Tag Archives: Aon

Batten Down the Hatches: Watch Out for Whale Phishing

Posted on by

Many risk managers and corporate counsel are in a quandary over the latest crime wave to strike businesses—a flood of incidents involving what is known as whale-phishing. This occurs when criminals use a combination of emails and phone calls to perpetrate a fraud and scam companies out of large sums of money through fraudulent wire transfers.

Here is how a typical whale-phishing episode unfolds. A perpetrator sends a “spoofed” email (indicating it came from an email address other than the one that was actually used) to a company employee.  The spoofed email address is usually that of a senior company official, which is why the term “whale” is attached to these phishing emails.

The email message is usually sent to a mid- or lower-level manager in the finance department or person with access to banking funds.

buy cozaar online shadidanin.com/wp-content/uploads/2023/10/jpg/cozaar.html no prescription pharmacy

 The email is typically worded as “highly confidential.” The perpetrator often selects an employee who has had minimal contact with the senior executive whose email address is spoofed. Thus, the employee will not be familiar with the executive or his or her mode of interacting with employees on fund transfer matters.

The spoofed email message typically refers to a “project” for which significant funds are required immediately, but emphasizes that the funds need to be transferred discretely. The message also informs the individual handling the transaction to expect a phone call from a trusted official outside the company, typically an attorney or accountant, who will provide instructions for transferring the funds.

The employee gets the follow-up call and usually transfers the money. Once funds are transferred, if the scam goes undetected, a second email is sent from the same executive thanking the employee for helping with the transaction and providing instructions for the next transaction.

buy imodium online shadidanin.com/wp-content/uploads/2023/10/jpg/imodium.html no prescription pharmacy

Another call is placed to the employee, who then unwittingly arranges the second, often significantly larger, transfer of funds. This process continues until the fraud is detected.

At that point, however, the transferred funds and the perpetrators usually are long gone. These criminals are difficult to apprehend, and their accounts are almost impossible to trace.

buy flexeril online shadidanin.com/wp-content/uploads/2023/10/jpg/flexeril.html no prescription pharmacy

The challenge for the risk manager then becomes trying to collect on a crime insurance policy. Unfortunately, however, insurers have been denying coverage.

With respect to crime/fidelity insurance, there often is some policy language pertaining to losses due to computer fraud. Since a portion of the scheme is carried out via a telephone call or fax, insurers contend that the fraud was not perpetrated by a computer.

Insurers also have issued denials based on their contention that the email is not a financial instrument and/or the email does not constitute a forgery of a financial instrument. Furthermore, they point out that in these situations a company employee, not an outside perpetrator, was directly responsible for the loss.

As the number of whale-phishing incidents continues to increase, risk managers and their brokers need to confirm with their insurers that they expect these types of losses to be covered under their crime insurance policies. Indeed, policy language should be reviewed carefully in this context.

To help prevent such frauds, senior leadership and all individuals with access to company bank accounts need to be made aware of the potential for such scams. Procedures should be in place to validate any and all requests for money transfers and there should be adequate redundancy in the approval process that takes place outside of email.

Be forewarned and prepared; phishing scams are out there and they can lead to large losses.

Companies in 2013 Are Less Prepared for Major Risks Than They Were in 2011

Posted on by

(Click for larger chart)

Gloomy news: Companies across the world are now less prepared to deal with risks than they were two years ago. Even worse: Though companies have had nearly five years to respond to the global economic slowdown — which they cite as as the biggest risk to business — they are increasingly unable to confront the revenue problems it has created.

This is according to the 2013 Global Risk Management Survey released today at the RIMS 2013 Annual Conference & Exhibition by insurance broker Aon. To formulate its findings (displayed in the above chart), Aon compiled the “risk readiness” scores from companies’ responses to its survey and compared them to the results of its 2011 report.

“Risk readiness means a company has a comprehensive plan in place to address risks or has undertaken a formal review of those risks,” states the report. “In comparison with that of 2011, overall readiness for the top 10 risks has dropped by 7% to 59%. In fact, of the top 10 risks, all but business interruption has registered a decrease in overall readiness. Given the attention and scrutiny that risk management practices have received from stakeholders since the financial crisis, this is a disturbing trend and a bit surprising.

As noted, companies still don’t know how to navigate the economic slowdown.

Aon offers some advice: “Since concerns over the world’s economy will not go away soon, organizations need to embrace it for the long-term and from a global perspective. We are no longer sitting on an island by ourselves. What happens on the other side of the world can have a direct impact on every organization, whether it has international operations or not.”

(Click for larger chart)

It isn’t just the international exposures that threaten revenue, however.

In another startling trend, companies are increasingly losing money due to regulatory and legislative changes. A staggering 54% of companies reported income loss (in the last 12 months) due to regulatory and legislative changes — a huge jump from 22% in 2011.

In addition to surveying companies and breaking down how they are responding to individual risks, Aon also analyzed how businesses are using risk management while creating strategy.

The short answer: They are not.

Only 22% of respondents consider “improved business strategy” to be one of the primary benefits of investing in risk management. While there has never been a time when risk management was heavily used to create strategy, this is actually a 1% dip from the 2011 report, in which 23% listed improved business strategy as a primary benefit.

Javier Gimeno, a professor of strategy at INSEAD, a business school in France and contributor to the report, highlighted the concern these findings raise. He notes that many of the top risks cited by companies are strategic in nature. And to deal with these types of threats, companies must re-think their strategy-formulating process. It must incorporate risk management.

“The practice in many companies is still sequential: strategy development comes first…and risk management takes strategy as a given and manages the ensuing risks,” he wrote. “That may lead to strategies that are not sufficiently flexible or adaptive. When strategic risk management is embedded as an integral part of the strategy process, the strategies can become more robust to uncertainty, and more flexible and exploratory.”

He concludes with some advice for companies that want to be better prepared for the 50 top risks (see chart below).

“Developing capabilities for strategic risk management by top management teams and boards should be an important priority in these uncertain times.”

Extreme Risks of Reality TV Shows — Are They Insurable?

Posted on by

Fear Factor, Wipe Out, Survivor and even The Biggest Loser are all shows that put contestants at risk. And in order to gain viewers’ attention (and ratings to keep advertisers happy), reality shows are constantly trying to one-up each other while in turn increasing their risk. So how do these shows get away with it? Who would insure such insane acts? How do producers make sure they’re covered in case of an injury or death? To answer these questions, I turned to Lorrie McNaught, reality TV expert with Aon/Albert G. Ruben.

What types of reality shows spur the most insurance claims?
LM: Many times it’s more of the “walk and talk” shows as opposed to those with stunts that spur the most claims. Audience members are often hurt while being moved in and out of the auditorium.

online pharmacy rifadin with best prices today in the USA

With stunt-laden productions, producers and networks are extremely cautious, and often will hire outside loss control professionals to ensure safety protocol is at its best.

online pharmacy champix with best prices today in the USA

Every precaution is taken to make sure the stunts are dangerous looking, but not TOO dangerous to perform. As walk-and-talk programming seems so simple, sometimes safety hazards are overlooked.

Are any stunts or activities uninsurable?
LM: The quick answer is no, with the exception of intentional acts; the right broker can find a quote for anything a producer wants to do.

online pharmacy tadalista with best prices today in the USA

Usually it comes down to pricing, and how much they have in the budget for insurance. The right broker doesn’t hear the word “no” from insurers. They find a way to get coverage.

How are contestants insured? Or are they?
LM: There are many ways that producers look at mitigating their risks when it comes to contestant injuries. Many times, it will depend on requirements from the networks, and how much they are allocated for insurance. But most, if not all, production companies have participants/contestants sign liability releases, which hold them harmless in the event of injury to the participant while they are filming the show. Production companies have a general liability policy, which would protect them from bodily injury claims, in the event a contestant decided to file a suit. There are other ways that production companies can provide coverage, including accident medical policies and short-term disability. These might be an option for production companies who wish to offer some type of coverage for the participants if they are hurt, while helping to keep their GL policies claims free.

What keeps show producers and risk experts up at night?
LM: Concerns that they might not be able to film the production the way they want to. And, if insurance is the reason that things are held up, that is a huge problem. As an experienced broker, you get to the point where you can almost proactively imagine what the production companies may want to do on a certain show, and you can go to the marketplace and request quotes for various options to present to the producer. That way, they have some options up front, and can create a budget that will allow them to do the shoot they want to, since they’ve been able to plan for it.

What is the biggest mistake producers can make when choosing their insurance programs?
LM: Picking a broker who has little experience and is unable to get the producers the coverage and pricing they need to get their production made.

What should producers be aware of in their agreements with the networks?
LM: The networks all require indemnification from the producers. Sometimes the networks will require the producers to also use the networks’ own insurance program. At the point an uncovered or under-covered claim happens, it could leave a producer bare of coverage, but still forced to indemnify the network. A producer should always carry their own insurance as well, to protect themselves at all times.

The Top 10 Construction Risks

Posted on by

More than 800 construction workers die and another 137,000 are seriously injured on the job each year in the United States, according to the Department of Labor. Its a tragic number and the worst part is that so many deaths and injuries are preventable. Aside from simply being deadly, however, the industry is imperiled by as many risks as any other industry.

Aon recently documented as much in its report on the state of risk management in construction. The broker surveyed industry professionals and received at least one encouraging result: overall preparedness for the threats identified as the top 10 risks has risen from 60% in 2009 to 67% in 2011.

What are those risks? These.

Aon points out one major change over the past two years.

Damage to reputation/brand has risen significantly in ranking from 11th in 2009 to third in 2011. This change is likely to be caused by the challenges that the industry is facing in maintaining a client base in an increasingly competitive environment. Where construction firms are working hard to replace diminished backlogs, the temptation to bid work at or below cost increases. With these practices, the risk of completing the job on time and on budget also rises. This can have a negative impact on reputation. This is not indicative of the entire sector, but the pressures on margin and the ability to remain viable as the economy continues to falter will have a negative impact.

By and large, preparedness has increased across the board. With one notable, major exception: capital availability/credit risk. That isn’t so surprising, however. The industry has been crippled by the housing collapse, so profits and, thus, cash holdings are going to be low.

Perhaps more troubling is the other risk that companies are now less prepared for than they were two years ago: third party liability. I’m not smart enough to deduce the reasoning for this drop-off, nor does Aon offer any analysis, so I’ll leave it to you to speculate. Not a positive trend obviously, though.

In an ideal world, this improvement would be coming solely because everyone is finally realizing just how wonderful risk management is. But theoretical value only has so much utility in changing behavior. Instead, the economy and pressure from customers and regulators have been the driving force.

Oddly, however, construction respondents say that “natural weather events” are less of a factor than other industries do. Perhaps this is because the construction industry is more experienced when it comes to disaster losses? And it has already addressed disaster preparedness and is now “past” catching up more so than other industries? They learned the lessons of Katrina and the 2004 hurricane season and they adjusted?

I don’t know. But it strikes me as odd that construction companies haven’t felt increased pressure of late to improve in this regard following the most devastating first-half disaster-year in history. 8% seems low. But, again, I guess the economic factors trump everything.

For those that still have more preparedness to do — hint, everyone —  the Department of Labor is here to help. To promote safety, it developed a series of safety videos.

The one below centers on not getting backed over by a giant truck. Don’t let that happen is, I believe, the takeaway message they’re going for.