A California man pled guilty to knowingly receiving, possessing and without authorization appropriating stolen trade secret information belonging to his former employer—specifically, customer and order information in databases relating to his employer’s sales. He admitted to having made $300,000 in gross sales using the databases, resulting in a $60,000 net profit for himself.
• A PTA president in an elementary school in West Virginia was accused of pocketing more than $25,000 of the association’s money over a period of two years.
• A former Special Agent of the Drug Enforcement Agency (DEA) was convicted of conspiring to embezzle $20,000 in DEA funds, as well as conspiracy to possess cocaine and crack cocaine.
• Two former executives of a drilling equipment firm were convicted of using false business contracts to cheat banks and leasing companies out of 3.5 billion marks ($1.6 billion) while directing a drilling company in Germany. The defendants diverted millions into their own pockets, each drawing monthly salaries of 100,000 marks ($46,000) to finance lives of luxury.
• An accountant and her husband were accused of embezzling $18 million from her employer, a California builder and venture capitalist, during her eight-year stint with the company.
The scenarios above, culled from newspaper reports and government sources, describe instances in which employees were either convicted or charged with committing crimes against their employers.
Are these cases random and rare? Hardly. According to the Association of Certified Fraud Examiners, fraud and abuse costs U.S. organizations more than $400 billion annually. In addition, the average organization loses over $9 per day per employee to fraud and abuse and about 6 percent of its total annual revenue to fraud and abuse committed by its own employees.
Chubb Specialty Insurance, a division of the Chubb Group of Insurance Companies, notes on its website that eight out of ten crimes against businesses are carried out by employees. In addition, those crimes—generally asset misappropriation, fraudulent statements, or bribery and corruption—are often committed by a trusted employee and occur over an extended period of time. Further, no type of business is immune.
“You can pick up any newspaper and see where, even in not for profit companies, trusted employees or executive directors have stolen great deals of money from even small organizations,” said Thomas Sicard, vice president and Commercial Lines product manger at Kemper Financial Insurance Solutions, a division of Kemper Insurance.
Living the high life
“Crime insurance is designed to protect the corporation in the event that their employees embezzle money, securities, property, such as their inventory… (The company) discovers a loss and most often the perpetrator… has wasted away that money through living the high life,” explained Barry Mansour, Assistant vice president and Crime Insurance underwriting manager for Chubb Specialty Insurance. “A crime insurance policy also covers money and securities while in transit or on the premises—because money and securities are excluded from a property form. And it covers losses from computer fraud as well as forgery.”
Protection for certain fraudulent acts of non-employees, various illegal actions of an insured’s directors or officers, and the failure of public officials to faithfully perform their official duties may be written into policies. Coverage for electronic funds transfers, money orders and counterfeit currency, among other things, may also be included.
According to Joseph Harrington, an underwriting manager with the American Association of Insurance Services (AAIS), commercial crime insurance is offered in a variety of ways. “There are commercial crime coverages in a business owners policy…. But there are a series of commercial crime coverages that can be offered as mono-line or as a package.” AAIS is an insurance product development organization whose standardized policy forms and manuals are used by more than 600 property/casualty insurers nationwide. Harrington said that the commercial crime program offered by AAIS contains “a range of coverages. You can buy them as a package policy by combining them, or individually.”
Sicard said that generally coverage provided through package policies, such as that offered with a business owners or property policy, has lower limits, averaging around $500,000. Mono-line policies offer more customized coverage with higher limits.
Ghost vendors, ghost employees and kick-back schemes are among the strategies frequently used by employees to embezzle funds from their employers.
“A crime loss typically doesn’t happen in one instance,” Sicard said. “It’s a pattern of incidences with the same characters, the same bad actors over time. That’s why when you finally discover the loss, it’s usually a great deal of money—because they’ve been able to do it over months, years.”
Sicard pointed out that fraud is often discovered when the economy goes bad because companies begin to take stock of their performance. When companies begin to question why money was spent where “that’s when you uncover schemes,” Sicard said. “And a lot of times… even in smaller companies… long term employees, trusted employees… are ones that have thefts…The ones that have never missed a day of work; that have been there for a long period of time.”
Mansour agreed that while a downturn in the economy may not cause an increase in employee dishonesty, it “may play a part in corporations discovering the fraud that has been going on in their organizations over the last five, ten years. Because what may happen is that you have a layoff, the employees who are committing the fraud are no longer there to cover their fraud, and it becomes discovered.”
Targeting the mid-sized business
While both Chubb and Kemper offer crime insurance products for all classes of businesses, including giant multi-national corporations, the insurers see the small to mid-size business market as having the most potential for growth.
“Most of the large multinational firms know about the coverage. They have professional risk managers whose job it is to make sure that they have this type of coverage,” Sicard said. “But it’s the middle market area, the ones that, especially if the economy is in a downturn, are willing to cut costs… They don’t opt for it because it’s a cost savings, but if they had had the insurance in the event of a loss it could really help the company.”
“Smaller, privately held corporations (are) underinsured because they don’t understand the exposures they face and they’re overly trusting of their employees,” Mansour said. “Larger corporations buy the coverage just like the smaller ones but they’re more attuned to their exposures and typically tend to buy larger limits.”
“Because the smaller customer is typically underinsured, we are targeting them,” Mansour added. “I believe they’re typically a better bet because they’re smaller. They are geographically not as diverse and it’s easier for management to implement an effective control structure to mitigate fraud. Management is often more intimately involved in the business and can discover the frauds quicker so that, in general, they’re not as large. That’s not always the case…but we view that as our profitable segment even though we see the severity of claims rising in that segment.”
Mansour said the industry reports losses to the Surety Association of America, and from 1994 to 2000 losses increased by 76 per cent. Meanwhile, between 1994 and 1999, premiums declined by an average of 20 percent. As a result, crime insurance underwriters have begun to push rates up. “We’ve seen our rate increases… at the end of this year hitting the double digits and I think that’s going to continue to increase,” Mansour said. “I’d say for your best accounts you’re probably looking at general rate increases of five to ten percent. Some of the larger, tougher classes of risks, you’re probably looking at increases from 30 to 60 percent.”
He added that rates and rate increases will vary according to a company’s exposure. “Relative to a particular account we will endorse the policy accordingly,” Mansour said. “We might use a higher deductible for an overseas location for a multi-national corporation or for precious metals or unique exposures in those arenas.”
Kemper maintains a similar flexibility in its underwriting protocol. “Each individual risk is priced individually according to what the size of the risks are, the individual exposure, the type of business they are in, their security controls, their audit controls,” Sicard said. “We look at all of that and individually underwrite each one of those risks.”
“As underwriters one of the things we look for is vendor control,” he added. “Do they (the insured) have an approved list of vendors? What kind of control do they have in the accounts payable area? Does it take two signatures to approve bills over certain dollar amounts? Or, what is the hierarchy of the approval, so that you don’t have one person approving things and stealing from the company?”
Cybercrime: covered or not?
While some companies are beginning to offer coverage specifically geared toward crimes perpetrated electronically through the Internet, dubbed “cybercrime,” there is some speculation as to whether those risks are best covered by new policies or by traditional crime insurance.
“Insurance is an inherently standards-oriented business,” Harrington said. “It remains to be seen how profound the cybercrime issues may become in changing the structure of commercial crime policies. There’s a tendency and somewhat of a… desire on the part of insurers to have (those) exposures be seen in standard, traditional ways. And money stolen over the Internet is some sort of theft.” Insurers are waiting “to see if established means of covering it, rating it and structuring the coverage can still work. It remains to be seen whether something different might be needed down the road given the nature of the electronic crime.”
Sicard agreed. “When an employee steals money from their company, regardless of how they do it, that’s an employee theft. So it doesn’t really make a difference whether or not they use electronic means or they just physically stole the money. That would normally be covered under an employee theft cover.”
Like Harrington, he viewed the whole technology issue as an evolving one. “People are very confused as to whether or not they have coverage for various electronic exposures and crime is one of them.”