Uptick in Severity of Claims
Law firm malpractice claims may be down, but the sting in them is spiking.
In its fourth annual survey of lawyers’ professional liability claims, insurance broker Ames & Gough found that the severity of claims has increased over the past year for eight of the insurers that provide such coverage.
Four insurers either paid or participated in paying a claim of $100 million or greater; two others had a payment between $50 million and $100 million. Moreover, six of the eight insurers surveyed reported having more claims with reserves of $500,000 or greater in 2013 than 2012.
The carriers participating in the Ames & Gough survey were AIG/Lexington Insurance, AXIS Capital Holdings, BRIT Insurance, CNA Financial, Catlin Group, Ironshore, Markel Corp., and Swiss Re.
While the frequency of claims has begun to level off, the significant uptick in severity is due to the “double-whammy” of the longer development pattern of post-recession claims coupled with soaring defense costs, said Eileen Garczynski, partner and senior vice president of Ames & Gough in Washington, D.C.
On top of that, attorneys are switching firms now more than ever before, which has led to more conflict of interest claims, she said.
Six of the eight insurers surveyed cite conflicts of interest as the leading cause of malpractice claims. Such claims may arise when hiring firms don’t thoroughly determine if newly hired attorneys represented any client competitors or other adversarial parties of clients at their previous firms, Garczynski said.
“The obvious example of a conflict is when someone represents Exxon but also Greenpeace, but conflicts can be more complicated than that,” she said.
For example, an attorney could have represented a subsidiary of a pharmaceutical company and is now representing a competitor of the parent company, Garczynski said. The parent could sue the new firm, claiming the attorney is now divulging product secrets to its competitor.
There are many “gray areas” of representation that can lead to conflicts of interest, said Todd Hampton, vice president of claims for both Monitor Liability Managers and Berkley Select in Chicago.
For example, when a deal sours, the two parties involved in the relationship may become adversarial, Hampton said. If a law firm is representing both parties at the outset of the deal, it would be prudent to get them to sign a conflict of interest waiver.
“Or just get out altogether,” he said.
Michael Furlong, vice president, underwriting at CNA Insurance in Kansas City, Mo., said that most small law firms do not adequately protect themselves.
In the majority of malpractice claims, CNA found that most small law firms did not use “engagement letters” to spell out the limits of representation or thought that a letter explaining their fee structure to clients would suffice, Furlong said.
“Not so,” he said. “A well-documented letter is very important when trying to defend the claim.”
Engagement letters should include the identity of the client, the scope of representations and limits to that scope, fees and billing statements, expenses and file retention procedures. Clients should sign the letter, agreeing to such terms, at the outset of representation, as well as when any documented changes occur in the scope of the work, he said.
Law firms should also take extra precautions when agreeing to represent unknown new clients, particularly for commercial transactions, Furlong said.
If those clients have engaged in illegal or fraudulent activities, their attorneys could be sued for malpractice. A glaring red flag would be if the potential client has switched law firms multiple times within a short span of time.
Law firms also need to establish a “risk management culture” that includes letting the attorneys on the front lines know that they won’t get into trouble if they spot signs of trouble and immediately communicate it to the supervising partners, general counsel or other risk management staff, said Uri Gutfreund, a professional liability broker at Singer Nelson Charlmers in New York.
If they are faced with a malpractice claim, law firms should thoroughly document what happened and what they’ve subsequently done to minimize such occurrences in the future, including any risk management procedures they’ve since put in place, Gutfreund said. Such documentation can help law firms avoid being severely penalized during their subsequent renewals.
Law firms should also report to their carriers any claims they pay, even well before they exceed their retentions, he said.
“Even if they think that they may be able to make a claim go away for less than their retention, it’s really important to report it, so if the claim blows up, they won’t be fighting for coverage later with the carrier,” Gutfreund said.
As severity of claims rise, so do insurance premiums, Garczynski said.
“In order to keep premiums low, firms have to conduct appropriate due diligence to make sure they have the right risk management steps in place,” she said.
Banks Face New Threat
Banks have been caught off guard by what experts say is the first major mobile banking security threat to hit the United States.
It is a modification of the mobile Trojan called Svpeng, which has been used to steal money from Russian mobile bank accounts, said Dmitry Bestuzhev, head of global research and analysis team, Latin America, at Kaspersky Lab, a Woburn, Mass.-based antivirus software company that discovered the malware.
The malware, which emanates from Russia, has been termed “ransomware,” because the hackers demand a payment in exchange for not destroying the victim’s reputation, claiming there is child pornography and other prohibited content on the cell phone.
“Nobody wants to be a victim of such image reputation damage.” — Dmitry Bestuzhev, head of global research and analysis team, Latin America, at Kaspersky Lab.
“It takes a picture of the victim and then says it will send it with the child pornography findings to all of the victim’s contacts,” Bestuzhev said. “Nobody wants to be a victim of such image reputation damage.”
Cyber criminals are already taking steps to steal online banking credentials from mobile devices, Bestuzhev said.
Previous versions of Svpeng were used to steal money from several banks in Russia, by displaying a fake log-in window in front of the real one, which asked users to input their credentials.
This new malware is deeply integrated and is almost impossible to remove from an infected device, he added. His company found Svpeng through “proactive Internet exploring.”
Better software is needed to protect against malware, said Chris Keegan, a managing director at Beecher Carlson, in New York.
For now, banks rely on warning their customers against social engineering attempts by fraudsters, and usually that means, “Don’t press the button or answer the email.” Banks must warn their customers not to download any applications not found on the iPhone store, Google Play or other verified websites, he said.
Banks Ran Out of Time
Avivah Litan, a Gartner Inc. vice president and analyst in Potomac, Md., said the malware should serve as a wake-up call for many banks, as a fair number of them have not developed security measures for mobile banking that are as robust as those used in online banking.
Ensuring that customers use secured browsers doesn’t apply when they use mobile apps.
Giants like Chase Bank and U.S. Bank and others are developing tougher measures specific to mobile, but the industry has a whole need to step it up, Litan said.
“Everybody knew it was coming, but they thought they would have had more time.” – Avivah Litan, vice president, Gartner Inc.
“They’ve just been slow to put measures in place specific to mobile because there hasn’t been any mobile malware,” she said. “Everybody knew it was coming, but they thought they would have had more time. But now it’s here and they have to think about it now.”
Matt Krogstad, head of mobile banking at Bank of the West in San Francisco, said the bank’s fraud prevention department works with his department to combat mobile malware and other types of mobile banking fraud.
“It’s an ongoing process since the mobile security space is constantly evolving,” Krogstad said.
Bank of the West also tries to protect customers against unofficial third-party services that try to access apps or put themselves between the customer and the apps, after customers download them, he said.
Bank of the West also diligently educates customers about the latest threats, Krogstad said.In cases like Heartbleed, communications to customers were to reassure them that the bank had done its due diligence to ensurethat their accounts were safe.
“With other malware like this randomware, it’s more about reinforcing certain behaviors, such as not downloading apps from unofficial app stores or not clicking on links from people you don’t know,” he said. “Don’t jailbreak your phone or put your banking passwords in your contacts.”
Keeping up with all types of cyber crime continues to challenge the industry. Indeed, computer crime and malicious codes ranks as No. 5 as a top risk for banks, according to Aon’s 2014 U.S. Industry Report: Financial Institutions.
However, there is a disconnect at most banks that hampers risk mitigation, said Michael O’Connell, managing director, financial institutions practice at Aon Risk Solutions.
The disconnect occurs because one group traditionally is responsible for purchasing insurance, while another group is responsible for assessing exposures, including technology that may pose an operational enterprise risk, said O’Connell.
“We strongly recommend linking the two groups together, to assess ‘what-if scenarios’ and develop mitigation strategies that include insurance,” he said.
Kevin Kalinich, Aon’s global practice leader for cyber/network risk, said that recent court decisions have ruled that if fraudsters are able to steal customer identities or money, it is the bank’s obligation to help their customers, even if the fraud is out of the bank’s control.
“So if a customer gets fooled on their mobile devices, then the bank has the responsibility to monitor usage of their bank accounts,” Kalinich said.
FATCA Adds to Brokers’ Compliance Burden
Brokers are working to comply with the requirements of the Foreign Account Tax Compliance Act that tookk effect July 1. At the same time, however, industry lobbyists are asking Congress and the Internal Revenue Service to exempt non-cash value premiums from the new tax evasion law.
“The compliance burden of this law is significant and there are some reports saying it could cost in the tens of millions of dollars,” said Joel Kopperud, director of governmental relations for the Council of Insurance Agents & Brokers (CIAB).
Starting in July, brokers that collect premiums from their clients on behalf of foreign carriers must obtain certain IRS-generated forms from the carriers that they are FATCA-compliant or FATCA-exempt. In addition, the brokers must report each carrier’s status under that law to the IRS.
If an agency determines a carrier is not compliant or exempt, then a percentage of the premiums paid to them by their U.S. clients that have coverage with the foreign carrier will be withheld as taxes. (This part of the law was deferred and will apply to premiums paid on insurance and reinsurance policies with effective or renewal dates of Jan. 1, 2015 or later.)
Forcing brokers to withhold a percentage of an insurance premium “would cause major business disruptions to insurance customers including the potential for lapses in coverage,” said Steve Chapman, partner with PwC’s financial services tax practice in New York City.
J. Scott Tofil, senior vice president and chief financial officer of Beecher Carlson Holdings, Inc. in Atlanta, said his firm will collect the required forms from all of the foreign carriers that it works with, and they will be kept in an internal database shared with its parent company, Brown & Brown.
“If [the foreign carriers] cannot provide these forms, we cannot do business with them,” Tofil said.
“As a fiduciary, the money we collect from our clients and put in trusts to pay premiums to carriers is never technically our money. So if we were forced to withhold 30 percent as this new law requires, we would not be able to submit full payment, and the carrier might cancel their insurance, which is why we will not place insurance with a carrier that cannot provide the correct paperwork.”
While that likely won’t happen for most of the foreign insurers, this new law places all brokers and agents in “an uncomfortable position,” he said.
“When the government added these requirements into the law, I really don’t think they paid attention to how brokers acting in a fiduciary capacity would be impacted,” Tofil said.
Many states require brokers and agents to put the money for premiums into a trust and hold in a fiduciary capacity, he said. “Now you have the federal government telling you to take 30 percent from money and hold it, when the money isn’t yours to begin with.”
To aid broker compliance with FATCA, the CIAB will go live with an online portal on July 1 that will provide access to the forms required by the IRS for each foreign insurer, Kopperud said.
“This way, brokers don’t have to reach out individually for the certifications from all of the foreign insurers they work with — we will have done that for them,” he said. “This will be a one-stop shop for these certificates.”
The withholding requirements will likely not affect most brokers, as most will simply not conduct business with a foreign insurer that is not FATCA compliant, said Vladimir Gololobov, CIAB’s director, international.
“But the reporting piece has a cost consideration that really comes into play, which will divert more brokers’ resources,” Gololobov said.
Tax Evasion Schemes
The reason insurance brokers were included in FATCA was that some foreign insurance products have an investment component, such as an annuity, that “unscrupulous” U.S. taxpayers could use to funnel money and evade paying taxes, said Dean Paik, a director at Rogers Joseph O’Donnell law offices in San Francisco.
Paik previously served as special counsel to the assistant attorney general in the tax division at the U.S. Department of Justice between 2010 and 2013. His work there included foreign account tax compliance, including the investigation and prosecution of U.S. taxpayers holding undeclared foreign accounts, and the banks and bankers that assisted them.
FATCA was intended to stamp out tax evasion schemes started by financial institutions such as Credit Suisse, Paik said. In the past, U.S. taxpayers who wanted to evade paying taxes would set up investment accounts at foreign institutions. The IRS wants to ensure U.S. taxpayers can’t use insurance products with investment components to evade taxes, he said.
“The risk for brokers is dealing with the insurers who are not on the up and up; if they go outside of the world of participating with a legitimate insurer,” Paik said.
“They run the risk that these companies are noncompliant, and if something happens and there is a problem, brokers will be liable for penalties and fall out of favor with the IRS, which will then look at them more skeptically,” he said.
When the law was passed in 2010, the brokers’ group believed that non-cash value insurance was not intended to be part of the law, but the IRS included non-cash value premiums when they released final regulations implementing FATCA, Kopperud said.
CIAB is working with the IRS and Congress to clarify the situation, he said.
Non-cash value insurance is “simply irrelevant to FATCA’s goal of combating tax evasion, as property casualty insurance and reinsurance simply cannot be used as a vehicle to evade taxes,” Kopperud said.
Indeed, a bipartisan group of 17 members of the House Ways and Means Committee (the committee that authored the law) agree with the brokers’ group and sent a letter to the IRS supporting the request to exclude non-cash value insurance, Kopperud said.
“This law just creates more work for brokers and agents as the intermediary in placing insurance for their clients,” Tofil said. “Most of the large foreign carriers will be exempt from this tax withholding as they will have these forms ready, so I’m not sure what this law accomplishes as related to insurance, it really just creates more paperwork.”
Marsh told clients it will “only use FATCA-compliant companies for in-scope business,” will collect forms from insurers, and will provide online access to them, according to the company. It also will help its U.S. direct bill clients obtain the appropriate documentation from the foreign insurers they use.
Phasing In Compliance
PwC’s Chapman said that brokers have had to phase in compliance, as they wait for guidance from the IRS. As of now, the IRS has yet to publish instructions on completing the required forms.
“Brokers are looking to comply with the rules in the most practical way possible,” Chapman said. “Since insurance premiums have not previously been in scope for information reporting purposes, brokers are working to get up to speed quickly with a set of requirements that are new to their core business and are working to shape the legislation in a way that makes sense for the insurance industry.”
Timing is the biggest concern — particularly the IRS has yet to release the necessary instructions to complete and return the required forms, he said.
Andy Jenn, a national practice leader at Aon, said the brokerage firm’s preparation for FACTA compliance has included a “very broad carrier outreach” that started last October to make sure their legal structures were “aligned with Aon’s” and they were “up to speed” on the requirements.
“We’ve been really pleased with the responsiveness of the carriers, and we’re all just in a waiting period right now until the FACTA forms become available,” Jenn said.