December 19th, 2019
Having a proactive mindset is an essential adaptation for any solo advisor looking to make it on their own, but are you overly concerned about having business insurance? What sort of insurance policies does your business actually need? Professional liability? Cyber? What about property insurance? Are you in fact required to have these coverages?
The short answer: no, you’re not compelled to take out any of these insurances. But there are reasonable arguments for such protections. In sum, just as clients rely on you for advice to secure the future of their finances, you can turn to insurance to protect the future of your firm.
With that in mind, we’re going to provide a break-down of the three main business-insurance types (as most likely to apply to sole practitioners), and discuss how to stave off the issues they address in the first place.
Providing advice around a client’s money is inherently risky. That’s why reputable financial advisors put clauses in their service contracts to stipulate that they aren’t subject to paying damages for an investment recommendation. An advisor may suffer reputationally from faulty advice, but not necessarily be in legal jeopardy. After all, mistakes happen, circumstances change, and no one can really predict the future. To be sure, serious (as opposed to frivolous) lawsuits can follow examples of professional negligence, especially where a so-called advisor lays claim to licenses, certifications and expertise he doesn’t in fact have, or where the recommendation in question is demonstrably self-serving.
Starkweather & Shepley, an insurance brokerage and a partner firm of Chalice Network, describes errors and omissions insurance — E&O for short, and also known as professional liability insurance – as “coverage that protects the insured firm and its employees against claims and legal costs related to actual or alleged negligent acts, errors or omissions committed in the scope of performing professional services.”
If an E&O lawsuit does interrupt your professional life, consider mediation as a first course of action. Mediation brings in a neutral third party to negotiate with the disputing parties to arrive at a mutually acceptable solution. Finra's mediation program, applicable to disputes involving registered brokerage representatives, claims an 80% rate of successful mediation.
Money, typically an emotionally turbo-charged aspect of life, is often the cause for rash action, including bringing lawsuits that can be dealt with out of court. With E&O coverage, you can save a lot on legal costs, whether or not the matter goes to court, and keep your firm’s most valuable asset, its reputation, clean.
To stave off an E&O lawsuit by making sure your clients are comfortable with the way you conduct business, it can help to make sure they have read through and agreed with your professional disclosures. With accurate and comprehensive disclosures, your clients can decide from the outset if they like how you arrive at recommendations. Such disclosure also demonstrates your transparency at the very outset of your relationship with the client, which can serve you well in the event of legal proceedings.
Another way to keep E&O troubles off your doorstep, is to ask the client for transparency in return. To this end, ask your clients to be frank about their spending habits, especially where it interferes with your advice and financial planning on their behalf. Other things to watch for: gambling, family members or friends overly reliant on the client’s generosity, life partners with access to the client’s funds, and things like unpaid taxes and a failing business. It’s important to revisit these issues at regular intervals — and remember, you can always, and sometimes should, part ways with a problematic customer.
The cost to a business of recovering from a cyber attack runs to hundreds of thousands of dollars on average, to say nothing of the damage it can do to your reputation. As a result, cybersecurity, and increasingly cyber insurance, has become mission-critical to financial firms of all sizes.
More than two-thirds (69%) of financial-service-company CEOs are worried about cyber threats, PwC says in its 2016 FinTech Survey. And in coming years that portion is unlikely to shrink, especially given the rise of tech-system outsourcing, increased use of mobile, the advent of the “internet of everything,” and cross-border security threats.
In another 2016 study, PwC a 38% rise in cyber-security incidents in 2015 than the year before. This stresses the fact that, though financial firms have been wrestling with information security for decades, the increase in cybersecurity “events” in recent years shows that traditional approaches no longer work. Still, many firms rely on traditional security models focused on the back office — which are frankly inadequate given innovations such as mobile data entry have increased entry points for digital pirates.
Meanwhile, ancillary costs associated with cyber breaches can be hard to quantify. Share-price dips that occur after a breach tend to be temporary, with stocks typically rebounding within three months. But customer loyalty and brand reputation don’t seem to recover at generally predictable rates.
Meanwhile, financial regulators are fighting to safeguard end-client assets and information in the event of cyber attacks on financial firms. To this end, regulators have issued best-practice rules and guidelines, and they continue to probe firms’ activities to identify procedural soft spots for future regulation, often aided by sophisticated analytical tools for sifting large datasets.
It isn’t always clear when your firm has been hacked, but fortunately, there are some indicators. Among them:
Unusual outbound network traffic
Anomalies in privileged-user account activity
Multiple requests for the same file
Geographical irregularities
Database extractions
Unexpected system patching
If a cyber breach does take place, try to learn as much as possible. How did the attack come about in the first place? Why were you a target? Was the attacker trying to gain access to certain information, disrupt business, or take over systems to enact a larger attack? Understanding the attackers' motivations can help you formulate an improved security plan.
Overall readiness is also important. No less than 70% of US security executives say they don’t have incident-response plans in place, according to the Ponemon Institute. Systemic oversight on this scale significantly increases the cost and damage done by a cyber attack. At the very least, you want to make sure your staff know's what to watch for, and how to decrease the chance of a breach.
To this end, you and your staff members should:
Keep passwords secure
Avoid reusing passwords for different logins
Avoid sharing sensitive personal information
Don’t click on links and downloads indiscriminately
Keep antivirus and malware protection updated
The biggest thing is not to assume a security breach won’t happen to you. Instead, work with a team that can identify and fix vulnerabilities before trouble starts. Coalition, another Chalice partner firm, insures firms against damages post-breach — including potential legal costs and brand-protection measures. But it also provides consulting services around preventing attacks in the first place.
Have you ever visited a client’s home on a work-related errand? Perhaps there’s cause for celebration, so you’ve popped some bubbly — but oh-oh: the cork flies off and fatally beans something small and hairy. You’ve just killed Harold the Hamster, a beloved family pet, to the immense dismay of all present.
But rest easy there, dear advisor. With general liability insurance, you’re covered for the market price of a specimen such as Harold, and for the emotional distress of the family — and oops: also for the carpet on which you inadvertently dumped half a liter of champagne in your horror at the death you not only witnessed but caused.
Or, say, a client comes to your office and slips. With general liability, you’re covered there too.