Top 3 Business Risks Freelance Consultants Should Know About
Article overview:
Business Risks for Consultants: This Can Go Wrong
Risk Number 2: Legal Infringements
Business Risk of Copyright Infringement
Cybersecurity Tips for Consultants
Cybercrime: How to Protect Your Business
Business Risks for Consultants: This Can Go Wrong
As a consultant, there are a number of risks you need to be aware of, regardless of the sector you work in. Your biggest business risk is causing financial loss to your clients. Another risk is damage to property or personal injury. All of these damages are usually the result of an error in the performance of your work as a consultant. So the biggest risk to your business is actually you.
Risk Number 1: Malpractice
It does not matter in which field (e.g. IT solutions, digital infrastructure, communications, coaching, real estate or human resources) you advise your clients: Mistakes can always happen. An analysis of real claims reported to exali shows that professional errors are among the most common causes of claims for consultants. We have compiled a few examples of what such errors can look like.
Liability for Consulting Errors
There is still a dangerous misconception in the consulting industry that someone who "only" gives advice is not liable. This assumption is wrong and can be costly: Whether you advise as a consultant or implement and execute concepts yourself, you can be held liable for damages resulting from your errors and omissions.
For example, let's say you've been commissioned by a company to carry out a location analysis for a new branch and it turns out that you've overlooked the fact that a competing company has also opened a branch in the immediate vicinity. In this case, your clients could claim damages not only for the incorrect advice, but also for the investments made on the basis of that advice.
Faulty Location Analysis
This is exactly what happened to a business consultant insured with exali: A pharmacist had commissioned him to carry out a location analysis for his new business, and during the research the consultant overlooked the fact that another pharmacy was due to open at around the same time in the immediate vicinity of the location he had recommended. The result: the angry client demanded compensation because he had already invested in the new pharmacy and signed long-term contracts.
Consultants as Scapegoats
Not every claim for compensation is justified, as the case of a consultancy firm hired by a local authority to consult on street lighting shows. The town council wanted to know whether it could save money by converting its street lighting to LED. The consulting firm's subsequent analysis concluded that there was indeed potential for savings, and the council went ahead with the conversion. Some time later, however, the consultants suddenly received a letter from the lawyer of the municipality, in which the company was held responsible for, among other things, the additional costs of retrofitting the street lighting, the lack of cost savings from the LED luminaires and other additional costs, and was ordered to pay 20,000 euros in damages.
However, a review by the consultancy found that the additional costs had been incurred in areas outside the scope of the agreed consultancy and that the lack of energy savings was due to a failure on the part of the council. As the company had taken out Professional Indemnity through exali, it eventually forwarded the solicitor's letter to us. After reviewing the case, the insurer also concluded that there had been no consultation error or omission, and instructed a specialist law firm to defend the claims. Thanks to the integrated Passive Legal Expenses Insurance, the policyholder did not incur any additional costs, but the case shows that even unjustified claims can end up in court, costing freelance advisers a lot of time and, above all, money.
Passive Legal Expenses Insurance explained
In the context of Professional Indemnity, the term passive legal expenses insurance means that the insurer will pay benefits not only to compensate or settle claims, but also to defend against unjustified claims.
This defence may include, for example, the costs of specialist lawyers, litigation, expert witnesses, witness fees or travel expenses. Passive legal expenses insurance is an important component of Professional Indemnity, as freelancers and self-employed professionals run a high risk of disputes with former clients ending up in court.
Liability for Omissions
Sometimes, however, a mistake is not what was done, but what was not done. An omission is also one of the professional errors for which you, as a consultant, can be held liable. This is well illustrated by the case of an energy consultant who was hired by a couple to apply for funding to replace the windows in their home. Unfortunately, the consultant missed the deadline for submitting the paperwork for the grant, and the relevant authority promptly rejected the application. As a result, the couple claimed the lost grant directly from the energy consultant. You can read about the case in this article: Forgotten Confirmation Causes 4.000 Euros Damage
Headhunter Places CFO with Criminal Record
Even more dubious is the case of a headhunter hired by a company to find a new CFO. The headhunter quickly discovered what he was looking for and the candidate he proposed was hired. After some time, however, the company noticed irregularities in the management, which turned out to be the fault of the CFO. He was then investigated further. It turned out that he already had a criminal record for fraud. The headhunter had relied on the candidate's information and failed to obtain a police clearance certificate. The company demanded that the headhunter pay back the costs of recruitment, induction and the irregularities caused by the CFO: a sum of around 145,000 euros! Read the full case here: Headhunter places CFO with criminal record.
Farmer Forfeited Subsidies
This case concerns a business consultant who specialised in advising agricultural businesses. He was to advise a farmer who wanted to build a new barn for his dairy cows with the help of subsidies. The farmer overlooked the fact that he had to submit the planning documents on time, and his application was promptly rejected. This was a disaster, as he had already invested more than 100,000 euros, which he was now claiming back from the consultant as compensation, as the latter should have informed him of the deadline.
Liability for Breach of Confidentiality
As a consultant, you often gain deep insight into your clients' sensitive data and/or trade secrets. Some consulting activities, such as business valuations, economic due diligence or negotiation support, are therefore usually subject to strict confidentiality and non-disclosure agreements. These usually include substantial penalties for breach. However, even without a separate confidentiality agreement, the duty of confidentiality applies to you as a secondary contractual obligation.
This means In a project contract, the contracting parties are generally obliged not to disclose any information that could cause damage to the other party if it became known. This duty of confidentiality always exists, even without a separate agreement. If you breach this duty, for example through a misdirected email or your own employees, you can be held liable. Your client may claim damages from you, give you a written warning or even terminate the project contract.
A real damage event shows how quickly such a breach of confidentiality can occur when some IT freelancers describe their projects in too much detail in a business profile: Too much information in the business profile
Risk Number 2: Legal Infringements
In addition to professional errors, legal infringements are among the most common causes of loss. An analysis of the damage events reported to exali has shown that these four legal infringements are the most common:
- Copyright infringement (78 per cent)
- Infringement of competition law (17 per cent)
- Trademark infringement (3 per cent)
- Violation of personal rights (2 per cent)
In fact, we also have some examples of real damage cases in which consultants committed a legal violation.
Infringement: SEO Consultant Copies Website Content
The opposite of good is well-intentioned. This proverb applies to an SEO consultant who only wanted to help a campaign by the consumer advice centre of North Rhine-Westphalia to gain more reach. But he decided to put the entire campaign on a single homepage - including logos, buttons, fonts and original text modules. As a result, he received a written warning, including a cease and desist letter, for trademark and copyright infringement.
Business Risk of Copyright Infringement
The reason why copyright infringement is one of the most common infringements is obvious: the rights to images, videos, text or sound recordings always belong to the authors. Anyone who wants to use images, video, audio or text content from others must therefore ALWAYS agree on a right of use with the authors. Therefore, a project contract should always include the rights of use and copyrights of the creations developed under the contract (e.g. texts, photos, products).
To avoid copyright infringement, the following points should be considered
- Licence of use: Always obtain the right of use if you want to use images, videos, sound recordings or text that you have not created yourself.
- Databases: If you acquire content from databases such as Adobe Stock, Audio Jungle, etc., make sure you know which channels the licence covers.
- Beware of legal texts: Legal texts such as terms and conditions are also protected by copyright!
- ChatGPT and Co: If you use AI programmes to create your content, check the texts with plagiarism software before publishing them on your own website.
Trademark Infringement: Use of a Slogan
In this case, a freelance consultant wanted to draw attention to herself by using a catchy slogan on her profile on a business platform. But that was not all: she also used the same slogan as the title for a webinar she was offering. What she didn't know was that another company had already registered the slogan as a word mark, so she received a written warning for trademark infringement. The cost: 100,000 euros!
The Right Coverage for Consultants
These real damage events make it clear that there are many risks that can put consultants out of business. High claims also have the potential to jeopardise the entire business. This is where exali's Professional Indemnity Insurance comes in. It offers optimal insurance cover for consultants, interim managers and trainers.
It is structured according to the principle of blanket coverage. This means that you are covered for all consulting activities without having to list them separately. In the event of a claim, the insurance will first cover the costs of establishing fault (e.g. for lawyers, experts or surveyors). If the claim is justified, the insurance company will pay the claim. Whatever the outcome of the case, Professional Indemnity will keep you on the safe side as an adviser.
Risk Number 3: Cybercrime
Cybercrime is on the rise. A (sad) trend that continues. Studies have been showing this for years: Cyber attacks are one of the biggest business risks for companies, but also for the self-employed and freelancers.
Business Risk Ransomware
Ransomware attacks involve criminals gaining access to IT systems or programs, encrypting them and demanding a ransom from their victims in exchange for the release of the infected systems or programs. But that's not all: criminals often steal sensitive electronic data, for example from customers or business partners, and offer it for sale on the darknet. The consequences of such an attack can be devastating to your business - not just the cost of repairing damaged systems or programmes, but also business interruption and/or damage to your reputation.
We have summarised how ransomware works and what you can do to protect your business in this article: How to protect your business from becoming a digital hostage.
Business Risk Social Engineering
Social engineering is the targeted manipulation of people. Cybercriminals use traits such as helpfulness, trust or fear of authority to get their victims to divulge sensitive information or ignore security precautions. CEO scams are particularly popular. In this case, the attackers pretend to be the boss in order to deceive employees.
Vouchers Scammed with CEO Fraud
For example, in one case reported to exali, the employee of a company insured through exali was allegedly contacted by its CEO and asked to buy vouchers for the Google Play Store. The employee promptly complied and bought 15 cards for 100 euros each, which he passed on to his alleged boss. A little later it turned out: The request was not made by the real CEO, but by fraudsters. The 1,500 euros were still gone. You can read more about this case in the following article: When scammers pretend to be the CEO
Cybersecurity Tips for Consultants
Cybersecurity is very important for companies as well as for the self-employed and freelancers. A successful cyber attack can affect not only your business, but also that of your clients. These protective measures can help minimise the risk:
Regular Backups
Probably the most important defence against a cyber attack is to regularly back up your data offline. So: Make regular backups of your work and store them in different locations, such as external media, the cloud, etc.
Apply the 3 Seconds Rule to emails
Always be cautious with emails and do not open attachments or click on links lightly. Instead, follow the 3 second rule and ask yourself the following questions
- Do I know the sender of this email?
- Was I expecting this email?
Especially for unknown senders and emails you are not expecting, the following security checks can help
- Check the email address (is this really the sender it says it is from, or is it someone else's email address?)
- Check the email for spelling mistakes or odd wording.
- If in doubt, contact the sender in another way (e.g. by phone) and ask if the email is really from them.
- Never give out account information, login details or passwords over the phone, by SMS or by email.
Regular Updates
Always make sure that your IT systems (e.g. operating system), any software you use (antivirus software, Adobe Creative Cloud, accounting software, invoicing software, CRM tools, etc.) and the apps on your smartphone are always up to date.
Multi-factor Authentication
Especially with external tools and platforms or software providers, you should always use multi-factor authentication, or at least two-factor authentication. This also applies to social networks or business platforms, especially if you are advertising.
Caution on public networks
When working on public networks while travelling (e.g. on the train, at the airport or in a café), always use a VPN to ensure that your data is not sent unencrypted over the Internet.
Cybercrime: How to Protect Your Business
The biggest problem with cybersecurity is that there is no 100% protection against cybercrime. That's why you should take precautions, because encrypted or damaged IT systems or programs, as well as stolen data, can quickly become very expensive. exali offers the following solution for freelancers and companies:
First-Party Cyber and Data Risks Insurance (FPC) Add-on
The add-on First-Party Cyber and Data Risks Insurance (FPC) can be added to your Professional Indemnity Insurance and protects you against the consequences of cybercrime. The benefits of FPC are
- Covers hacking damage to your own IT systems
- Protection against ransomware attacks (including ransom payment)
- Cover for costs/additional costs of avoiding or shortening business interruptions
- Protection in the event of a breach of confidence (deliberate damage to your own IT by employees)
- Payment of ransom demands
The FPC also covers the costs of PR and crisis management, as well as specialised lawyers and computer forensics specialists.