Commercial crime rises in wake of COVID-19 crisis

Crime insurance premium rates are on the rise as criminals exploit new opportunities created by the COVID-19 pandemic. Businesses need to make sure that appropriate security measures are in place and are followed by staff across the organisation not least because the expected economic downturn following the outbreak is likely to drive crime insurance premium rates up further.

Following the implementation of quarantines and social distancing measures to contain the pandemic, economies throttled down production and services worldwide. Consequently, the International Monetary Fund (IMF) is now forecasting (opens a new window) the global economy to shrink by 3% in 2020. In addition to short-term negative outcomes on labour markets, recessions usually result in a rise in criminal activity. 

Criminals adapt fraud schemes

Criminals have been quick to seize opportunities to exploit government efforts to combat the global spread of the coronavirus by adapting their modi operandi or engaging in new criminal activities, the European Union Agency for Law Enforcement Cooperation (Europol) has warned (opens a new window).

 According to the agency, factors that are prompting changes in crime and terrorism include:

  • High demand for certain goods, protective gear and pharmaceutical products;

  • Decreased mobility and flow of people across and into the EU;

  • Citizens remain at home and are increasingly teleworking, relying on digital solutions;

  • Limitations to public life will make some criminal activities less visible and displace them to home or online settings;

  • Increased anxiety and fear that may create vulnerability to exploitation;

  • Decreased supply of certain illicit goods in the EU.

While traditional fraud such as theft of funds by employees has not gone away, electronic fraud by third parties has been growing exponentially in recent years, both in frequency and severity. A popular fraud scheme involves impersonation to trigger an erroneous transfer of funds, also known as social engineering, and it is proving even more effective during the current lockdown. It is, for example, easier to impersonate a corporate partner if a new vendor has been only recently selected without physical meeting due to the lockdown. Cybercriminals are also exploiting the fact that a greater number of employees are now connecting to the organisations’ systems remotely, potentially creating security gaps.

Further, fraudsters have quickly adapted well-known fraud schemes to capitalise on anxieties and fears individuals may have developed due to the crisis, including telephone fraud schemes, supply scams and decontamination scams. 

Europol was, for example, involved in the investigation of a company that transferred €6.6 million to a company in Singapore to purchase alcohol gels and FFP3/2 masks. The goods were never received.

Schemes involving thefts have also been adapted by criminals to exploit the current situation, including for example scams involving the impersonation of representatives of public authorities. Commercial premises and medical facilities are expected to be increasingly targeted for organised burglaries. Since many offices and manufacturing plants are currently mostly unoccupied, stricter security and facilities’ management is essential.

Europol expects new or adapted types of criminal activities to continue to emerge during the crisis and in its aftermath. 

Additional security measures

Since processes and cooperation partners may have changed due to the pandemic, companies should take special care particularly when transferring funds and introduce additional security measures.

Among the measures worth looking into is educating staff about social engineering fraud techniques and training employees on necessary security measures before the transfer of funds.

Now that the majority of staff in many companies is working from home, multi-factor authentication methods which require the user to present two or more pieces of evidence to be granted access is particularly important. The security of employees’ home computers and home networks is usually beyond the control of their companies. Depending on how the corporate networks are being accessed, an employee’s computer that contains malware may transmit it to the company’s network (opens a new window).

Already in April fraud prevention service provider Cifas reported (opens a new window) a “huge spike in online activity around coronavirus,” including an increase in emails from fraudsters impersonating CEOs or IT departments asking employees for access to their device and to share their screen information.

Tight commercial crime insurance market

Commercial crime insurance protects policyholder against financial losses from both “internal” and “external” fraudulent acts.  However, insurers’ appetite for this type of risk has been falling in recent years as the underlying frequency and severity of claims rose, particularly from impersonation and payment diversion. The reduction in underwriting capacity has been reflected both in pricing and in terms and conditions of policies. 

Some insurers are now only underwriting risk on a co-insured basis, sharing the exposure with at least two other insurers. In addition, when insurers feel uncomfortable with the corporate control level they the company may need to self-insure part of the risk. It is not uncommon to see crime insurance buyers having to retain 50% of a potential claim when security standards vary across business units.

Crime insurers are increasing policy retentions significantly. While this is intended to improve insurers underwriting results it is also supposed to increase the company’s rigour around internal controls and procedures and to increase their focus on fraud awareness and avoidance. It is now typical for the crime insurance policies to have minimum retentions of £25,000 and for companies with revenues greater than one billion, to see policy retentions of £1m or more.

The corporate crime insurance market is relatively small and therefore one loss can have a big effect on the segment. Some insurers are underwriting crime risk only for existing clients and therefore purchasing other insurance products, but will not underwrite Crime on standalone basis. A few insurers have stopped underwriting new corporate crime risk altogether, including TMHCC, Axis and the Hartford.

Insurers that continue underwriting operating in the segment are not only adjusting premiums to the higher perceived risk levels but also requesting more information about the internal controls that the business has in place to protect against fraud. Since criminals follow the path of least resistance and target the weakest firewalls, insurers want to see evidence that control levels are consistently stringent across all subsidiaries, that the same procurement software is deployed globally, that the audit for the company is centralised and that security measures such as call back verification is followed before funds are transferred.

For further information, please contact: 

Michael Lea, Partner, Global Professional & Financial Risks

Tel: +44 (0)20 7933 2669 | Email: (opens a new window)