Notepad: Risk in Review – April 2020

Morgan O'Rourke , Adam Jacobson


April 1, 2020

Aon Acquires Willis Towers Watson

In a merger of the second- and third-largest global insurance brokers, Aon agreed to buy Willis Towers Watson in an all-stock transaction worth nearly $30 billion. The deal is the largest ever in the insurance sector, exceeding ACE and Chubb’s $28 billion merger in 2016. The new company, which will be called Aon and maintain operating headquarters in London, will focus on risk, retirement and health. Its combined market value of $80 billion will overtake that of market leader Marsh & McLennan to become the world’s largest broker. “This combination will create a more innovative platform capable of delivering better outcomes for all stakeholders, including clients, colleagues, partners and investors,” said Aon CEO Greg Case, who will remain chief executive of the new entity. While the transaction is subject to approval by Aon and Willis Towers Watson shareholders and regulatory agencies, the parties expect it to be completed in the first half of 2021.

1 Billion Android Devices Vulnerable to Hacking

Over a billion Android devices are reportedly vulnerable to hacking and malware because they no longer receive security updates. No security patches are available for Android devices running operating systems below version 7.0, and Google data showed that around 42% of Android devices in use are running version 6.0 or below. According to IT security company Sophos, this means that most Android phones and tablets would become vulnerable after two to three years of use, a much shorter amount of time than most people keep their devices. Consumer watchdog group Which? tested Android devices from Motorola, Samsung, Sony, and LG/Google and found that security researchers were able to infect all five with malware. Which? computing editor Kate Bevan said, “It’s very concerning that expensive Android devices have such a short shelf life before they lose security support—leaving millions of users at risk of serious consequences if they fall victim to hackers.”

Wells Fargo Fined $3 Billion for Fake Accounts Scandal

The U.S. Department of Justice and the Securities and Exchange Commission fined Wells Fargo a combined $3 billion to resolve criminal and civil investigations related to its fake accounts scandal. As part of the agreement, the bank admitted to wrongfully collecting millions of dollars in fees and interest, harming customer credit ratings, and misusing sensitive personal information when it created millions of false and unauthorized customer accounts to boost sales numbers. The scandal has already resulted in thousands of firings, resignations of top executives, and hundreds of millions of dollars in fines, settlements and customer compensation. The latest deal does not exempt Wells Fargo employees from potential prosecution and does not address issues with the company’s auto insurance and mortgage practices that resulted in a $1 billion fine from the U.S. Consumer Financial Protection Bureau and the Office of the Comptroller of the Currency in 2018.

Led Zeppelin Wins Copyright Battle

A federal appeals court in Los Angeles upheld a 2016 verdict that rock band Led Zeppelin did not steal the opening riff of its ­classic song “Stairway to Heaven.” The suit alleged that, when Led Zeppelin singer Robert Plant and guitarist Jimmy Page released their 1971 anthem, they infringed on the copyright of the 1968 song “Taurus” by the band Spirit. In 2014, the estate of Spirit songwriter Randy Wolfe sued for damages reported to be between $3 million and $13.5 million. Page and Plant testified that they had never heard “Taurus” before, despite the two bands briefly touring together in the late-1960s. The court not only determined that any similarity between the songs was coincidental, but also overturned a precedent known as the “inverse ratio rule,” which lowered the burden of proof for copyright violations. The rule was used in a number of previous music industry infringement cases, including a 2018 suit that resulted in a $5 million judgment against Robin Thicke and Pharrell Williams for infringing on a Marvin Gaye song.

Tornadoes Rip Through Tennessee

Early on March 3, multiple tornadoes hit central Tennessee, killing at least 25 people and causing widespread destruction, including partially or totally collapsing almost 50 buildings in Nashville and cutting power to at least 78,000 people across the region. The state’s Super Tuesday primary voting was also disrupted by power outages and property damage to polling stations, some of which were moved to safer locations. AccuWeather estimated that the direct and indirect impacts from the tornado will total between $1.5 billion and $2 billion, including property, infrastructure and vehicle damage, as well as lost business, school closures and cleanup costs.

Australian Privacy Office Sues Facebook for $529 Billion

Australia’s privacy regulator sued Facebook for $529 billion in March over the Cambridge Analytica scandal, in which Facebook allowed users’ data to be harvested for targeted political advertising without user consent. Australia’s Privacy Act recommends a fine of $1.7 million per violation, and regulators claimed the scandal affected more than 311,000 Australian users. “Facebook’s disclosures, and its failure to take steps to prevent them, were systemic failures to comply with Australian privacy laws by one of the world’s largest technology companies,” the Office of the Australian Information Commissioner said in a statement. “Failure to hold Facebook to account is apt to undermine public confidence in Australia’s privacy laws.” In October 2018, the United Kingdom fined Facebook £500,000 (about $660,000 at the time), which was the maximum penalty regulators could levy before GDPR. Similarly, in July 2019, Facebook settled a suit over the scandal and other privacy issues with the U.S. Federal Trade Commission by agreeing to pay $5 billion and implement privacy measures.

Morgan O’Rourke is editor in chief of Risk Management and director of publications for the Risk & Insurance Management Society, Inc. (RIMS)

Adam Jacobson is associate editor of Risk Management.