A male teenager sitting on a curb, dialing on his phone with a wrecked car in front of him

what is vicarious liability?

Vicarious liability, sometimes called imputed liability, is a legal concept that extends responsibility for one person’s actions to another person.

This other person does not have to be directly responsible for the incident — they only need to have a business, organizational or family connection to the person who committed the act.

Examples of vicarious liability include:

  • When an employer is held accountable for the actions of one of its employees
  • When individual business partners are held liable for the actions of fellow partners
  • When parents are considered responsible for the negligent acts of their children or other people’s children while under their supervision
  • When directors and officers are held accountable for acts committed while they were performing duties on behalf of a corporation

why is vicarious liability applied?

The concept of vicarious liability rests on the legal doctrine called “respondeat superior,” a Latin term meaning “let the master answer.” Essentially, it shifts responsibility for negligence, libel, wrongful conviction and other civil complaints to the individual or organization that is assumed to be senior in the relationship.

The primary reason for invoking vicarious liability in a lawsuit or insurance claim is to shift the burden of payment to the party who is considered most likely able to cover the legal expenses, medical costs, or settlements or judgments that result.

how is vicarious liability justified?

Business owners, parents and organizational leaders are given the assumed right to control the actions of those they supervise. These leaders have a legal duty to maintain a safe environment and train or educate on proper behavior and skills.

Because of this presumed control, they can be considered at fault if the person under their supervision fails to perform their duties appropriately, damages another individual’s property or causes physical harm to someone else.

With regard to businesses, this responsibility is in effect only when the employee is on the clock and working within their scope of employment.

This can be a somewhat disputable definition. For example, an employee can be involved in an accident on their way to work or at an after-hours social event. Therefore, the courts have developed more definitive guidelines to clarify vicarious liability.

  • Most states exclude incidents that occur during an employee’s commute to or from work. Exceptions may be made when an employee’s personal car is used as part of their job, such as for on-site client visits, or if an accident occurs when an employee’s car is being used for a work-related errand.
  • If a company-sponsored social event is mandatory or the employer benefits from the employee’s attendance, the employer could be held vicariously liable for a related incident. An example might be an employee who is involved in an incident at a client networking event, especially if alcohol was served.
  • If an employee is involved in an incident while completing a personal errand but that personal errand was carried out during a job-assigned task, the case will be reviewed to see how it relates to a legal concept called “frolic and detour.”
    • A frolic is a major departure in either time or distance traveled from the assigned work responsibility.
    • A detour is only a minor departure.
    • The assignment of vicarious liability depends on when the incident occurred — during a frolic, which is considered off the clock, or a detour, which is considered on the clock.
  • Any time a business-owned vehicle is used, whether by an employee or a nonemployee, vicarious liability is typically admissible in a claim or lawsuit.

what about independent contractors?

Typically, independent contractors are held solely liable for their own negligent acts. However, there are some exceptions:

  • If the contractor chosen is considered incompetent or not suitable for the task, the contracting organization could be sued based on negligent hiring.
  • If the contracted work is inherently dangerous, the employer retains primary responsibility.
  • If the business passes responsibilities it isn’t legally able to delegate to a contractor, it can be held liable. This is most often related to workplace safety issues but may also include other issues of supervision and leadership.

protecting yourself and your organization from vicarious liability

While you may be unable to fully control the actions of others, you can control how you protect your assets. An agent or broker who specializes in liability insurance can help you address your risk of vicarious liability with a range of insurance options.

These may include small-business liability policies, general liability coverage, commercial auto, professional liability (errors and omissions), workers’ compensation, directors and officers insurance, and other policies that can help with any legal fees or expenses related to a claim that invokes your vicarious liability.

When appropriately designed, these same policies can also protect your employees and other related individuals. Reach out to us to learn more.



A female employer is sitting across from a male employee, going over paperwork with him. She has a pen in her hands and he has his hands clasped together on the desk.

who does your employment practices liability insurance cover?

what is and is not covered by EPLI?

Employment practices liability insurance, or EPLI, is an insurance policy that provides coverage to employers against claims made by their employees.

These claims include:

  • wrongful termination
  • sexual harassment
  • retaliation
  • unequal or unfair pay
  • discrimination (i.e. age, race, gender, sexual orientation)

 

EPLI covers the cost of lawsuits brought against your company by current, former, or prospective workers that believe that their legal rights have been violated or are displeased with your employment practices. Employers need EPLI to be financially protected from these claims.

However, EPLI doesn’t cover everything. The following are examples of what’s not covered: 

  • fraud or crime
  • contractual liability
  • on-the-job worker injuries
  • punitive damages
  • unemployment claims

 

Although some industries are more prone to these types of claims than others, the most common industries to have EPLI claims filed against them include construction, healthcare, professional services, and retail or food services.

how important is EPL insurance?

EPLI is important because all businesses with employees are susceptible to the threat of an employee submitting a claim against the company.

 

The policy protects business owners from these claims made by disgruntled employees and helps shield your business from potential financial ruin. Employee claims can be very expensive and even detrimental to small businesses.

 

EPLI helps cover the financial costs associated with legal action. Attorney fees and settlement costs are reimbursed by the policy, which means your business does not have the unexpected financial burden of paying off employee claim-related legal fees.

what’s the difference between EPLI and professional liability?

Professional liability insurance, also known as errors and omissions (E&O), covers legal action against your company from a client claiming inadequate work, negligence, services not delivered, and oversights.

 

This type of insurance is beneficial for businesses or professionals who give advice or provide a service for a fee in the healthcare, legal or financial industries, just to name a few. Examples of this would be doctors or lawyers.

 

It’s a good idea to have both EPLI and professional liability insurance as a business owner. The policies are not the same and cover different risks. While EPLI covers employee claims, E&O covers claims from clients. 

what’s the relationship between D&O coverage and EPLI?

Directors & Officers (D&O) Liability insurance protects directors or officers of a company from personal losses if they are sued for committing negligent acts or misleading statements.

 

With this insurance, the executive’s personal assets are safe from a lawsuit. D&O covers losses associated with the lawsuit, including legal defense fees. Exclusions in D&O policies are also similar to other professional liability policies, including property damage, bodily injury, and fraud or misrepresentation.

final thoughts

D&O insurance, E&O, and EPLI all protect employers and/or managers in different ways. It’s important for businesses to assess their risk when deciding whether to purchase these types of policies and how much coverage to buy.

This is dependent on factors like what type of industry you’re in or the size and makeup of your company. While it’s beneficial for your business to have EPLI and the various types of policies discussed above, it’s even more advantageous to prevent issues with employment practices that would pose these risks. Read on for three tips to avoid employment practices issues.

water leak, flooding a room with a wood floor, a couch and windows.

ensuring your business has appropriate water damage coverage

You might be looking at the title of this article thinking… “Why does my business need water damage coverage?”

Well, contrary to popular belief, water damage is one of the leading insurance losses, and can greatly impact your business. In fact, water damage is the second most common insurance claim for businesses. 

This considered, it’s important to take the proper steps to mitigate the high risk of water damage by having the proper insurance coverage.

does my insurance include water damage coverage? 

It’s important to have the right kind of business insurance for your commercial property. You want a policy that includes commercial water damage coverage.

The types of water damage claims covered by some commercial property insurance plans include:

  • Pipe breakage
  • Groundwater, and
  • Backed-up sewer lines

However, many policies exclude coverage for external flooding and mold-related damage.

For some insurance plans, you can purchase additional protection to your property policy to gain more coverage. There are also other types of insurance policies—for example, commercial flood protection or business interruption insurance—that can help safeguard your business from loss of income if your business has to close due to flooding or water damage.

what qualifies as water damage?

Commercial water damage is the destruction that a water-related issue can cause to your commercial property.

Damage can range from a corroded pipe bursting, a defective or improperly installed fitting can leak, and failed heating systems. All of these damages can result in major non-weather-related water disasters.

Common kinds of commercial water damage can come from many sources on the property. Always monitor your building to be aware of the areas where water damage can occur so you can be prepared if it does.

monitor your building

Pay careful attention to these parts of your property:

  • Roofs require maintenance to prevent damage from the elements
  • Pipes can easily leak or get damaged from extremely cold temperatures or old age
  • HVAC system can also leak or break due to a lack of maintenance or overuse

why is water damage not included in my property insurance?

Commercial property insurance commonly covers the loss of or damage to a property owned by a business. The damage that is covered includes:

  • Fire
  • Wind
  • Lightning
  • Explosions
  • Theft, and
  • Vandalism

However, most commercial property insurance does not include water damage. That’s why it’s important to know what your policies cover. Flood insurance is actually covered under a separate policy and can be purchased separately.

reach out to benchmark commercial insurance

Water damage is typically affected by the weather or a natural disaster that can create damage to your property—even with preventative measures, you can’t always control what happens.

Having a proper disaster plan, a building with adequate drainage systems, and regular maintenance and inspection schedules will help prevent damage and accidents.

Having a water damage insurance policy provides you coverage to help with the financial liability costs due to water damage. To find out more about water damage insurance and property insurance reach out to us or read on about why water damage is a top insurance loss.

employee injured at work

looking at workers’ compensation post-pandemic

Before COVID-19, the workers’ compensation (WC) process was fairly efficient. The pandemic, however, has brought a unique set of challenges to the workers’ compensation industry, including remote and hybrid work models, job elimination, and more.


Let’s chat about workers’ compensation post-pandemic.

what is workers’ compensation?workers' compensation overview infograhpic

Workers’ compensation is insurance purchased by employers “that provides cash benefits and/or medical care for workers who are injured or become ill as a direct result of their job.”

According to the U.S. Department of Labor, workers’ comp can provide the following to the injured:

  • “Wage replacement benefits
  • Medical treatment
  • Vocational rehabilitation
  • Other benefits”

do all employers need workers’ compensation?

Yes, yes, and yes again.

According to the California Department of Industrial Relations, “all California employers must provide workers’ compensation benefits to their employees under California Labor Code Section 3700. If a business employs one or more employees, then it must satisfy the requirement of the law.”

why is workers’ comp important post-pandemic?

In 2020, employers’ workers’ comp premiums decreased by 10% due to decreased payrolls and fewer claims, according to the National Council on Compensation Insurance.

Fast forward to 2022, however, and things have shifted again. As more employers begin to adopt greater safety in the workplace as well as remote and hybrid work models, workers’ compensation has changed post-pandemic.

Many employers are facing the question of workers’ compensation for their remote employees: Do I need it?

In short – Yes. You need workers’ compensation for ALL employees, no matter where they are working from.

Whereas many remote businesses won’t experience the same ‘on-the-job’ type of workers’ compensation claims, they will likely experience more claims coming from ergonomic concerns (i.e. neck and back pain, finger and hand pain, etc.)

Read on for more information on workers’ compensation in the hybrid workforce.

Workers’ compensation is important for the same reasons pre-pandemic as post-pandemic. Workers’ compensation helps employers avoid hefty out-of-pocket costs in the event an employee is injured.

(PS: When it comes to small businesses, these out-of-pocket costs may be enough to shut operations down entirely—so don’t risk it!)

workers’ compensation costs are on the rise

Workers’ compensation rates have been gradually increasing over recent years.

This increase was bolstered, however, in July 2022, when the Workers’ Compensation Insurance Rating Bureau of California® (WCIRB) submitted its September 1, 2022, pure premium rate filing to the California Department of Insurance (CDI).

The California Department of Insurance helps regulate workers’ comp rates using the WCIRB’s recommendations.

In this 2022 filing, the WCIRB proposed a set of increased premium rates that are, on average, 7.6% higher than those approved the year prior on September 1, 2021. Wow!

Read on for the WCIRB filing.

why are workers’ compensation costs increasing?

Simply put, workers’ compensation rates are rising because there are more claims being filed.

Research shows claims might be increasing because:

  • Inflation
  • Workforce changes
  • Increasing age of the workforce
  • Increased indemnity costs, and
  • Rising wages

Claims—regarding unsafe working conditions, COVID exposures, and/or workplace accommodations—might also increase as individuals begin to return to in-person work.

what can business owners do to reduce workers’ compensation claims?

Considering the high increase in the cost of workers’ compensation coverage, business owners should do everything possible to reduce claims being filed. As a business owner, you can mitigate workers’ comp claims by:

  • Encouraging mental health awareness
  • Focusing on risk mitigation
  • Conducting proper employee training
  • Updating your employee handbook and code of ethics, and
  • Maintaining a safe workplace

Interested in learning more about how to reduce the number of workers’ compensation claims that your business faces? Read our article “how to avoid the most common workplace injuries.”

choosing your cyber insurance plan: why it matters

reviewing Forbes’ “The Importance Of Cyber Insurance And How To Choose A Plan”

We know… If there’s one thing we’ve covered time and time again on our blog, it’s cyber insurance. But for good reason!

Contrary to popular belief, it’s not just large corporations that face cyber attacks. Small businesses are targeted daily and often face more severe financial consequences, as they typically lack the cybersecurity safeguards of larger organizations.

In fact, 60% of small businesses close within six months of falling victim to a cyber attack and according to Hiscox, the average financial cost for a small business to recover was more than $25,000 in 2021. Yikes!

To illustrate the severity of cyber attacks, we’ve pulled a few statistics on some of the biggest data breaches in history:

the biggest data breaches in history

Did you know…

  • In 2013, an attack against Yahoo resulted in the loss of data from more than three billion accounts (Yes, billion!)
  • Approximately 143 million consumers were affected by an attack on Equifax in 2017, which ended up costing them more than $4 billion. (Equifax was found liable for the breach and fined $425 million by the Federal Trade Commission… Ouch!)
  • The data breach of hotel firm Marriott-Starwood resulted in the loss or compromise of information belonging to more than 500 million consumers
  • The 2017 WannaCry ransomware attack contained a virus that infected more than 230,000 machines spanning 150 countries (this caused damage of at least $4 billion…)

The statistics considered, businesses of all sizes should prepare for the growing cybersecurity threat.

How? Cyber insurance is a great first step.

infographic for "choosing your cyber insurance plan why it matters"

In the Forbes article below, you’ll learn more about the importance of cyber insurance, costs, risk assessments, and more.

Read on for the full Forbes article by Mark Roberts.

The Importance Of Cyber Insurance And How To Choose A Plan

In my recent pieces, I have talked about how and why businesses should prepare for the growing cybersecurity threat and ensure their security protocols are adequate for today’s dangers and position to evolve for future risks.

It’s one of those topics that feels like it’s over-discussed. However, considering the increasingly dangerous landscape for businesses, it’s a topic whose importance that can’t be overstated.

The experts have made it clear: Bad actors are increasingly launching cyberattacks in the United States and globally. One doesn’t need a crystal ball to recognize that these cyberthreats could continue to grow.

Cyberattacks are a big business today; just look at ransomware as a service (RaaS), the bad-actor version of software as a service (Saas). As long as bad actors can continue to find companies and organizations to victimize, they won’t cease their efforts.

The Identity Theft Resource Center’s (ITRC) 2021 Annual Data Breach Report revealed there were more “cyberattack-related data compromises” (1,603) in 2021 than “all data compromises” in 2020 (1,108). These attacks increased in nearly every primary business sector.

According to 2021 research from Hiscox, an international specialist insurer, roughly one-quarter (23%) of small businesses suffered a cyberattack in the span of 12 months, and the average financial cost to a small business was more than $25,000.

Now is the time to prepare for potential risks that could impede operations. Too often, businesses delay simply because they don’t know where to start the process.

The most logical starting point is to explore the benefits of cyber insurance, a topic my company consults on for clients and the importance of which I’ve come to understand firsthand as a CMO.

Why does a company need cyber insurance?

Most companies carry at least one form of insurance, such as commercial or business insurance. While this type of insurance protects against property damage or employee-related risks, many companies believe their insurance will cover them should they fall victim to a cyberattack.

However, not all insurance companies cover damages resulting from cyberattacks under these general policies. Instead, they have launched specialized products designed exclusively for cyberattacks.

Unfortunately, there are a few hurdles to attaining these policies; they often require companies to secure a vulnerability or cybersecurity gap assessment. While this review will ensure companies have the basics covered and enable them to secure insurance, it could also result in lower premiums.

If nothing else, these vulnerability assessments can help establish baseline business best practices, such as ransomware training and protocols for phishing scams. These protocols can help identify vulnerabilities before a bad actor exploits them.

Sadly, the biggest threat is also a company’s biggest asset: its employees. Unprepared employees are often an organization’s most significant vulnerability. However, prepared employees can help play a solid defense.

Yes, cyber insurance is an added cost. While companies may be tempted to cut expenses wherever possible amid rising costs in all aspects of operations, cyber insurance shouldn’t be one of them. The cost of a policy pales compared to the cost of an attack.

The cost outweighs the risk.

Nearly three-quarters of companies suffering an attack (71% of businesses in the United States, according to Hiscox) have paid a ransom when targeted. The cost of a ransom could force many businesses to close their doors for good.

No one should automatically bake that cost into their annual budgets, especially when there is an opportunity to turn the tide and bolster their defensive posture.

The Hiscox Cyber Readiness Report 2021 revealed that less than one-third of companies have a stand-alone cyber insurance policy. Given the size and severity of the threat, it is hard to believe the number isn’t significantly higher.

Many companies still mistakenly believe they can fly under the radar, perhaps thinking they aren’t high profile enough for an attack. While massive cyberattacks make headlines, many smaller ones do not. The harsh reality is that some companies won’t realize they have fallen victim to an attack until it is too late.

When securing a cyber insurance policy, businesses must first understand what they need to protect—such as customer data, medical records or financial information. Buying the right policy requires companies to understand their potential shortcomings before evaluating whether the policy protects them.

A risk assessment is crucial to understanding.

Once they have this baseline information, they should examine the policy to understand what it covers—and, more importantly, what it doesn’t cover. For example, are there select risks that aren’t covered, how does the policy define a security event, and does human error or identity theft negate coverage?

On top of choosing an insurance policy, companies should keep their eyes open for risks on the horizon, and leaders should be prepared to communicate with their teams about their roles. Today, everyone plays a role in a company’s defense.

All employees should understand present cyber risks and why it’s vital that they take safety measures seriously. When it comes to the specific safety measures a company puts in place, leaders should ensure employees understand the procedures and buy into the process.

Since the best offense is a good defense, companies should start their preparations today. If you’re not, what are you waiting for?

employee claim being discussed between two women

how EPLI can protect your business

For many business owners, the prospect of a lawsuit by a disgruntled former employee looms like a shadow in the background. If there’s one thing you can use to prevent that, it’s this:

Employment Practices Liability Insurance (EPLI).

Well, of course, there are others but if you’re only going to do one thing– get EPLI coverage. Let’s chat about how EPLI can protect your business in the event of an employee lawsuit.

infographic for "how EPLI can protect your business"

what is EPLI?

Employment Practices Liability Insurance, or EPLI, is insurance that “provides coverage to employers against claims made by employees.”

Policies typically extend coverage to the following:

  • Wrongful Termination
  • Sexual Harassment
  • Wage-Related Claims
  • Claims of Unequal or Unfair Pay
  • Discrimination Claims (i.e. age, race, gender, sexual orientation)
  • Third-Party Claims

Read on for three tips to avoid employment practice issues.

who needs EPLI?

Although some industries are more prone to these types of claims than others, the most common industries to have EPLI claims filed against them include:

  • Construction
  • Healthcare
  • Professional services
  • Restaurant and food services
  • Retail, and
  • Manufacturing

how can EPLI protect your business?

EPLI helps protect your business from financial devastation.

Employee claims—whether the employee is currently or had been previously employed—can be very expensive; and even detrimental to small businesses.

EPLI helps cover the financial costs associated with legal action. Attorney fees and settlement costs are reimbursed by the policy, which means your business does not have the unexpected financial burden of paying off employee claim-related legal fees.

turn to benchmark commercial insurance

Don’t know whether you have EPLI coverage or the quality of it? Our team at benchmark commercial insurance can help.   

We’ll review your coverage and give you recommendations free of charge. No hard sell, just insights. 

For those who want to learn more, including if their business needs EPLI coverage, read our article “employment practices liability insurance — do you need it?

man at a desk reviewing insurance contract

how much should I pay for cyber insurance?

So, you’re a small business owner asking yourself, “How much should I pay for cyber insurance?” You want to ensure your business is protected, but without excess or unnecessary coverage.

So, how much will it cost? We’re sure this isn’t the answer you want to hear, but in short, it depends.

The cost of your cyber insurance will depend on your business type and the level of risk you’re exposed to.

(But more on this later!)

Below, we will:

  • Provide a general estimate of how much cyber insurance costs for businesses in the United States
  • Cover why the cost of cyber insurance is increasing, and
  • Discuss what factors influence how much a business owner pays for cyber insurance

the average cost of cyber insurance

According to AdvisorSmith’s research conducted in 2019, the average cyber insurance cost is $1,485 per year (or $124 per month) for $1 million in coverage, with a $10,000 deductible.

To come up with this figure, AdvisorSmith used quote estimates and rate filings from over 43 insurance companies nationwide. Premiums ranged from $650 to $2,357 for cyber insurance for companies with moderate cyber risk.

This figure, however, is not a hard-and-fast rule and will vary based on several elements regarding your business and the cyber insurance market.

the cost of cyber insurance is increasing… why?

So, the cost of cyber insurance is increasing… But why? Here’s a shorthand list.

  • Cyber attacks are becoming more and more common across the board; cyber extortion has jumped by 150% in one year and cases of malicious breaches and unintentional disclosure increased by 18%
  • To contain potential lawsuits, businesses will rely on outside attorneys to handle cyber response
  • Executives do not know how to properly insure their businesses from cyber risk (Munich RE reports that 81% of C-level respondents think their company is not adequately protected against cyber threats and only 34% of C-level respondents have been in contact with their insurers)

Therefore, as ransomware attacks continue to crowd the cyber insurance market, coverages are expected to rise 40% to 50% for optimal risks and 50% to 100% or more for less optimal risks.

Even so, while cyber insurance premiums are rising, policies are covering less.

how much does cyber insurance cost?

Again, there’s no magic number for how much each business owner’s insurance will cost. That’s because every business is different.

infographic of how much should i pay for cyber insurance

Moreover, this is an especially tricky question as the cyber liability underwriting market remain

s hard.

But what factors influence how much you will pay for cyber insurance as a business owner? At benchmark commercial insurance, we identify eight main determining factors.

industry

The industry you’re in is arguably the most important element in determining cyber insurance costs.

Depending on the industry you’re in, you’ll be placed into one of three tiers—low, medium, and high—of risk related to the type and amount of data your business stores.

To provide an example, a consulting firm would likely fall into the category of low risk whereas a business in construction, the health and wellness space, or the cannabis industry would be considered high risk.

location

The location of your business will affect how much you pay for insurance. Why? The cost of insurance differs from state to state because of differences in legal requirements, economic conditions, competition, etc.

For example, cyber coverage will likely be cheaper in Michigan than in Minnesota.

size

How big is your business? Typically, the larger your business is (i.e. more employees, clients, and greater sales), the more expensive your premiums will be. Why? More employees equal a higher likelihood for a cyber-attack to occur.

amount of sensitive data stored

If your business stores sensitive data, you can expect to pay more for cyber insurance. Sensitive data, to name a few examples, might include:

  • Social security numbers
  • Addresses and phone numbers
  • Credit and debit card numbers
  • And more

For example, a hospital—which houses an immense amount of personal data—would pay more for cyber insurance than, say, a mom-and-pop grocery store with a small customer base and few data collection points.

revenue

The more money your business makes, the higher odds a cybercriminal will be interested in targeting your business, according to an insurer. This considered, businesses with higher revenues should anticipate paying more for cyber insurance.

security defenses your company has taken

Security protocols, software security, employee training… Any preventative measures that your business has taken to stay safe from cyber attacks equal a brownie point in an insurer’s eyes. Businesses that prioritize safety are likely to pay less for cyber insurance.

history of cyber insurance claims

If your business has a history of cyber insurance claims or has been previously attacked, you might face higher premiums.

the level of coverage that you choose

Lastly, your coverage limits and deductible will affect the amount you pay for coverage. In short, the higher your coverage limits, the higher your premiums. On the other hand, paying a lower deductible would result in paying less in the event of cybercrime but paying a greater premium.

Businesses should consult their brokers to determine which cyber security options are best suited for their unique business needs. Interested in learning more? Check out our article on what cyber insurance actually covers.

animated email with red notification bubble

how to educate your team to avoid email scams

In 2019, the losses for business email scams sat at $1.7 billion, according to the Internet Crime Complaint Center (IC3).

With cybersecurity risk at an all-time high, there is no room for a financial blow caused by the simple click of a malicious link in an email.

So, how can you avoid falling victim to cyber-attacks? The first step is educating your team on how to avoid email phishing and what red flags to look out for. Below are some tips to include when training your employees about phishing; but first, what is phishing?

infographic of how to educate your team to avoid email scams

what is phishing?

Email phishing is a cyber-attack where a hacker targets email to gain sensitive data or personal information. This is often performed by the hacker masking themselves as a trusted source or business.

Typically, the hacker starts the scam with research on the internet. Although there is not much that can be done to avoid someone researching you, there are ways to avoid getting directly scammed—and therefore, to avoid huge financial loss as a result.

Let’s discuss.

signs of a BEC scam

The FBI lists the primary ways a business email compromise (BEC) can occur in a company. These identifiers should be well-known to employees so that these signs serve as automatic recognition of a BEC scam.

The list of elements to be wary of includes:

  • Spoof websites and email addresses
  • Spear phishing emails (i.e. when an email is posed from a trusted sender)
  • Use of malicious software that can gather information
  • False invoice
  • Data theft
  • Account compromise
  • Attorney impersonation
  • And more

red flags in an email

Now that we’ve discussed what phishing is and the signs of a BEC scam occurring in your company, let’s dive into what red flags suspicious emails might contain.

There are many red flags to educate your team on. Some of the common features of phishing emails include:

  • “Too good to be true” offers: These are exactly what they sound like. One example is the common scheme of “you’ve won a FREE iPhone!” 
  • Sense of urgency: This scam is when a deal or offer is going to expire soon; often seen in the subject line of an email claiming to be “URGENT.”
  • Hyperlinks: Links are often used in phishing attacks. The hyperlinks typically look like a real website but may have one letter off, leading to a fake website, for example.
  • Attachments: Attachments are also something to look out for. A great recommendation is to not click on any attachments or unexpected emails.
  • An unusual sender: This might seem obvious, but it’s important to update your team on who might be emailing them to avoid clicking on emails that aren’t internally sent or from clients.

additional training requirements

Aside from informing your team about the common email phishing emails listed above, you must set clear policies and expectations regarding email scams.

The policies that can be set in place should eliminate your company’s risk of a security breach of information. For example, the policy on sharing passwords and credit card information should be unassailable to hackers.

If your company is already performing larger cybersecurity training due to the rise of scams, adding additional security training on BEC scams should be easier to include.

be careful what you post on social media

Lastly, we have to mention social media.

Social media is typically part of all businesses’ marketing strategies. If an employee is providing too much information about the office on social media, a hacker might be able to pick up on schedules and patterns of the company.

For example, if an employee is frequently posting about the company having a retreat or week off, this could make a hacker’s jobs way easier—so be mindful.

a final word

The steps you take internally in your company to protect your data can dramatically reduce your insurance coverage costs when it comes to cyber liability insurance.

Is your business properly insured against cyber attacks? And do you know how much this insurance should be costing you? Read on to learn the main factors that will affect the cost to insure your business.

"workers' compensation" written on a notepad sitting next to money on a desk

your workers’ compensation policy annual carrier audit

Workers’ compensation insurance coverage is an important part of business protection for any employer. But have you heard of a workers’ compensation policy audit? Here’s what you need to know about your workers’ comp policy audit.

why do you need workers’ compensation policies?

So, what is workers’ comp, and why do you need it as an employer?

Workers’ compensation is “insurance, paid by employers, providing wage replacement and medical benefits to employees who are injured during the course of working for the insured.”

Why do you need workers’ comp insurance? Well, there are a couple of reasons, First, investing in workers’ compensation helps businesses avoid hefty costs of an employee’s medical expenses and lost wages following a workplace injury or illness.

If an employer failed to have workers’ compensation (which is a criminal offense according to Section 3700.5 of the California Labor Code), they’d be responsible for all medical expenses out of pocket—which, depending on the illness or injury, could cause significant financial harm to their business.

Moreover, workers’ compensation wages and benefits are provided in exchange for removing the employee’s right to file a lawsuit against their employer.

what is a workers’ compensation audit?

A workers’ compensation audit is an annual review of records. These audits are requested by an insurance company to verify that your business has paid the correct premium for workers’ compensation insurance.

how does a workers’ compensation audit work?

Workers’ comp audits can be conducted:

  • In-person
  • Over the phone
  • By mail

How your audit is conducted depends on your auditor and business type. 

Moreover, audits “determine if the payroll and class codes quoted at inception accurately reflect the actual payroll and scope of work performed during the policy period. Audits also ensure that sub-contractors had their own coverage in place.”

If records don’t match up, the price of the workers’ comp insurance will be adjusted for the policy year.

why do you need a workers’ compensation audit?

So, why do you need a workers’ compensation audit as a business owner?

As mentioned above, your initial workers’ comp premium estimate may not always match the actual payroll and scope of work for your business. Depending on a variety of factors throughout the year, this payroll figure might actually land below or above your estimate.

A workers’ comp audit is necessary—and is actually required by most state regulators—so that adjustments to the initial premium can be made if necessary.

how to prepare for an audit

Now you know what a workers’ compensation insurance audit is, how it works, and why you need one. Let’s briefly discuss how to prepare.

  1. Gather Your Records: Your auditor will, of course, need access to your financial data for the policy period (Think: General business information, payroll records, insurance records, cash disbursement records, etc.)
  2. Revise Job Descriptions: Workers’ comp premiums are determined by the risk that your employees face at work and on payroll. Revising employee job descriptions, and knowing what each role does thoroughly, is a great way to help prepare for an audit.
  3. Ask Questions: When the time comes for your audit, don’t be afraid to ask questions. Review all documents clearly and only provide the information requested, as to not create additional work for your auditor.

Infographic of your workers’ compensation policy annual carrier audit

Interested in learning more? Read on for information about workers’ compensation in the hybrid workforce.

construction worker sitting on job site injured

how to avoid the most common workplace injuries

Between 2015 and 2019, workplace injuries kept workers out of work for more than 17 million days when looking at 1.5 million workers’ compensation claims. That’s right—we said 17 million days, according to The Travelers Injury Impact Report. Workplace injuries are an employer’s biggest nightmare for a variety of reasons.

Let’s chat about how to avoid the most common workplace injuries and what they are.

what are the most common workplace injuries?

The most common workplace injuries across all employees and industries were ranked as follows:

  • Overexertion
  • Slips, trips, and falls
  • Struck by an object
  • Motor vehicle accidents

Moreover, for first-year employees, cuts, punctures, and being caught in or between hazards also accounted for a significant portion of injuries.

how to avoid workplace injuries

At benchmark, we bring these statistics to light to provide businesses with an understanding of what is happening (or can happen) in their workplaces. 

We’d like to help your business avoid workplace injuries by discussing four tips on how to avoid them. Check them out below.

prioritize a safety-first culture

In your business, it’s important that your employees know safety is a priority. Implementing a solid safety program will look different for each industry; however, your safety program will likely include safety meetings, tests, the proper safety equipment and tools necessary to complete work, and of course, safety training.

When you implement a safety program, it should be your number one priority to do everything in your power to prevent employees from getting injured or sick. (Yes, this includes making sure all of your carpets have non-slip grip or are secured to the floor to prevent slips!)

stabilize your employee population

Accidents happen more frequently when businesses don’t have adequate staffing levels. One way that you can avoid injuries in the workplace is by ensuring you have a stable employee population.

Why? Overworked employees are more likely to suffer from exhaustion, which can lead to cutting corners to make ends meet. A solution could be hiring part-time or even seasonal staff to help prevent these common workplace injuries.

implement a safety-incentive program

Most employees just want to know that they’re valued and to be recognized for their efforts. A great way to do so, while also increasing workplace safety, is by implementing a safety-incentive program.

In fact, the Occupational Safety and Health Administration, more commonly known as OSHA, recommends safety-incentive programs, which reward “workers for reporting near-misses or hazards.”

According to OSHA, effective safety-incentive programs can “provide positive reinforcement for reporting illnesses and injuries,” making the workplace a safer environment altogether.

invest in insurance

Insurance is one of the most important things a business owner can invest in to keep their business safe. The types of insurance your specific business might need will vary depending on your industry, state, and business itself. However, some common types of insurance include:

  • Commercial Property Insurance
  • Cyber Liability Insurance
  • Commercial Auto Insurance
  • Workers’ Compensation Insurance
  • General Liability Insurance

infographic on How to Avoid the Most Common Workplace Injuries

Speak with a professional—like our team at benchmark commercial insurance—to learn what types of insurance you need to keep your business protected. Read on for your complete guide on workers’ compensation in the hybrid workforce.