Today’s title professionals face ever-increasing cybersecurity threats, all of which can cause major disruption and economic loss. With October being Cybersecurity Awareness Month, now is the perfect time to review the latest trends affecting our industry and understand how to mitigate some of the top challenges.
I. Wire fraud remains number one
Wire fraud continues to be the number one threat to title agents, their customers and the vitality of their business. According to the latest FBI reports, the average cost per wire fraud incident is nearly $200K, and the total number of incidents recorded this year will likely break records.
Take the following actions to derail some of the most common schemes, including phishing, business email compromise and social engineering:
- Use multi-factor authentication (MFA) for system access.
- Ensure the latest security patches are promptly installed. Read our tips on keeping programs updated consistently.
- Consider upgrading your antivirus protection with endpoint detection and response (EDR), a dynamic tool that leverages AI technology to reinforce your security.
II. Watch out for fraudulent sellers
Seller theft, one of the most significant emerging threats, involves a scheme where the seller’s identity is falsified, leading to a bogus and fraudulent sale. There is no shortage of information online regarding real estate transactions, making it easy for thieves to obtain these details. Here are some of the best strategies for combating these fraudsters:
- Use encryption to protect communications and all identifying information, including emails and data that is “at rest,” that is, data housed physically on a given computer storage device.
- Verify and validate identification through available electronic tools.
- Confirm and reconfirm throughout every step of the transaction. Slow down. Take time to verify.
To reduce fraudulent transactions and lower premiums, Alliant National has initiated a crime watch program, which incentivizes policy-issuing agents to detect and prevent illicit activity. Learn more about the program and get involved.
III. Privacy remains the focus
Ten states have now enacted comprehensive privacy laws. Six have passed laws this year alone, with Texas being just the latest to do so. All 50 states now have data breach reporting laws. Many statutes impose a significant daily fine for late notice or a private right of action for failure to comply and negligence.
What all these legislative moves imply is that privacy and sensitive data protection remains at the forefront of our industry. Title leaders must ask themselves if they are staying current on the latest technologies and techniques to guarantee end-to-end data protection, including:
- Developing a written security plan and devoting the necessary time and resources to ensure employees are trained sufficiently. maintaining complete records is important as well.
- Encrypting sensitive and non-public information, which is essential to protect against unauthorized access and breaches.
- Knowing and abiding by your state-specific breach reporting requirements.
IV. Practice secured electronic document storage
Title agencies routinely deal with electronic documents that contain large quantities of sensitive information and which represent a highly attractive target for today’s criminals. In fact, according to recent research, “88% of organizations worldwide were experiencing spear-phishing attempts in 2019. And 68% of business leaders felt their cybersecurity risks were drastically increasing.”[i]
Here are some principles to help keep these bad actors at bay:
- Ensure you are applying encryption to protect digitally stored documents.
- Perform periodic backup and recovery tests to ensure the availability and integrity of stored records.
- Maintain and test disaster recovery and business continuity plans.
V. Adhere to all regulations
Regulatory compliance requirements have increased and will continue to evolve to address shifting cybersecurity and consumer privacy issues. Stay abreast of some of the most pressing changes to the landscape:
- The current patchwork of complex state privacy and data breach laws is expected to continue growing without any expected federal legislation.
- The Gramm-Leach-Bliley Act (GLBA) has been updated for the first time since the early-aughts to address data security and privacy. Modifications to the law’s security safeguard rules are going into effect in June 2023 and will be enforced by the Federal Trade Commission.
- The National Association of Insurance Commissioners (NAIC) has released a draft of proposed 2023 privacy protection requirements modeled after the California Consumer Privacy Act (CCPA) and the New York State Department of Financial Services (NYDFS).
Taking action can keep you safe
Wire fraud. Seller falsification. Regulatory compliance. It seems like every day there is a new thing for the busy title agent to worry about. Staying apprised of the latest news and best practices, however, can help, as can seeking out the expertise of an experienced technology provider. Taking these steps, along with carrying comprehensive insurance for cybercrime and liability, can reinforce your security posture for maximum protection.
For more tips on building a safe and secure title operation, check out our other blogs focusing on IT.
[i] 2020 State of the Phish: An in-depth look at user awareness, vulnerability and resilience (proofpoint.com)
For every type of insurance that you purchase, there are a variety of different coverages offered. For instance, if you buy homeowner’s insurance you may want to add extra coverage if you have valuable paintings or jewelry that may not be covered by the basic policy amounts.
The same is true for title insurance.
The standard Owner’s Title Insurance Policy affords basic protections against many title defects such as fraud, forgery, or matters in the public record. For example, the policy includes coverage for recorded liens, real property taxes, or legal documents within the transaction that were executed under an invalid or expired power of attorney.
The title agent’s intent is to research thoroughly the ownership rights of the property, as well as any judgments or liens that may exist that could affect your rights to the property. Then the agent clears or cures those issues to ensure that you have free and clear title to the property when you purchase it.
Although your title agent is diligent in searching out the facts about your property that are in the public record, not everything about your property is “of record.” Therefore, a standard title policy includes exceptions to coverage for certain matters that may be undiscoverable.
An Enhanced Owner’s Policy adds 22 new covered risks that are excepted in the standard policy. The enhanced policy is typically available to purchasers of an owner-occupied one-to-four family residence wherein each insured is a “Natural Person.” The term “Natural Person” is defined under the conditions of the title policy. With the enhanced policy, the policy insures against certain future activities and matters that would not be discoverable by the title agent’s search of the land records.
Coverage under an enhanced policy continues to be subject to the title policy’s conditions, exclusions and exceptions unless it is stated differently in the covered risk itself.
Let’s take a look at the additional coverage offered with an Enhanced Owner’s Policy.
One of the most important benefits of an Enhanced Owner’s Policy is inflation coverage. The amount of insurance automatically increases by 10% of the policy amount each year for the first five years, up to 150% of the amount insured for your home. This occurs, without payment of any additional premium, to cover increases in the value of the insured property.
Building Permit Violation
When you purchase a home, you may not be aware that the former owner failed to obtain a legal permit from the proper government office to put in a swimming pool, add a wing to the house or construct an additional dwelling unit (ADU).
An enhanced policy protects you if you are forced to remove or remedy your existing home, or any part of it (other than boundary walls or fences) because any portion was built by a previous owner without obtaining a building permit. This coverage is subject to a deductible amount and a maximum dollar limit of liability, as shown in Schedule A of the title policy.
Covenants, Conditions and Restrictions
Covenants, Conditions & Restrictions (CC&Rs) list the rights and obligations of a homeowners’ association (HOA). This could include your maintenance obligations, property-use restrictions, assessments and insurance obligations, among others.
Without your knowledge, these CC&Rs may have been violated prior to your ownership, resulting in a financial obligation to the HOA or loss of title. An enhanced policy covers you if you are forced to correct or remedy the existing violation or if the title is lost or taken because of any covenant, condition or restriction, which occurred before you acquired your title, even if the covenant, condition or restriction is excepted in the policy.
If any structures on your new property are encroaching onto your neighbor’s property, for instance if the garage is built partially on the neighboring property, the enhanced policy provides coverage in the event you are forced to remove those structures due to the encroachment. If the encroaching structures are boundary walls or fences, this coverage is subject to a deductible amount and a maximum dollar limit of liability, as shown in Schedule A of the policy.
In addition, the policy provides coverage in the event your neighbor builds any structures, after the policy date, that encroaches onto your land (other than boundary walls and fences).
An enhanced policy insures you have actual pedestrian and vehicular access to your property.
Map and Address Inconsistencies
If a map is attached to your policy, the enhanced policy provides coverage if the map does not show the correct location of the land, according to the public records.
Sometimes a taxing authority may assess supplemental real estate taxes not previously assessed against the land but covering a period prior to your purchase. This could be due to new construction or a change of ownership that occurred before the policy date. An enhanced policy would cover this liability as well.
If a previous owner added structures to the property that violate zoning laws, an enhanced policy provides coverage to you if you are forced to remove or remedy your existing structures, or any part of them, due to those violations. If you are required to remedy existing structures, the amount of insurance is subject to a deductible amount and maximum dollar limit of liability, as shown in Schedule A of the title policy.
In addition, you are insured if it is determined your property cannot be used as a single-family residence because it violates existing zoning laws or zoning regulations.
Property ownership is often more complicated than we know, especially if you are purchasing property in an unusual situation, where property has been recently subdivided or where there has been recent construction. If you have any questions or concerns, it may be advisable to enlist the help of a real estate attorney to review all aspects of your purchase. We also invite you to contact a local title insurance agent to learn how the Enhanced Owner’s Title Policy can provide you additional protection for your homeownership rights.
The transaction is the largest in Alliant National history and demonstrates the underwriter’s commitment to partnering with its agents in the commercial sector.
With its growing national presence across 30 states and the District of Columbia, Alliant National is a well-known residential underwriter. However, it is also a force to be reckoned with in the commercial real estate field. It recently insured a $182 million refinance transaction with Chambers County Abstract of Anahuac, Texas. The transaction was a record breaker for both Alliant National and Chambers County Abstract.
“We were in absolute disbelief,” said Chambers County Abstract examiner Darla Chandler Lastovica, commenting on the size of the transaction. “We didn’t believe it was real until it was all said and done.” Lastovica helped lead the title work on the property.
“Alliant National has insured many commercial properties throughout its history,” said KC West, Senior Vice President and Southwest Regional Manager at Alliant National. “However, we’ve never tackled a property of this size and scope before. While it was a major lift, it was exciting to work on insuring such a large tract of land and to work closely with our partners at Chambers County Abstract.”
The transaction covering the sprawling 550 acre-property in Baytown, Texas, was completed on behalf of Ohio-based JSW Steel. The company is gearing up to renovate its pipe and plate steel mill facility on the site. Chambers County Abstract has a long relationship with JSW Steel, having produced title reports for the company’s law firm since 2014.
This particular transaction dates back to 2019, when JSW Steel opened a $10 million file with Chambers County Abstract. After title was opened, the order sat idle for more than a year until one of JSW’s lawyers informed the office that the transaction had ballooned in size to $182 million.
Aside from its sheer size, the transaction was enormously challenging in other ways. First, it had a complex legal description that included myriad tracts and easements. Second, the description changed over the years, making it a substantial effort to determine what pertained to the property. Despite having completed prior title work, it took considerable effort to review legal descriptions and surveys, verify legal instruments and match these to the various tracts.
Chambers County Abstract, however, is a seasoned player in the commercial real estate market, having worked on many commercial properties, including expansive, multi-tract properties. Having a company well-versed in the process is helpful considering the additional challenges commercial properties can pose over residential. For instance, even single tract commercial transactions can contain more instruments, loans, and longer documents than residential transactions. Multi-tract properties are exponentially more complicated, featuring lengthy legal descriptions, multiple tracts to search and volumes of legal instruments to record. Organizing all these components is “a work of art in its own right,” Lastovica said.
Integral to the success of any given commercial transaction is the role of the underwriter, which must make the final decisions as to whether the property can be insured. As Chambers County Abstract’s underwriter, Alliant National acts as a financial backstop if a title claim or issue were to arise. The relationship between title underwriter and title agent is crucial. Both parties must effectively work together to prevent financial loss. While important to every transaction, title insurance serves a unique role in a commercial context. There can often be multiple liens against commercial properties, so having proper insurance in place is critical to the lender getting an expected lien priority.
Alliant National’s guiding principal is to partner with agents and never compete. In its work with Chambers County Abstract, one can see the powerful and profitable logic in such an approach – for both residential and commercial properties.
Longmont, CO — (January 11, 2022) — Alliant National Title Insurance Company, a unique title insurance underwriter that partners with independent agents to improve their competitive position, is proud to be Certified™ by Great Place to Work® for the sixth year in a row. The prestigious award is based entirely on what current employees say about their experience working at Alliant National. This year, 96% of employees said that when you join Alliant National, you are made to feel welcome.
Great Place to Work® is the global authority on workplace culture, employee experience and the leadership behaviors proven to deliver market-leading revenue, employee retention and increased innovation.
“Great Place to Work Certification™ isn’t something that comes easily – it takes ongoing dedication to the employee experience,” said Sarah Lewis-Kulin, vice president of global recognition at Great Place to Work. “It’s the only official recognition determined by employees’ real-time reports of their company culture. Earning this designation means that Alliant National is one of the best companies to work for in the country.”
“From the inception of our company, we’ve focused on building a culture at Alliant National anchored by our core value of caring — caring about our agents, our communities, and each other,” said David Sinclair, President and CEO of Alliant National. “To receive this certification six years in a row is a gratifying and humbling testament to those collective efforts.”
According to Great Place to Work research, job seekers are 4.5 times more likely to find a great boss at a Certified great workplace. Additionally, employees at Certified workplaces are 93% more likely to look forward to coming to work, and are twice as likely to be paid fairly, earn a fair share of the company’s profits and have a fair chance at promotion.
Alliant National distinguishes itself from competitors by combining strong underwriting capability with independent agents’ in-depth knowledge of local markets. The result is a nationwide network with deep roots in local communities, and a wealth of expertise that is flexible, nuanced, and continuously growing.
Visit alliantnational.com for additional information.
ABOUT ALLIANT NATIONAL TITLE INSURANCE COMPANY
The Independent Underwriter for the Independent AgentSM – Alliant National believes in empowering people to thrive. The company protects the dreams of property owners with secure title insurance and partners with 600+ trusted independent title agents as a licensed underwriter in 30 states and the District of Columbia.
ABOUT GREAT PLACE TO WORK CERTIFICATION™
Great Place to Work® Certification™ is the most definitive “employer-of-choice” recognition that companies aspire to achieve. It is the only recognition based entirely on what employees report about their workplace experience – specifically, how consistently they experience a high-trust workplace. Great Place to Work Certification is recognized worldwide by employees and employers alike and is the global benchmark for identifying and recognizing outstanding employee experience. Every year, more than 10,000 companies across 60 countries apply to get Great Place to Work-Certified.
ABOUT GREAT PLACES TO WORK®
Great Place to Work® is the global authority on workplace culture. Since 1992, they have surveyed more than 100 million employees worldwide and used those deep insights to define what makes a great workplace: trust. Their employee survey platform empowers leaders with the feedback, real-time reporting and insights they need to make data-driven people decisions. Everything they do is driven by the mission to build a better world by helping every organization become a great place to work For All™.
Learn more at greatplacetowork.com and on LinkedIn, Twitter, Facebook and Instagram.
Extend your security bubble further than your business’s front door.
Managing cybersecurity risk is an arduous task for any organization, one that becomes even more challenging when trying to extend your security to vendor relationships. However, it has never been more important. Not only are cyber threats on the rise, but the U.S. Securities and Exchange Commission (SEC) made ensuring operational resiliency and information security one of its 2021 priorities.
Thankfully, last year the agency published a report on the due diligence companies should practice when dealing with vendor relationships. Covering the monitoring of vendors, contracts, customer information policies and other issues, the guidance provides much-needed advice for these complex business partnerships. Let’s explore some of its main tips, takeaways and findings for addressing security concerns with your vendors.
Why Does Information Security and Operational Resiliency Matter?
According to the SEC’s 2021 Examination Priorities report, breaches in information security can in fact “have consequences that extend well beyond [a] firm,” adversely impacting “other market participants.” The report further explains that, due to the radical increase in remote operations in response to the COVID-19 pandemic, cybersecurity concerns have been elevated further, requiring closer scrutiny of endpoint security, data loss, remote access, use of third-party communication systems and, of course, vendor management.
Understand Your Liability
It is a common misconception that if your vendor experiences a data leak, the onus is on them. Not true. State laws typically lay responsibility at the feet of the entity that collected the customer information in the first place. They usually limit vendor requirements to informing you that a data breach or hack has occurred. To safeguard yourself and your business, ensure that your vendor contracts explicitly detail how your customers’ data needs to be handled, what to do in the event of a breach and the expected timeline for dealing with any disruptions.
Vendor Management Programs
You likely already have some experience working with vendors, as well as an understanding of how time consuming such relationships can be. Unsurprisingly, adding cybersecurity concerns into the mix creates an additional set of concerns that need to be managed. Establishing a program that addresses security concerns and expectations at the beginning of the working relationship can help. This program should cover safeguards, how to evaluate vendors, independent audits and processes for terminating and/or replacing vendors.
Understanding and Monitoring Vendor Relationships
One positive finding from the SEC is that many advisers and their personnel already demonstrate a clear understanding of privacy and cybersecurity contract terms. Furthermore, these advisers display an awareness of the risks inherent to outsourcing work to vendors and best practices for limiting such risks. One way that companies accomplish this is through continuous monitoring of vendor relationships, making sure to stay apprised of any changes in the vendor’s services or personnel.
Despite this good news, firms cannot simply assume that their data protection policies are fully up to snuff or even rest on their laurels. Instead, they must treat vendor security as an ongoing, habitual process.
As the SEC noted, designing a vendor management program is a great place to start. Then, be sure to implement it. Build security requirements into your initial vendor contracts and make them as specific as possible. Run regular security audits, using questionnaires if necessary to rigorously evaluate your vendor’s security practices. You can also demand system and organization controls (SOC) for any vendor you choose to work with, requiring them to conduct a SOC for cybersecurity audit on an annual basis. Lastly, you and your company should be performing access and security reviews daily, always staying vigilant for unusual activity.
The hard truth is that, in our digital-first world, we all must work a bit harder to stay safe online and protect the integrity of our customers’ data. But by doing so, you will have a more resilient organization and satisfied client base.