;)
One of the unfortunate realities we must confront in the digital age is the constant threat of cybercrime in which all businesses must operate. A new report from Juniper Research found that the cost of data breaches will rise from $3 trillion annually to more than $5 trillion in 2024, an average annual growth of 11 percent.
The even more alarming statistic is that we likely will never know the true financial impact of cybercrime in the U.S. because of how few incidents are ever reported. According to the unit chief at FBI’s Internet Crime Complaint Center, the total number of cyber crimes reported only represent 10 – 12 percent of the actual number.
Why the Life Settlement Industry?
The life settlement industry is a particularly attractive target for cyber criminals. Consider a few of the everyday information staples of our business:
- Personally Identifiable Information (Social Security Numbers, Dates of Birth, etc.);
- Protected Health Information (medical records, prescription drugs history, etc.); and
- Email correspondence that contains confidential financial information related to personal assets (life insurance policy details) and cash payments (life settlement transactions).
This is just a sample of some of the high-value information that changes hands within our industry on a daily basis.
“The value of personal financial and health records is two or three times [the value of financial information alone], because there’s so many more opportunities for fraud,” said David Dimond, chief technology officer of EMC Healthcare, a Massachusetts-based technology provider.
“Combine a Social Security number, birth date and some health history, and a thief can open credit accounts plus bill insurers or the government for fictitious medical care.”
David Dimond, chief technology officer of EMC Healthcare
With such high stakes involved, the costs to a business in the life settlement industry that suffers a major data breach can be very serious. First, there is the risk of fines and other financial penalties for certain kinds of incidents. Second, it is possible that affected clients whose data was compromised may join to bring a class action lawsuit in multiple state courts. Third, it is inevitable that revenue will be lost in the wake of a large cybersecurity incident, as information systems will be shut down for a period of time and startled business partners may exit their relationships. And of course, for any companies that are publicly traded, there is a potential erosion of market capitalization as stock value declines.
Legislative and Regulatory Initiatives
Against this backdrop, it is no wonder that there is a nascent movement to bring some regulatory discipline to how businesses in the life settlement asset class equip themselves in the fight against cybercrime. One bold piece of cybersecurity-related legislation impacting our industry went into effect a few years ago.
The New York regulation includes requirements that financial and insurance institutions retain a CISO, report cybersecurity incidents within 72 hours and use multi-factor authentication. There were even more onerous aspects of the law originally proposed, such as a sweeping definition of what constitutes non-public information and specific requirements for technology vendors, but those were eased off in response to industry concerns. These types of comprehensive cybersecurity regulations target the financial sector, so life settlement industry participants can expect more to come in the years ahead.
Partnering with the Right Service Providers
Technological innovation has transformed the life settlement industry in recent years, with new technologies and data systems driving greater efficiencies and faster transactions. The integration of new machine learning technologies, such as robotic process automation and Artificial Intelligence applications, have the potential to improve our speed of operations when it comes to policy purchases and portfolio servicing.
On the other side of these digital advancements, however, is the rising data security threat to our industry. It is crucial that life settlement industry participants are partnering with the right service providers in our space who understand the cybersecurity risk and have demonstrated expertise in using next-generation technologies to drive the business forward. The stakes are too high to entrust your data security to business partners who fail to appreciate the scale of the threat.