For insurance buyers, insurance agents and insurance wholesalers!For insurance buyers, insurance agents and insurance wholesalers!

Traditional Vs. E-Commerce Insurance

CMEditor
4/30/2013 by CompleteMarkets Editor, Dave O'Neill

This content has not been rated yet.

TRADITIONAL VS. E-COMMERCE INSURANCE

 

by Dave O'Neill

 

Managing e-business calls for a comprehensive risk management approach and a thorough understanding of the multifaceted nature of the exposures. It's imperative to incorporate an ingrained awareness of e-business exposures in a business' employees and to provide them with the necessary tools to analyze, quantify, and manage those exposures. This document by Dave O'Neill takes a look at why traditional insurance products aren't up to the task.

 

 

The Industrial Revolution, especially the period of the early 1800s, contributed to modern business methods with inventions of the telegraph, transatlantic cable, telephone, and wireless communication services. But, development of the first microprocessor in the late 1960s, followed by the creation of the Internet, marked the beginning of what can now be called the E-Business Revolution.

 

Electronic Business, or Electronic Commerce, began with the Internet. The ability to work, learn, teach, research, bank, invest, purchase, sell, and communicate can be performed from almost any location with access to a telephone line.

 

The advent of the Internet has transformed the way firms conduct business with extraordinary cost effectiveness and innovative business opportunities. Although companies that don't partake in the latest technological advances risk losing customers, those firms that have joined the e-business revolution have risks of their own. Typical business risks such as loss of revenue, business interruption, fraud, and loss of reputation are magnified for those businesses engaged in e-commerce. Additionally, the paperless environment of the electronic age serves to further increase the risk of theft of confidential data, which can be accessed online.

 

For the most part, companies have relied on their insurance agents or business consultants for recommendations regarding traditional business insurance purchases. Unfortunately, those traditional insurance products might not meet all of the needs of today's electronic businesses. The very same products that have provided insurance coverage for physical assets against physical threats were developed at a time when the term ‘cyberspace' was considered science fiction. The electronic business exposures must be analyzed against traditional insurance coverages in order to identify the coverage gaps and ultimately find a solution to close those gaps.

PROPERTY INSURANCE

Property insurance is based on physical protection for losses resulting from covered causes of loss, which cause physical damage or destruction. The following are typical characteristics of traditional Property insurance:

  • It does not cover damages caused by viruses, nor does it recognize the inherent value of assets in electronic form, such as intellectual property or proprietary software.
  • It excludes dishonest and fraudulent acts committed by the Insured or employees of the Insured.
  • It excludes losses arising out of human programming errors.
  • The coverage territory is limited to a specified region, such as the U.S., Canada and Puerto Rico — the Internet knows no boundaries.

BUSINESS INCOME/EXTRA EXPENSE

Business Income coverage pays for actual loss of business income due to suspension of operations during the period of restoration. The traditional coverage characteristics include:

 

  • The suspension must be caused by direct physical damage or loss to property (or personal property within 100 feet) at the premises described in the policy declarations.
  • The loss or damage must be caused by, or result from, a covered cause of loss.
  • It defines ‘period of restoration' as the period of time that typically begins 24 to 48 hours after the time of direct physical loss or damage for Business Income coverage and ends when the damaged property should be repaired with reasonable speed or business is resumed at a new permanent location. In the world of electronic commerce, a 48-hour waiting period might be more damaging to business than the loss itself.

GENERAL LIABILITY

General Liability insurance is also directly connected to physical exposures, designed to cover tangible bodily injury and property damage. Often, insureds misinterpret coverage for incidental exposures to be broader than intended.

  • Limited coverage for advertising liability, only applies to offenses committed in the course of advertising your goods, products or services. Many home pages have information not specific to an insured's own products.
  • It excludes an offense committed by an insured whose business is advertising, broadcasting, publishing, or telecasting.
  • The coverage territory is limited to a specified region, such as the U.S., Canada and Puerto Rico — the Internet knows no boundaries.

DATA PROCESSING MEDIA

An insured might choose to purchase Data Processing Media coverage, or coverage might be included within a package of other Property or Inland Marine coverages. This type of coverage typically features: 

  • It covers the actual cost of reproducing the data and the cost of the media.
  • It only applies to Data Processing Media at a Covered Location described on the policy declarations page.
  • Again, the coverage territory is limited to a specified region, such as the U.S., Canada, and Puerto Rico.
  • It excludes dishonest or criminal acts by the insured or the insured's employees.

CRIME COVERAGES

A Computer Crime Policy (CCP) is designed to cover loss resulting from various forms of crime. However, where does the protection against loss resulting in an electronic environment generally begin and end? A key element of the CCP is protection against the loss of money and securities resulting from transferring, paying, delivering, debiting, or crediting an account following the modification or destruction of electronic data, media, or programs perpetrated by unknown third parties. Coverage is lso provided for damage or destruction to programs, data, and media (hackers, virus', time bombs, and the like) in which case the afforded protection only pays the costs to replicate the lost materials.

 Under the CCP no coverage is given for:

  • Loss of inherent value of intellectual property or proprietary software resulting from misappropriation.
  • Loss of income.
  • Expenses incurred in order to establish the amount of loss.
  • Programming errors and omissions or malfunctions.
  • Expense of hiring a public relations firm to mitigate a reputation loss.

DIRECTORS AND OFFICERS

D&O coverage is triggered by a claim resulting from a wrongful act of a director and/or officer. Conceptually, it does not protect the corporate entity and therefore doesn't avail itself to the types of day-to-day electronic exposures inherent in the provision of professional services by a financial institution. D&O coverage also normally excludes:

  • Loss of income.
  • Errors and omissions by anyone other than the directors and officers, except for the management oversight function.
  • Libel, slander, or defamation.

PRE-SCREENING

Financial institutions in particular want to ensure their e-business activities aren't vulnerable to potential losses resulting from security breaches, such as network hacking, viruses, and electronic thefts. Now that we've addressed all of the traditional insurance a financial institution typically has in place, certain criteria must be met before they can consider e-business insurance in order to determine the scope of their e-commerce exposures.

  • Is there a current, documented security policy?
  • Are documented procedures in place for user and password management?
  • Are remote users authenticated before being allowed to connect to internal networks and systems?

Although this isn't a comprehensive listing, a negative response to these questions represents a critical internal control weakness that would need to be corrected before e-commerce insurance can be considered.

 

LOSS CONTROL MEASURES

Financial institutions must implement loss control measures to lessen their e-business exposures before additional insurance can be put in to place. Such measures might include:

  • A documented, published corporate security policy. Such a statement is key to the successful implementation of an IT Security Program. It should spell out the institution's approach and commitment to an active Security Program, allocate management responsibilities, and advise employees of the need for their active involvement.
  • Access controls to ensure that only authorized users access your systems and networks and can provide you with an audit trail to aide in investigations that might be needed.
  • Passwords, the most common method for verifying the authenticity of system users, are the most likely to be compromised. Ensure that they are changed often.

FILLING THE GAPS

E-business insurance provides a broad range of electronic business activity protection that helps to cover gaps in traditional existing insurance coverage, even if your electronic systems are under the control of a third party service provider. This might include:

  • Business Income coverage that can replace not only the business income and additional expenses incurred as a result of interrupted services, but can also pay for the cost of investigating the reason for the loss of service.
  • Loss Event Liability that covers liabilities to third parties for e-business losses, including reasonable expenses incurred in the defense or appeal of claims.
  • Intellectual Property coverage to protect against the loss of proprietary information or software through deliberate or inadvertent misappropriation.
  • Public Relations coverage for the expenses incurred to help rebuild a company's reputation from negative publicity resulting from an e-business exposure.
  • Electronic Publishing Liability to cover liabilities incurred from publishing information electronically including defamation of character, libel, and slander, as well as copyright infringements, plagiarism, or misappropriation of ideas.
  • Rewards coverage that pays for information that leads to the arrest and conviction of any individual(s) committing or trying to commit any illegal act against the insureds e-business activities.

Managing e-business calls for a comprehensive risk management approach and a thorough understanding of the multifaceted nature of the exposures. It's imperative to incorporate an ingrained awareness of e-business exposures in a financial institution's employees and to provide them with the necessary tools to analyze, quantify, and manage those exposures.

 

We recommend grasping the golden opportunity presented by e-business, but it's always of importance to ensure that there's an adequate return to compensate for the risk assumed. E-business insurance helps make this decision easier.

 

David T. O'Neill is Vice President of e-Business Solutions for Zurich North America Financial Enterprises. He is responsible for directing the global marketing initiatives of Zurich North America Financial Enterprises' e-commerce insurance product, E-Risk.

Login or Register (for FREE) to gain access to thousands of other great articles.
Need more reasons to join? Need insurance for you, your business or your family?
All Articles by CompleteMarkets Editor
Tags:
Categories: Risk Management
Monetization type: None
Comments (0)
There are no comments posted.
Search Articles/Libraries 
Select a Category
Choose a Content Package
Similar Articles 
Content Packages 
  • ~/Upload/Images/ContenPackages/editor@completemarkets.com/imms_logo.png
    This article is part of the IMMS Library, which contains more than 2451 documents published by industry-leading authors.