Professional Lines Insurance
As professional and financial risks evolve, you’ll be prepared with Amwins. Through our expertise, market access and proprietary products, Amwins' professional lines insurance specialists find solutions for accounts of all sizes and complexities.
Professional Lines Insurance
As professional and financial risks evolve, you’ll be prepared with Amwins. Through our expertise, market access and proprietary products, Amwins' professional lines insurance specialists find solutions for accounts of all sizes and complexities.
Insurance solutions that evolve with the times.
Amwins is a leading professional liability insurance broker specializing in financial, professional and management risks. Our experts across the country, and around the world, collaborate to deliver the right
solution for your clients.
We offer numerous proprietary products tailored to specific classes and lines of business. We also leverage a proprietary quoting platform, Amwins IQ, and pre-negotiated terms to transact more efficiently. With these products in your arsenal, you gain a distinct advantage in a marketplace that never sits still.
$2.5B
annual premium placements
174,000
submissions received annually
510
dedicated professionals
Professional lines areas of specialty
Amwins InstantQuote provides firm, bindable quotes from up to 13 carriers within minutes. Targeting small and middle market businesses, our digital solutions combine the ease and convenience of online quoting with the scale of the nation’s largest wholesaler.
In-house professional lines products + programs
Partnerships with industry-leading cyber security service providers
Amwins offers our clients discounts with industry-leading cyber security service providers who can help insureds improve their risk profile.
Benchmarking
Our proprietary cyber benchmarking tool analyzes data from thousands of cyber liability placements, then determines a reasonable policy limit and premium relative to those in similar industries and revenue ranges.
Claims advocacy
From designing a proactive claims management plan to engaging on difficult and complex claims, Amwins supports our clients when they need us most.
Professional Lines resources + insights
Stay up to date on emerging liability insurance trends and topics
The Cost of a Data Breach
Nov 17, 2020, 02:23 AM
There is a tremendous potential risk for merchants when it comes to the fines and penalties associated with data breaches – not to mention the public relations nightmare that could follow. Many insurers are hesitant to provide the capacity that is needed for the exposure that exists. Are your clients aware of the Cyberliability solutions that will cover them in the event of a breach?
Title :
The Cost of a Data Breach
Anchor Image Vertically :
Disable comments :
Yes
State of the market :
No
Date :
Jan 15, 2015, 05:00 AM
In recent years, we’ve seen data breaches at the likes of Target, Hope Depot, Dairy Queen, Staples and Neiman Marcus, and there have been countless others at lesser known retailers around the U.S. Many of these breaches involve the theft of debit or credit card information. While there is much focus on the consumer in these situations, in reality they have a relatively painless experience. Because of a variety of state and federal laws, consumers are made aware of the breach and are often provided with free credit monitoring for a year. Further, their credit or debit card is replaced and, in general, consumers aren’t held accountable for any fraudulent charges.
Retailers, on the other hand, not only suffer a public relations nightmare, but are susceptible to fines, penalties, and additional costs related to the loss of payment card data. In 2006, American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. formed the Payment Card Industry Security Standards Council (PCI SSC). According to their website, the PCI SSC “develops, maintains, and manages the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements.” However, penalties for noncompliance are not imposed by the PCI SSC, but rather by the “payment brands and their partners.”
Essentially, you have a council that cannot legally make a retail merchant be (or stay) compliant and, in the end, has no legislative authority to order reconciliatory action. So why is the PCI SSC of concern to retailers? Merchants that want to accept payment from the member companies must comply with the standards of the five organizations and, increasingly, merchants have to adapt to a market space that is increasingly driven by the use of credit and debit cards. According to the Federal Reserve Board, in 2012 there were an estimated 122.8 billion non-cash transactions, excluding wire transfers, with a value of $79 trillion. Now imagine not having the ability to accept the five major credit card brands.
However, PCI SSC compliance doesn’t alleviate all concern. If a breach occurs, the retailer can be held responsible for fraud losses, the cost to reissue cards, and any additional fraud prevention and detection costs incurred by credit or debit card issuers. These costs will impact large, financially sound retailers, but they can cripple a smaller merchant.
Traditional insurance policies are triggered by a legal action against an insured and usually exclude the breach of a contract the insured has entered into – an obvious conflict as contracts are the building blocks of the payment card industry. Basically, a merchant contracts with a payment processor or bank which allows the merchant to accept payments via a credit or debit card. This contract is a Merchant Service Agreement (MSA). When a sale occurs, the transaction is reconciled by the consumer’s card issuing bank or brand and funds are deposited into the merchant’s account. With a breach, it is common for card brands and banks to reconcile fraudulent charges back to the event and push associated costs back to the retailer. When the charges are pushed back on the merchant as the source of the breach, there is a contractual obligation defined by the terms of the MSA, which can include significant fines depending on the particular credit card company or other financial remedies paid back to the merchant bank. Claims made insurance policies are generally triggered by demands for damages or lawsuits; these charges don’t necessarily fit that definition of claim.
How can retailers insure against the financial burden of an assessment and fines/penalties that accompany a breach and the theft of credit or debit card information? Many carriers are at a crossroads. Underwriters recognize a systemic exposure across retail merchants accepting payment cards, but providing a solution means:
Retailers, on the other hand, not only suffer a public relations nightmare, but are susceptible to fines, penalties, and additional costs related to the loss of payment card data. In 2006, American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. formed the Payment Card Industry Security Standards Council (PCI SSC). According to their website, the PCI SSC “develops, maintains, and manages the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements.” However, penalties for noncompliance are not imposed by the PCI SSC, but rather by the “payment brands and their partners.”
Essentially, you have a council that cannot legally make a retail merchant be (or stay) compliant and, in the end, has no legislative authority to order reconciliatory action. So why is the PCI SSC of concern to retailers? Merchants that want to accept payment from the member companies must comply with the standards of the five organizations and, increasingly, merchants have to adapt to a market space that is increasingly driven by the use of credit and debit cards. According to the Federal Reserve Board, in 2012 there were an estimated 122.8 billion non-cash transactions, excluding wire transfers, with a value of $79 trillion. Now imagine not having the ability to accept the five major credit card brands.
However, PCI SSC compliance doesn’t alleviate all concern. If a breach occurs, the retailer can be held responsible for fraud losses, the cost to reissue cards, and any additional fraud prevention and detection costs incurred by credit or debit card issuers. These costs will impact large, financially sound retailers, but they can cripple a smaller merchant.
Traditional insurance policies are triggered by a legal action against an insured and usually exclude the breach of a contract the insured has entered into – an obvious conflict as contracts are the building blocks of the payment card industry. Basically, a merchant contracts with a payment processor or bank which allows the merchant to accept payments via a credit or debit card. This contract is a Merchant Service Agreement (MSA). When a sale occurs, the transaction is reconciled by the consumer’s card issuing bank or brand and funds are deposited into the merchant’s account. With a breach, it is common for card brands and banks to reconcile fraudulent charges back to the event and push associated costs back to the retailer. When the charges are pushed back on the merchant as the source of the breach, there is a contractual obligation defined by the terms of the MSA, which can include significant fines depending on the particular credit card company or other financial remedies paid back to the merchant bank. Claims made insurance policies are generally triggered by demands for damages or lawsuits; these charges don’t necessarily fit that definition of claim.
How can retailers insure against the financial burden of an assessment and fines/penalties that accompany a breach and the theft of credit or debit card information? Many carriers are at a crossroads. Underwriters recognize a systemic exposure across retail merchants accepting payment cards, but providing a solution means:
- amending the form to get around a breach of contract exclusion inherent in most policies,
- amending the definition of claim to respond to PCI DSS actions, and
- providing affirmative coverage for an indefensible punishment from a quasi-regulatory authority.
Further, the coverage grant is often made on the reliance that insureds are PCI compliant, yet the compliance model offers them no protection in the event of a breach. In other words, there’s no immunity from punishment even if a retailer demonstrates that they are following the standards set by PCI.
Understandably, many insurers are hesitant to provide the capacity that is needed in the retail space. While there are solutions available, only a handful of markets offer full limits with coverage for most PCI-related costs. More often, carriers limit their liability by providing small limits, only picking up certain portions of the exposure, providing defense only coverage, or only covering certain types of fines.
It is increasingly important to know the costs associated with payment card breaches and be sure to find the right Cyberliability insurance solutions that will cover your client in the event of a breach. Members of the AmWINS Financial Services Practice are available to help you find and understand the solutions available in the insurance marketplace.
Understandably, many insurers are hesitant to provide the capacity that is needed in the retail space. While there are solutions available, only a handful of markets offer full limits with coverage for most PCI-related costs. More often, carriers limit their liability by providing small limits, only picking up certain portions of the exposure, providing defense only coverage, or only covering certain types of fines.
It is increasingly important to know the costs associated with payment card breaches and be sure to find the right Cyberliability insurance solutions that will cover your client in the event of a breach. Members of the AmWINS Financial Services Practice are available to help you find and understand the solutions available in the insurance marketplace.
Tags :
AmWINS Grouping :
Insights Category :
- Cyber Liability
- Professional Lines
Related products
Related Articles
Case Study
Product innovation addresses gaps in the evolving cyber market
In recent years, unintended coverage for cyber events has bled into other lines of insurance – prompting insurers to adopt various exclusions and changes to non-cyber policies. This phenomenon is creating a new class of coverage gaps known as silent cyber.
In response, Amwins created CyberUP, the market's first insurance product designed to counteract silent cyber. This cyber umbrella policy provides retailers and insureds peace of mind for whatever type of losses are triggered from a cyber event.
Read more about the Amwins' product innovation and CyberUP.
