The necessity of commercial
crime insurance
IN Partnership with
Commercial crime insurance is not a nice-to-have – it's a necessity as businesses deal with internal and external threats
More
THINK THAT cyber, management liability, or other insurance policies will cover all your clients business losses from theft, online or otherwise?
Think again.
A guy in a ski mask with a gun running into a bank to commit a robbery is one thing. But what about money lost during a cyberattack? Or theft by employees? While not all cyberattacks lead to loss, crime itself is a developing and evolving thing – moving from a largely physical threat to a double threat, physical and virtual.
A commercial crime policy “is often still seen as a nice-to-have cover, and there is a misconception that elements of coverage under the crime policy will be picked up by other areas of the management liability suite of products,” said Jennifer Wells, head of crime at Aviva UK, during a recent interview.
Aviva is the UK’s leading insurance, wealth, and retirement business, providing wealth, retirement, and insurance solutions to 18.5 million customers globally and 15.5 million customers in the UK.
Aviva helps individuals save and achieve financial peace of mind, either directly or through intermediaries, and provides corporate customers with de-risking solutions for their pension schemes and with solutions to help promote wellbeing and health within their workforces.
Find out more
“The misconception is that if a computer has been involved, it’s a cyber loss”
Simon Bailey,
Aviva UK
“Actually, it’s specific cover to protect the balance sheet, and the outcome of not purchasing a crime policy can be very wide-reaching, with detrimental impacts on not only the business’s value and profitability, but also its reputation and future plans.”
Also, once the money is gone, it is generally unrecoverable, and the loss can only be replenished by means of a claims payment.
For Simon Bailey, senior underwriter, crime and financial lines, at Aviva UK, there is a lot of “uncertainty coming out of COVID” – and fraudsters thrive in disorder and chaos. Everything – from supply-chain disruption to the cost-of-living crisis and even rising interest rates – has conspired to place some people in a desperate situation, where strained financial circumstances put them at heightened risk of fraud or make them more susceptible to influence from outside sources.
“All companies of every shape, size, and geographic profile have exposure to fraud,” said Bailey. “They have been exposed to fraud through loss of revenue. The fraud can be from a faceless person in a room on the other side of the world. Or the threat can be from your company accountant at the desk opposite. You don’t know where the threat is coming from.”
“This is becoming very much a dual-pronged threat now, which every company is facing,” he said.
“The misconception is that if a computer has been involved, it’s a cyber loss,” said Bailey. That is why it is so important for brokers and their clients to learn the difference between cyber and crime policies, so that a client does not suffer a cyber/crime incident only to find insurers and brokers pointing fingers at each other.
Wells agreed. “Getting around this misconception is key so that the right covers can be purchased in the right way and then work appropriately, rather than creating an issue when it comes to a claim. Insurers strive to avoid confusion surrounding coverage, as this may lead to an uncertain customer outcome, which the industry is obviously keen to avoid,” she said.
There is also a rising wave of new fraud techniques that needs to be contended with, from social engineering to impersonation, to deep-fake videos or faked voices, to the criminal potential of AI and the Metaverse.
“The crime market has to recognize and adapt to keep pace with technological changes,” said Bailey. “We’ve seen examples of people using algorithmic software to imitate manager or executive voices in order to fool employees into breaching otherwise robust funds-transfer protocols. Much like the old-fashioned house robbers developed lock-picks to get around advanced house security, this twenty-first-century technology-enabled tool essentially serves the same function – circumventing other secure means of authentication.”
Another example of the potential conflict between legacy crime wordings and the impact of technology is the emergence and developmental pace of AI, where older definitions such as “natural person” may be ambiguous when describing who is committing the act, leading to further uncertainty.
The demand for crime products is high, but demand can vary from client to client and requires the educational investment of both the insured and brokers.
“With global financial uncertainty, it is better to seek cover now for those losses that have yet to be discovered,” Bailey said. “You need to find a product to cover yourself against your past losses and also your future losses as well.”
Aviva is always open to engaging and discussing recent trends or new exposure frontiers to assist clients in developing their own risk management frameworks, to ascertain the strength of internal controls in place, and find what fraud-detection controls there are, such as whistleblower hotlines for employees.
Bailey added that AI can also be used as a positive “barrier” against fraud, as a disruptor and enhanced governance tool.
“You can use AI to understand really complex data, see complex trends,” he said. It can be used to spot new threats, new exposures and patterns, and to help people make better, more informed and faster decisions earlier.
Share
Share
Criminals thrive in disorder and chaos
Why “If a computer is involved, it’s a cyber loss” is a misconception
Published 14 Aug 2023
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
UK
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Cookie policy
Terms & conditions
People
Copyright © 2023 KM Business Information UK Ltd
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
UK
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Cookie policy
Terms & conditions
People
Copyright © 2023 KM Business Information UK Ltd
Contact Us
Specialty
Best in Insurance
Resources
Risk Management
TV
News
UK
Copyright © 2023 KM Business Information UK Ltd
RSS
Sitemap
Contact us
About us
Conditions of Use
Privacy policy
Cookie policy
Terms & conditions
People
“You only need one disgruntled employee to find a way to circumvent the internal controls to have the opportunity and ability to commit fraud”
Jennifer Wells,
Aviva UK
One of the biggest challenges Bailey, Wells, and their commercial crime colleagues face is dealing with the perception that a cyber policy will help handle any online theft – when in reality both policies are needed.
“There is a perceived crossover,” said Wells.
Cyber policies will offer specific specialities and help to try to stop any further damage.
But even with these tech frauds in mind, “what we are still seeing is the continued threat of internal fraud,” Wells said. While outside jobs tend to be one-and-done, an inside job can go on for years if undiscovered, and “that can be the most damaging situation for a company to have to deal with,” she said.
The enemy within can often do the most harm – and yet employers will say, “We trust our employees and we’ve got internal controls to protect against fraud,” said Wells. “You only need one disgruntled employee to find a way around internal controls to have the opportunity and ability to commit fraud.”
“The modus operandi behind each fraud is different and can reflect more tragic personal circumstances,” said Wells.
Bailey noted that a lot of these type of losses tend to be discovered within 12 to 24 months of their occurrence, so any fraud taking place during the disruption of the pandemic era will only be starting to come to light now.
Along with missing money, the damage done by fraud can go far beyond the initial impact of financial loss. Some result in further financial considerations, such as investigation or forensic accounting costs, but others are more abstract, such as business disruptions or impact on staff morale. Along with reputational damage, there are domino effects like layoffs, delaying geographic or strategic expansion, or, for publicly traded companies, an impact on share prices.
A new concern for board members is upcoming UK legislation that will make directors much more accountable should fraud be discovered on their watch, highlighting not only crime policies but D&O as well.
With a commercial crime policy, “at least you can say that you’ve taken appropriate steps. You’ve got a crime policy and are working with somebody to indemnify and get back to where you were before the incident,” Bailey said.
As the song says, “You don’t know what you’ve got till it’s gone.”
What is eligible for coverage?
Aviva UK provides commercial crime cover on a primary, excess, or coinsured basis to a range of businesses committed to fraud risk management, including:
Aviva UK also looks at the following on a case-by-case basis:
Clients operating in the majority
of commercial industries
Charity sector risks
Professional sector risks
Public sector risks
Security firms and haulage risks
Risks with a non-ferrous/
precious metals exposure
Telecom risks
Facilities management
Source: Aviva UK
Crimes against business:
UK statistics
percentage of business premises (151,000) in the wholesale and retail sector in England and Wales estimated to have been victims of crime between April 2020 and March 2021. This is similar to the prevalence rate in 2018 (40%) , though lower than the same rate in 2012 (53%)
percentage of premises experiencing theft, the most prevalent crime type, with burglary at 10%.
percentage of premises reporting that theft by a customer – the most prevalent type of theft – occurred more than once a day
percentage of premises experiencing theft of food and groceries, the most commonly stolen items (compared to 33% in 2018)
The most common impacts of crime included financial loss (68%), stolen goods and services (60%), and additional staff time needed to deal with the incident (46%).
Source: UK government Home Office, “Crime against businesses: findings from the 2021 Commercial Victimisation Survey,” June 2022.
38%:
27%:
11%:
39%:
Crimes against business:
UK statistics
percentage of business premises (151,000) in the wholesale and retail sector in England and Wales estimated to have been victims of crime between April 2020 and March 2021. This is similar to the prevalence rate in 2018 (40%) , though lower than the same rate in 2012 (53%)
percentage of premises experiencing theft, the most prevalent crime type, with burglary at 10%.
percentage of premises reporting that theft by a customer – the most prevalent type of theft – occurred more than once a day
percentage of premises experiencing theft of food and groceries, the most commonly stolen items (compared to 33% in 2018)
The most common impacts of crime included financial loss (68%), stolen goods and services (60%), and additional staff time needed to deal with the incident (46%).
Source: UK government Home Office, “Crime against businesses: findings from the 2021 Commercial Victimisation Survey,” June 2022.
38%:
27%:
11%:
39%: