Skip to content
Go back

Article Tags:

Please choose from the following:

Does cybercrime pose the greatest challenge to Professional Indemnity Insurance?

Does cybercrime pose the greatest challenge to Professional Indemnity Insurance?

Obtaining a robust professional indemnity insurance (PII) policy is the single highest cost of regulation for law firms but is vital to protect clients and the solicitors who act on their behalf.

The need to have appropriate protection in place, without firms incurring additional expense that drives up costs which are passed on to clients, has prompted the Solicitors Regulation Authority (SRA) to consider new reforms to the minimum terms and conditions of solicitors' PII cover.

Ahead of an expected consultation later this Spring, the SRA has published analysis on PII claims data over a ten-year period (2004 to 2014) from insurers currently active in the market to identify key trends. Some of the findings include:

  • PII premiums as a percentage of firm turnover range from 3 - 7%, and are particularly high for small firms and sole practitioners
  • About one in five claims result in an indemnity payment, and 98% settle for less than £580,000
  • A high proportion of claims come from a narrow set of legal activities, in particular, conveyancing
  • Premiums have remained relatively stable over recent years

The SRA's intention is to create a more flexible way for firms to provide adequate and appropriate cover without spending more on premiums.

However the regulator's bid to cut the minimum level of PII cover from £2m to £500,000 has raised concerns amongst some within the legal sector.

The Law Society has recently highlighted that the SRA's data analysis does not include open PII claims or take into account claims from insurers that had left, such as Quinn, Lemma and Balva who had approximately a 30% share of the market.

Perhaps a more influential omission is the SRA's decision not to fully evaluate the impact cybercrime claims are having on PII, some of which have recently exceeded £1 million in value.

In 2016 the SRA revealed it had received reports that around £7 million of client money had been lost to cybercrime, with almost half of all attacks aimed at small businesses.

Undoubtedly cybercrime and social engineering fraud have become more prevalent for the legal sector over the past 12 months. Common scams involve law firms receiving an email requesting their services.

Upon responding the scammers send malicious attachments or links to websites that contain malware which allows the perpetrators to control IT systems, potentially gaining access to client funds in more serious cases.

Arguably, some law firms are paying above the required minimum for PII. But are higher premiums justified given the escalating threat of cyber attacks, rendering any decision to cut the minimum level of PII cover a gamble which could backfire?

It will be interesting to see how the SRA's and the Law Society's debate plays out.

Leading commercial finance providers, such as Wesleyan Bank, offer tailored financial products to enable businesses to invest in emerging technologies to mitigate the risk of cybercrime, such as encryption software and specialist IT support and maintenance services.

They can also provide longer-term PII policies at competitive premium rates and cyber insurance covering loss in the event of a data breach via Wesleyan's General Insurance division.

'WESLEYAN’ is a trading name of the Wesleyan Group of companies.

Wesleyan Assurance Society and Wesleyan Bank Ltd are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Wesleyan Financial Services Ltd, Wesleyan Unit Trust Managers Ltd, Practice Plan Ltd and DPAS Ltd are authorised and regulated by the Financial Conduct Authority.  Advice about investments, insurance and mortgages is provided by Wesleyan Financial Services Ltd.

Click for more information about the Wesleyan group of companies.

© 2021 Wesleyan Assurance Society