By Mary Byrnes, AAI-M, AU, Education Department
At Syracuse I Day last week, I had the pleasure of having lunch with representatives of a community college who are interested in providing students with insurance courses. As you can imagine, they asked many questions that caused me to stop and think, perhaps you will too.
As we all struggle with staffing issues and trying to replace staff that moves on, it's natural to think of young people coming into the business. Only we can adjust the misconceptions of these young people of an industry that we think of interesting, service oriented, and even vibrant. Sure we can tout a regular paycheck, great benefits, vacation time, etc. But is that going to flip the switch of a young person who is under the misconceptions that they usually have?
Here are the questions that were asked over lunch…
- In your career, is there one thing that you've done or been involved in that stands out for you as a high point?
Wow, that's quite a question, it makes you stop and think especially if you've been at it for a few years (a few decades for some of us).
I thought of my time at an agency, we had been presented with the opportunity to quote a moderate sized airport, my experience had been that I had traveled through an airport in the past which is not very impressive. I closed myself in the conference room for a few days and read the policy cover to cover, found a broker specializing in the coverages and asked a ton of questions. It was the most interesting account that I've ever worked on. BTW, we did write it.
- What impact do you have?
I'm sure that every one of you out there can tell about an instance where you helped someone. After all, in the most vulnerable time for an insured, you're there to help. Whether it's a fire, an accident, a death etc., you answer the call.
I told them another story from my agency days. An insured had a house fire that burned it to the ground, the claim was reported to the carrier which sent a check immediately for $20,000 so that they could find a place to stay, buy clothes and so forth with only the request that they keep and submit their receipts. It was such a show of good faith in the face of such devastation. I still remember the insureds names and the carrier that responded and it's been many, many years.
- For a young person, what's the potential?
In honesty, the potential over a career for someone starting out now is limited only by their willingness to learn, be open to every opportunity that comes their way, to have an innate curiosity and be ready to never be bored.
I challenge you to ask yourself these same questions. I hope that you'll remember your own experiences and the differences and that you've made to someone.
Cyber threats may be greater than many insurance agency owners believe, according to a new report from computer network security firm Webroot. Agencies running old software or operating out of homes may be especially vulnerable. This summary is provided courtesy of cybersecurity firm LCG, which offers cybersecurity services to Big I New York members.
Webroot published its Threat Report: Mid-Year Update on October 8. Among the report's key findings:
- 95% of detected malware (malicious software) is unique to a single personal computer (PC.) This means that traditional antivirus software, which looks for unusual patterns across a network, is unlikely to detect these files. To better protect themselves, agencies should switch to "intelligent" antivirus systems that learn about specific threats within the network and automatically perform defensive activities.
- Attackers are picking out specific weak targets rather than blasting out attacks at random. A network without detection capability may be intruded before the business knows an attack has begun.
- Home computers are twice as likely to become infected as do business PCs. Home-based agencies face a higher risk of infection.
- Similarly, PCs running Windows 7 are twice as likely to become infected as those running the newer, more secure Windows 10. Agencies still on the old system are at greater risk.
- Phishing attacks are increasing. Endpoint protection, which seeks to protect servers, workstations, mobile devices connected to the business network, can help protect against these attacks.
- Rather than just impersonating banks, phishing emails are now impersonating well-known vendors such as Amazon and FedEx. Agencies need to train their staff on cybersecurity awareness.
Webroot is a next generation endpoint protection system. LCG manages and deploys Webroot solutions for its customers, among other security measures.
By Mary Byrnes, AAI-M, AU, Education Department
This week it seems that we've been inundated with info on the coverage and exposures associated with marijuana, hemp, CBD, etc. Today I heard this industry described as a Natural Emerging Risk and could reach sales in the $100 billions in the next decade. There's an interesting article by Ryan Smith in Insurance Business America that illustrates the impact that this will have on the industry. It's really a fascinating topic.
Will this become something that NY agencies will see in the future? If it is, there are many things that we can learn from the states that have currently have legalized recreational use of marijuana.
Geographic and Legal Issues
- Laws apply state by state
- Legality of an operation is contingent on the compliance with the laws in the state that they operate, travel with product to etc.
- Underwriting will have a unique focus on how the insured is complying with the laws of their states of operation. Underwriters may ask simple questions on some states and many questions on other states dependent upon the degree of the law requirements on the business owner.
- In other states many agents have found that their insureds look to them for guidance in not only insurance but also for direction in the financial portion of their businesses. Financing for their operations can be hard to find both due to the business that they are in and that many of them are new ventures.
- There are attorneys that specialize in assisting business owners in this field.
- Currently, generally all of the marijuana affiliated businesses are written in the E&S market.
- Forms used are not necessarily standardized. The carrier might use some of the core forms are ISO or similar language. But there are forms applied that deal specifically with the treatment of the product or exposures will be totally different.
- There are brokers that deal only in the marijuana industry. They know that there are both agents who have not previously worked on this type of account and that many of the insureds have not previously purchased commercial insurance.
Actuarial & Rates:
- This is truly an emerging market.
- There is no historical data to base rates or forms on, it is only recently that these enterprises have become legal.
- Actuarial firms, at the request of E&S carriers, are developing rates and forms based on “like type" information such as the liquor, pharmaceutical, tobacco industries, and so on.
- Dependent upon what the carrier has requested and the different actuarial firms available, there could be many variances between carriers in rates and forms.
- Due to the rapidity of change in the marijuana legal landscape, so many differences in state laws and changes that are occurring in them, interpretation of coverage forms, the accumulation of claim data over time, rates and forms will go through many changes.
- These types of operations are going to be varied by size, type, and scope.
- Run from extremely sophisticated to the opposite.
- Will run the gamut from direct involvement with the product (growers, wholesalers, retailers, transporters, etc.) to ancillary services (suppliers of equipment, security services, legal, financial, landlords, private equity firms, doctors, IT consultants, and the like)
- Plant touching vs. non-plant touching is a great way to break them down.
- Usual coverages that you would provide for any business operation (Property, GL, Inland Marine including transportation exposures, Crime, Auto, Management Liability for the larger operations, and the list goes on).
- Particular attention will need to be paid to coverages that won't fit the standard market like flood for coverage of the product, crop insurance which is still developing for hemp let alone for marijuana, terrorism, product coverage, product recall, and probably more than I can think of.
- Product delivery method (smoking, vaping, creams or ointments, edibles and so on) will need to be considered from a product liability standpoint.
- Testing methods for product standardization will likely be a huge consideration.
Law Enforcement Considerations:
- Typical testing in the case of auto accidents is hair, blood testing etc.
- States that have either legalized or decriminalized the use of marijuana for recreational use have experienced exponential increases in auto accidents due to driving under the influence.
- Coming to market is breathalyzer for marijuana usage that can be done within about 10 minutes that can detect any method of delivery into the person's system.
This would be a great time to have a crystal ball to see what will happen in New York. If it comes to pass, there is no question that agents will be requested to provide quotes &/or coverage on some of these operations. It's also not unlikely that you may see underwriters asking about any marijuana product handling affiliation on risks that are submitted to them. This is a quickly evolving industry based on the laws of each state. There is more and more information available every day. This is a topic that is so interesting. I'm sure that you'll be seeing more to come in the future and if NYS makes any moves on this legislative, hold on to your hats, it's only going to get more interesting.
If you have anything from an insurance standpoint that you'd like to pass on, I'd love to hear about it.
Presented by the National Flood Insurance Program
October 2019 - Register Now!
(Capacity is Limited)
Key Fundamentals of Flood Insurance for Agents
Parts One and Two
Please register for both parts of this webinar.
Part One: October 23 - 10:00 AM - 12:00 PM CDT - REGISTER
Part Two: October 24 - 10:00 AM - 12:00 PM CDT - REGISTER
Insurance agent continuing education course approval and credits vary by state. CLICK HERE for information about your state.
Can't attend these sessions? Watch for more opportunities soon.
TWO-PART KEY FUNDAMENTALS WEBINAR
This webinar is a two-part course on the National Flood Insurance Program. It includes the topics listed in the Federal Register notice on training and education requirements related to Section 207 of the Flood Insurance Reform Act of 2004, otherwise known as FIRA 2004.
It brings participants the latest information on reform legislation impacting the NFIP as it reviews the key elements that insurance agents need to know about the NFIP and how it works. It also discusses many of the federal flood program's general rules as well as some more advanced topics. For more information visit our Key Fundamentals of Flood Insurance overview.
Attendees must complete both sessions in order to cover all topics required by the Flood Insurance Reform Act (FIRA) of 2004.
To register, please use the links above. These webinars are FREE to attend, but spaces are limited so please register early.
Can't attend these sessions? NFIP Training conducts webinars on flood insurance topics regularly. Watch for more upcoming opportunities. If you are not a subscriber to NFIP agent training bulletins, please sign up here.
CONTINUING EDUCATION CREDITS
Insurance agent continuing education course approval and credits vary by state. Click Here for information about your state. Some states (e.g. California, Illinois, Michigan, Oklahoma, Utah and Virginia) require that both parts of the course be successfully completed in the same offering to receive any credit hours.
Currently, there are no CE credits available in Puerto Rico, Guam or the Virgin Islands.
Both parts of the course must be completed to meet the FIRA 2004 training requirement. Periodic learning checks will be conducted to measure attendee engagement. Learning checks must be completed by each registered attendee to earn CE credit. Only registered attendees are eligible to receive CE credits. No exam is required. As the course provider, we will collect agents' license numbers for the purpose of roster submissions.
State Mandatory Notifications:
Colorado - This two-part course is approved by the Colorado Division of Insurance for Continuing Insurance Education Credit.
Connecticut - Approved by the State of Connecticut Insurance Department for insurance producer continuing education credit.
Florida - Each part of this course has been approved by the Florida Department of Financial Services for insurance continuing education credit. FL Provider: H2O Partners, Inc. (#365883); Course: Key Fundamentals of Flood Insurance for Agents - Part 1 (Webinar) (#106200); Course: Key Fundamentals of Flood Insurance for Agents - Part 2 (Webinar) (#106202).
New Mexico - This course has been approved by the Insurance Continuing Education Committee as a New Mexico Insurance Continuing Education Course.
South Carolina - This course is approved by the South Carolina Department of Insurance for Continuing Insurance Education Credit.
Questions? Contact Aaron Montanez at: firstname.lastname@example.org
Please do not reply to this email. If you have questions regarding NFIP Training, please write to email@example.com.
Sign Up for NFIP Agent Training Bulletins
The U.S. Department of Labor announced its long-anticipated changes to overtime rules under the Fair Labor Standards Act. Beginning January 1, 2020, employees who are considered “exempt" from federal overtime provisions must earn a guaranteed minimum salary of at least $684/week ($35,568 /year).
Therefore, if an employee's salary is not at least $684/week, he or she must be classified as non-exempt, have his or her time tracked and receive overtime for all hours worked over 40 in a week.
This new regulation has the potential to impact many Big I NY members. To help you understand and prepare for this change, we are co-hosting with Big I National a webinar on October 30, 2019 at 2:00 ET. Our presenter will be Claudia St. John, president of Affinity HR Group, Big I NY's national HR consulting partner and resource. The purpose of the webinar is to:
- Review the regulatory changes and their potential impact on independent agencies
- Present reclassification and pay accommodation options to consider to be compliant
- Answer as many of your questions as possible before, during, and after the webinar
To sign up for this complimentary webinar, click here.
If you are unable to attend and would like assistance on understanding the rule change and how to remain compliant, please feel free to contact Affinity HR Group directly at (877) 660-6400 or Contact@AffinityHRgroup.com.
Insurance is a great business that we have chosen for ourselves. Think about it…
Where else could you find a career that is so interesting and where the sky is pretty much the limit? Every day, we at Big I New York get calls and emails from our members asking questions about topics ranging from insurance coverages, form interpretation, legislative and regulatory issues, Cybersecurity, and licensing to name a few. It's through many of these discussions that we've really gotten to have some great conversations and it makes me marvel at how many things you've got going on and how engaged you are through it all.
How fortunate are we; all of us collectively, to work in a field where we can be learning something every day. After all, the amount of information that we are exposed to is so vast there will always be something that we'd like to learn more about. We get to help others have a sense of well-being in knowing that we've looked out for them and if something happens, they know they can call. We volunteer in our communities to contribute to where we live and work.
For all of the insurance warriors out there, hat's off to you! How lucky are we all to be a part of it? When you talk to a young person about what you do, remember to let them know the potential that you see in the industry and how it could be a wonderful choice for them as well. Until our next conversation…
By Mary Byrnes, AAI-M, AU, Education Department
Recently two things happened. First, I received a call from an agency that wanted to review some cyber tips with their staff and secondly, I attended a webinar on Cyber Exposures for the Healthcare Industry.
I took the webinar mostly out of curiosity. The reality was that it was so eye opening and it made me think of the common types of information and exposures that there are between both healthcare and our own industry.
Mailroom Failure-In 2017, Aetna mailed letters to 12,000 recipients in 20 states about HIV medications. The letters were placed in window envelopes prior to mailing. The envelopes used allowed third parties to see the who was receiving medication for HIV/AIDS. The award on the suit was $17,000,000.
This claim shows us that through something so innocuous as mailing letters could come such a huge release of Personally Identifiable Information. Although, this is not a cyber type incident, it does show that a huge exposure is people. There lies the commonality in this claim and in the exposures that agencies have from cyber exposures.
Agencies have some of the same types of information that the healthcare industry does:
- Billing Info (credit card, bank info, addresses, etc.)
- Social Security #s
- Insurer info
- Medical info (agencies that write Health Insurance)
Agencies are dependent on the IT infrastructure for insurer communication platforms/portals, billing, vendors, etc.
The common types of breaches are:
- Employee carelessness &/or negligence
- Employees & Social Media
- Rogue Employees (former employees with an axe to grind)
- Phishing schemes
- Lost or stolen devices
- Business associate failures (former vendors with an axe to grind)
All of these types of breaches point to a human factor.
Let’s go over one of
the breaches on the list.
Phishing is when someone (cyber-criminal), poses as a trusted party to get sensitive information from a source. This could be a mass email sent from a spoofed site that looks almost exactly like a site that you use all the time. The email might say that they need to update your credit card info or social security number possibly due to your account being compromised.
As everything else evolves, so are the cyber criminals. They're not always looking for the quick turnaround for what some of them consider low profit with mass email spoofs. Now, many are willing to do some research into a firm, mine for data about the people at a firm, watch their emails etc. They're even willing to scope out the physical location, seeing who comes and goes.
Picture this…the boss goes away on a long-awaited vacation. Beforehand, they've included in all of the emails that they've sent out that they'll be out of the office for a couple of weeks visiting sites in Europe. While the boss is away, an email is received by the accounting department from the boss. It says that they are having a great trip, seeing the sights and doing some shopping. They've decided to buy some jewelry from a well-known store overseas and they don't want to put it on their credit card because they'll be there for a while and doing more shopping. Please wire $xx,000 to Well Known Jewelry Store, here's the routing number etc. Please let me know when it's done. See you in a couple of weeks. Thanks, the Boss. The accounting person is really busy and this is the last thing that needs to be done before they can leave for the day. They wire the $$ and respond to the email from the Boss that it's done. The email goes back to the cyber-criminal, they receive the $$ and close the account.
Did the employee willingly send the funds-yes. Without some type of insurance can the funds be recovered-no.
From an insurance standpoint-this would be treated on a Crime Policy by endorsement for Social Engineering. An unendorsed crime policy won't do the trick, it needs to be amended to include the coverage.
Not only is a Cyber policy a good idea for your agency and your insureds, but Crime policies should be endorsed to include the Social Engineering coverage.
Risk Management Tip: If ever you get a request to transfer funds or to change an account number that you send money to (vendors, carriers, etc.), don't do it based on an email or a call in. First, call your usual contact or the person supposedly requesting the $$ (example: vendor, carrier, the boss, etc.) and ask about the request. Verify! Do not call the number in the email or email that was provided in the call requesting the money transfer or the account number change or call the number back from the email or the phone call that was received.
Cyber Security Tips for Everyday:
- Don't open emails from strangers and especially don't open attachments from them.
- Use strong passwords, don't use names (human or pet, etc.) add a few special characters or numbers.
- Free Wi-Fi connections can be unencrypted, so be careful of accessing personal or sensitive data in places where you're unsure of the security (hotels, hospitals, airports, restaurants, internet cafes, etc that provide open access to their patrons).
- Make sure that your computers & systems are updated with the latest updates on operating systems and virus protection etc. It's not uncommon for a vulnerability to be discovered and an update issued.
The criminals aren't going to target mega corporations; they're looking at John & Jane Q Main Street. To keep your information safe, the key is to be aware and diligent.