The threat of cyberscams in the form of what has been called “social engineering fraud” or “payment instruction fraud” has become pervasive. In these swindles, imposters posing as senior corporate executives or company vendors direct company personnel to transfer funds to accounts that the imposters control. Losses from these frauds can be substantial, and, as I have noted on prior posts on this site, the insurance coverage questions these losses present can be challenging. Earlier this week, the SEC released an investigative report taking a look at what the agency called “business email compromises” at nine different public companies. The report underscores the need for companies to take cyber threats into account when implementing internal accounting controls. The report has some interesting insurance underwriting implications as well. The SEC’s October 16, 2018 press release about the report can be found here.
Continue Reading SEC Warns of Need for Internal Controls to Prevent Cyberscams