“ How To Build A Sustainable Financial Crimes Program”

I had the pleasure of interviewing Lisa Phillipson this week. Lisa Phillipson, is the CEO and principal broker of elpe Insurance Brokerage. After graduating from UC Santa Barbara with a Bachelor of Arts, Lisa worked in the legal field for the next five years as a paralegal. She founded elpe Insurance Brokerage in 2015 to make commercial insurance more easily digestible. She helps business owners navigate the often unclear world of insurance by guiding them into just the right coverage — not over-insuring, not under.

Thank you so much for doing this with us! Can you tell us a story about what brought you to this specific career path?

I worked in the legal field for several years prior to starting elpe Insurance Brokerage. During that time, I worked on a case that involved a restaurant owner who had suffered substantial damage from a car crashing through the front window of their restaurant. It was heartbreaking to see the owner’s additional difficulty in a time of crisis simply because they did not understand their insurance policy, coverage and were not fully covered at the time of the incident. Having the correct insurance and knowing how to utilize it in a time of crisis is a game changer and can prevent financial ruin. This inspired me to start elpe Insurance Brokerage so I could work with individuals and businesses to ensure they are adequately prepared and have the resources to handle disastrous events while avoiding financial hardship and undue emotional distress.

Can you share the most interesting story you have come across in the field of financial crimes and money laundering?

You don’t need to outrun the bear, just the person next to you. I attended a seminar on cyber crimes in which a cyber specialist who previously worked with the U.S. government walked through different types of cyber crime: Nation States/Terrorist Groups who attempt to shut down or compromise a strategic target, Criminal Organizations who attempt to make money, Recreational Hackers who attempt to make a name for themselves, and Hacktivists who attempt to attack or disrupt a company for political reasons. I found the motivations and categories for hacking fascinating, as well as the depth to which ordinary businesses are vulnerable as a result of cyber criminals. According to the speaker, the best solution is to outrun the person next to you, rather than focus on outrunning the bear. In other words, so many companies currently fail to implement basic cyber safeguards for their business, such as passcodes and cyber insurance, that if you put these safeguards in place it is more likely a hacker will skip you and go to the next company. It’s simply easier for them.

Can you share 5 tips that others can use to help build a sustainable Financial Crimes Program?

To prevent a financial cyber crime or data breach, I recommend the following:

1) Install preventative safety measures such as: put data storage in a safe place — perhaps a separate server. Separate data and do not dump it all into one location, install anti-virus software and keep it up-to-date, protect employee phones with company data or restrict company data on company phones, etc.

2) Only store data the company really needs to avoid responsibility for more information than necessary.

3) Create a safety or disaster recovery plan so that, in case of a data breach or cyber crime, the company and employees know what to do.

4) Train employees on cyber safety so they know what to do in order to avoid common cyber pitfalls and how to respond in case they do find themselves in this situation.

5) Transfer the risk by purchasing a cyber liability policy so the financial burden is not all on the shoulders of your business.

How often do you conduct assessments about the Financial Crimes Program ?

There are daily, quarterly and yearly practices that businesses should always keep in mind in order to asses and stay vigilant against cyber crime and data attacks. Daily activities can include emptying unwanted emails from the inbox, running computer virus scans and updates on the computer, backing up important data or changing out back up drives, etc. Quarterly practices can include any trainings that employees and employers need to refresh themselves on or need to be aware of regarding a new threat. Yearly practices should include reviewing and revising the Cyber Safety or Disaster Recovery Plan to make any adjustments or inviting a tech consultant to review your company’s procedures to ensure you remain current against developing threats. This should also include reviewing your cyber insurance policy to make sure the policy keeps pace with all the changes of your business within the year and anticipate those that you can for the upcoming year.

What advice would you give to aid in global monitoring for Financial Crimes?

We should continue to invest in cyber crime prevention roles within our business communities while making cyber threats and safety measures more common knowledge to the public. Tech growth has been amazing, but we have not always balanced investing money and resources into growing tech safety. And as the need for safety against cyber crime and cyber financial crimes has grown, the creation and evolution of cyber insurance has also come into effect. These policies are still considered “young” within the insurance world, meaning they are still changing and the business community should be giving feedback.

Leveraging the right technology can be key to reduce risk and increase operational efficiency within an AML (Anti-Money Laundering) program. What are some applications of technology enablements that have helped you? What would you recommend to others?

It can be surprising how small preventative measures can go a long way such as putting a password on your phone as so many companies have access to business data; changing out passwords regularly; having back ups for your information, watching a two-minute YouTube clip on phishing emails, taking 15 minutes to understand what your cyber policy will do for your business and so on. There are times that big tech and actions are appropriate but, more often than not, it’s the little actions you can take as an individual or a company that can be the extra layer of protection to keep you safe.

You are a person of great influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. :-)

Regarding insurance, there are common misconceptions among businesses that insurance is boring, a scam, unhelpful and something only to be purchased once and then forgot about. There are reasons these misconceptions are there and not all are unwarranted. I’ve seen, however, and also personally experienced insurance save companies and individuals from bankruptcy, protect their livelihood and bring peace in times of great stress. Too many people remain uneducated about their commercial insurance and it’s understandable; learning insurance can be like learning another language and it can get complex and confusing. That said, I would love to see a bigger effort on those in the insurance world to make insurance easily digestible, to help owners understand their policy as a safeguard and resource, to know how to leverage it for their companies and see it as a fluid piece in their business that should keep pace with their company cycles.

If you are looking for something completely unrelated to my business or field, I’m a woman with a woman-owned business and have many strong women in my life who are looking to balance their careers with their family. I’ve noticed these past few years how difficult maternity leave can be and how many women actually feel insecure in taking this leave. Sure there are a multitude of state and federal laws in place, but I have seen experienced lawyers scratch their head when determining how these work. And yes, many companies provide some type of maternity leave or at the very least provide job protection while they are gone on maternity leave but I’ve seen many women return insanely early to their job for fear of losing the job, their “business” within their job, lack of understanding what laws protect them or provide assistance or general lack of a clear maternity plan from their supervisors. I believe we are overdue in improvement in this area — women are a large and valuable component of the workspace, let’s have policies and laws with real life impacts that everyday mothers can understand and navigate.

Can you please give us your favorite “Life Lesson Quote”? Can you share how that was relevant to you in your life?

“And here is the advice Trungpa Rinpoche gave me. He said, ’Well, it [failure] is a lot like walking into the ocean, and a big wave comes and knocks you over. And you find yourself lying on the bottom with sand in your nose and in your mouth. And you are lying there, and you have a choice. You can either lie there, or you can stand up and start to keep walking out to sea.’…It isn’t that the waves stop coming; it’s that because you train in holding the rawness of vulnerability in your heart, the waves just appear to be getting smaller and smaller, and they don’t knock you over anymore.” — Pema Chodron author of “Fail, Fail Again, Fail Better: Wise Advice for Leaning Into the Unknown”.

Starting a business of my own was exciting, but also terrifying. Owning a business often amplifies your personality, both the strong and weak qualities. The first year felt like an emotional roller coaster — extreme highs and lows when I came home at the end of the day and it ultimately it came down to how I handled and internalized feelings of failure. Whether it was choosing the right font for the website, marketing campaigns, choice of words in signing a client or larger decisions like, “Do I continue with this or close up shop here and now?”, being a business owner is all about making decisions and if you are uncomfortable with the idea of making the wrong one, you have a bumpy road. I always saw failing as negative — it never occurred to me that failure was actually good and that all the emotions of it can be productive. I spent the next few years learning how to re-think and change my perspective of failure. Reading “Fail, Fail Again, Fail Better” by Pema Chodron is one of the many resources I used to shift my thinking. What really struck me about this particular passage about failure is Pema’s acknowledgement that failure is never going to go away — we as humans, business owners, individuals and groups, we will always experience failure. But the idea that, once we accept that, learn how to process it and use it as a tool in our creative process and journey, it actually helps lessen the trauma and fallout of failing. I liked that. It meant I did not have to fall hard everytime I failed, I could forge ahead and better fortify myself with failure. That is important for any business owner.

Some of the biggest names in Business, VC funding, Sports, and Entertainment read this column. Is there a person in the world, or in the US with whom you would love to have a private breakfast or lunch with, and why? He or she might just see this if we tag them :-)

Simone Bruni, owner of Demolition Diva, located in New Orleans, Louisiana. Simone went from a career in hospitality to starting her own demolition business post-hurricane Katrina. I loved that she had the courage and strength to fulfill a need in the community even though it was an industry she knew little to none about and built it to a great success. Simone used her strengths and pure grit to get the business off the ground. I greatly admire her story, her hard work, the hard decisions she had to make along the way and the risks she took to start her business. I would love to sit down and hear more from her.