David Anderson is principal of David Anderson & Associates, a Philadelphia forensic accounting firm that provides a full range of fraud investigation, forensic accounting, and marital dissolution services in Philadelphia and the Delaware Valley.
As noted in many of my prior blogs, the best “insurance” against fraud is having in place a working, comprehensive fraud prevention program which includes, among other things, anti-fraud policies and procedures, active management oversight, and regular fraud prevention training.
However, as the principal of David Anderson & Associates, a Philadelphia forensic accounting firm that provides a full range of fraud investigation and fraud deterrence programs in the Delaware Valley, I also strongly recommend that businesses and other organizations also have in place adequate fraud insurance to protect against unexpected fraud losses.
To obtain a better understanding of fraud insurance protection, I spoke with Matt Jakubowski and Kevin McCall of the Mount Laurel, N.J. office of Arthur J. Gallagher, a prominent global insurance, risk management, and consulting firm. We focused on the fraud protection insurance that small and medium sized enterprises (generally those with less than $100 million in revenues) should have.
Jakubowski and McCall advised that most owners and executives of such enterprises are in denial that their organization can be the victim of fraud. They often state that long-time trusted employees would never commit fraud against them (despite the fact, as I have pointed out in earlier blogs, that trusted employees are often the ones who commit fraud).
As a result, most such enterprises have only a standard property and casualty insurance package which typically provides property, liability, and auto coverage. While such packages usually do not cover fraud, the insurance broker may include in the package a small coverage for employee theft ($15,000 to $25,000) and/or funds transfer fraud ($10,000 to $15,000).
If the enterprise grows over time, these small coverages may grow to as much as $100,000 as part of the standard package. The problem with the small size of these coverages is that many frauds far exceed these limits. For example, in the past year, I have investigated two frauds committed against small to medium sized organizations which exceeded $500,000, and a third which exceeded $2,000,000.
Another problem arises in the form of loss insured. Many insurance brokers who may not be knowledgeable about these matters, may provide a Loss Sustained form. The amount of insurance coverage under such a form only applies to fraud losses sustained from the time the policy or increased coverage begins.
An alternative form, called a Discovery Form, covers the total amount, including all prior acts, from the time that a fraud loss is first discovered. Hence, an enterprise which previously had a $25,000 Loss Sustained form which was increased to $1,000,000 this year may only claim up to $25,000 in prior year losses, even if the fraud dates back several years. The $1,000,000 limit would apply only to current year losses.
However, if the same enterprise had replaced the $25,000 Loss Sustained form with a new $1,000,000 Discovery Form, all prior and current year losses up to the $1,000,000 limit could be claimed.
Jakubowski and McCall recommend that to protect against fraud, enterprises have Crime Insurance policies that have been vetted by a Certified Fraud Examiner and that offer the following types of coverages:
- Employee Theft: This is the most common coverage. Enterprises should be aware that insurance companies will require both documentation supporting the loss and that a police report be filed in order for them to pay claims under this coverage (Filing a police report does not necessarily trigger law enforcement action – that is the purview of district attorneys or U.S. attorneys).
- Funds Transfer Fraud: This covers cash theft or theft of funds by a third party that has hacked into the enterprise’s bank accounts. Note that this coverage does not apply to voluntarily parting with funds (see the next bullet point below).
- Social Engineering/Cyber Deception Fraud: This covers voluntarily parting with funds as the result of Social Engineering/Cyber Deception. The most common example of this is when an enterprise receives an e-mail that appears to be from the CEO, CFO or other senior executive which directs the enterprise to wire funds to a third party. However, if such e-mail turns out to be fraudulent. Jakubowski and McCall stated this type of fraud has become so pervasive in the past 18 months that insurance companies have begun limiting the maximum dollar amount covered, requiring a higher deductible, and charging a higher premium for this coverage.
- Forgery and Alteration Fraud: This covers situations in which a check signature has been forged and/or the check amount has been altered.
Two additional types of fraud insurance coverage I have found in my work as principal of David Anderson & Associates – a Philadelphia forensic accounting firm that provides a full range of fraud investigation and fraud deterrence programs in the Delaware Valley – that enterprises might want to consider are:
- Network Security/Cyber Security: This requires a separate policy and covers costs related to the theft of PII (personally identifiable information) or PHI (protected health information), and is most typically used by retail operations, healthcare organizations, accountants, and others who maintain such information on their systems. The coverage pays for the costs of notifying the parties whose PII or PHI has been stolen as well as the cost of providing credit monitoring to those parties (up to the limits of the coverage).
- Theft from Clients or Third Parties: This coverage applies to enterprises who are either holding funds for clients (such as in escrow accounts) or who have access to third party assets which could be stolen (for example, a janitorial firm that cleans offices).
Jakubowski and McCall also advised that relative to the dollar risks of losses from fraud, the cost of fraud insurance coverage (for example, $1,000,000) may only be a few thousands of dollars a year (compare this to the typical fraud loss which the Association of Certified Fraud Examiners estimates to average 5% of revenues). They also stated that for enterprises which have fraud prevention programs along with regular employee training in place, the costs will typically be less.
Given the above, I strongly recommend that enterprises review their fraud insurance coverage to make sure that it is adequately protecting them against unexpected fraud losses. If you’re not exactly sure what type of policy you should get, speak with a Certified Fraud Examiner from an experienced firm that provides forensic accounting services in Philadelphia and the Delaware Valley.
Please contact the Philadelphia forensic accounting firm of David Anderson & Associates by calling David Anderson at 267-207-3597 or emailing him at firstname.lastname@example.org if you require the services of a Certified Fraud Examiner or any other forensic accounting services in Philadelphia and the Delaware Valley.
About David Anderson & Associates
David Anderson & Associates is a Philadelphia forensic accounting firm that provides a full range of forensic accounting services in Philadelphia and the Delaware Valley. The experienced professionals at David Anderson & Associates provide forensic accounting, business valuation, fraud investigation, fraud deterrence, litigation support, economic damage analysis, business consulting and outsourced CFO services. Company principal David Anderson is a forensic accounting expert who has more than 30 years of experience in financial and operational leadership positions and is a Certified Public Accountant, a Certified Fraud Examiner and a Certified Valuation Analyst.