Accountants Insurance

The GDPR is coming. Time to sit down, relax and take stock

Posted by 3 May, 2018 (0) Comment

This article is about the feeding frenzy taking place, how to avoid it and what to look out for in the run up to GDPR lift off.

 

Welcome back, or if you’re new here sign up to our orange RSS button to the top right of this page to receive insurance tips, new posts, plus details of events and promotions that could help you or your network reduce the risks facing their organisation.

 

The vultures have been circling for some time now.

 

Plenty of people are putting the frighteners on good people that just want to survive the supposed relentlessness of heavily armed Data Commissioners issuing fines aplenty. Which will not actually happen. The ICO simply haven’t got enough resources to do that. Much like other agencies that are not for profit.

 

Speaking of which, it is those that are for profit that we need to be wary of. I’ve received several updated contracts from insurance companies dictating how data issues need to be resolved. My first piece of advice is to establish what your partners expect of you because, whilst the data commissioner might give you 72 hours to report certain types of breach, I am now contractually bound to give others 24 hours notice. Probably because they want the lions share of the deadline to get themselves ready. They also insist on certain types of data security and issue tight deadlines on “data subject access requests”. Cheeky but true.

 

So have you read all your contracts recently?

 

At least some of our partners are decent enough to tell us they’re being updated. Other contracts, like insurance policies, already cater for the change with clever wording. Where it states that they expect you to be complying with the law it actually means that as soon as the law changes, you have to be compliant with the new one. They don’t need to wait for the renewal of a contract to make you keep up with legislation. They’ve already taken care of it.

 

Are you going to read all your supplier or partner contracts? Probably not. Who has the time? I hear you sigh! Keep these in mind when you are changing your policies that are affected by GDPR. There might be a clash. You might want to notify them with 72 hours, yet they might stipulate immediately. Forewarned is forearmed and I don’t think fines are going to cause the biggest headache. I think it will be interruptions to business and loss of reputation and/or clients.

 

Government crack the whip

 

I have a feeling that the government announcement last week, that it would try and reduce the compensation culture by cracking down (again) on so called “whiplash” claims, might fuel the class action culture that Morrisons supermarkets find themselves subject to. There are a lot of companies that rely on that revenue stream (it’s in the billions) and they will switch to the next as quick as they went from PPI to holiday sickness claims. And PPI is coming to an end.

 

Wrap Up: We’re not overly concerned about the deadlines imposed by our supply chain because we have the resources to cope with them. Yet we’re very pleased we know what they are because a data breach causes enough confusion on it’s own.

 

Top Tip: Once you’ve assessed your position, review your contracts to see what else you might need to weave in. This is a once in 20 year opportunity to engage with your stakeholders. Done well, it will build trust regarding data and how you want to keep it safe. That trust is gold dust in the current climate.

Categories : Accountants Insurance,All Risks Insurance,Business Insurance,Company Insurance,Contractors Insurance,Customer Service,General Requirements,Intellectual Property Insurance,Liability Insurance,Solicitors insurance Tags : , , , , , , , , , , , , ,

How to protect risks to cashflow with insurance

Posted by 7 June, 2017 (0) Comment

PROTECTING CASH FLOW2

This blog is about protecting cash flow, especially if those that owe money go bust.

Welcome back, or if you’re new here sign up to our orange RSS button to the top right of this page to receive insurance tips, new posts, plus details of events and promotions that could help you or your network reduce the risks facing their organisation

What if a buyer goes bust?

With the global recession and Brexit, business owners are having to consider the impact this could potentially have on their business.  What if a client goes bust?  If a company is owed significant amounts of money from clients, it is a major risk to cash flow.

Gareth came to us with these questions and more.  He knew exactly what he wanted from an insurance.   Dealing with imports he needed peace of mind that he had cover if stock went missing.  He also needed to know that his invoices were covered if products didn’t reach the consumer. We took time to completely understand Gareth’s business to a granular level.

What if they don’t want to pay?

Business Owners need confidence that they are going to get cover that matched their needs and not be sold an off the peg insurance that doesn’t quite do the job.  After negotiating with underwriters we carefully selected the options that matched Gareth’s broad requirements.

One option included protection against protracted debts or liquidations relating to companies that had been invoiced. It often helps with obtaining quicker payments, from companies that are happy to share the debt, when the risk of a default is backed by credible protection.

What are the risks when reducing risks?

Following up with a meeting to go through the small print and fully explain terms, conditions and exclusions is a must.  We tell it like it is, the good and the bad so our clients can make informed decisions.

The devil is in the detail and it is often a surprise to everyone, including us, when it is interpreted based on a particular business. It’s our duty to actually recommend protection that fits each client and the most appropriate has to meet their needs, rather than provide the dreaded false sense of security.

 

Wrap up; Small print can be seen as an enemy yet there’s a lot that can be learned from it. Read our blogs on the different types of policies available. I used to be surprised at the number of people that told me that they had already covered everything, then sent me documents riddled with exclusions. I now know it is a common occurrence in our sector.

Top tip; Some people find out when it’s too late.Review your debtors regulary and watch out for slow payers and avoid companies that are shown as risks on credit checks

Categories : Accountants Insurance,All Risks Insurance,Business Insurance,Company Insurance,Customer Service,Legal expenses insurance,Liability Insurance,Litigation expenses insurance Tags : , , , , , , , , , , , , , ,

Power (back) to the people?

Posted by 4 May, 2016 (0) Comment

 

 

Have the EU given data Power (back) to the people?

 

This blog is about data protection, how the laws are used against us and how the new broom will try and take miscreants to the cleaners .

Welcome back, or if you’re new here sign up to our orange RSS button to the top right of this page to receive insurance tips, new posts, plus details of events and promotions that could help you or your network reduce the risks facing their organisation.

 

Data protection

 

It has always miffed me when the data protection act was used against me, especially when I know it was designed for me…to actually protect me. And you of course. I’m referring to the times when, with no malice in mind, I have been refused access to bank accounts, utility bill payments and more with the comment “It’s against our data protection policy to” help you.

I know that some of the people that have told me this were on a work avoidance programme (known as WAP when I worked in corporate’s). Their colleagues confessed in the bar. I now know privacy “defence” is used against us when it suits the data controller.

Thanks to this video showing how defences fold when a little “social engineering”, also known as lying, is used to break an individual’s defence down. The video shows how hackers (in 30 seconds) get access to personal or private information with a little trickery involving children of all things. Thank God the children aren’t real. It left me wondering why I can’t access my information when others can.

 

Plan of the insurers

 

Perhaps this is why European legislation fines companies 4% of turnover (not profits) following avoidable breaches. Even more interesting are the requirements to notify interested parties of a breach within 4 days of it happening. Since the old act was introduced, times have moved on and technology has increased the speed of such change. Surprisingly enough, insurers do have a plan. Not the Insurer’s you’ve heard off.

There are a new breed offering services as well as covering fines, legal costs and clean up costs. Having said that, very few of our data breach enquiries end up with insurance policies being required. It’s usually education that reduces risk. If you think that’s what you need get in touch to get a free trial (it’s on us). Because I have no doubt that we will adopt the EU data act, sooner or later. If we are not in Europe there will be greater scrutiny in weaknesses in the offerings of UK Plc.

It will become a business imperative to have the highest threshold of data security in the World. If the Panama Papers haven’t made people think carefully about what they have that’s important, private or confidential, nothing else will. Once the high risk data has been secured in your version of fort knox, you can then secure the next level of lower risk data and so on.

 

What now?

 

So you may well start preparing now. Or you could wait for the authorities to point the finger and aim their inspectors at someone else. These issues are extremely rare. The new breed of data inspectors will be targeted to find breaches so they can fine people. Now that the £35 per year Data Protection Register annual charge is being scrapped, the DPA will only get paid if they manage to raise funds through fines.

Data breaches will be a lot easier to spot than health & safety breaches so anticipate people with an axe to grind to start blowing the whistle. I also anticipate the forces that drove the compensation culture (whiplash anyone) will be a problem for those that don’t meet the regulations. I have no doubt that Data Protection inspectors will offer low paid workers (like cleaners) fees for “introducing them” to parties that have weak security. It will cost them nothing, they have a degree of protection from being disciplined when the whistle is blown, if it is for the “greater good”. If it were a Panama Papers employee that went rogue, I doubt they would suffer a severe penalty.

Wrap up; The people that were behind whiplash claims being made fraudulently or exaggerated have moved on. At the moment there are chasing ambulances (an American term) straight into the A&E departments. This because it is easier to exaggerate or commence a fraudulent injury claim when there is no car involved. It’s only a matter of time before they move sideways into data.

Top tip; As for the referendum, have a plan for staying and another for going. Keep both simple.

Categories : Accountants Insurance,All Risks Insurance,Business Insurance,Company Insurance,Contractors Insurance,Customer Service,General Requirements,Health & Safety,Intellectual Property Insurance,Solicitors indemnity,Uncategorized Tags :

Efficient insurance isn’t always friendly

Posted by 23 June, 2014 (0) Comment

This article is about how improvements in technology should help providers improve the service to their clientèle. Read on to find out how IT has made life easier, where it has failed, and the backlash that is “in the post”.

Welcome back, or if you’re new here sign up to our orange RSS button to the top right of this page to receive insurance tips, new posts, plus details of events and promotions that could help you or your network reduce the risks facing their organisation.

Treating customers fairly?

 

Recently I have been learning how to use a new IT system which will increase our efficiency and profit. The people showing us how to use the system are terribly nice and say some nice things, yet also some very surprising things. One that really did surprise me relates to the way the system allows us to meet all the compliance regulations that are bestowed upon us, by the FCA (Financial Conduct Authority) I was pleased to find that the system made our life easier when ticking the compliance boxes.

It was during a discussion about “treating customers fairly” (TCF) that I was so surprised. TCF involves doing what it says on the tin – making sure that the customer is at the centre of what you do. This ensures that they are well treated and their aims are met whilst your business meets its aims too. For me, this is the most valuable thing you can do in a business, because customers are always right and when they are wrong, its usually because they have not been well informed. This is a statement that most business owners don’t want to hear, yet when they are the customer they realise that it’s actually true.

What’s the surprise?

 

The comment that surprised me so much was after I complimented the trainers on showing us how to add efficiency into our compliant processes. Our training lady announced that no one usually cares about this, to which I exclaimed “pardon!” because I couldn’t believe that a sector so beaten and bowed by criticism still fails to take its customers’ rights seriously. I enquired what the lady meant by “no one usually cares” and she reiterated that all the other people she trains (all is probably an overstatement) find ways to avoid ticking the compliance box of TCF. I am not surprised that this happens, but I am surprised that it is an industry wide problem. However, it does explain one scenario that has puzzled me somewhat.

Why is it important?

 

When I first went “alone” I carried out research and found that a healthy percentage of people that had purchased insurance were not sure that it was right for them. This meant there were people who would find our service useful. This gave us immense confidence as we ploughed our furrow and provided a service that isn’t available to all. It still isn’t available to all, because we could not possible service the entire commercial insurance buying public, not by ourselves. But watch this space. We have no immediate plans to dominate the UK, yet what I have discovered over the last few years has shown us that the vast majority of people who buy insurance are not treated fairly. There is work for us to do in changing that. It is a challenge, but one I am ready for.

Wrap Up: Not all insurance policies are the same. Not insurance companies are the same. Not all businesses are the same. So ensure you get what you need, before you need it.

Top Tip: If ever you do have a problem with insurance ask your supplier how they are treating you fairly, whilst dealing with the problem.

 

Categories : Accountants Insurance,After The Event,All Risks Insurance,Building Contractor,Business Insurance,Company Insurance,Contractors Insurance,Customer Service,Design Insurance,Domian name protection,General Requirements,Health & Safety,Intellectual Property Insurance,Legal expenses insurance,Liability Insurance,Litigation expenses insurance,Patent Insurance,Personal Insurance,Solicitors indemnity,Solicitors insurance,Trade,Trade Secret Protection,Trademark Insurance,Uncategorized Tags : , , , , , , , , , ,

Flatterers deceive UK start-ups

Posted by 19 April, 2014 (0) Comment

A spectacularly large US company flattered a UK start-up with a huge contract which was eventually signed and secured. This would give them the capital they need to multiply their success. The contract wasn’t exclusive and the start ups web application was valuable to many similar companies. A fantastic “result” and only two types of insurance were required by the US company.

Welcome back, or if you’re new here sign up to our orange RSS button to the top right of this page to receive insurance tips, new posts, plus details of events and promotions that could help you or your network reduce the risks facing their organisation.

Contractual responsibility

 

The contract issued by the Americanclient had 2 pages making direct reference to the type of due diligence, risk management and business insurance required of the start-up. The rest of the contract revealed 26 further liabilities and requirements that were, or would become, necessary.

Not all were manageable for a small company with limited cash flow. The really fine points of the contract referenced this exact point and made it clear they would take full and furious legal action if something went wrong. Ouch, a soft landing is required so we received an introduction.

Part of the liability related to the website, which was provided as a service, and had to be operational 99.9% of the time. The US company staff would be trained to use it and then supported 24/7. It had to work and the contract made it clear that they would want compensation for any downtime over 0.01% in any one year. Keep in mind that one way to compensate is not charge fees that are due.

Penetration testing must be the answer

 

It helps work out weaknesses today yet doesn’t account for advances made by hackers tomorrow. IT Systems security methods of suppliers aren’t always reliable and data theft was the main concern of the US client. They made the UK startup contractually liable for the costs of notification to the relevant authorities and those whose personal data is compromised.

This is a really tough figure to try and quantify because few own up when they have a data breach so the statistics cannot be compiled. Contrast that with fires where it is easier to quantify losses.

That won’t change just because it becomes a must to do (new regulations are due to land in the EU in 2015). So if some Herbert got at the data, the US company would have to spend to meet US regulations and the UK start-up could be ruined by the losses. Identity theft costs vary from person to person so it really is a difficult number to calculate.

Legal liabilities change across borders or state lines

 

The chances of a breach are minuscule, the costs ridiculous. The damage to brand immeasurable. Get a lawyer to get legal on your contracts and they’ll close the gaps. Some clauses don’t hold water in the UK yet US companies issue proceedings where they want. The contract formed a vicious circle when the statement of work and suppliers agreement were reviewed together. No stone had been left unturned and the US company had a fair minded legal team. That is not always the case.

However, there was a liability of millions and the supplier of the application’s infrastructure were only going to cough up £182k if they failed to maintain their supply. Worse still, the infrastructure wasn’t easy to transfer to a new supplier and a 30 day window tied the start-up down. No fix in 30 days and the US contract terminated automatically. And further contracts would not have been issued by them or anyone else.

We deal with cyber risk every weekly basis. It rarely touches the smaller business, yet their suppliers are at risk. Cloud sounds great yet it is not as solid as your own database with your own security. The solutions are a contractual nightmare.

Wrap up: It is not unheard of for a large company to issue a contract to a start-up, allege an error and drown them in legal proceedings. This is because they can then strike a deal which leaves the start-up Directors free of debt if they give up their Intellectual Property. Only in America? No! Uk companies do this too. Does Directors protection work in these cases? No! See why here: http://www.cobinecarmelson.com/wp-content/uploads/2011/11/What-are-Directors-real-risks.-CCLv5-URL.pdf

Top tip: One digital games company signed an NDA and found the other signatory copied their ideas and started selling their titles. It cost £300,000 to force them to stop and compensate the original designer. There is no point getting someone to sign an NDA unless you have the means to enforce it !

Categories : Accountants Insurance,All Risks Insurance,Business Insurance,Company Insurance,Design Insurance,Domian name protection,General Requirements,Intellectual Property Insurance,Legal expenses insurance,Liability Insurance,Litigation expenses insurance,Patent Insurance,Solicitors indemnity,Solicitors insurance,Trade,Trade Secret Protection,Trademark Insurance Tags : , , , , , , , , , ,

Lambs slaughtered in Den

Posted by 28 March, 2014 (0) Comment

This article is about people eliminating threats to their business, taking risks and getting others interested. Read on to find out how the intrepid pitch for investment yet fail to illustrate their position on risk, never mind secure someone else’s hard earned finance.

Welcome back, or if you’re new here sign up to our orange RSS button to the top right of this page to receive insurance tips, new posts, plus details of events and promotions that could help you or your network reduce the risks facing their organisation.

Dragon’s Den is a risk worth taking

 

I learn a lot when watching Dragons Den. It is always interesting to see a great idea. Everybody loves those. Yet, a lot of the time we are treated to ‘car crash television’ where it appears that the unprepared have been literally thrown at the Dragons. I have actually cringed when watching the programme, yet it is rarely the Dragons that scare me. It’s some of the characters that arrive and put their “worst” foot forward. On the other hand, my heart does sink when a genuinely warm, credible person drops themselves in it. Even then, I don’t feel sorry for too long because I have a lot to learn myself.

Even though I’m watching on television, it’s not hard to spot the weak points that are being attacked. I’m always alarmed by those who do have a great idea, a coherent plan and still fail because they didn’t think about the objections that would inevitably be raised. When they shoot themselves down in flames I feel their pain. I suppose not all of it can possibly be unwitting. I expect some people do well out of the exposure even if they don’t get the investment they were after. Good luck to them!

Sometimes you can smell the ill-preparation

 

Recently a couple of entrepreneurs explained they had a huge following and people were biting their arms off to extend their travel and tour company business to take in festivals in different places. I had heard of this type of business yet they seemed to have a way of making it cost efficient and therefore more profitable. The Dragons were listening. Right up until one of the Dragons mentioned that they were not happy that the risks to the business had been thought about in detail. The lady announced that “all it takes is for one hotel to go down and you are snookered”. I had heard the guys mention that they were ATOL/ABTA protected which means that their clientèle are flown home in the event of the holiday providers having financial problems.

They should also have mentioned that ATOL/ABTA (and others) provide insurance that covers them for most of the other costs that follow such issues. They didn’t. Why not? Didn’t they realise this protection was available? Had they decided that insurance was too expensive for their business? It didn’t sound right that people who had been sending clients on trips to festivals around Europe hadn’t put any protection in place for their clientèle, never mind their business. I remain puzzled because the investors lost interest. No surprise there then.

When the Dragon questioned whether they would be able to continue if a third party let them down, all they had to do was say they would insure the risk. Even if they hadn’t arranged it at the time they could have accounted for the investment in their plan. It rarely “breaks the bank” to protect oneself.

 

Wrap Up: If you have a great idea think about the threats that could interfere with your business plan. Reduce them or eliminate the impact completely where possible because Dragons are risk averse, they only  take balanced risks. They don’t assume. They gauge their possible ROI based on all the variable outcomes. You can too.

 

Top Tip: If you are looking for investment try and understand just how risk averse your investors are before you pitch to them. Their previous investments will give you clues.

Categories : Accountants Insurance,After The Event,All Risks Insurance,Building Contractor,Business Insurance,Company Insurance,Contractors Insurance,Customer Service,Design Insurance,Domian name protection,General Requirements,Health & Safety,Intellectual Property Insurance,Legal expenses insurance,Liability Insurance,Litigation expenses insurance,Patent Insurance,Personal Insurance,Solicitors indemnity,Solicitors insurance,Trade,Trade Secret Protection,Trademark Insurance,Uncategorized Tags : , , , , , , , ,