What happens if the authorities require my business to close?
Does Business Income insurance respond if a business shuts down because of the coronavirus? What happens if the authorities require the business to close? There is a short answer to these questions, but it's not necessarily a simple answer.
The short- and long-term impact of the coronavirus is anyone’s guess. Never before has the United States experienced such a significant interruption of business – and of everyday life. There are more questions than answers, each of which has potential implications, especially when it comes to insurance coverage. Many policies spell out limits and exclusions but few anticipated this atypical interruption of everything from supply chains to vacations. Even as this is written, creative claims and lawsuits are emerging.
I receive calls and emails every day regarding the insurance implications of this virus, and the most common question relates to business income, specifically:
No, there is generally not business income coverage in this situation. That's the short answer. The longer and more difficult answer is it may all end up being determined by the courts in lawsuits that are most certainly coming, so the truth of the matter is we may not know the answer right now. If coronavrus (COVID-19) causes or results in damage to your business, coverage will depend on the specific facts of the claim and the specific policy’s language. All coverage decisions require an analysis of the claim’s unique facts against the specific terms of the policy, which can only be determined by your insurance carrier. Therefore, it's difficult to advise whether your business should or should not file a claim (the decision is ultimately yours to make, but it probably can't hurt to try).
Before business income responds there must be damage to property leading to the cessation of a business. This requirement applies to business income dependent property losses (supply chain) and civil authority losses covered by business income policies. Additionally, there is a specific property exclusion applicable to viruses that will generally apply. This is true of “standard" business income forms; there may be some proprietary forms that respond, but these are rare.
If it hasn't already done so, your organization should develop and implement a comprehensive Business Continuity Plan (BCP). A BCP is a very important part of your overall risk management and emergency procedures plan and should be one that includes the necessary steps to take in the event of an epidemic/pandemic. And, of course, always follow recommended precautions to keep yourself, your employees, and your visitors safe by staying up-to-date on all City, County, State and Federal notices, in addition to recommended travel restrictions and preventive measures.
Above, I have provided a download link for a white-paper that gives a broad overview of how insurance generally responds to the Coronavirus peril. I'm not an attorney, so if you want legal opinions, you will need to go somewhere else for those; otherwise, the white-paper provides some basic guidance on insurance coverage.
As always, feel free to reach out to Jon Jepsen at SentryWest Insurance Services if you need help or have additional questions.
Disclaimer: This communication is not intended to provide any legal advice or opinion on any individual situation and should not be relied on to determine insurance coverage or lack thereof as relates the Coronavirus. Insurance forms and endorsements vary based on insurance company, changes in edition dates, regulations, court decisions, and state jurisdiction. The information is based on review of insurance coverages, sources we deem to be reliable and communications we have received from insurance companies and other resources. We make no representation or warranty as to the accuracy of information as applied to individual cases. Please advise our office if you want to submit any claim for coverage with your insurance companies.
Did You Know Hackers Can Infiltrate Your Network Via Fax Machine?
Fax machines seem to be a thing of the past for many new age businesses and professionals these days, but in reality, they’re still being used. In fact, according to Jive, more than 46 million businesses still use fax machines in some way or another. Typically businesses are still using fax machines because their clients still use them, potential government regulations or industry standards, proof of paper trail, convenience, and in some instances, fax machines are more secure.
However, an Israeli cyber security firm, Check Point, recently discovered that hackers may be infiltrating businesses networks using just a fax machine number…which might not even be connected to the internet. The researchers at Check Point demonstrated that a hacker can execute a script that targets the victim’s fax number in order to obtain network access. According to the researchers, the attacker can then use EternalBlue, a NSA-developed exploit leaked by the Shadow Brokers hacker group, to further infiltrate the network and execute malware.
Using the malware executed for this attack, the hacker can search and exploit specific information about the victim and send it back to the hacker’s fax machine. Additionally, the hacker can severely manipulate what gets sent and received. For example, if the victim sends sensitive account information to their bank, the cybercriminal can program the fax machine to send a copy to the attackers fax machine. The attacker can also tamper with the content included on the document being sent by altering the information to include or exclude what they to be attached to the document.
It’s worth noting that having a cyber security insurance policy in place will protect your business in the case that your fax machine does get exploited by hackers. Contact Jon Jepsen at SentryWest Insurance for a cyber insurance quote.
(Courtesy Evolve MGA https://evolvemga.com/fax-machines/?ct=t)
What happens in a WTF attack?
Hackers manipulate senior executive officers, employees, or clients with the intention of tricking the business or their client into wiring money into the hacker's bank account. Common hack attacks that result in wire fraud consist of stealing login credentials via phishing or key-logging malware, financial data manipulation, and corporate identity theft.
Claims Example: Midsized Trucking Company
In 2017, a trucking company's CEO had his email address compromised. An email was sent to wire money to an existing client, but with new bank account details. The CFO merely thought the client opened up a new bank account and trusted the email from the CEO, which was actually written by the hacker. One payment of $73,000 was wired out without being caught. On the 2nd wire request, they figured out that the figured out the money hadn't been received. Unfortunately, that first payment of $73,000 was unrecoverable.
How Can I Make Sure My Cyber Policy Covers Me?
Check the policy wording to determine if there is coverage for: social engineering, funds transfer fraud, cyber deception, electronic crime, or eCrime. Note the limit provided. Make sure there are no dual factor authentication warranties in the policy wording. If you are looking to ensure that you have quality cyber crime options, please contact Jon Jepsen at SentryWest Insurance.
Jonny Jepsen, CIC