If They Don’t Ask, You Might Not Be Covered

What types of commercial business insurance should every company have, no matter the size?

Jim Klingensmith, president of L. Calvin Jones & Co.: First and foremost is general liability insurance. That takes care of anything that happens from bodily injury to property damage caused from what a business does. Then it can get more intricate from there based on the size of the business.

As the business grows, it has the property, the buildings, the real property and the property of others. If it has property that is going to leave the premises, then we go into additional professional liabilities and errors and omissions.

Errors and omissions would be similar to a doctor’s professional liability, which is medical malpractice and is an E&O.

Then there is the umbrella, which is laying over top of the company’s general liability, its auto liability and additional layers of liability.

But if the business picks up professional liability and things like that, it’s not going to go over that.

If you’re Sheely’s Furniture, for example, and you’ve got big-box trucks loaded up with everything. Those trucks, if they should hit a car, can do a lot of damage. A little tiny car, not so much.

So Sheely’s, one of your clients, needs more coverage, for example?

Klingensmith: Right. Anybody that’s got trucks on the road. Once they’ve got trucks and especially the larger trucks, and they start carrying loads, that’s when it’s very important to carry additional insurance.

Many small businesses do not have a fleet and they might ask their employees to use their own car for a business task.

Klingensmith: Yes. We recommend that the business owner, even though employees are using their own car, obtain a certificate of insurance for the auto that employee is operating, especially if they’re getting a per diem for using their vehicle.

They’re acting on your behalf. So you’re exposed as a business owner.

Their insurance is going to come into play when they’re in an at-fault accident.

What we would do over top of that, is what’s called an endorsement for hired and non-owned. So for this discussion, it’s the non-owned exposure that a business would be covering.

What types of coverage are most businesses missing?

Klingensmith: Amazingly it’s across the board, because most agents don’t ask the right questions. It’s all over the board from the very basics.

The newest thing is cyber liability, which a lot of companies still don’t have. They don’t think they have the exposure, so we have to educate them about what policy does what.

Somebody hears cyber liability, and they have a small endorsement on their policy that says they have some coverage.

But what coverage does the company actually have? There’s a full array of cyber liability all the way up through different coverages including files, paper.

For example, if you had a disgruntled employee that had all of your employer’s records, their Social Security numbers, credit card information – whatever it might be – and that employee leaves and takes files with them to go sell that information, would you be protected? You’re totally exposed unless you have the right cyber policy.

Here’s another example: Your employees’ information could be hacked. Some businesses say they don’t do a whole lot online, but let’s say they use a payroll company. Most payroll companies I’ve seen push that liability right back on you.

That’s why cyber insurance, based on what you’re buying, will offer all these different exposures.

Can you give us some examples of exposures that perhaps most businesses wouldn’t understand or recognize under cyber?

Klingensmith: Personal information. They think they don’t have any exposure, but they do if their email is hacked. That’s what happened to Target.

Target got hacked via a HVAC contractor. Some of the larger HVAC companies install systems that they can basically maintain and manage from their back office and tap into all of a customer’s computer systems.

One of their employees got the password to get into the system for Target, which then got hacked by somebody else. Once they were in there, the hackers got all the way down to the charge cards and all that information.

The biggest problem in the insurance industry is that business owners spend too much time trying to figure out what coverage they need, instead of finding quality people who can review their operations and design a complete risk management program.

Once somebody explains to you all of your liabilities, now you can make a decent decision on what you need to cover.

But if you try to figure it out on your own, you may say to yourself, “I don’t need that because it’ll save me this much.” The backside is huge on what you will owe should you have a breach of peoples’ personal information.

First, a company has to put notices out to everybody whose information could have been breached. So if that customer has 500 employees, that would be a major – and very expensive – headache.

You would have to notify each one of those people by law. That includes absorbing the employee handling cost, the postage cost – there’s a lot to that. Also your public image suffers.

Cyber liability insurance provides the opportunity for a firm to step in and represent you for taking any inquiries from the media and everything else, while you’re trying to steer the ship in the crisis-response management side of that.

There’s the first-party coverages and then there’s that third-party liability side. The first-party coverage side is where you’re protecting your public image. You’re making those notifications. You’re providing the credit monitoring service to each and every person who was in that group under the hack.

Those incremental costs can be huge and if you don’t have those coverages, that comes right out of your revenue. You got to do it. You’re under law and required to do it.

Can you tell local horror stories?

Klingensmith: We’ve had a few companies where people were breached to a point, but they were able to catch it.

The threat is always there because the hackers spend a lot of time trying to hack into the big accounts. But it’s a lot easier to hack into these small businesses – the car dealerships that are taking everybody’s personal information. You go into a car dealership today and they still sit there and handwrite all your personal information. And if they get hacked, that’s all there. It’s a huge liability for them.

What about employee fraud or employee theft?

Klingensmith: That happens all the time. And it’s amazing. I’ve seen everything from the little old man at the church who handles funds, to mastermind deals put together for fraud to where a controller within a company secretly re-created all of the company’s records by contacting the company that set up the computer system. Most of this happens because the owners extend too much authority, too much trust.

One that just recently happened is where a company manager gave himself a raise. The owner died. “Boom. I’m deserving of a $250,000 raise,” he thought.

Nobody checked.

Another one I’m very familiar with: An individual was given too much trust by the two owners of the business, who were very particular about everything. I felt uncomfortable because sometimes I couldn’t talk to the owners about risk management ideas because this person was sitting in the meeting with them.

They entrusted him with everything. They bought the largest amount of coverage I’ve ever had anybody buy, and then they listened to us tell them to use an outside auditor, “Have a CPA firm audit you.” Well, that kind of saved them in the end just to recoup some of their losses.

Basically this guy got the company that installed the computer systems at their business and had them installed at his home. He was connected in and he would re-create the whole business at night.

This was a large contractor, and everything he did was designed to create the monies to pay himself.

When sales went up, payrolls had to go up. It had to look like there was more being paid in, and it was a very well-known CPA firm locally that did the audits. They caught the scam the first time they audited, but they didn’t act on it.

Obviously a CPA firm isn’t going to send in their high-end CPAs for a routine audit; they’re going to send in the new people. This young man goes in, sees this thing where both the owners signatures are signed on the check by this person and he initialed them.

We found out in discovery that the CPA caught that in the very first audit. He questioned that guy: “I see you did this with the initials.”

“Oh well, you know those guys, they want every bill paid right now,” the guy said.

Anybody who knew them, knew that’s what they were like. They wanted everything paid immediately, and they traveled a lot.

So he re-created the suppliers. He re-created the bank accounts. This was before 9/11, when you could open an account at a bank under suppliers’ names. Major suppliers, so he was cutting himself in on everything, $50,000 a week for years.

Did the insurance cover the loss?

Klingensmith: The insurance covered the loss up to the amount that was insured. Where the company benefited the most was that the co-owners listened to us and got the CPA firm.

The CPA firm’s insurance company paid $2.5 million because they erred. They didn’t follow through. They had it, but they never questioned the owners, “So you allow this guy to do this all the time? Should we track this? Should we see how much this is totaling up to?”

Nothing.

Let’s go to when you first walk into a business and you have to essentially audit the risk and find out what they need. How do you go about that?

Klingensmith: We want to get our hands on everything so we can truly analyze risk and look at all the insurance contracts.

We could literally take a company’s policy and hand it out to 30 different insurance companies and get 30 different prices back. They price according to what they want to price the risk at.

The important part of what we look at for our clients are the policies. And I tell everybody that you’re buying contracts. An auto policy is a contract. Your homeowners policy is a contract. In that contract, it’s telling you what the insurance company is willing to cover and what they’re not willing to cover.

Do you walk around and look at all the operations?

Klingensmith: We have to look at the full exposure. We want our clients to talk to us about what they do. We look at the operations and then start asking questions. We can’t assume anything.

We need to review all of the company’s contracts. Every one. For instance, that lease contract is telling what the company is responsible for. If your insurance agent doesn’t look at that basic thing – and that’s something that’s missed 99% of the time – it could change everything about whether a company is properly covered or not.

The biggest offense we find is nobody asked questions. They’re all about selling you a cheap policy, so they get paid their commission. You have a claim that’s not covered and they say, “Oh sorry.”

And sometimes the customer themselves are their worst enemy. An agent may do all their homework, present everything to that customer, but that customer only cares about one thing: the cheapest price.

What do you do then?

Klingensmith: I just called on what would be a very nice size account. The building is close to 200,000 square feet.

The customer’s first response was, “I’ve been dealing with insurance guys forever. I don’t want to answer any questions. Here’s what I think you need. You get a quote, the cheapest quote, then I’ll talk to you.”

I handed the documents back to him and said, “You’re best served right where you’re at. Because that means your agents never asked you anything and you have no idea what you have.”

He was stunned that I was telling him this. I said, “I’m not in the business of practicing for the cheapest quote. I’m in the business of keeping you in business. Keeping you alive.”

Copyright 2024 The Business Journal, Youngstown, Ohio.