Gallagher Bassett We Guide. We Guard. We Go Beyond.

In 1900 a graph of the US population ages 1 to 75 formed a steep pyramid with a wide base of children 1 to 5 years old and a very narrow top bar of oldsters 70 to 75. The projected US population for 2050 is essentially a rectangle with only slightly fewer people in the 70 to 75 top bar than in the 1 to 5 lowest bar. Demographers call this the "rectangularization" of the population. It's never happened before and it's already having a major impact on workforce composition, labor-based exposures, and risk. You may know it better as the aging workforce.

The May issue of the Journal of Occupational and Environmental Medicine (JOEM) carries a major new research article, "Framework for Considering Productive Aging and Work." In case you aren't up to several pages of 8 point print, the GB Journal has prepared a summary of this very important work. The employee based exposures you deal with in risk management are all changing as the average age of your workforce goes up and new "styles" of employment come to the fore - more contracting/gig work, re-entry employees, job sharing, seasonal "workcampers", and many more variations. As the authors make clear, the one career-one employer work model is long since dead.

The themes of this comprehensive report will be familiar to avid Journal readers:

The bottom line is simply this: understanding workforce-based risk is changing rapidly in many different ways as the composition of your employee population changes. One sign of the times is the 50 Company in the Netherlands. This outfit specializes in helping companies needing help and people over 50 looking for employment find each other and work effectively together. Perhaps you should check around. There may be a domestic version of the 50 Company that can help you. That rectangle is going to be with us for a long time.

How to Save $50,000 (by Spending $12.2 Million)

This Journal, plus a few dozen other slightly larger pubs, reported recently on the ransomware attack on several of Atlanta's municipal systems. Hackers seized about one third of the applications Atlanta uses every day to transact city business, including police and fire services. They demanded $50,000 in ransom to release the frozen apps and sequestered data files. Atlanta refused. Ethically and legally the right decision, of course.

According to a recent update on the story in The Washington Times this decision has already cost about $2.7 million with another $9.5 million budgeted for repairing and restoring applications and data- and the totals are not complete. As the update notes, "both the extent of the infection and the related costs have increased in the months since Atlanta's computer became infected with ransomware."

The damage was not minor. The Times report continues, "Earlier this week, meanwhile, Atlanta Police Chief Erika Shields revealed that the ransomware also compromised 'years' of video footage captured by dashcam recorders. About a decade's worth of legal documents were also lost in the hack."

At first ransomware attacks were a nuisance, not show stoppers. The Atlanta case is worth attention by all risk professionals as we now begin to appreciate its full dimensions. This is not some antisocial misfit hunkered down in his mother's basement screwing around. The great Brink's armored car robbery in Boston in 1950 of movie legend netted the gang of robbers some $2 million. That's $21 million in today's funny money. By the time all the loose ends have been accounted for in Atlanta, the total may be close to that amount.

So - what's in your computer?

Whazzat?

A new report from the National Safety Council (summarized in WorkersCompensation.com) includes a fascinating couple of footnotes that speak to the dangers of co-active loss factors. The essence of the report won't strike most of us as news: older construction workers have a high incidence of hearing loss. Researchers at the Center for Construction Research and Training (CCRT) looked at data covering some 19,000 workers previously employed by the US Department of Energy. About 58% had significant hearing loss and the severity and frequency of loss went up with years on the job.

But here's the kicker. The CCRT folks also looked at possible co-active loss factors. Guess what? Smokers were 18 percent more likely than nonsmokers to experience hearing loss, while workers with the highest amount of solvent exposure were 15 percent more likely than workers with the lowest exposure rates to experience hearing loss. Findings like this strongly suggest that old fashioned loss reporting and single factor analytics may be missing important multi-factor causal interactions. The possible relationship between work related hearing loss and on the job solvent exposures would be invisible to most loss engineering reports. That could be an expensive miss.

The obvious follow-on question is what co-active hazards may be silently driving losses in your organization? This is especially critical in considering any long term exposure based losses. Are you harnessing the power of your loss data to go beyond the obvious one to one of causal analytics? What unaddressed combinations of silent cost drivers are running up your claim severity numbers?

The Return of the Prince

Remember the rash of "Nigerian prince" email scams of ten years ago? That poor prince kept getting himself into terrible jams and needed your help to get his Mercedes full of emeralds out of the country. In a manner of speaking, he's back, but this time he has a new gig. A report from Dow Jones (subscription required) describes a new email scam hosted by gangs in Nigeria.

The report describes the new version thus: "In a sweep dubbed Operation Wire, the FBI targeted an alleged West African organized crime ring and others who sent fake messages to companies' finance departments purporting to be a vendor for the company with an invoice requiring payment." A phony invoice? Pretty straightforward and no loose emeralds involved. While the scam is simple in concept, it's been working because the rings behind it do their homework. They read your Annual Report, figure out who your legitimate vendors are, who is in charge of accounts payable - everything they need to make their approach look "normal."

Apparently, these folks do their homework well. Victims reported $275 million in losses in 2015, the FBI said, and that had more than doubled by 2017 to $675 million. Two thirds of a billion dollars is a pretty good haul for a few simple emails. We call this to your attention because not all the fraud you have to worry about comes wrapped in ransomware or other fancy cyber theft techniques. The old fashioned stuff, like invoice fraud, is still around. Historically, invoice based fraud was more likely to be an inside job committed by employees who knew your system. Now it can come from anywhere, including that Nigerian prince who's reading your Annual Report - right now, while you read this Journal.