constantly being modified and improved. Outdated software simply won't stand up to more advanced malware.
  • Avoid questionable downloads. If you don't trust the source of a download, don't download it. Otherwise, you're inviting an attack. Beware of app reviews; many fake ones seek to give you confidence in malicious apps.
  • Employ mobile security. You may have the latest spyware and virus blockers on your agency desktops, but do employees have the same on their tablets, phones, and other portable electronics? If not, once connected to your network, these devices may leave it vulnerable to breaches. Establish mobile and employee owned device policies to make certain employees don't create unguarded network access points.
  • Don't allow employees to access sensitive data through unsecured connections, such as a local fast-food franchise's or coffee shop's free Wi-Fi. Public Wi-Fi hotspots are especially prone to malware.
  • Use encryption software. Unencrypted company devices can be "mined" for company data and information for sale to competitors and provide easy access into company files and email. Enforce encryption policies to mitigate this risk.


All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.


Wednesday, February 1, 2017

Responding to a Carrier Rating Drop

You may have followed all best practices of the industry in placing business for your clients in markets approved by your agency's selection protocol in order to protect the agency from potential claims and the client from loss. You followed up by monitoring the ratings and activities of the carriers involved according to agency guidelines. In short, you've done everything right. But what do you do when one of those carriers suffers a rating downgrade? The following tips may help you to provide further service to your clients while minimizing potential liability exposure to your agency:
1.     Immediately notify clients of the downgrade and answer any questions they may have to the best of your ability.

2.     Continue to keep your clients apprised of developments - use carrier      approved notices/forms when available.

3.     If a potential solvency issue exists make your clients aware of available guarantee fund protection.

4.     Discuss with your clients their options including implications of a coverage move either at mid-term or expiration and potential impacts on premium involved. Allow the client to make client to make the decision as to which options to exercise and confirm in writing.

5.     Be consistent - treat all clients in the same manner and document all client communications and agency actions taken in writing.

6.     Consult with legal counsel regarding agency actions and content of client communications.

7.     Maintain a positive relationship with the carrier. Avoid negative references and review your contract with the carrier to determine any duties or restrictions you may be subject to in regard to the downgrade. 


All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.

Sunday, January 1, 2017

You Say Tomato, I Say Tomato

Agents selling life insurance coverage must always focus on risk management and pay attention to details to avoid simple errors which could have catastrophic results. One of the most common errors involves client communication, or the lack thereof. Unrealistic and unrealized client expectations are contributing factors in the majority of professional liability claims in any discipline, and particularly so in those involving insurance agents and brokers. Unrealistic expectations are most often caused by simple communication failures between the agent and his client. Those failures need not happen, and can be avoided by consistently employing a few basic strategies.

Never overestimate the client's knowledge of the services you intend to provide, regardless of the client's level of sophistication. It is your responsibility from the outset of the client relationship to clearly explain exactly what services you will perform and - equally important - those you won't. Carefully explain all coverages to your clients as well as any exclusions to those coverages. Never indicate to a client that you will place a policy until you have confirmed that it can be placed - if you don't know, say so. In advising clients always remain within your own area of expertise - do not attempt to render legal, accounting or any other type of advice. Make sure that communication is two way - have your client clearly explain has or her desires, needs and expectations Never volunteer information regarding your errors and omissions coverage. Clear communication can help ensure that you clients have the information and expectations they need to understand your responsibilities and liabilities regarding your scope of services.

Even when verbal communication is frequent, memory failure and misunderstandings often can result in disputes and litigation. For most of us, memory does not improve with the passage of time, and memory lapse tends to be aggravated when large sums of money may be at stake. Few of us remember all the details of telephone calls, group teleconferences, or face to face conversations shortly after they take place. Accordingly, agents should confirm verbal communications in writing, especially if they involve an agreement or commitment, notification, or a request for action or follow-up. Remember that voicemails pose a great risk for miscommunication and should be followed up in writing as to any points of significance (i.e. agreements, notification, request for action), correction or clarification.

Agents should also be aware that e-mail in the context of client communication is never actually casual of informal. From a legal standpoint e-mails are given the same standing as any other formal written document, are never totally deleted, and always form a key component of the client record for litigation purposes. For these reasons every agency should have a formal, mandatory e-mail communication policy in place requiring appropriate content, transmittal to all interested parties, and filing of hard copies of e-mails in client files. Use the "return receipt' e-mail function to confirm that your message has been received and opened. Follow up promptly if it appears that your message has been ignored, misdirected or lost. Texts to clients should be only used for the limited purpose of scheduling and requests for communication, and never for the purpose of transmitting substantive content.

Clear communication is a vital key to a successful and profitable client relationship void of disputes and claims. Effective communication should be a core competency of any agency that strives to understand and meet the needs of its clients. With expectations properly communicated, documented and verified any issues can be addressed quickly, calmly and effectively with minimal negative impact on time, costs and relationships.

All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.

Thursday, December 1, 2016

Avoid Simple Mistakes That Can Lead to Liability

Insurance industry studies indicate that approximately 5% of E&O claims involve the sales or administration of life insurance. While they are relatively rare, when those claims occur they can be significant. The majority of claims filed involve common errors that are easy to avoid with proper attention to detail and documentation.
The most common mistake made by financial representatives is the failure to administer the application process diligently. They often fail to exercise due care in assisting their clients to answer the questions on the application - i.e. they fail to make sure that each question is answered correctly and accurately. Failure to do so may result in an E&O claim by the intended beneficiary if payment is denied by the carrier.

Financial representatives also often fail to recognize answers that do not correctly represent a client's health status. Questions such as "Have you ever been diagnosed with an eye, ear, nose or throat disorder?" are often answered in the negative by "ordinarily healthy" applicants. A long list of "no" answers should raise an alarm if the financial representative is paying attention. Often both the representative and the client fail to consider that simple issues such as a prescription for glasses or allergy treatment are relevant from the carrier’s perspective.

Another common mistake is the failure to maintain documentation of all communication with the client. For every meeting with a client a record should be made of who said what and what they the parties agreed to do. Financial representatives are often targeted for lawsuits by beneficiaries whose claims are denied, and must be prepared to defend themselves with proper documentation.

While you can be sued by anyone, you can make it harder for them to make a case against you by attention to detail and proper documentation.

All information provided in this blog is for informational purposes only. The sources used are presumed accurate. CalSurance Associates, Brown & Brown Program Insurance Services, Inc. and Brown & Brown, Inc. will not be liable for any errors, omissions, losses, injuries or damages arising from its display or use and will not assume responsibility for any misguided information. No guarantees are implied.