McGowanPRO Professional Liability Blog / Resources / Articles

In some cases, it may appear that certain professional insurance policies overlap, or are intended to cover the same things.

Does my Errors & Omissions policy cover my acts as a Director?

What is the difference between professional liability and general liability?

Our Insurance Matrix provides a simple overview of some common professional liability policies and their intended coverage.

For more information simply contact us.

The Computer Crime and Security Institute has estimated that as many as 43% of US businesses experience some level of cyber security incident.  The cost of a cyber incident to your firm can be calculated in claims and lost wages.  In addition, with more than 46 states having State Security Breach Laws, client notification costs can be significant ($5 - $10 per client).

What can't be measured is the cost to your brand.  According to Ponemon Institute 2010 global costs of a data breach, the value of brand and reputation can decline 17% - 31% after a breach.  In addition, it can take over a year for an organization to recover it's corporate image.

Having a formal security breach plan in place can assist you in informing your clients the steps you have taken to protect their data in the event of a loss.

For more information download our White Paper on Information Security & Cyber Liability: Essential Steps to Protecting your Firm

The consensus, to date, is that employee related claims arising from, or related to, Social Media has not reached the activity initially projected.  However, insurance companies still believe the exposure and potential liability is there.

The issue is that Social Media has the potential to blur the line between personal and professional behavior.  It is important for companies of all sizes to maintain a Social Media policy as part of their employee handbook.  And, to keep up with relevant changes to make sure their policy is current with acceptable standards.

The National Labor Relations Board (NLRB) has issued a new report on acceptable social media policy and handbooks language. The report details what they believe is acceptable and unacceptable employee handbook guidelines around the use of social media.

Download NLRB Report; Report of the Acting General Counsel Concerning Social Media Cases

Email has become the De facto tool for professional and personal communication.  However, the ease with which we use email also creates significant exposure to our firms.  The use of "E-discovery" is increasing in the courts, and many firms wait until it is too late to address important internal policies.

Roman Kepczyk, CPA.CITP does a great job in this article to outline the exposures created by email and the importance of a solid email retention policy. 

In addition, see NAPLIA's resources on Record Retention here. 

One of NAPLIA’s long-term clients recently received a competitive quote from another agency for their accountant’s professional liability insurance. The quote was $170.00 lower than their existing premium. Despite a discussion with the client regarding policy differences and the benefits of their existing program, the insured elected to go for the minimal premium savings.

They stated they were comfortable with the new agent’s representation of the coverage “being equal”.

Two months into the policy, one of the accountant’s laptops, which contained confidential client information, was stolen from their office. The theft occurred over a weekend and was not discovered until Monday morning.

The accountant called his new agent and was informed that there was coverage in place, but to a limited extent. The agent provided the accountant with the carrier’s toll free hotline to get additional information and support. The additional information amounted to a single piece of advice; secure local legal representation, at the accountant’s expense, to determine the extent of the security breach.

At a loss, our former client remembered the discussion with our office regarding Identity Theft coverage and called our office.

Although no longer a client, NAPLIA was able to assist the accountant with the following:

• NAPLIA provided the accountant with their specific state’s security breach laws.
• Upon review of the relevant state security breach law, NAPLIA determined that under the relevant circumstances, they were only required to notify any client whose personal information was not encrypted in a reasonable manner. 
• NAPLIA provided a sample security breach letter that the accountant could use to send to these clients.
• NAPLIA provided the accountant free access to our Attorney / CPA to assist him with additional questions.
• NAPLIA explained the difference between “first party” and “third party” liability relevant to a client data breach.
• NAPLIA reviewed their current policy and determined their first party coverage was limited to $1,000.

In hindsight, the accountant requested that we review the difference in coverage between the policy they had with NAPLIA and their new policy.

The policy they left with NAPLIA provided $25,000 for first party Cyber Liability in comparison to the $1,000 with their new policy.

The accountant had moved their coverage to save $170, and within two months realized that NAPLIA’s resources and service alone negated the premium savings. In addition, the new policy was not “equal” to their previous coverage leaving them with significant exposures.

The moral of this real story is to understand that not all polices are the same and coverage does indeed matter more than premium savings.

Historically, malpractice insurers have stressed the importance of record retention policies for CPA, and other professional, firms and the need to consistently apply those policies.

The advent of Electronic Discovery ( e –discovery ) has clearly muddied the waters.  Just the financial costs alone, arguably, will cause plaintiffs to settle early in litigation.

The Pippins v.KPMG LLP case is a grim reminder of the need to have consistent, written record retention policies that are clearly articulated to clients , preferably in engagement letters or stand-alone letters.

CPA’S should review state boards of accountancy rules and regulations, the AICPA rules, taxing authority rues, and other regulatory bodies such as the SEC and GAO.  

See NAPLIA Resources on Record Retention

Many accounting firms have been receiving emails that reference their possible involvement in unlawful income tax activity and include the AICPA logo.  The AICPA has confirmed these emails are not from their office.  They further confirmed that after an extensive check, they are confident their systems have not been compromised.

These emails may be received by CPA’s, non-CPA’s, and members of the general public.

If you receive one of these emails do not open the attachments as they may contain viruses.  For more information, visit the AICPA website

As part of the new IRS tax preparer oversight efforts, tax preparers are required to complete 15 hours of continuing education.  This requirement, new this year, also requires that the annual education hours must come from IRS-approved providers.  CPAs, tax attorneys, and Enrolled Agents are exempt from the CPE requirements.

The 15 hours of continuing education must include 10 hours of federal tax law, three hours of federal tax law updates, and two hours of ethics each calendar year. Tax return preparers must provide their Preparer Tax Identification Numbers—another prong of the IRS’s tax return preparer regulation effort—to the CE providers so their continuing education can be properly reported to the IRS.

Visit the IRS website for a list of approved providers.

It can be confusing to a client when they are informed that their insurance coverage is offered on a non-admitted (aka Excess & Surplus) basis.  The initial reaction may be that a policy that is non-admitted is inferior to an admitted policy.  This is not true, and as with all insurance, the policy should be judged on the actual policy wording, as well as, the financial strength of the insurance carrier. 

In addition, most states require insured’s who are placed with a non-admitted carrier to sign a form acknowledging that they are purchasing coverage on a non-admitted basis.  These forms can be intimidating and add to the concern and confusion.

Read our Frequently Asked Questions (FAQ's) to help clarify the difference between admitted and non-admitted insurance.

Concern about how long engagement files should be retained is a common issue among Accounting firms.  There is frequently a conflict between the desire to discard older files to free up storage space, and the inherent reluctance to discard documents which contain a detailed record of the work which you have performed. 

There are very few rules established in law for file retention by accountants.  However, this information is intended to help provide some guidance in developing internal record retention standards for your firm.

Read More - Including Sample File Retention Policy and Receipt for Client Records

File Retention - FAQ's