Insurers Are Waking Up to Multi-Factor Authentication

Please enjoy this excellent article by Steven Kaye which was originally posted on the Carrier Management website. The original post can be found here.

Insurance use cases for multi-factor authentication (MFA) include distributor access, external user access (e.g., claims vendors, financial advisers), internal user access and policyholder access.

Legislation and regulators are increasingly mandating MFA to ensure greater security as well as to reduce identity theft and other forms of fraud. Examples include the New York State cybersecurity regulation and the NAIC Insurance Data Security Model Law. Insurers have traditionally balanced security against expense and inconvenience to their users, especially if their coverages are marketed to older demographics (e.g., final expense policies). Regulatory mandates combined with growing digital adoption and criminals turning their eyes to life and annuities account takeover means the calculus has changed.

Despite these regulatory mandates, 80 percent of insurers say that risk management, rather than regulatory compliance, is driving their adoption of MFA.

There is minimal variation between size and sector of company when it comes to deployment rates, with the exception of large life/annuity/benefits insurers, which are much more likely to use MFA for policyholders than is any other class of insurer. A low deployment rate of MFA for policyholders among smaller property/casualty insurers reflects the fact that few small P/C insurers offer direct policyholder access at all.

Midsize P/C insurers lag behind other sizes and sectors in deployment of MFA for both distributors and policyholders but are ahead of large life/annuity/benefits insurers in deployment for other external parties. Midsize P/C insurers are also ahead of midsize life/annuity/benefits insurers in deployment internally.

How MFA Helps

As many knowledge workers moved from the office to home during the pandemic, securing infrastructure became another key driver. Hybrid work models that blend office and home working environments are gaining traction, and the need for MFA becomes more crucial to validate that users are actually employees.

In addition to security needs, carriers are obtaining policyholder emails and cellphone numbers as part of the MFA process. These bits of data, which are often difficult to obtain, can provide insurers with the opportunity to digitally connect with customers in their preferred channel.

There is no mandated number of identification methods for MFA, but the consensus is to have two at a minimum. Insurers are starting to use multi-factor or its equivalent for any interaction where an external network is accessing information behind a firewall. Some are taking this a step further to include role-based authentication for internal access as well.

The best defense is a layered approach, combining multiple authentication methods with secure and documented business processes and other security solutions. Some insurers are offering security audit services to agents they work with, while others are working with their distribution executives to change distribution agreements to mandate MFA and other security measures.

Insurers should ensure that MFA processes are documented and that solutions generate auditable logs. Some wholesale brokers require attestations from insurers they work with.Some insurers are offering security audit services to agents they work with, while others are working with their distribution executives to change distribution agreements to mandate MFA and other security measures.

For consumer-facing use cases, depending on the age of policyholders, insurers may wish to opt for MFA methods that are more straightforward (e.g., less complex knowledge-based authentication, voice print). Final expense and Medicare supplement are two lines of business where voice signatures are well established. Many solutions support establishing different access policies based on risk assessment, such as requiring MFA for new devices, or conversely accepting password-free authentication for low-risk access requests.

Types of Authentication

MFA relies on several of the following authentication methods:

  • Physical objects (e.g., laptops, mobile devices, security tokens) in possession of users.
  • Knowledge-based authentication (e.g., answers to questions, passwords or PIN codes, randomly generated authentication codes from authenticator apps).
  • Location (e.g., GPS or IP address).
  • User characteristics (behavioral or biometrics-based).

Some authentication methods are more secure than others. For example, sending codes or passwords via email or SMS runs the risk of interception by man-in-the-middle attacks. With many employees working from home, phishing and other identity theft methods are on the rise. Several solutions support adaptive authentication, with less risky access requests requiring fewer authentication methods than riskier ones, as determined by system-generated risk scoring and predefined security policies.20 percent of CIOs surveyed by Novarica said they are planning to require MFA for distributors and policyholders within six months, adding to 30 percent that already do so.

Novarica recently conducted a survey of insurer CIOs to understand their deployment of MFA, including business drivers, authentication methods and use cases. It is important to keep in mind that solution providers typically offer a range of authentication methods.

Only 30 percent of participants currently require MFA for distributors or policyholders, but another 20 percent are planning to require MFA within six months. Roughly 80 percent of participants require MFA for most or all internal systems users.

Deploying MFA

The most common authentication methods deployed are mobile authenticator apps, used by 80 percent of participants. More than half of participants use SMS. Email and security keys are used by roughly 40 percent and 33 percent of participants, respectively. Behavioral authentication, voice-based authentication, IP location and knowledge-based authentication are used by fewer than a third of insurers.

Note that only 16 percent of insurers report using just one method; overall, insurers said they use an average of 2.8 different authentication methods.Sending codes or passwords via email or SMS runs the risk of interception by man-in-the-middle attacks.

The security threat landscape continues to grow in number and impact. Although many carriers are not currently considering MFA, regulatory scrutiny and enforcement of IT security will only increase. The ability of most solutions to offer different levels of authentication for different access use cases means there is less of a tradeoff between customer experience and security. Many solution providers offer MFA as part of a broader portfolio of identity and access management and IT security solutions.

Insurers should consider MFA approaches as part of a broader IT security strategy.

CONTRIBUTOR

Steven Kaye, Novarica

Steven Kaye is Vice President of Research at Novarica and lead editor of the firm’s Business and Technology Trends in Insurance series. He has managed a wide range of research projects since joining the firm in 2008. Previously, Kaye worked for Accenture as an insurance researcher focused on the U.S. life and property/casualty markets. He also served in both knowledge management and research roles at Gemini Consulting (now part of Capgemini) for several of the firm’s industry practices. Kaye holds MILS and BA degrees from the University of Michigan at Ann Arbor. Reach him directly at skaye@novarica.com.

10 Workplace Safety Considerations for Small Business Owners

Image

Content utilized to create this post was from Forbes Magazine’s Human Resources Council (includes Megan Leasher, Nicole Smartt Serres, Sameer Penakalapati, Tracy Cote, Chris Stanzione, Subhashree Chaudhuri, Courtney Peterson, Tina R. Walker, Kristin Fowler & Madhukar. Govindaraju)

The vaccines have arrived and the numbers are trending up, down and all around depending on what network your watching and who you are speaking with. The fact is small, midsize and enterprise level businesses are considering what approach they should take for getting their staff back to work in an office environment. The majority of small and mid-sized employers are looking at using a blended approach, meaning they plan on implementing more work from home flexibility with their existing in office staff. 59% of those that are working from home support a work schedule that allows working from the office and at home. We wanted to provide 10 impactful considerations for employers as they forge forward.

TEN WAYS TO CREATE A SAFE WORK ENVIRONMENT


  1. There is no one-size-fits-all approach

Have a plan that fits your cultural goals and direction. Your plan should be a blend of meeting all safety & risk management guidelines from a legal perspective along with proper consideration for what the organization and its people need.

2. Communication is not a one way street

Involve trusted staff to carry the message of your risk & safety policies. Encourage employee participation in the development process. When your employees feel that their input is valued your office will be engaged in carrying your message. Design the process to be sustainable at all levels of your organization.

3. Proper work-life balance impacts mental health

Employees may be asked to get used to another new normal. Whether that means coming back into the office on a more regular basis or permanently, try and remember that by and large employee mental wellness suffered throughout the pandemic. As you take steps to protect the safety and health of your workforce, do not overlook mental health and wellness. Everybody has unique circumstances that may adversely impact their mental well being so little adjustments like extending flexible work hours can go a long way to employee satisfaction.

4. Play by the same set of rules – that means everybody

It is easy to become disregardful of even the most sensible of guidelines that have been established for the greater good of the group. Implementing common-sense guidelines supported by your state or OSHA need to be followed by everybody. Consistency is the key for resonating the message. Send out reminders as often as necessary and echo your message firmly. Somebody who refuses to abide by clearly defined rules may need to be sent home. Be relentless about making sure everybody is playing by the same set up rules.

5. Be mindful of each other’s responsibilities

Small to mid-sized businesses need to be aware of the risk and safety management responsibilities and the varying degrees the employer and the employee are responsible for. When it comes to providing a safe working environment, provide safety options, consider alternative ways of doing a job safely, and engage employees in a mutually agreeable way. Remaining open-minded and reserving judgement is crucial as well.


6. Tap into available consultative and training resources

Shameless self-promotion is coming in five, four, three, two and one; do you have access to safety and health resources through an agency, consultant or expert… such as a Libertate Insurance for example? Inquire about the available voluminous resources that your reliable partners posses when it comes to evolving environments, laws and compliance requirements! Leverage your partnerships especially those involved in your firm’s best interest and you will be amazed at what “we”, I mean they will be able to help you with.

7. Put safety policies front and center

Do you remind employees about the ongoing safety and mask campaign? Chances are safety policies are not necessarily the primary thought running through your employees minds while racing from desk to printer and back. Your firm’s culture needs to foster regular engagement to the point it becomes second nature. Emotional intelligence goes a long way in the delivery of your message. Remind employees of the care and concern leadership has for their well being, it will be appreciated.

8. Make health and safety part of your organization’s culture

It is all of our responsibility to protect each other and minimize risks. When you see something, say something. Avoid expecting somebody else to see and say something. Every member of the organization can play an active role and should.

9. Do they understand your expectations

If you create a health and safety culture with team members that own the message and every member of the organization is singing the same safety tune, you have won the expectation battle. Do not allow the loose ends or the uninformed be the squeaky wheel. Be consistent, be vigilant and be clear about what is expected.

10. Get creative about getting input from office and field staff

Companies have implemented daily check-ins, reporting processes and employee task forces to encourage information about risk and safety to flow in daily. Create a safety game, make sure managers are listening, remember one voice and one message. Make safety and risk management happen.

Ransom seeking hackers taking advantage of server flaws

Image

Content was taken from Reuters, Mr. Raphael Satter click here for original article from The Insurance Journal’s Mr. Jeff Mason click here for original article.

Since Microsoft announced a series of vulnerabilities in it’s widely used mail server software on March 2, 2021 the biggest threat has been from hacker groups holding users hostage by preventing access to their data unless large sums of money are paid. One security firm had counted 10 separate hacking groups taking advantage of the flaws – with ransomware targeting being the most serious of the threats.

On Sunday, The White House urged computer network operators to “take further steps to gauge whether their systems were targeted?” Despite a recent software patch concerns over remaining vulnerabilities continued to loom. The remedy still leaves open a so-called back door that can allow access to compromised servers and perpetuating further attacks by others. The back channels for remote access can impact credit unions, town governments and small business, and have left U.S. officials scrambling to reach victims, with the FBI on Sunday urging them to contact the law enforcement agency.

CNN reported that the Biden administration was forming a task force to address the hack. The White House official, in a statement, said the administration was making “a whole of government response.” A Microsoft representative said that the company is working with the government and others to help guide them accordingly. Secondly, Microsoft has urged the impacted to install patch updates as soon as possible.

Neither the company nor the White House has specified the scale of the hack. Microsoft initially said it was limited, but the White House last week expressed concern about the potential for “a large number of victims.” So far, only a small percentage of infected networks have been compromised through the back door, the source previously told Reuters, but more attacks are expected. We will continue to monitor the situation as it develops.

COVID-19 Vaccine Workplace Planning

Employers can play a key role in COVID-19 vaccine distribution and should prepare for when vaccine access reaches the general public. Educating employees on ways to avoid COVID-19 vaccine scams and helping to build confidence in the safety and effectiveness of the vaccine are important elements to a successful plan.

While vaccination details are getting worked out, here are three ways to avoid COVID-19 vaccine scams:

1.) You can’t pay to put your name on a list to get the vaccine. That’s a scam.
2.) You can’t pay to get early access to the vaccine. That’s a scam.
3.) Nobody legit will call about the vaccine and ask for your Social Security, bank account, or credit card number. That’s a scam.

Ignore any vaccine offers that ask for personal or financial information.
Learn more at ftc.gov/coronavirus/scams consumerresources.org/beware-coronavirus-scams

Building confidence in COVID-19 vaccines is equally important to getting us back to enjoying safe and productive workplaces. Here are a few things any organization can do to help build employee confidence in the vaccine.

·      Start at the top; encourage leaders and managers within your organization to champion the vaccine.

·      Talk about it. Provide an environment where employees can ask questions and discuss concerns openly in a constructive manner.

·      Provide information about safety, side effects, benefits, development and herd immunity through multiple channels which are both trusted and familiar to employees.

·      Celebrate the act of receiving the vaccine. Make employees feel proud about getting vaccinated and doing their part.

Click below to download a thoughtful COVID-19 Vaccine Workplace Planning Checklist developed by Zywave.

Employees getting vaccinated across all sectors of industry and business can be a driving force for a safe return to work for all Americans.

Managing COVID-19 Vaccine Policies

THIS ARTICLE IS BEING REPOSTED BY LIBERTATE INSURANCES JAMES BUSCARINI. THE ORIGINAL CONTENT WAS WRITTEN IN THE FEBRUARY 2021 EDITION OF RISK MANAGEMENT MAGAZINE. ARTICLE WRITTEN BY JODY MCLEOD, ESQUIRE AND GARY PEARCE

As COVID-19 vaccines become more available and companies return to the office, employers may want to protect their workforce by mandating vaccinations. However, it is essential that they keep in mind certain risks and how to mitigate them, including the legal limits of what they can ask of employees.

When approaching mandatory vaccinations for workers, the legal rules are reasonably established. Employers can mandate vaccinations as long as they have processes to deal with exceptions. The key exceptions concern medical disabilities covered by the Americans with Disabilities Act (ADA), and bona fide religious objections covered by Title VII of the Civil Rights Act of 1964. Because a vaccination is not a medical examination, it does not inherently trigger certain aspects of the ADA.  But beware of violating ADA obligations in the course of asking pre-screening questions or securing proof of vaccinations. Unvaccinated employees—particularly those who refuse or are unable to take a vaccine for medical or religious reasons—may be excluded from the workplace if they pose a direct threat, subject to ADA and Title VII ­obligations to pursue a reasonable accommodation. The ADA accommodation standard is somewhat more favorable to the employee than the Title VII standard. Determining whether an unvaccinated employee poses a direct threat requires a fact-specific determination, considering the duration of risk, the nature and severity of potential harm, and the likelihood and imminence of potential harm.

Excluding an employee from a workplace because they pose a direct threat does not automatically mean termination is justified. The employer first needs to determine whether there is a feasible alternative arrangement that would not impose undue hardship, such as remote work. There remains a general duty under the federal Occupational Safety and Health Act (OSHA) to provide a workplace free from serious recognized hazards, and COVID-19 exposure will typically qualify. Of course, organizations that expose the general public to COVID-19 risk being sued.

If a company imposes a vaccination mandate, it must consistently administer exception processes regarding reasonable medical accommodations and religious objections.  It will need to understand what constitutes business necessity, and must be able to identify reasonable accommodations on a fact-specific, individualized basis. The company will need to decide whether to assume the risks and obligations arising from self-administering vaccinations, or instead depend on collecting evidence of third-party administration. Lastly, it will need to minimize the prevalence of medical inquiries—including medical details unexpectedly proffered by the employee—and preserve the confidentiality of any protected information that may thereby be received.

Other potential issues include whether there is a union contract that the company must consider, or whether any state or local laws forbid mandatory vaccination policies.  

Risks of Vaccination Mandates

If an employer requires vaccinations, it must administer the mandate consistently and consider whether the additional risk is justified. If the employer imposes the mandate for only certain categories (e.g., for customer-facing staff but not home-based workers), it will need a rational basis for its determinations. Also, a mandate could bring any adverse reactions into the realm of compensability for workers compensation, and time spent receiving a mandatory vaccine is most likely compensable for purposes of wage and hour compliance. Data privacy and retention of medical records also need to be considered in the record-keeping process as the relevant regulations and laws are quite demanding. If the company provides financial incentives to encourage compliance, income may need to be reported and taxes owed as well.

Changing and Varying Rules

It was not until December 2020 that the Equal Employment Opportunity Commission issued substantial additional guidance regarding COVID-19 obligations under prominent employment laws. As of this writing, OSHA has yet to issue any rules specific to COVID-19, but the Biden administration is expected to issue a broad rule in the coming months. States and municipalities issue executive orders and ordinances at a pace that only specialists can keep up with. Even if all the written rules are known, there is no assurance that they will be administered in alignment with what governed parties might expect. “Guidance” may become a de-facto obligation.

For all these reasons, companies cannot base their protection and recovery program solely on compliance with current legal requirements. Nor can a static “one and done” determination be sufficient. In light of all these issues, duties and uncertainties, companies should determine whether a vaccine mandate is an effective use of their administrative resources.

Business Expectations

Requiring vaccinations does not mean employers can forego the rest of their COVID-19 management protocol. Employers need to keep in mind that there is no proof that vaccinated people cannot transmit the virus to others, the vaccination seems likely to be less than 100% effective, and some people either will be unable to get the vaccine or at least will not yet have received it. Worry about a new pandemic episode will persist for years.

Many employees likely regard safety as the highest organizational priority and will look to their employer to provide reliable information about COVID-19 risk management. Failure by the organization to respect these new expectations could trigger negative social media reactions, unwanted attention from plaintiffs’ attorneys, and difficulty attracting and retaining valuable talent. While this may be a threat to some managers, it is an unprecedented opportunity to strengthen the bond of trust between employee and employer. 

As a practical matter, legal regulations tend to react to changing circumstances.  This makes it likely that any rescinding of temporary standards will occur in a somewhat tardy fashion. To date, the volume of litigation related to COVID-19 has been less than feared. However, do not take too much comfort in this. Courts have been shut down, causal connections are likely to be better understood as experience accumulates, and plaintiffs’ attorneys may surmise that juries will be more sympathetic after the worst of the crisis has passed. 

Employees Who Refuse

Surveys show that a significant portion of the population would choose not to take a COVID-19 vaccine. Some may eventually be persuaded, while others have deeper objections. Some may be uncomfortable as long as deployment is under emergency use authorizations. This unease reinforces the need to be collaborative in pandemic management and transition planning, and to communicate the reasoning behind critical decisions or policies.

The entire workforce will never agree on how best to emerge from the pandemic. Although communication is important and stakeholder feedback is necessary, securing unanimity is unrealistic. On the other hand, if a significant number of workers refuse to accept a vaccine, even in the face of an employer mandate, is the organization prepared to redeploy or replace these workers?

There is no risk-free path to a post-COVID environment. Employers must continuously assess conditions and be prepared to act promptly despite incomplete information, changing circumstances and inherent uncertainties.

Chief Actuary Antonello to Be Next CEO of Employers Holdings

Excited to announce that former NCCI Chief Actuary, Katherine H. Antonello, will take the helm at Employers beginning next April. Here’s to hoping 2021 will bring this great carrier into the PEO space!

Source: Insurance Journal

Small business workers’ compensation insurance specialist Employers Holdings Inc. has named Katherine H. Antonello as its president and chief executive officer.

She will take over upon the retirement of Douglas D. Dirks on April 1, 2021. Dirks will be retiring after heading the company for more than 27 years.

Antonello joined EMPLOYERS in August 2019 as executive vice president and chief actuary of the company. Prior to joining EMPLOYERS, Antonello served as the chief actuary for the National Council on Compensation Insurance (NCCI) from 2013-2019.

Antonello has more than 25 years of workers’ compensation insurance experience having held leadership roles in actuarial, policy services, claims and internal audit functions. In addition to working at NCCI, she has worked at Lumbermen’s Underwriting Alliance and the consultant Milliman.

Katherine Antonello

Michael J. McSally, chairman of the board, said that in her “relatively short tenure” with the company, Antonello has demonstrated her “ability to be a visionary and think strategically” about the business.

“As a mono-line company, we have the size, talent and entrepreneurial spirit to excel at what we do best,” commented Antonello. “We understand comp. I look forward to continuing our digital transformation, focusing on exceptional service to injured workers and ease of doing business for our agents, partners and policyholders.”

Reno, Nevada-based Employers Holdings operates throughout the United States, with the exception of four states that are served exclusively by their state funds. It offers its coverages through Employers Insurance Company of Nevada, Employers Compensation Insurance Co., Employers Preferred Insurance Co., Employers Assurance Co. and Cerity Insurance Co. Not all companies do business in all jurisdictions.

Should You Partner with A PEO? Can a PEO help your small business?

Understand the Importance of What PEOs are Doing for Their Clients; Consider what a PEO can offer your small business; Having a business relationship that benefits you!

Check out the article below to see how PEOs work to protect small business clients

_____________________________________________________________________

THE EXPANDING PEO WHEELHOUSE: HELPING SMALL BUSINESSES SURVIVE

COVID-19: STORIES OF ADAPTATION: HOW SERVICE & DELIVERY CHANGED

BY KATHRINA SALADRIGAS

Eighteen weeks have passed since we sent our first COVID-19 newsletter to Regis HR Group clients. Looking back, we could not have anticipated the scope of support our clients would need. In addition to inquiries about traditional human resources matters, we received an unprecedented number of questions about general business operations from employers, to the point of, “What can we do to survive?”

PEOs are uniquely positioned to help our local economies (and the country as a whole) recover from the pandemic, so here are some of things we hope all PEOs will implement to help their worksite employers overcome the challenges of the COVID-19 pandemic.

EMPLOYERS DESERVE A BETTER ANSWER THAN ‘THAT’S NOT WHAT WE DO’

Laws such as the Coronavirus Aid, Relief, and Economic Security (CARES) Act and the Families First Coronavirus Response Act(FFCRA) are being passed and subsequently changed at an extraordinary rate, so employers are reasonably overwhelmed:

  • What government-sponsored financial relief is available to our business?
  • How do layoffs and furloughs affect health benefits?
  • Is our business an “essential” business?
  • Who is eligible for sick leave under the FFCRA?
  • Do we have to close our facility if an employee tests positive? If yes, for how long?

This is a very small sample of the questions creating uncertainty and anxiety for business owners. While some of these questions are business-specific and can only be addressed by the employer’s legal counsel and/or tax professional, there are practical steps PEOs can take to support these employers without defaulting to “that’s not what we do:”

  • We’ve learned that monitoring regulatory changes and providing brief descriptions (one to three sentences) with links to the governing body in a timely fashion reassures clients that they have a trusted partner to lean on and reduces worries about missing something.
  • Similarly, sharing a finite list of well-researched government resources that consolidate information from multiple regulatory bodies (such as the Centers for Disease Control and Prevention (CDC) Resuming Business Toolkit​) saves employers time and reduces the incidence of misinformation.
  • We’ve learned that employers appreciate live interactive webinars where they can connect with employment lawyers and tax professionals. To this end, Regis HR Group has sponsored eight webinars (at no charge to PEO clients) with topics ranging from FFCRA requirements to Payroll Protection Program (PPP) loan forgiveness, with additional webinars scheduled in the upcoming weeks.
  • Perhaps most importantly, we’ve witnessed the significance of the human connection (albeit socially distanced). Our entire team, from our payroll specialists to our president, has proactively worked to check in with our clients and ask, “How can we help?” Often, the answer is not something in our traditional scope of services, but we’re committed to do what we can.

HELPING EMPLOYERS ADJUST TO THE ‘NEW WORKPLACE’

The pandemic has created a seismic shift in our traditional workspace. Whether or not this shift is temporary remains to be seen. In the meantime, however, employers are finding it difficult to adjust to the new workplace.

To help mitigate the stress that accompanies these significant changes, we have provided several tools to educate employers and their managers about how to get the most out of their employees in remote work environments, how to maintain employee morale, and how to continue to communicate effectively as a team.

Some employers find themselves in a position to reopen, but their pre-pandemic staff is refusing to return. We are helping these employers find qualified staff, often by connecting them with employees who have been laid off by other clients.

For clients that are hiring during this ordeal, we are sharing resources on interviewing best practices and, in particular, educating them about the importance of behavioral interview questions.

While it has long been commonplace to ask behavioral interview questions to assess a candidate’s problem-solving skills, resiliency, and adaptability in demanding/high-stress work environments (such as healthcare, investment banking, and hospitality), the pandemic has demonstrated that these skills are central to the success of every business.

To that end, PEOs should be encouraging employers to ask behavioral interview questions, in addition to assessing candidates on previous experience—because past behaviors can help predict future performance. Examples of behavioral questions include:

  • “Tell me about a chaotic situation you experienced in a professional setting.”
  • “Describe a time that, despite your best efforts, things did not work out as you had envisioned.”

FACILITATING REPORTS FOR PPP FINANCING & MEANINGFUL BUSINESS CONNECTIONS

Lenders participating in the Payroll Protection Program, which helped businesses across the United States maintain their workforces during the COVID-19 crisis, required employers to submit payroll reports quickly and accurately.

In addition to producing detailed payroll reports that included employee salaries, wages, commissions, cash tips, group health benefits payments, retirement benefits payments, state or local taxes, etc., Regis HR Group was able to help small businesses connect with local, community banks participating in the Small Business Administration’s PPP loan program.

Our clients thanked us for these introductions because community bankers were often more helpful with questions about PPP loans and more responsive than their counterparts working for national banks. Similarly, the community banks were thankful for the introductions because, prior to the pandemic, many of these employers had not considered partnering with a local bank for their routine banking and financing needs.

WE ARE IN THIS TOGETHER

COVID-19 remains a clear and present danger, but we are confident that working together, our country will overcome this crisis. We are motived by the dedication of our team and inspired to work harder each day to earn the gratitude of our clients.

Moving forward with the support of PEOs across the nation, we can serve our clients in new ways and emerge stronger from this pandemic.

KATHRINA SALADRIGAS

Marketing & Talent Acquisition Director

Regis HR Group

Miami, Florida

Why James River Insurance Dumped Uber Account

Interesting article published today out of the Insurance Journal by Suzanne Barlyn about insuring Uber.  Not surprisingly, carriers continue to be perplexed with gig-economy exposures.

————–

A Bermuda-based insurer that recently severed ties with an Uber Technologies Inc. affiliate said on Thursday the risk of providing driver ride-hailing coverage had become too great and that it had mispriced policies during its initial years on the account.

James River Group Holdings Ltd said on Oct. 8 it would cut ties with a unit of Uber, its largest client, and cancel all related policies as of Dec. 31 this year.

Florida was an “outsized contributor” to the insurer’s Uber problems, especially in 2016, given a large number of uninsured and underinsured motorists, said James River Chief Financial Officer Sarah Doran in a call on Thursday with analysts to discuss its third-quarter financial results.

The insurer cut back on its exposure to Uber’s Florida market in 2017, Doran said.

James River boosted its cash reserves by a total of $57 million during the 2019 third quarter. Of that, $50 million was for 2016 and 2017 losses stemming from its Uber account, the insurer said.

James River late Wednesday said it withdrew $1.2 billion in funds held as collateral in a trust created by an Uber affiliate to cover current and future claims.

Insurance is one of the largest expenses for ride-share companies, an issue that many analysts cite as a risk for the ride-share industry’s profitability.

“In Uber, we wrote a new type of risk that originally seemed to be highly profitable,” J. Adam Abram, James River executive chairman and chief executive officer, said in the Thursday call.

But the nature of that risk changed as Uber rapidly expanded into new regions, added tens of thousands of drivers, and moved into other business lines, Abram said. Uber’s businesses now include food delivery and freight.

“Candidly, in some years, we mispriced the risk,” Abram said.

James River’s poor results for its Uber account in 2016 and 2017 spurred it to negotiate a “substantial pricing increase” for 2018 and charge similar rates for 2019, Abram said.

James River bought reinsurance for a third of the Uber account in 2019, but does not expect profits on the account for 2018 and 2019 to offset earlier losses, Abram said.

A new California law designed to limit the use of “gig” workers ultimately swayed James River to cancel the Uber account, despite coverage now being “well-priced,” Abram said.

The law, which goes into effect on Jan. 1, 2020, spells out when companies must treat “gig economy” contract workers, such as ride-hailing drivers, as employees. “We believe (it) will adversely alter the claims profile for ride-share companies,” Abram said.

James River expects to process about 18,500 Uber-related claims while winding down the account, Abram said.