Editor’s Note: This article is the third in a series covering the Carmack Amendment and its role in cross-border freight. The other two articles are “Rethinking Freight in a Changing World,” and “Crossing Borders.”
In this last article focused on Carmack’s global influence, we explore the impact of cybercrime in modern logistics and the increase in cargo theft. The landscape we see today shows an alarming increase in claims involving fraud of over 27%, and more in certain areas near the borders. This article will highlight the emerging tactics that are too often part of a claim’s investigation in today’s adjuster environment.
Cargo thieves have adapted using fraudulent pickup schemes. They pose as legitimate carriers—armed with fake documentation and inside knowledge—to fraudulently collect and steal loads. Carriers often have no record of these transactions, making it difficult to prove liability under Carmack—and these types of incidents are typically excluded from standard cargo insurance. Cybercrime amplifies the overall risk exposure.
Today, cyber approaches to cargo theft create supply chain disruptions—with hackers deploying ransomware or infiltrating shipment systems and load boards—which are now leveraged to facilitate physical theft. Smaller companies may be at greater risk and may be targeted as easier entrances into the broader supply chains.
The Carmack Amendment imposes strict liability for actual damage or loss to cargo during transit, where few exceptions apply. With this new shift in landscape, carriers are exploring new risk strategies: Captive insurance (basically self-insured) to better manage high value or excluded risks like cargo theft and fraud is one. Shipper’s interest coverage is becoming a preferred option where standard cargo policies contain exclusions.
Carmack standardizes federal liability; it also preempts many state law claims—including fraud, misrepresentation, and negligence—that shippers could otherwise pursue. We can see this more in the moving industry, as the preemption can significantly limit remedies for consumers. Fraudulent behavior is largely unchecked in this space. Carmack’s limitations are more exposed as fraud falls outside standard coverages.
When looking at the developments, from the perspective of Carmack, strict liability still applies to include fraud and cyber threats. With limited coverage, carriers and shippers are vulnerable to these uninsured losses. Some risk strategies and proactive measures might include the use of captive insurance, enhanced vetting, cybersecurity investments, and focusing on fraud detection. A multi-layered approach to the emerging and daunting theft tactics that continue to evolve can offer better deterrents. Understanding the liability Carmack imposes, and its exclusions, can help a carrier develop a robust fraud verification system and cybersecurity protocols.
How can these coverage gaps be addressed? We see parametric insurance models emerging that can offer event-triggered settlements as the cyber disruptions continue. Many platforms are integrating cyber risk coverage for data breaches, business interruption, and liability. Many logistics providers are offering add-on coverage for sea and air transports to minimize delay. Bridging these gaps is a big task, and industry leaders are developing policies that target cyber-enabled theft that can include fraud and deceit extensions that would cover impersonations or fictitious pickups, even when the standard policy might exclude “voluntary parting.” Additionally, there are proprietary cyber-and-crime coverage programs being designed and considered for brokers and carriers to close and narrow the ambiguity that often is associated with sophisticated thefts.
Underwriters have increased expectations focused on claims involving fraud and theft of cargo. There is a great demand from the insurers in this area for cyber risk controls like real-time tracking and visibility, verification of loading and delivery procedures, and a strong push for employee training.
Having handled several of these claims recently, it is important, now more than ever, that carriers develop a defined training program for cyber awareness. But training by itself is not enough. Properly vetted vendors and partners (third-party) are critical when looking at coverage as well as whether the motor carrier had possession of the load at any time. These and others may soon become prerequisites for renewing coverage in the future.
There is a demand from the industry that is both urgent and multifaceted. Momentum has increased for regulatory oversight, accountability, and crime deterrence. Organizations like the National Motor Freight Traffic Association (NMFTA) can provide operational blueprints to stop theft before it happens and can help with resources needed to make internal changes. Insurance is catching up and becoming more conditional, tech aware, and being tailored to the modern risks the industry is facing.
Key threats to the motor carriers are phishing and social engineering, load board fraud, ransomware and data breaches, fictitious pickup schemes, and GPS/telematics hacking to stage thefts of high-value loads.
Motor carrier drivers can take steps to confirm details of the pickup through dispatch before transport; never share route, load, or personal data over text, social media, or unsecured apps; use company approved apps and VPNs for logs and communication; and report suspicious people at pickup locations. Have office staff be just as vigilant by verifying all new brokers and carriers via the Federal Motor Carrier Safety Administration (FMCSA), SaferWatch or other industry approved tools, call back using independently sourced phone numbers, check banking information using voice confirmation (beware of perpetrators using recorded conversations as voice verification), and flag urgent payment requests.
Consider creating a cyber hygiene checklist by setting passwords that are changed every 60 days, multi-factor authentication, no personal USB drives or external devices on company systems, use secure Wi-Fi or mobile hot spots, never public, and lock all laptops, tablets, and ELDs when not in use. Every cybercrime starts with a human click or decision.
These are some tactics, not all, that can be considerations that adjusters share with insureds to help their fight against fraud and related crimes. Having knowledge, habits, and tools will directly reduce the risk of cyber-enabled cargo loss.