Get A Quote
Get A Quote

Blog - Month: September 2025

The Five Most Common Types of Employee Fraud, Theft

At some point, the odds are that a company will be affected by some form of employee theft or outright fraud.

Fraud can severely crimp a company’s finances and put the firm in a serious bind if the theft is large enough. With technology, fraud has in some ways become easier, but at the same time it typically leaves a trail of electronic breadcrumbs that may be hard to disguise.

According to the Association of Certified Fraud Examiners’ (ACFE) global “Report to the Nations on Occupational Fraud and Abuse” report for 2024, the median loss in the U.S. from a single case of:

  • Employee fraud was $61,000,
  • Manager fraud was $150,000, and
  • Executive fraud was $300,000.

 

Here are the five main types of employee fraud and what you can do to thwart it.

 

Purchase order fraud

This is typically carried out in one of two ways:

  • The employee initiates purchase orders for goods that are diverted for personal use, or
  • The employee sets up a phantom vendor account, into which they pay fraudulent invoices, with funds eventually being diverted to the employee.

 

Company credit cards

Employees who have company credit cards may use them for illegitimate purposes to purchase items or on entertainment and travel. Some common types of fraudulent use of credit cards are fuel purchases, airfares, home supplies, meals that are not work-related and entertainment.

 

Payroll fraud

There are typically three ways that an employee can pull off payroll fraud:

  • Setting up phantom employees on your payroll systems who are paid like regular employees but whose funds are diverted to the perpetrator’s account.
  • Paying out excessive overtime.
  • Continuing to pay employees after they die or after they leave your employ.

 

You should have systems in place to detect whether you have more than one employee with the same bank account number or the same address, unusually high overtime payments and whether dead or terminated employees are still on your payroll.

 

Sales and receivables

Some employees may collude with vendors to make payments for services never rendered or products never received.

Other times, you may have sales reps who inflate sales to receive higher commissions or bonuses.

 

Data theft

This involves an employee stealing important company data like trade secrets, personally identifiable information, client credit card numbers or client lists. In some cases, the employee would provide this data to third parties.

You may be able to detect this kind of theft by running tests to see if a database has been accessed by an employee without access privileges or if reports were generated by employees without authorization. You may also be able to run tests to find out if any employees have sent e-mail with attachments that include sensitive company data.

 

What you can do

According to the report, most theft occurs at one or more of the following stages:

  • Procurement
  • Payment
  • Expense

 

If you are going to do any employee monitoring, these are the places you may want to focus on first.

The ACFE said that by analyzing transactions in these areas (such as with continuous monitoring systems driven by data analysis), it is often possible to test for a wide range of employee fraud as well as bribery and conflicts of interest.

Also, three out of four fraudsters displayed at least one of the following behavioral clues:

  • Living beyond means (39%)
  • Financial difficulties (27%)
  • Unusually close association with vendor/customer (20%)
  • Control issues/unwillingness to share duties (13%)
  • Irritability, suspiciousness or defensiveness (12%)
  • “Wheeler-dealer” attitude (12%)
  • Bullying or intimidation (11%)
  • Divorce/family problems (10%)
Tags: ,
Posted in Uncategorized |
Read the article

Construction Defect Litigation on the Rise

Construction defect lawsuits, a constant presence in the building industry, are on the rise, and legal observers expect the trend to continue over the next few years.

There are several factors driving the increase, including a continuing construction industry labor shortage, contractors working on tight schedules to rebuild properties in areas devastated by natural disasters and growing high-dollar court judgments.

Since insurance coverage for construction defect claims is not iron-clad, it’s important for construction firms, contractors, architects, engineers and even material suppliers to understand the drivers behind this trend.

 

Why defect claims are increasing

Skilled labor shortage — The construction industry has faced a sustained shortage of skilled workers for more than a decade, with recent estimates showing a gap of roughly 500,000 workers nationwide. According to Seyfarth Shaw’s 2025 Commercial Litigation Outlook, 30% to 40% of the construction workforce is made up of immigrants, and a significant portion is undocumented. Immigration policy shifts and the long-term difficulty in attracting new workers to the trades have kept the talent pipeline thin.

A smaller labor pool increases the likelihood of errors, substandard workmanship and oversights that later become the basis for defect claims.

Urgency in post-disaster rebuilding — Natural disasters such as hurricanes and wildfires are another factor driving defect risk. Rebuilding efforts after disasters have sometimes involved loosening or waiving certain permit and inspection requirements to speed up construction.

These measures can increase the risk of workmanship or design issues that later surface as legal disputes.

More complex and higher-value projects — In many markets, builders are taking on increasingly complex projects, from high-end custom homes valued at tens of millions to major medical facilities and infrastructure projects.

Larger budgets and intricate designs often mean more stakeholders, more specialized materials and more potential points of failure.

Litigation dynamics and ‘nuclear verdicts’ — Plaintiff attorneys are increasingly filing defect claims as close as possible to the statute of limitations, typically up to 10 years after project completion.

 

At the same time, the growing number of multi-million-dollar verdicts is pushing jury awards higher, particularly when property damage or perceived negligence is involved. This trend is making construction defect cases more attractive to plaintiffs’ firms.

 

Examples of recent construction defect verdicts

  • A Chester County, PA jury rendered a verdict in favor of three homeowners, finding that the builder’s negligence resulted in construction defects and water damage to their homes. Jury award: $3.3 million.
  • A condo association in Maryland was awarded $5.6 million due to faulty construction by Ryan Homes.

 

The insurance gap

There is no single insurance policy that specifically covers construction defects. While certain policies may respond to related losses, coverage is often limited and dependent on the circumstances:

  • Commercial general liability — May provide coverage if the defect results in property damage or bodily injury, often through the products-completed operations portion of the policy.
  • Builder’s risk — Protects a project during construction but generally does not respond after completion unless the defect arises and is addressed before handover.
  • Professional liability — Covers architects, engineers and design professionals for claims stemming from design errors or professional negligence.

 

Many defects — especially those related solely to poor workmanship without resulting property damage — may fall outside these policies. That leaves builders and contractors exposed to significant out-of-pocket costs for remediation and legal defense.

 

What industry professionals can do

With litigation pressure building, contractors should consider:

  • Tightening quality control — Implement formal inspection and sign-off processes at every stage of construction.
  • Vetting subcontractors thoroughly — Require proof of adequate insurance and consider naming them as additional insureds.
  • Documenting everything — Maintain detailed records of design changes, materials used, inspections and client approvals.
  • Reviewing insurance programs — Work with us to identify gaps in coverage, confirm policy terms and explore endorsements or additional limits where possible.
  • Planning for the long tail — Be aware of statutes of limitations and understand that claims may surface years after completion.
Tags: ,
Posted in Uncategorized |
Read the article

Ransomware Escalates: Physical Threats Against Company Leaders

A new survey has found that in 46% of ransomware incidents in the U.S., CEOs or other executives were physically threatened if their organizations did not pay the ransom demanded by hackers.

The findings in Semperis’ “2025 Ransomware Risk Report” highlight other pressure tactics, such as ransomware criminals threatening to file regulatory complaints to force payment. The study’s findings emphasize the need for businesses to remain vigilant against ransomware threats that can completely shut down their networks and websites until they pay ransom.

Many organizations cited a lack of experienced personnel or employee training as top challenges, opening the door to mistakes like clicking malicious links in e-mails that trigger ransomware.

Additionally, hackers are using new tactics to increase pressure on their victims.

 

Study findings

  • 78% of organizations reported being targeted within the past 12 months.
  • 55% of those that paid a ransom did so more than once, with 29% paying three or more times.
  • 15% of organizations that paid never received usable decryption keys, or received corrupted ones, leaving equipment and data inaccessible.
  • Less than one quarter (23%) recovered within a day, compared with 39% last year. Meanwhile, 18% needed between one week and one month, up from 11% in 2024.
  • 42% paid ransoms of $500,000 or less, while 50% paid between $500,000 and $1 million.

 

New tactics

Physical threats — Ransomware actors are resorting to extreme measures to pressure victims into paying, including threats of physical harm to business executives. In the past 12 months, 40% of incidents involved physical threats against executives, according to the Semperis report.

Threats of reporting to regulators — in 47% of attacks, ransomware criminals threatened to file regulatory complaints against victim companies if they refused to pay.

This tactic was especially common against U.S. companies, likely due to cyber incident reporting requirements, including the Securities and Exchange Commission’s four-day disclosure rule for publicly traded firms. For example, ransomware group BlackCat reported one of its victims to the SEC in 2023 in a bid to pressure payment.

Other tactics — In early 2025, Cisco Talos reported that the Chaos ransomware group threatened additional damage by launching DDoS attacks and spreading news of the breach to competitors and clients if payment was withheld.

 

What businesses can do

  • Address vulnerabilities and strengthen defenses to improve the ability to recover if an attack occurs.
  • Regularly back up your data to an offline or secure location.
  • Train staff to spot e-mails that may contain ransomware and avoid opening attachments or clicking on links from unknown or suspicious senders. Run cross-functional tabletop exercises every six months so executives, managers and technical teams know their roles.
  • Ensure your organization has well-documented, clearly communicated crisis response and recovery processes, and practice them in test scenarios that mirror real-world conditions.
  • Hold vendors and partners with system access accountable to the same security and recovery standards you require internally.
  • Install updates to your operating system, web browsers and other software as soon as they become available and use a firewall.

 

If you are hit

  • Contain the attack quickly. Isolate affected networks, revoke and rotate credentials, and preserve forensics. Then restore from clean, verified backups.
  • Call your incident-response partner and legal counsel immediately. Parallel communication, legal and technical workstreams speed recovery and help limit secondary harm.
  • Notify your cyber insurer right away. Expect tighter underwriting and potential premium impacts; nearly half of respondents reported coverage disruption after attacks.
  • Treat ransom payment as a last resort. Require proof that a decryptor works on samples before transferring funds, and plan for the possibility that keys may never arrive.

 

The takeaway

Consider purchasing cyber insurance, which can help your organization recover from a ransomware hit or other cyberattack. In some cases, the insurer can help you avoid paying the ransom without compromising your ability to continue operating.

If you have questions about cyber insurance, give us a call.

Tags: ,
Posted in Uncategorized |
Read the article

Cumulative Trauma Claims Driving Workers’ Comp Costs

One of the largest writers of workers’ compensation insurance in California recently sounded the alarm about the growth of costly cumulative trauma claims in the state.

In a recent earnings call with analysts, the insurer, Employers Holdings, highlighted the drag these claims have on its results. This came a month after the Workers’ Compensation Insurance Rating Bureau noted in its recent rate filing the oversized impact of CT claims on overall workers’ comp claims. While some claims are legitimate, many are filed by workers after they are terminated, thanks to lawyers who approach them after they are laid off.

The typical claims allege gradual injuries sustained over years of repetitive motions, exposure or strain, rather than from a single accident or incident. They’re common in industries involving repetitive motion, heavy lifting or prolonged exposure to harmful conditions.

California is the only state that allows cumulative stress claims in workers’ compensation and one of only a few to permit claims after termination.

In 2023, CT claims accounted for 21.8% of all workers’ comp claims in the state, compared to 18.5% the year prior and 15.6% in 2021, according to the Rating Bureau.

CT claims often have similar characteristics:

  • They are more likely to involve multiple injured body parts,
  • Long delays between the time of injury and when the claim is filed, and
  • Involvement of an applicant’s attorney hired by the claimant.

 

The Rating Bureau report found that:

  • 40% of CT claims in California are filed after a worker is terminated.
  • 98% of CT claims are litigated.
  • Fully denied CT claims still end up costing over $10,000 on average, and many remain open even after five years.

 

The main injuries that workers claim when alleging CT:

  • Soft tissue disorders 25%
  • Dislocation and sprain 20%
  • Carpal Tunnel Syndrome 13%
  • Multiple injuries, including CTS 13%
  • Mental & behavioral disorders 9%

 

The Rating Bureau found in a recent report that post-termination CT claims were initially less costly, but the longer they stay open, the more quickly costs accelerate.

That’s compared to regular CT claims filed by workers who are still working for their employer, which start off more expensive but tend to develop more slowly over time.

 

Example

The owner of a produce company said he had to lay off 46 workers, and a few of them started filing CT claims using the same attorney. Eventually, word got around among the other laid-off workers, and 16 of them had filed claims alleging CT injuries.

The firm’s workers’ comp carrier eventually set aside more than $500,000 in reserve for these claims. The employer’s X-Mod shot up to 350, and his premiums increased significantly as a result.

 

The takeaway

While these claims have long been a persistent problem in Southern California, they are spreading to other parts of the state, including the Bay Area and Sacramento, Katherine Antonello, CEO of Employers Holdings, said during the company’s earnings call in August 2025.

They’ve become such a burden on the system that California Insurance Commissioner Ricardo Lara acknowledged the rising frequency of these claims when approving a recent workers’ comp benchmark rate increase.

Employers should strive to reduce the risk of repetitive motion and cumulative injuries as part of good safety practice. At the same time, it’s important to document all injuries and near misses.

If a CT claim is filed, employers should conduct thorough investigations, meticulously document workplace hazards and training, and assess possible links between the injury and work.

Also check with your insurer to ensure the claim was filed within the state’s statute of limitations, which is one year. For post-termination claims, the clock starts on the worker’s last day of employment. For claims by active employees, the statute of limitations has not yet begun.

Tags: ,
Posted in Uncategorized |
Read the article

Multi-Unit Facilities Get Better Deal from FAIR Plan

The California FAIR Plan on July 25, 2025, started offering a new “high-value” commercial property coverage option for larger housing developments, farms and businesses with multiple buildings at one location.

The new limits are up to $20 million per building, with a total maximum of $100 million per location — up from the previous limit of $20 million per location. These coverage limits are available to all eligible applicants for both new and renewal policies.

The FAIR Plan covers the following commercial structures:

  • Habitational buildings — Buildings with five or more habitational units, such as apartment buildings, hotels or motels.
  • Retail establishments — Shops such as boutiques, salons, bakeries and convenience stores.
  • Manufacturing — Companies that manufacture most types of products.
  • Office buildings — Offices for professionals such as design firms, doctors, lawyers, architects, consultants or other office-based functions.
  • Buildings under construction — Residential and commercial buildings under construction from the ground up.
  • Farms and wineries — Basic property insurance for commercial farms, wineries and ranches, not including coverage for crops and livestock.

 

Why the increase

The decision comes as commercial property rates continue rising due to inflationary pressures, particularly for companies in areas considered urban-wildland interfaces.

Rebuilding costs have also risen substantially over the past five years, making the old FAIR Plan limits inadequate.

 

FAIR Plan limitations

The FAIR Plan is taking on more policyholders as more insurers pull back from the California market. Under state law, if a business can’t find an insurer that is licensed in California, the first option is to go to the “non-admitted” market, which consists of insurers not licensed in the state but often backed by established insurers like Lloyd’s of London.

If there are no takers in this market, the last resort is the FAIR Plan. However, costly FAIR Plan policies are not a complete replacement for a commercial property insurance policy. Policies only provide coverage for damage caused by the specific causes of loss listed in the policy:

  • Fire
  • Lightning
  • Internal explosion

 

Optional coverages are available at an additional cost, such as for vandalism and malicious mischief.

If you have to go to the FAIR Plan, we can arrange for a “differences in conditions” policy that will cover the areas where the plan is deficient compared to a commercial property policy.

Tags: ,
Posted in Uncategorized |
Read the article