What You Need to Know About Crime Insurance

By Jeffrey W. Cavignac, CPCU, RPLU, CRIS

If you have anything of value, it's likely that someone will try to steal it.

If a business has a standard commercial property policy with a special peril coverage form, they are protected if any business personal property, as defined in the policy, is stolen. Unfortunately, the business personal property form specifically excludes the following types of property: accounts, bills, currency, deeds, food stamps, evidences of debt, money, and notes or securities. In order to cover these types of property, a business owner needs separate coverage specifically for crime.

It may come as no surprise that the people most likely to steal a company's property are the employees. The Association of Certified Fraud Examiners (ACFE) has estimated that the typical organization loses 6 percent of its annual revenues to occupational fraud. Six percent! At that rate, a firm with annual sales of $10 million would lose $600,000 a year to fraud caused by employees.

"Occupational fraud," as used here, is defined as "use of one's occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources and assets."

According to the 2003 National Retail Security Survey Final Report, U.S. retailers lost over $33 billion of inventory to theft, almost half of which was caused by employees. Surveys such as this reflect an unfortunate fact: a firm's own employees, acting on their own or with others, often represent the most significant crime exposure.

Types of Coverage Available

Numerous crime policies are available. Most commonly these are offered on a form filed by the Insurance Services Office (ISO). This article will deal with the most common coverages that should be considered by most business organizations.

Employee Theft

Almost every company needs employee theft coverage, and many property forms automatically include a limited amount. Unfortunately, those limited amounts are often inadequate, and all employers should evaluate their exposures to loss to determine what an appropriate limit would be.

The preferred ISO Employee Dishonesty policy form provides coverage for all employees on a blanket basis. The policy pays for loss of covered property caused by theft committed by one or more employees, whether identified or not, acting alone or in collusion with one or more outsiders. Coverage also extends to employees who are temporarily outside of the policy territory (generally the United States of America, its territories, possessions and Canada) for up to 90 days.

The definition of "employee" is very important. An employee is defined as:

• A person, while he or she is in the named insured's service, and for 30 days thereafter;
• Who is compensated directly by salary, wages or commissions; and
• Whom the named insured has the right to control.

Note that all three of these conditions must be met for someone to qualify as an employee. As mentioned above, the policy also extends to employees up to 30 days after their employment is terminated.

The definition of employee also extends to former employees while serving as a consultant to the named insured. Substitute, seasonal and short-term workers, as well as leased employees and guests, students or interns are also included. Note that this latter group of people is only covered when they are on your premises and not off your premises.

Employees, trustees, officers and administrators, or managers of employee benefit plans are also included under the standard policy form. This allows employers to extend their employee dishonesty coverage to the employee benefit plan if it is named on the policy.

It is important to recognize that anyone who does not qualify as an employee is not covered. This would include people such as independent contractors working for you, security guards, and cleaning people. To appropriately cover this exposure, a business owner can either require the employer of the independent contractor to post a bond, or alternatively, have the definition of "employee" redefined under the contract (but some underwriters may not be willing to do this).

Business owners should be aware of some exclusions within the employee dishonesty coverage form. One significant exclusion pertains to employees who have previously committed a dishonest act. Any subsequent loss caused by that employee is not covered.

There is no coverage if an inventory shortage is discovered by either an inventory computation or profit-and-loss computation. Coverage would only apply if an owner could establish "wholly apart from such computations that you have sustained a loss."

Theft by the named insured, partners, or LLC members is also not covered. Business owners should also be aware that indirect losses, such as business interruption, are not covered.

Forgery or Alteration Coverage

Forgery or alteration coverage protects a business from loss arising out of forgery or alteration of checks, drafts, promissory notes, or similar written promises.

"Forgery" is defined as "signing the name of another person or organization with the intent to deceive." Be aware that signing one's own name, with or without authority in any capacity for any purpose, is not forgery. Companies should also be aware that this coverage pertains to outgoing checks, drafts, and other written promises that are fraudulently drawn on the company's account.

For example, if checks or drafts were made out to a fictitious payee or payroll was endorsed in the name of the payee, those losses would be covered. Losses arising out of instruments that have been fraudulently altered are also covered (hence the name "forgery or alteration" coverage). However, coverage does not apply to fraudulent checks that a business receives from others.

It is typically recommended that forgery or alteration coverage be purchased along with employee dishonesty protection. Sometimes forgery involves collusion between employees and others; if both coverages are provided by the same carrier, there is no question as to whether or not the loss is covered and, if so, which carrier is responsible.

Computer Fraud and Funds Transfer Fraud

Coverage for computer fraud committed by outsiders also should be considered. Note that computer fraud committed by employees would be covered under the employee dishonesty policy.

Computer fraud covers loss or damage to money, securities, and other property resulting directly from the use of the computer to fraudulently transfer property from inside the premises or banking premises to a person or a place outside the premises. The computer fraud policy covers not only money and securities, but also other property. Therefore, computerized theft of stock, equipment, and other items would be included.

An exclusion in the computer fraud coverage form eliminates coverage for computer fraud in connection with loss resulting from a fraudulent instruction directing a financial institution to transfer, pay or deliver funds from the named insured's transfer account. In order to obtain this coverage, a separate insuring agreement called "funds transfer fraud" is needed. Once again, it is recommend that if computer fraud insurance is purchased, that funds transfer fraud coverage also should be purchased.

Money and Securities

To the extent that a company has a significant cash exposure or deals in securities, the company may need to consider money and securities coverage.

Typically, this coverage is broken down between on-premises ("inside") and off-premises ("outside") losses. "Inside" coverage protects against losses due to destruction, disappearance, or wrongful abstraction of money or securities while on the company's premises or on a banking premises. "Outside" coverage extends to money and securities that are conveyed by a messenger or armored car, or while at the home of a messenger.

This type of exposure usually has high frequency but low severity. As such, it is an exposure that a lot of companies choose to retain.

Money Orders and Counterfeit Paper Currency

Another available coverage protects businesses against the acceptance by the company of counterfeit U.S. or Canadian paper currency or money orders that are not honored. This is not a significant exposure for most companies.

How Much Coverage Should You Buy?

Recognize that the limit of coverage applies to any one occurrence, regardless of how many employees may have been involved in the event. Under forgery, an occurrence is defined as all loss involving a person, even if the loss involves one or more instruments.

In order to figure out how much coverage is really needed, figure out what the maximum probable loss will be. Note that this is not the maximum possible loss.

Employee Benefit Plans

The Employee Retirement Income Security Act of 1974 (ERISA) requires that an employer must have employee dishonesty coverage for all persons handling funds subject to ERISA in an amount equal to 10% of the assets in the plan or $500,000, whichever is less.

In order to include the employee benefit plan on the employee dishonesty form, the plan must be listed as a named insured.

Managing Exposure

Crime coverage lends itself to being managed. While all crime losses can never be completely eliminated, company's can significantly reduce the frequency and manage the severity. First, identify the exposures. Who might steal from your firm? What could they steal, and how might they do it?

As mentioned earlier, employees have the best opportunity to steal. Make certain that applicants for employment are carefully screened, especially those who will be working in management-level positions or other positions in which they will have opportunities to take advantage of their position. Background checks should be a part of a thorough interview process.

Make certain accounting procedures are solid. Audit trails should help keep track of assets as they move through the company. Don't hesitate to use spot checks and surprise audits.

Obvious crime prevention measures include such things as alarms, watchmen, locked facilities, and security lights. Computers and Internet access adds additional layers of complexity. Use the advice of experts to make certain that security risks are appropriately addressed.

Cavignac is president of Cavignac & Associates, San Diego-based commercial insurance brokerage firm providing a broad range of insurance and expertise to design and construction firms.