Joint approach by criminals challenges insurance buyers

Criminals using personal and corporate data against companies for multiple coordinated attacks is increasingly giving rise to claims disputes between different insurers and policies.

To increase their chances of success, fraudsters exploit data in various ways simultaneously with tools ranging from impersonation to social engineering, a process by which individuals are manipulated to divulge confidential or personal information.

“There is a new trend of in-concert approach by criminals,” says Michael Lea, Head of Management Liability at Lockton. “When criminals get hold of data they can sell it on the dark web,” he adds. “The threat of financial crime needs to be considered on a holistic basis as it may affect a mix of data, systems, stock, inventory and cash, causing financial loss, loss of revenue and liability to others, and therefore, trigger a number of different insurance policies,” Lea explains.

There is a new trend of in-concert approach by criminals,” says Michael Lea, Head of Management Liability at Lockton.

Criminals can, for example, send malware or phishing emails to employees using a list of contact details. They can also hack into a company’s system and turn off the alarms and CCTV of the company’s premises for a physical robbery. Access to the CEO’s email communication can open up a number of additional opportunities for criminals such as, for example, transferring company funds or even kidnapping the CEO or a family member. Similarly, information on the goods distribution processes of a company can enable criminals to gain access to production sites and valuable merchandise by impersonating the legitimate courier or intercepting goods during the delivery process.

“Companies’ exposure to fraud and theft is no longer determined by geographical location or industry sector,” Lea says. “The rise of anonymous crime means that any company can find themselves the victim of crime, no matter what internal controls, procedures and protections they adopt,” he adds.

When purchasing property, crime, cyber, cargo and kidnap and ransom policies, the respective brokers or insurers often fail to communicate with each other and the policies usually include duplication and gaps, but a crime incident might trigger multiple insurance policies. For the insured this can mean significant delays and disputes in claims collection.

“The insurance market has been slow to respond to the changing financial crime landscape, and still designs products in silos with different triggers, retentions and exclusions, such that they do not fit together well when a fraud incident affects more than one coverage area,” Lea explains.

In order to avoid claims conflicts after an incident, insureds need to make sure that it is clear which policies respond to which loss triggers and in which sequence. The whole insurance portfolio of a company should be tested with loss scenarios to determine how the policies interact and identify any gaps or conflicts. The process should clarify which policy will respond first in different scenarios and include the adaptation of sub-limits and retentions of different polices. It helps having policies underwritten by similar insurance panels and, ideally, all policies should renew at the same time.

In order to avoid claims conflicts after an incident, insureds need to make sure that it is clear which policies respond to which loss triggers and in which sequence.

Having several policies with the same insurer could theoretically help to avoid such disputes, but is not always advisable.

“The solution is to make sure that the policies are interlocking and dovetailing,” Lea notes.

“This approach helps avoid long delays and claims disputes between different policies and insurers if your company is a target of organised criminals,” he explains.

Lea leads a workshop on financial crime at the upcoming Airmic Conference on June 3, 2019 (opens a new window).  

The session aims to provide tips for considering financial crime under different covers and avoiding any potential for insurer disputes, including playing out claims scenarios.  


For further information please contact:

Michael Lea
Head of Management Liability