In this issue of our monthly newsletter, we cover background checks, mitigating the risk of wind and hail storms, share a webinar on security technology, review claims examples, our upcoming health promotions course, and more.

Ensuring the safety and security of the chapter house is obviously a top priority. The chapter house is not just a residence; it is a home where members build lifelong bonds, create cherished memories, and engage in activities that shape their futures. Given its significance, implementing robust security measures is essential to protect both the physical space and the well-being of its residents. One of the most advanced and effective security solutions available today is biometric entry systems.

Biometric entry systems utilize unique biological traits, such as fingerprints, facial recognition, or iris scans, to grant access. Unlike traditional locks and keys or even electronic keycards, biometric systems offer several distinct advantages that make them particularly well-suited for sorority chapter houses.

If your chapter house utilizes a biometric security system, it is prudent to provide annual written notice to all individuals whose biometric information identifiers are collected or stored and specify the purpose of the collection and length of time the information identifiers will be held, stored, and used. Written consent and release of this information should be included in an annual housing agreement. Read more about our suggestions for Housing Agreements here.

Investing in a biometric entry system for the sorority chapter house is a forward-thinking decision that prioritizes the safety and well-being of your members. By leveraging advanced technology, the chapter can provide a secure, convenient, and efficient environment that supports the flourishing of its community. In a world where security concerns are ever-present, adopting biometric entry systems reflects a commitment to excellence and proactive care for all members of the sorority.

Join our business partner and security expert, Johnson Controls, to learn more about smart security strategies for your chapter house. Watch recording.

From May 2024 News & Notes

In times like these, the stability of your insurance companies is critical. The pandemic challenged every aspect of the fraternal community. Both your insurance companies and MJ Sorority, as your insurance agent, made significant concessions to help alleviate some of the pressures your organizations have faced.

The insurance industry went from the chaos of the pandemic to the chaos of the effects of climate change, specifically the catastrophic weather events we’ve experienced over the last several years. Insurance coverage and policy terms and conditions are on a collision course with the changing climate in many states, most notably in Florida and Louisiana. The seriousness of changing climate patterns is further compounded by the fact that in Florida’s southwestern coastline, sea levels have risen eight inches since 1950, and the risk of storm surge is estimated to double by 2030. Louisiana’s coastline is facing a similar risk. Florida is by far the most worrisome for standard property insurance companies. Several insurance companies providing property insurance in the state have gone insolvent despite state and industry efforts to prevent insolvency. To stabilize the insurance market, the Florida state government began the Florida Hurricane Catastrophe Fund in 1992. The Fund reimburses insurers for a percentage of catastrophic hurricane claims. Insurers of last resort were formed and in 2002, both carriers merged to become Citizens Property Insurance Corporation. Some additional insurance capital (or capacity) is returning to Florida in 2024, however, this has not provided much, if any, relief to consumers trying to find insured coverage for their property.

As we’ve discussed repeatedly in this newsletter, the property insurance market has been chaotic for several years. Recently, the MJ Sorority program has experienced rate increases and changes in wind and hail property deductibles in certain parts of the country.

It’s natural to feel that these changes suggest your insurance companies are abandoning the program. However, these actions are actually positioning the program for a stable future.

Without the stability of the MJ Sorority program and our partnering insurance companies, your insurance coverage would be far more vulnerable. The saying, “you get what you pay for,” is especially true for the insurance program provided by MJ Sorority. Otherwise, you risk compromising your crucial protection.

Should you wish to discuss the property insurance industry concerns further, please do not hesitate to contact us.

In the News 
The property insurance crisis has been making headlines outside of your typical insurance industry publications. To learn more, we recommend the following:

As weather patterns continue to evolve, it is crucial for housing corporations to update their chapter house roofs to withstand the increasing intensity of wind and hail events. Convective storms in particular are a major cause for concern. Convective storms are extremely severe storms with defining characteristics of high winds, sudden temperature changes, and severe thunder and lightning.  

In light of these more severe weather conditions across the country, carriers are isolating geographic areas at greater risk to weather perils and are requiring additional measures be taken to update roofs. It is imperative to consider retrofitting affected chapter house roofs to mitigate risk.

Also at issue are state building codes. Many states have not updated their building codes to prepare for more severe weather, leaving existing and new structures vulnerable to sever weather damage. Building codes set the minimum standards for construction, however these standards may not always align with insurance requirements, leaving sorority houses vulnerable to potential coverage gaps. Furthermore, in many states and municipalities, building codes are not adequately enforced.

It is crucial for chapter houses in areas with inferior building codes to exceed minimum building code specifications to meet insurance expectations. This reduces the risk of roof damage and associated expenses if a convective storm hits a property. Housing corporations should be particularly wary of properties in the west and mid-west, where predictive modeling has determined a sharp increase in the frequency and severity of wind and hailstorms. Fortunately, universities are rarely near coastal areas, so that minimizes some of the increased risk of severe hurricanes.

MJ Sorority has consulted extensively with industry experts to create a list of recommendations for your chapters as they consider updating or replacing their chapter house roofs. At a minimum, we recommend that all of your chapter houses do an intake on the age and condition of their roof, which many roofing companies will do free of charge!

When it comes to fortifying your existing roof or installing a new one, MJ Sorority recommends the following:

Given the heightened risk of volatile weather, it is imperative that organizations do an intake and analysis of the health of chapter house roofs. Taking proactive measures to update and fortify roofs and bridging the gap between building codes and insurance requirements can mitigate the risk of roof damage and will maintain the safety and longevity of your properties. Prioritizing the fortification via the recommendations above will not only enhance the overall structural integrity of the properties in question but will also undoubtably contribute to the long-term sustainability of these important spaces for members.

Further Reading:

So, we’re betting at least some of your apps and online accounts have asked, “Do you want to opt into two-factor identification?” And, if you’re like many people, all that texting and code retrieval might seem just a little too much trouble.

Is all that security really necessary? Short answer: YES. And it doesn’t have to be hard.

Why should you use two factor identification?
Cyber attacks, personal data leaks, and phishing scams are becoming more common as hackers get more sophisticated and as we conduct more of our personal and financial transactions on apps and online. Scary factoid: the FBI’s Internet Crime Complaint Center reported that people lose $57 million in phishing and smishing schemes each year.1

Two-factor identification (2FA) provides an extra layer of protection to help safeguard your personal data and your dollars when you are accessing websites and apps.

What exactly is two-factor identification?
Also referred to as “two-step authentication,” “two-step verification” or “multi-factor authentication,” 2FA is an electronic security protocol that prevents you from accessing a website or an app until you validate your identity with two or more pieces of proof. This helps ensure that unauthorized users can’t pretend to be you.

Multi-factor identification “secures your logins from attackers exploiting weak, stolen, or leaked credentials,” says Laura Bennett, Senior Vice President, e-Consumer North America for BlinkSM by Chubb®.

How do you enable 2FA protection?
Many widely-used internet service providers (e.g. Google, Apple, Amazon) and social media platforms (e.g. TikTok, Snapchat, Facebook/Instagram), as well as financial sites, productivity, and personal apps (e.g. Paypal, Slack, Fitbit) have 2FA capability.

We do not endorse any particular vendor or brand of 2FA, but consumers should take time to research options along with the benefits of utilizing 2FA for their circumstances.

Is two-factor identification foolproof?
Currently, 2FA apps are the most secure user authentication methods. However, it is important to always practice good cyber hygiene habits:

We do not endorse any particular vendor or brand of 2FA, but consumers should take time to research options along with the benefits of utilizing 2FA for their circumstances.

Source: Chubb, the cyber insurance provider for MJ Sorority

In this issue of our monthly newsletter, we cover continuing chaos in the property insurance market, mental health awareness resources, the importance of two factor authentification, upcoming health promotions course, and more.

Note: We have recently had several check fraud claims. We asked our partners at The National Bank of Indianapolis to write the following article to help you protect yourself from check fraud. See also our previous article on the subject.

Financial losses due to fraud are increasing every year. According to the FCC, losses due to fraud were up by more than 30% in 2022 compared to 2021. Nonprofit organizations tend to be particularly at risk due to 990s and other information useful to fraudsters being publicly available.

Particularly alarming is the rise in check fraud. FinCEN released a recent report indicating that check fraud occurrences reported by banks increased to 680,000 in 2022 from 350,000 in 2021.  
It is often recommended that we minimize the use of paper checks as much as possible.  Electronic credit card and ACH payments (with verified and secure payment portals), while not perfect, are much more secure. Credit cards also tend to have the most generous reimbursement terms if fraud does occur.

While this is sound advice, it is sometimes simply unavoidable to use paper checks as a form of payment.  Here is some general information and steps you can take to help protect your organization:

Check Processing and Check Fraud Trends:
Today, the processing of checks by banks is nearly all automated.  Gone are the days of banks examining individual checks and matching to signature cards.  Anyone with your account and routing number can easily create fake checks. On the bright side, bank processing software has become more sophisticated in detecting anomalies in check style and out of sequence check numbers.  

In response, the criminals are now trending back to intercepting real checks and changing the payee information.  This way, an altered check can be paid, and possibly go unnoticed for a much longer period of time.  Unless cancelled checks are examined closely, they can reconcile correctly, and not be noticed until the intended payee calls.  Depending on the payee’s accounts receivable systems, this is sometimes months later.

How to Protect Your Organization:

1. Positive Pay:  Most banks offer this service for a fee, and there is no better defense against check fraud.  It works by matching all checks that are drawn on your account to a file you send to the bank at the time you issue them.  If any information does not match, you are notified and have the opportunity to deny payment.

Some banks have different versions of Positive Pay, so make sure that your service is verifying the payee name as well as the other information on the check.

There is a similar “ACH Debit Filter” product which protects against unauthorized ACH debits which is also highly recommended.

Should you reject this optional risk management too, it will be incumbent upon you to manage your financial transactions in a more timely and more thorough manner.

2. Outsourced Payables Processing: Many organizations hire third parties to manage the processing of payables. The processors generally prefer to send payments via ACH, and only use paper checks when necessary. Usually, they will debit your account once and pull the funds into their bank account, and then make payments to your vendors from there. They should all have Positive Pay, but sometimes fraud still occurs. It is important to review their contracts and disclosures carefully to understand how fraud is handled and who is liable. Some of them have time limits after which they will not reimburse for fraud losses.

3. Reconcile and review account activity frequently: Identifying fraud as soon as possible is critical as the chances of recovering the funds diminish quickly with time. If a fraudulent check is reported within 24 hours, it can usually be returned before funds ever leave your account. Organizations that choose to not incur the expense of Positive Pay must be particularly vigilant.

4. Report fraud to your bank no later than 30 days from the incident. Regulation CC (the Federal regulation governing check processing and liability) requires the bank of first deposit to conduct specific actions if it is notified within 30 days. After that, the opportunity for recourse is greatly reduced.

5. Secure Check Stock: Protecting both unused check stock, and outgoing checks is another critical aspect of protection. Many of the intercepted checks are stolen from the mail. Unsecured mailboxes should be avoided.

What To Do if Fraud Occurs:

1. Notify Your Bank Immediately: The sooner the bank is notified the better the chances of recovering the funds. Your bank should also guide you through the process and advise on next steps.

2. File a Police Report: In addition to getting the police involved, this is a very important step to document the occurrence for potential insurance claims, and disputes down the road with intended payees.

3. Contact the Postal Inspector’s Office – If a check was stolen in the mail, be sure to file a report with this office. They also tend to be more proactive about pursuing fraudsters than the police.

4. Contact MJ Sorority to alert them to the incident and determine any additional action that needs to be taken.

In Summary:

As the threat of check fraud continues to evolve, we all must remain vigilant and proactive in educating ourselves and our employees . Staying informed about emerging trends, leveraging advanced banking technologies, and adopting best practices will help fortify our defenses. It is important to have a good relationship with a knowledgeable and responsive banking partner who can help develop and continuously improve your defenses against losses due to fraud.

We have seen a recent uptick in phishing scams among MJ Sorority clients. In today’s digital age, the threat of phishing is more prevalent than ever before. Did you know that over 90% of successful hacks and data breaches start with phishing scams? It’s a sobering statistic that underscores the importance of staying vigilant against this pervasive threat.

But what exactly is phishing? Simply put, it’s the process of attempting to acquire sensitive information, such as usernames, passwords, and credit card or bank account details, by masquerading as a trustworthy entity. Phishers often use bulk emails that try to evade spam filters, claiming to be from popular social websites, banks, auction sites, or IT administrators. It’s a form of criminally fraudulent social engineering that preys on unsuspecting individuals.

Phishing techniques have evolved over the years, becoming increasingly sophisticated and diverse. From traditional email and spam campaigns to more targeted approaches like spear phishing and session hijacking, cybercriminals employ a wide array of tactics to deceive their victims. They manipulate links, inject malicious content, and even resort to voice calls and SMS messages in their quest to obtain personal information.

So, how can you protect yourself against phishing attacks? Awareness is key. Familiarize yourself with the common techniques used by cybercriminals, and adopt anti-phishing strategies to safeguard your information. Be cautious when clicking on links or downloading attachments from unknown sources, and always verify the authenticity of requests for personal or financial information.

At MJ, we utilize KnowBe4, a firm that provides security awareness training to members of your organization. Each quarter, they produce an infographic with the top types of phishing attacks, as excerpted above. For the full infographic and associated data, click here. KnowBe4 also offers a free phishing security test that you can utilize to see if your employees are susceptible to phishing attacks – learn more here.