The introduction of electronic bills of lading may have minimised traditional paper-based fraud but new electronic risks have emerged
For both the maritime and marine insurance industries, the bill of lading (BOL) is used in legitimate business operations to evidence receipt, the contract of carriage and title. However, this system continues to be hindered by fraud.
As a result, electronic bills of lading (eBOLs) have been introduced to oppose the threat of document fraud. They have been hailed as a means of minimising traditional paper-based fraud, thwarting fraudsters’ ability to copy, manipulate and forge paper trading documents to trick the unsuspecting. However, there is still unrest surrounding the usage of eBOLs and, in particular, possible risk exposures, reveals a recent report by Marsh.
Since the development of eBOL technology in the maritime and marine insurance industries, eBOL services have been offered by three separate enterprises: Bolero, essDOCS and E-title. The introduction of these three ecommerce solutions, however, has ignited a debate among insurers concerning the acceptance of eBOLs, with security cited as the biggest concern.
eBOL technology is not impenetrable to risk. Actually, eBOL technology has even created new electronic risks which are not traditionally covered by marine insurance.
“Fraudsters need only the inattentiveness of staff members to masquerade falsified documentation as the genuine article.”
At the very least, the potential is there for hackers to target shippers’, agents’ or carriers’ email accounts, produce modified links or email addresses, email redirector, doctored attachments, fake company websites and, crucially, fake eBOLs.
Further, eBOLs could be at risk of internal collusion, in which someone has access to the system and can actually generate bills legitimately within the system. Such bills are accepted by the system and, strangely, gain credibility because they are electronic.
Additional technological exposures include the software incorrectly identifying a fraudster as the proper consignee, and pirated or substituted versions that might allow for impersonation of the true software by a fraudster.
The benefits of eBOL technology, however, are equally as vast: they combat against fraud by authenticating signatories digitally and making it more difficult to amend the document once issued, and allow only those authorised to the trade to have access to the system and to the trading documentation therein.
In addition to authenticating the trade, eBOL technological systems also gives its users the opportunity to carry out audit trails, which, in turn, allows them to review the progress of a transaction and oversee the changes being made to the trading document, both when and by whom.
Facilitating the switch
A technological system is only as reliable as the people that maintain it, and so any risk is further elevated when those people are too reliant on apparently fool-proof technology.
The lack of universal acceptance of eBOLs across internally trading companies presents another challenge: in countries where there is acceptance of eBOLs, attitudes can be varied but not necessarily consistent in all international markets, particularly those that are slower to implement new technology. This could create complications in the event of trading disputes and litigation.
However, there are ways to facilitate the use of eBOLs. Speaking to Baltic Briefing, Gordon Street, claims manager at Marsh, says that whoever brokers are trading with, “they need full awareness of the issues and the risks”.
Encouraging the use of suitable enabling tools such as Bolero and essDOCS among brokers is also an important part of facilitating the switch from paper to electronic bills of lading, he says.
“One of the reasons this is critical is because when we come to the insurance aspect, obviously the P&I Clubs, in theory are covering any of the risks. But what we’re not certain of yet is whether there’s going to be a gap in cover if the wrong forms are used or the wrong wording or protocol is used,” he continues. “In that case, we’d probably have to look at other insurance solutions that need to be developed.”
For Marsh, this would likely include modifying an existing cyber product to pick up any trends to identify out of this type of trading, reveals Mr Street, adding that, at the moment, it’s still very much a monitoring and reviewing process.
Mr Street highlights three things brokers can do to overcome the risks associated with the use of eBOLs. The first is trying to make sure the clients, or whoever is dealing with these EBOLs, exercise due diligence on the parties they’re contracting with: “know your customer, or know your customer’s customer,” he says.
To help with this, Mr Street suggests that shippers and banking staff alike should be more extensively trained in international trade. “Victims of trade fraud often lack information governing the commodity, route, method of trade, and ability to identify inconsistencies and irregularities in the documentation used and parties involved.”
Further, practitioners must be cyber-aware when it comes to their businesses and should not only confirm where all address commissions and brokerage commissions are destined but also check the registered details and banking details of the parties involved, he says.
And, when it comes to due diligence, Mr Street adds that shippers/carriers, banks and insurers should ensure that vigilance is maintained throughout the trade. At the same time, they should discourage passive acceptance when handling eBOLs as “fraudsters need only the inattentiveness of staff members to masquerade falsified documentation as the genuine article”, he says.
Second, Mr Street says: “Try to stick to the use of the approved, trusted e-platforms for two reasons: one, they should be more secure and two, they provide you with the backup protection of the P&I Club cover.”
On the surface, it appears that eBOLs are a better and more secure method of trade when compared to their paper equivalents. The use of encryption, digital signatures and audit trails, for instance, prove useful in thwarting fraudulent activities.
However, Mr Street advises caution: “While eBOLs are a more secure method of trade, no single solution can claim 100% invulnerability. In order to avoid the pitfalls associated with eBOLs, maritime and marine insurance practitioners should identify their eBOL exposures and align them with their existing risk management strategies.”
Marsh makes a number of recommendations which it hopes will prove important in assisting maritime and marine insurance practitioners when identifying eBOL exposures and complement existing risk management strategies.
Still, the introduction of eBOLs and its associated risks brings up an important question: should there, or is there likely to be a specific regime developed for eBOL trading? Although there isn’t anything specific in place at the moment, Mr Street says that it’s a valid idea, and one that may come through whichever body used is the most appropriate.
Alternatively, Mr Street suggests putting together some sort of forum where, in 12 months’ time, interested parties could get together and assess how smoothly the switchover has gone; whether there are any trends developing; how many incidents of fraud there has been; and, importantly, what the industry has learned from said incidents.
“Whether this is something the Baltic wants to promote or the P&I industry or whoever else, I don’t know,” he says. “I just want to throw it out there that it would be wise to get a brains’ trust together in say, 12 months and see where we are.”