US Pro CLUE Blog

US Pro CLUE Blog

Cyber Liability Underwriting Exposures (CLUE) is a leading industry news source and information medium specifically developed by US Pro for its agency partners.

CLUE gets its information from many resources, including industry experts, underwriters, insurance publications, and multiple web-based articles to keep our customers current in the areas surrounding Cyber Liability Insurance programs.

 

How Gapping of Coverage Occurs in Cyber Liability Insurance

Posted by on Nov 7, 2018 in Cyber Source | Comments Off on How Gapping of Coverage Occurs in Cyber Liability Insurance

There are many different ways to Insure against Cyber Liability Insurance exposures in today’s marketplace.  The last 10 years have seen a lot of change in the coverage, as well as the number of carriers who write it.  Many package insurance policies now provide some form of protection against Cyber risks.

While retail agents have become more aware of the need to offer coverage, as much as 50% of all businesses and 70+% of small businesses still are not buyers of this coverage.  A big part of this is the lack of carrier education of retail producers of the need by industry class for the coverage and the right tools to sell it.

As a result, there is a significant gap in coverage for commercial insureds of all sizes and industry types across America.  The retail agent must have in order to properly protect their customer while at the same time protecting from a potential E&O claim against them.

There are three (3) primary ways that gapping occurs when insuring against Cyber exposures:

Segregation

Any risk providing technology services of some kind to its customers has an E&O risk, and such risk should always be written in combination with the Cyber Liability coverage.  When these are segregated, gapping occurs in determining the cause of a security or privacy breach.  Was it caused by the error or omission of the company providing the services?  Or was it the negligence of the employees/company of the company receiving the services?

When the same carrier writes both the E&O and Cyber together, this coverage dispute is eliminated and the Insured is protected for either scenario.

Underinsurance

Often times we see a retail agent who has packaged their customer’s Cyber coverage into an endorsement onto their BOP or CPP policies.  Other times we see them providing a coverage part in conjunction with their package policy.  Still, other times we find them placing their customer’s into separate, monoline low-cost Cyber Insurance policies.  Finally, we can also see insureds who are written into broad Cyber policies with brand name carriers. In all of these scenarios, the same danger to gapping occurs: “underinsurance”.  Underinsurance occurs when a commercial insured has purchased some form of Cyber coverage that does not provide the Insured with the broadest protection or enough protection, which exposes to them to both unfunded claims and underfunded claims.  Here is how it looks by each of the 4 scenarios:

  1. Package policy endorsements: The cheapest and easiest way to get some coverage, endorsements or riders to existing BOP and CPP policies offer protection from basic third-party lawsuits.  However, at the same time, they offer very little to no first party cost coverage.  Also, when they do provide the third party and/or any first party coverages, the limit of liability provided is usually lower than a monoline policy placement, and many times lower than what an Insured is actually exposed to in risk.
  2. Package policy coverage parts: Like their endorsement counterparts, these are more robust and broader coverage parts that are added to a CPP.  They often provide more of the first party coverage parts that a standard Cyber Liability policy would provide, however, like their endorsements, they still provide lower limits than what is needed, and some of the third and first-party coverage parts are still not included.  Further to this, the language of the coverage parts that are provided is not as broad as those coverages are for some of the other stand-alone policies in the marketplace, especially when looking at the triggers of coverage.
  3. Low-cost Cyber policies: Saving money up front is always a good thing- unless it is just costing you money in the long run.  Low-cost Cyber policies many times means low-coverage Cyber policies.  In today’s marketplace, a lot of the carriers provide coverage parts similar to the broadest Cyber policies out there.  However, the proof is always in the pudding, and almost always a low-cost policy compared to others who quote means there is some form of gapping happening.  Usually, it is in the lack of coverage found in the guts of the policy itself- sort of a “read the fine print” theory.  Be very careful and read policy triggers and definitions intently when choosing a low-cost Cyber Insurance policy.
  4. Brand name Cyber policies: Finally, there are always those agents and insureds who think that placing a Cyber policy with a well-known “Brand-name” household insurance company means they have the best coverage.  This is quite the contrary.  The boutique Cyber carriers have been the broadest coverage programs for many years, and have become leaders in the Cyber Insurance line of business because of their specific expertise in it.  Many of the larger and brand name carriers offer Cyber as another line of business.  As a result, they have visible holes in their coverage forms that retail agents must familiarize themselves with to avoid gapping in their coverage that could be avoided.

Uninsurance

Simply put, this is providing no insurance for Cyber exposures every commercial insured has.  This is where we are going to see the most problems arise for retail agents who are not offering Cyber coverage to their clients.  However, “providing no insurance” occurs in two ways, and a smart retailer will be wary of both of these traps to avoid a claim for gapping of coverage

  1. The first trap is to provide no insurance at all. Do not allow the commercial insured to dictate their exposure to Cyber risk to you.  Instead, educate them on the risks they face because of their industry class and despite their proactivity to protect against it.  Be sure to quote Cyber for every risk, and document BOTH your education of them to their risk and their declination of that risk AFTER being educated of it; and
  2. The second trap is to provide no insurance for specific coverage parts that an Insured has exposure to risk for. These include coverages such as Cyber Crime, Dependent Business Interruption, and Reputational Harm.  Be sure to understand what perils your client is facing because of his industry class, and provide quotes with coverage parts that address these top perils to avoid gapping.

Bridging the gap is a priority for every retailer when working in the Cyber Liability space.  Know what to look for, and which carriers offer the broadest coverages at the most competitive rates.  Be sure to be an expert, or use an expert like US Pro Insurance Services to help you avoid having any gaps.

Why a Business Should Buy Employment Practices Liability Insurance

Posted by on Oct 24, 2018 in Cyber Source | Comments Off on Why a Business Should Buy Employment Practices Liability Insurance

In 2018, 65% of all businesses are now buyers of this essential business coverage. It is no longer that is just an employer/employee workplace risk- the risk also extends to third parties that are exposed to your employees and workplace. This includes customers, vendors, delivery persons, visitors, and any others you or your employee comes into contact with in a corporate capacity.

A key finding from a recent survey of private companies was “the fact that more than half the respondents listed attracting and retaining quality employees as their top employment challenge. That being the case, it behooves companies to pay special attention to the area of Employment Practices Liability (EPLI), since fostering a respectful workplace — and addressing and resolving any situations that run counter to that cultural goal — will help them meet the challenge of attracting and keeping needed talent.”

In addition to this, claims covered under the EPLI policy represent a majority of the total reasons for claims under a combined management liability policy. These include claims relating to harassment, bullying, retaliation, and discrimination.

On an interesting note, this same survey took a closer look at the remaining 35% of those who continue to NOT purchase EPLI. The respondents listed these reasons as the top drivers of their choice to go uninsured:

• 37% had not experienced related incidents in the past
• 30% believe claims are covered by other business insurance (e.g., general liability or Business Owner’s Policy)
• 26% were not required to purchase (by contract or law)
• 24% said they “Don’t believe we need because business is privately held”
• 22% have company policies or procedures in place to prevent exposures
• 17% don’t believe there is a need because the business is family run
• 13% are not aware of this insurance coverage
• 7% said that coverage is not affordable/funding is not available

When faced with these reasons, you should present these counter arguments:

1. Prior claim experience is not an indicator of future claim risk. In addition, it is more difficult to get the coverage after a claim, and more expensive, than it would be had coverage already been in place at the time of a claim.

2. EPLI claims are unique to the EPLI policy. All other policies contain an exclusion relating to any “employment-related matters”. Since EPLI is not usually required to be purchased by law or contract, businesses should not use that as a marker for buying coverage.

3. Being either privately held or family owned has no bearing on the exposure to EPLI claims. Businesses should not confuse the risk to be limited to employee vs. employer claims. Third party claims account for many of the actions brought against businesses, therefore, the risk is an external as it is internal.

4. Having good policies and procedures in place is what makes you an excellent insured, but it doesn’t make you self-insurable. EPLI claims are costly, and they can occur against businesses with good policies and procedures in place just as they can against those who do not. It only takes a single incident to result in a loss, and those costs continue to rise.

5. EPLI is very competitive an affordable in 2018, and average claims are now over $100,000, which is multiples of the cost of a policy. All agents should make every commercial insured aware of this coverage, and for the reasons above, the need to buy this coverage. Pay special attention and concern to the risk of third party claims, and why employers just do not know of their exposure to this risk.

Today’s commercial insured will look at their insurance portfolio as a means of disaster planning. D&O, EPLI, and Cyber Liability insurance coverages are essential to every commercial entity. Rather than being offered or asking if they want a quote, they should be presented with options that make financial sense while being properly educated on their exposures to risk they just may not have seen.

Finally, offering the right protection to your customers will at the same time offer protection for you. A big reason today’s E&O carriers are paying claims is due to the un-insurance or underinsurance of these coverages for their customers. Diligence in understanding these policies and the risk they present to your customer is your best offense and defense simultaneously.

Employment Practices Liability Insurance- What’s In a Number?

Posted by on Oct 24, 2018 in Cyber Source | Comments Off on Employment Practices Liability Insurance- What’s In a Number?

Statistics is an important tool.  Extremely useful for gaining support for or against making a decision, they really are much more than that.  Statistics tell a story about the subject matter, and in EPLI, the statistics are very revealing indeed.

We use a lot of numbers and percentages, and sometimes they are used so much that we just glaze over them.  In one ear and out the next.  But today we will break down some important numbers and the real-life impact they have on your customer’s everyday business life:

65/35%

65% of businesses today are buyers of EPLI.  35% of businesses do not buy EPLI.  This is a risky bet for those in the latter group based on many of the below facts.

$102,915

The average loss for an EPLI claim today is now exceeding $100,000.  Third party claims, wage and hour disputes, high-income wage earner suits, spikes in EEOC complaints, and litigious attitudes of younger employees are driving this figure up.

91,503=$480,000,000

2016 statistics from the EEOC found there were 91,503 total charges of workplace discrimination that were filed.  These charges resulted in penalties and awards that totaled more than $480 million dollars in damages

41%

Many are surprised to find that 4 in every 10 lawsuits filed for EPLI actions are filed against small business with less than 100 employees.  This is only 6% less than those filed against large companies with more than 500 employees.  Yet, many of those in the 35% bucket who do not buy EPLI today are these same small businesses.  Fascinating.

$75,000 vs $217,000

So why do you really buy EPLI?  The real reason is to pay for the defense costs when the claim does come.  This is not more plainly seen than comparing the settlement to the trial.  An EPLI claim that is settled averages $75,000 in damages awarded.  However, one that goes to trial instead is almost 3 times that amount, averaging $217,000.  There is a real value into having an effective insurance policy that can properly defend you in the event of a claim.

21st

The biggest problem of all is the turn of the century.  With the turn of the century also came an increase in claims.  Employees in 2018 are far more likely to bring suit against their employer than they were in the 1990s.  Consider that within the last 20 years, overall employee lawsuits are up 400%, and wrongful termination lawsuits have increased by 260%.  This means that your chances of being sued for an employment-related matter are now greater than having any kind of fire in your property.

The top reasons employers were sued in 2017 are as follows:

  • 13% sexual harassment
  • 11% wrongful termination
  • 11% retaliation
  • 10% discrimination
  • 8% workplace bullying/intimidation

All of these statistics combine to paint a very clear picture of the need to have the right coverage in place.  Share this information with your customer so they can make better decisions about how to properly disaster plan for their business.

Wage and Hour Coverage: What’s New?

Posted by on Oct 18, 2018 in Cyber Source | Comments Off on Wage and Hour Coverage: What’s New?

Wage and Hour Coverage, also known as FLSA coverage, provides for a sublimit of coverage to defend an Insured against claims arising from wage and hour disputes under the Fair Labor Standards Act. The importance of this coverage for all commercial risk types must be considered when quoting the Employment Practices Liability Insurance.

The FLSA is continuously reviewed as complaints continue to be litigated alleging employer violations of it. Notably, it is reinterpreted over the years, and has evolved through time.

Jackson-Lewis, a firm that leads in the areas of employment practice law, noted in their Wage & Hour Law Update some interesting takeaways recently in this specific area. An excerpt of this article, written by Jefrrey W. Brecher and Eric Magnus, states as follows:

“The most recent opinion letters address (with links to the letters themselves):

FLSA 2018-20: Whether time spent by employees voluntarily attending benefit fairs and undertaking wellness activities such as biometric screening, weight-loss programs and use of an employer-provided gym, are considered compensable working time (it is not).

FLSA 2018-21: Whether 29 U.S.C. § 207(i), the commissioned sales employee overtime exemption, applies to a company’s sales force that sells an internet payment software platform (under the facts presented, it does). Notably, this opinion letter is the first acknowledgement by the DOL of the Supreme Court’s recent holding in Encino Motorcars LLC v. Navarro, 138 S. Ct. 1134 (2018), that FLSA exemptions are to be given a “fair reading,” rather than a “narrow construction” as previously applied by the Department and many courts.

FLSA 2018-22: Whether members of a non-profit organization who serve as credentialing examination graders for one to two weeks per year, and who are not paid for their services but are reimbursed for their expenses, may properly be treated as volunteers rather than employees (under the facts presented, they may).

FLSA 2018-23: Whether 29 U.S.C. § 213(b)(27), exempting from overtime employees who work at a movie theater establishment, likewise applies to those employees who work at dining services operated by, and accessible only within, the theater (it does).”
 

The entire article can be read at https://www.wageandhourlawupdate.com/ which US Pro highly recommends.

Despite each of these opinions favoring the employer, the risk to a wage and hour complaint being brought by non-exempt employees continues to rise, and in some industry classes, remains a very big risk. It is preferred to purchase an EPLI coverage form that includes some limit of wage and hour coverage.

The Cost of the D&O Claim

Posted by on Oct 15, 2018 in Cyber Source | Comments Off on The Cost of the D&O Claim

It’s strange that 1 in 4 private companies who responded to the survey have had a D&O claim, yet so many private companies say they did not need the coverage.  That is a really big disconnect of perception to reality.  Fortunately, they decided to purchase the coverage after previously not doing so, BEFORE they had their claims.

 

The average reported loss was $399,394 in 2017, which is an almost 10% increase from the prior year.  So just who is/are bring these claims?

 

Customer

 

Sues the company and/or its directors or officers for any reason other than physical injury, product failure, or impairment.

 

Competitor

 

Sues the company and/or its directors or officers.

 

Partner/Shareholder

 

Sues the company and/or its directors or officers.

 

Vendor/Supplier

 

Sues the company and/or its directors or officers.

 

Government Agency

 

Sues or fines the company and/or its directors or officers

 

 

D&O competition has never been so fierce, and premiums so competitive.  A renewal that has a flat premium for 3 or more years is overpriced and should be marketed to US Pro for more competitive terms.

Why Private Companies Don’t Purchase D&O

Posted by on Oct 15, 2018 in Cyber Source | Comments Off on Why Private Companies Don’t Purchase D&O

In looking at the top reasons private companies do not buy D&O insurance today, the respondents to the survey led to the conclusion, according to their survey, that “there’s a clear disconnect between executive assumptions about their companies’ exposure and the potential risks that they actually face.

An important contributing factor to that disconnect may come from the fact that D&O insurance insures against wrongful acts by private company directors, officers and employees. Many private companies tend to believe that their behavior could not result in legal action.

In this same vein, small or family-owned businesses often report that since “everybody loves us,” they would never be subjected to a lawsuit.

Many companies also assume that their general liability insurance offers adequate coverage for any event that might result from their actions or behavior. Unfortunately, this is not the case. General liability insurance typically insures against losses involving bodily injury or property damage, but does not step in when there has been a failure to act by the company’s directors and officers. When that happens, those who might sue can include anyone having an association with the company — customers, vendors or suppliers, government agencies, competitors, and partners or shareholders.”
 

This is very interesting feedback to have.  Here is a look at the top reasons:

  • 33% Don’t believe we need because business is privately held
  • 32% Have not experienced related incident in the past
  • 31% Don’t believe we need because business is family run
  • 22% Not required to purchase (by contract or law)
  • 22% Covered by other business insurance (e.g., general liability or Business Owner’s Policy)
  • 19% Company is financially strong
  • 11% Have company policies or procedures in place to prevent exposures
  • 10% Not aware of this insurance coverage
  • 6% Coverage is not affordable/funding is not available

 

As you can see, these are mythical in truth, but also, true in reality when it comes to the purchasers of the coverage.

 
Myth 1 – All businesses need it when a claim happens.  They don’t need it when one does not. The average D&O loss for Private Companies is $399, 394.  You need the shelter in place before the storm hits- not after.

Myth 2 – The lack of a claim up to now does not make for the assurance that a claim will not come.  Do not rely on past experience on future risk.  Instead, consider it a blessing and good management work.

Myth 3 – Family businesses especially need to heed the warnings of Myth 1.

Myth 4 – Contract or law requirement should not be a driving consideration. Exposure to risk and financial disaster planning abilities should drive the choice. I always say to my agents “If you can’t afford to buy the coverage, how can you afford to pay for a claim?”

Myth 5 – As stated above, GL does not protect a business from D&O Liability claims.

Myth 6 – Any business which is financially strong is in this position due to good management decision. Good management decision tends to make for a financially strong business. However, one of the good management decisions a board can make is to protect itself from external threats. It seems as if being financially strong and choosing not to buy D&O because of it are not compatible.

Myth 7 – Good policies and procedures in place are excellent and considered part of best practices and disaster planning alike. However, they do not prevent risk, they mitigate the exposure to it. Risk is always present just by the nature of being in business. It is the best practices we use, and the disaster planning (insurance) we have in place in case those practices do fail.

Myth 8 – This would be something from the retail agency level and educating today’s commercial consumer on today’s real risks- D&O, EPL and Cyber amongst them.

Myth 9 – Refer to Myth 4

3 tips for Protecting Against the D&O Claim

Posted by on Oct 15, 2018 in Cyber Source | Comments Off on 3 tips for Protecting Against the D&O Claim

Good practice is the best method of keeping losses from occurring.  Insurance is made to work in harmony with good behaviors.  Having best practices results in best premiums, and D&O Insurance is a must for every commercial insured, private or not.

For private companies, they see themselves as resilient to claims, therefore, it is difficult for many of them to consider what kinds of best practices to implement.  If they can see no foul, they can see no harm to fix.

 

Consider these 3 “best practices” to implement in your private business, as shared in the survey:

 
Broaden the Perspective
When setting up crucial operational structures for a private company, outside experts of all kinds should be hired to assist.

Formalize Operations Structures
Critical areas of operation should be formalized, such as accounting practices, areas requiring legal care or compliance, risk management practices, and employment practices, including hiring and vacation policies, bonus structures, and determining compensation levels. Also, a company code of ethics and mission statement should be created with the understanding that they could prove legally significant, since written documentation of all kinds can counter erroneous claims by providing published proof.

Diversify the Board Membership
To avoid a myopic orientation, especially when a company is poised to grow, board members who are experts in the field should be hired, rather than those with a company association who will inevitably limit, rather than diversify or broaden, the perspective.

Remember, we keep losses reduced in a proactive approach to all aspects of our business.

Teenagers and the Cloud

Posted by on Oct 10, 2018 in Cyber Source | Comments Off on Teenagers and the Cloud

Cyber Liability Insurance is misunderstood, and as a result, it is not purchased by most commercial insureds.  However, it is the most important insurance a business can buy, and protects against the highest average per loss of any other insurance they can buy.

As I speak to industry groups, associations, and chambers of commerce across America, I often am told the same thing over and over again, no matter, the size or class of the organization, municipality, or business:  “we are in the cloud”.  Fantastic- there are a lot of angels here amongst us!

All jokes aside, the cloud offers some excellent conveniences to every day commercial insureds:

  • Modern, current, updated and effective virus protection, filters, and firewalls
  • Encryption of data
  • Storage Space
  • Ease of Access
  • Reduce overall IT costs

Having and doing business in the cloud is an essential part of most businesses today, and business is efficient and safe to do.  The reasons listed are excellent benefits of cloud-based services.  But like all things new these days, it comes with it a dangerous loophole that is very difficult to close.

Protecting our possessions is something we spend a lifetime doing.  We keep our purses and wallets secure.  We put our money into a bank.  We lock our car doors.  We close our windows and lock the doors in our house.  We make an everyday effort at keeping our “stuff” secure.

However, a locked door is only as good as those who lock the doors.  Being in the cloud is like having a teenager in the house.  You go to bed at night, and you lock up the house.  Your teenager is still out at work, or out with the friends, and comes home, parks the car in the garage, and leaves the garage door open all night long.

It’s an invitation for the neighborhood to come on over and take what you find.  The same is said of your own employees.  You have built your beautiful business on your employees, and each is a card.  Therefore, you have built a house of cards.  All it takes is for one card to fail and the entire house collapses around you.

If your business is in the cloud:

  • Be diligent to never give out your access information, user ids, passwords, or any other information needed to gain access to information stored into the cloud.
  • Discuss any requests for such information from people you trust and know, like the IT department employees, over the phone first.
  • Train employees to keep the garage door shut and do not click links they were not expecting and from people they do not know.

Simple changes to user behaviors will save a lot of aggravation, costs, and potential financial ruin down the road.

Human Error: The Primary Cause of Fire

Posted by on Oct 10, 2018 in Cyber Source | Comments Off on Human Error: The Primary Cause of Fire

Cyber Liability Insurance is misunderstood, and as a result, it is not purchased by most commercial insureds.  However, it is the most important insurance a business can buy, and protects against the highest average per loss of any other insurance they can buy.

Simply put, Cyber Liability Insurance is the FIRE INSURANCE of the FUTURE.  What does that really mean?  Let’s take a look at the 4 kinds of fires:

  • Commercial Structure Fire
  • Property Fire
  • Forest Fire
  • Cyber Fire

All of these fires share human error as the primary or secondary reason for the loss.  It is the intentional or unintentional negligence of you or your employees that is the biggest driver of claims within the Cyber fire, just as it is with the other types of fires.

Knowing that your employees account for over 80% of all claims, and 235 million phishing attacks occurred against US businesses in just the 3th quarter of 2017, understanding the risk and planning for the disaster becomes a real and present necessity.

Two immediate things can be done to help commercial insureds get ready for what may be coming their way:

TRAIN

Train your employees to use best practices when working online.  Use the ALWAYS, NEVER, SET rule.  Become a US Pro policyholder and gain access to training portals through your carrier and educational materials from US Pro.  Repeat training, and require it for all employees.  Keep training current and updated.

EDUCATE

Changing the behavior patterns of people becomes easier when you educate them on the need for the changes, the threats they face together, and the potential impact of the threats to their business.  Employees who have a vested interest as educated consumers become better receivers of value added training.

 

Understanding Voluntary and Involuntary Parting

Posted by on Oct 10, 2018 in Cyber Source | Comments Off on Understanding Voluntary and Involuntary Parting

Cyber Liability policies today regularly include coverage for Cyber Crime events.  Many of these policies refer to this as social engineering or phishing coverage.  We call it Financial Fraud Loss, because it includes 3 elements in the coverage:

  1. Electronic funds transfer fraud ( the theft of money by electronic means)
  2. Involuntary parting
  3. Voluntary parting

Involuntary parting of money occurs when your financial institution is fraudulently instructed to transfer funds from your account(s) by a third party purporting to be you or your employee.

Voluntary parting of money occurs when your financial institution is instructed by you or your employee to transfer money, or you or your employee are instructed to transfer, pay or deliver money or property to a third party, because of a fraudulent instruction from a third party purporting to be your employee, customer or vendor.

The difference between involuntary parting and voluntary parting is that you intentional part with the goods and services.  There are many Cyber policies in 2018 that still do not cover these scenarios, and voluntary parting of money is much easier for a criminal to accomplish.  It is very easy to pretend to be one’s employee, customer or vendor and vigilance is needed to detect these phishing and other social engineering scams.

Consider that 62% of all Cyber Crime claims come from phishing to the tune of $97,000 per event.  It is estimated that 90% of all phishing claims arise from VOLUNTARY parting.  Be aware.

In order to mitigate the occurrence of these events, as well as the potential size of loss if they do occur, work in the extremes and follow these 3 steps:

  • ALWAYS be suspicious. If it doesn’t look right, it isn’t.  If it is unusual, then it is not usual.  It is better to be safe than to be sorry.  When it comes to a phishing loss, it is better to offend than to defend.  Pick up the phone for any big order or request for payment or transfer to verify authenticity.
  • NEVER open up an attachment or click on a link from ANYONE you do not know. You do not know Amazon.  You only buy from Amazon.  If they send you a link or attachment you did not ask for, delete it and move on to live another day.  If you use rule #1 correctly, rule #2 is automatic.
  • SET a maximum limit of funds that can be transferred electronically or paid by check without dual authorization. What is your pain threshold?  Also, SET a limit on either the value of property/goods that can be shipped or sold without some kind of additional authorization.

There are numerous other best practices that can be adopted company-wide to make your employees better digital users.  But if you do nothing else, be sure to ALWAYS, NEVER and SET.