Cyber Security

(00:01) Speaker: It's time for AMG's 2023 Community Leaders Series Podcast Edition. Over the last three decades, AMG has worked to make the role of community leaders more effective and less of a headache. Seminar topics are a response to what our Executive Board members have requested.

(00:18) Paul K. Mengert: The crooks are getting better and better at this. I know of a case in our industry where somebody hacked into an email account and had been reading the email exchanges.

(00:30) Speaker: And now here's your host and CEO of AMG, Paul K. Mengert.

(00:00:35) Paul K. Mengert: Good afternoon, everyone. My name is Paul K. Mengert and I'm here today with the AMG Community Leaders Podcast on cyber security. We're very pleased to have Joel Meskin with us as our guest. I want to welcome you to the AMG Community Leaders Series 2023 Podcast Edition. We are thrilled to have you here. This episode is proudly sponsored by Law Firms of the Carolinas, a firm renowned for maintaining the highest standards of integrity, ethics, and expertise. Law Firms Carolina is dedicated to assisting clients in making crucial decisions that have a profound impact on their lives, businesses, and communities. To learn more about Law Firm of the Carolinas or to obtain their service, please visit their website at www.lawfirmCarolinas.com or call 336.378.1899. In today's podcast, we'll be delving into the realm of cybersecurity. I'm pleased to introduce our guest, Joel Meskin, the Managing Director of Community Association Insurance Products and Risk Management at McGowan Program Administrators. I've known Joel for many years and worked with him on a number of different projects, but I want to give you some of his background information. He's been certified by the Community Association Institute as a Community Association Risk Management Specialist since 2005. He is also a member of the Community Association of Lawyers, and he has received the National CAI Award for Excellence for Chapter Leadership. His involvement dates back more than 22 years, and he's worked with over 200,000 community associations nationwide. He's currently serving on his third term as a trustee of the National CAI Board of Trustees. Joel is a prolific author and speaker, and he also hosts two LinkedIn discussion groups. Joel, I'm so pleased to have you here with us and be able to share some of your wisdom, knowledge, and experience with our clients.

(02:58) Joel Meskin: Well, I'm glad to be here, Paul, and I thank you for the opportunity.

(03:01) Paul K. Mengert: Joel let's just jump right in and discuss why community associations need cyber security when probably many of them have management companies that also have cyber security insurance.

(03:16) Joel Meskin: Well, let's start with the macro reason, and that is we're living in a brave new world. You know, none of us are sheltered from cyber issues, data breach issues, cyber criminals. It's just something that is here to stay and it's not going to go away. And there’s so many more vulnerabilities. When you and I started out and we were using, you know, chisel and stone to keep notes and such, it was a different time.

(03:45) Paul K. Mengert: That's not too much of an exaggeration.

(03:48) Joel Meskin: Yeah. So now, it’s as I said, it's a different world. One of the questions that I always ask boards and managers and such, less with managers because they're generally in good shape with most of this is, let's say you had a data breach, if you recognize it. Let’s say somebody puts malware into your computer and freezes it up and you get a nice little letter saying, you know, with $25,000 and we'll, we'll take it out. And my question to them is, who do you call? That is one of the biggest things. And you'll see when we get down and have a little more of a discussion about what you want in a policy, it's really what do we do? You know, most of us don't really know. Hopefully you've got a great insurance, community association insurance risk insurance specialist who can really guide you. But one of the key things in the coverages which we'll do down the road is they have what's almost comparable to a concierge at the insurance companies to help get you to various specialists that help you get out of these areas. The next reason is if you're dealing with property insurance right now, general liability insurance right now, it's very painful. It's very expensive. Right now, the cost of cyber liability data breach is surprisingly inexpensive. It may change as the years go on. But I just really quickly, I had one of my underwriters who does North Carolina and South Carolina just give me the last five cyber policies she did there. Just to give you an idea, and I'm going to run really quick through this. North Carolina 144 units, $556.32 per month per unit. Another one, 59, is more expensive. It was $585 for 59 units, $0.83 per unit per month. The other was $368, $0.17 for the 182 units per month. So, and then we had one that was 816 units, $914, so $0.90 per unit per month. So, it's one of these things when we're talking to board members and you've been in, I think in 1 or 2 budget meetings, probably. The budget meeting’s all about cost benefit analysis. And at this stage for boards, the cost benefit analysis is just never going to beat it at this time. The cost is so minimal that it's almost like they shouldn't have a discussion. And these are for full blown standalone policies. So that's really what they want. And with respect to the management company, one of the things that is sort of unique in this area is the data breach response statutes. Basically, even if you have a wonderful management company such as AMG handling all of your data for finances, for personally identifiable information, at the end of the day, you're still responsible if they have some form of breach. And there's very few that I'm aware of management company policies that are going to include the associations because you can't you're not going to be able to include 200 associations. I don't think that you would be able to pay for that type of a policy. I don't know if that answers your question. Do you have any follow up?

(07:08) Paul K. Mengert: I think I think it does, and I might help add to that a little bit. For years, we've been telling clients about fidelity insurance and pointing out to them that while the manager may facilitate the deposits, in most cases the funds are deposited into their bank accounts. So, a fidelity policy of the manager likely will not cover a theft from their bank account, you know, particularly if it's somebody not involved with the management company. So, I think similarly, if a bad act happens to their data through somebody in some far-off land, probably the management company's insurance company is going to say, not our fault that this happened. And in at least some of the cases that I've been aware of, the virus or kind of like what may have led to this, seems to have come from board members’ computers that are involved in this process. So, we have been strongly recommending to our clients to include this cyber as well as social engineering insurance in their policies because like you point out, it just doesn't cost a whole lot.

(08:24) Joel Meskin: Right. Just to give you one really quick story. Here in Cleveland, it's probably about ten, maybe 15 years ago, we had a management company that husband and wife, they managed 48 single family HOAs. They basically the wife, not the husband, the wife basically decided she's going to go on a shopping spree and stole $3.4 million from all of the associations. And as most of us who have dealt with these before, as an employer, as the owner, you're not going to be covered, even if they did have insurance. And none of these associations had insurance. So, it ruined their whole day.

(09:02) Paul K. Mengert: I remember that case. And yeah, you know, certainly sad to hear. Well, some of these have involved management companies. Also, some of them have involved board members or community members or people not even affiliated with the association. So, it's really crucial, and of course, we're here today to talk about cyber, but I would put in the same basket of concerns cyber, social engineering and fidelity insurance, all of which have a relatively low cost and offer just enormous benefits to the association. Joel, thank you for sharing this information. I want to take an AMG Community Leaders Series newsbreak and we'll be right back with Joel Meskin, who's one of the leading experts on community association insurance in the United States.

(09:59) Speaker: And now it's time for your HOA Solutions Today newsbreak.

(10:03) Newsbreak: A developer in South Florida expressed interest in buying out a nearly 60-year-old waterfront condo building in North Bay Village. The firm's portfolio includes other older condos, which are becoming more common in South Florida. Now developers are directing their buyout efforts towards older buildings located on land with favorable zoning. The process of condo buyouts and terminations can be lengthy. However, older properties are becoming increasingly expensive to maintain, leaving owners, including those on fixed incomes, struggling with the rising cost of insurance and construction, particularly when major upgrades are required. While the potential sale is still in its early stages, it remains uncertain if the majority of the owners are willing to sell, especially given the high cost of real estate in the area and the reluctance of owners to do so. Let us know your thoughts by leaving a comment at HOACommunityLeaders.com.

(10:53) Paul K. Mengert: We're back. I'm Paul K. Mengert and we're here with Joel Meskin discussing cyber insurance. Joel, first of all, I just want to really thank you. It's been a true pleasure working with you over the years and certainly appreciative of the, your willingness to share your expertise and knowledge and helping to get companies and community associations properly insured. Would you share with our listeners a couple more real-world examples of when cyber insurance comes in and really saves the association?

(11:30) Joel Meskin: Well, I had one. And the good news is we still haven't had a large number of the claims and I hope ultimately, we don't. And I hope that is going to be the result of people really taking to heart a lot of like with fidelity crime. If you have a guy with a rifle standing in front of the vault, there's pretty much a good chance you're not going to have anything stolen. Here, if you do a lot of the safeguards, backups, changing passwords, and that you're going to have a good situation. We had a very, very lovely one of the nicest buildings in Charlestown across from the Back Bay in Boston. I don't want to give the name; the manager was phenomenal. She just was right up with everything. Once, I believe it was a Sunday morning, she and they had a great broker, and they followed the broker. The broker told him they got to buy the cyber liability data breach services. So, they basically, I think her, two of her engineers realized that the building automation system, which I learned about very quickly then, was basically invaded and malware was put in there and they got a ransom letter. And they called the broker the next morning at I think it was about 8:30. Then the broker called me within ten minutes at least of hanging up. I contacted the insurance company, as I know with many of these, they have either a team coordinator or a concierge, that basically helps in these situations to gather the various people that may help resolve this issue. And so, in this case, the two key things that they needed is, they had an attorney on call with respect to a potential ransom issue, which thank goodness, didn't have to happen. And then they had they brought in by 1:00 that same day a computer forensic expert. And he was able to go in, he even found a server that they didn't realize they had. And the challenge for them was not so much the ransomware, I mean the event and the coverage. They had a very old, outdated computer system and I think they knew it and they kind of got an advantage here because the guy really led them through what they really needed. But they were able to basically isolate the malware. They were able to cut it off. They were able to get new servers prepared and everything, and they were back up and running within, oh, 24 hours. And the only thing that took a while was they had to buy a new system and put a new system together, which is beyond my level of comprehension, but I know it takes a while. Just to give you an idea, they were kind of concerned about the $1,000 deductible, which I kind of said, you know, if you don't pay the one, do the $1,000 deductible, I don't think I'm going to insure you next year. They ended up, I think from the carrier, the carrier, paid about $50,000 under the policy, you know, for all the work and the experts and such. And so, I think that was worth the $0.32 or whatever per unit per month that their association had. So that's one that sort of stands out there, that's pretty big.

(14:53) Paul K. Mengert: Exactly. And you know, of course, we've all heard a number of stories about people obtaining passwords and being able to get into bank accounts and transfer money out. And one of the ways I understand a common fraud is for a person to obtain the password of, for example, the president of an associations email and then email the board member or the rather the manager, the board member emails, the manager or the bank and says, transfer this amount of money to this account or this vendor. And in good faith the bank or the management company transfers the money only to later find out that the board members email account had been hacked and it was a fictitious email. Even though it may have come from the actual board member’s account. So that's just another example of how these things may happen.

(15:57) Joel Meskin: We had one wasn't it wasn't the management company or the association, but it intensely involved them. It was an association that received a $1.2 million construction defect award in litigation. It was put into the attorney client trust fund because it was going to take about three weeks or so to be able to do all the releases and settlements and all that. So about two weeks into it, the bookkeeper at the law firm got a call from somebody saying that how this is like Betty, and, you know, John's on vacation. He asked me to call you and have you, you know, send the money, and send it to we have a new account. So, send it to the new account, which should have raised a lot of flags. And she transferred $1.2 million to that other account and then the next week the manager came back and the person from the law firm, he called the law firm and they basically said, hey, can you transfer the money? And she probably fell out of her chair. But she said, we did it last week. And that stirred up a lot of issues. But those are things that, you know, it's all about proactive. It's all about multifactor authorization. I don't know how you guys are doing Paul, but I think my company is going pretty overboard with this and think I have to do 2 or 3 multifactor type issues each morning when I'm trying to get in.

(17:22) Paul K. Mengert: Well, you certainly, we certainly try to, Joe, but the crooks are getting better and better at this. I know of a case in our industry where somebody hacked into an email account and had been reading the email exchanges between this person and, you know, various people. So, they'd had access to the account for some time. So when they sent an email saying to transfer the money, it also included a whole lot of other information that you would think you'd have to have really known the people to include as I recall, they discussed taking the person's little boy to Disney World and discussed a retaining wall they were in the process of building and oh, by the way, transfer that money. And sometimes it's not like 1.2 million. The case I’m talking about, I think it was $5000. So, it was certainly enough that it was very upsetting, but it wasn't enough that, you know, you might have jumped through a couple hoops. But I'm also told, although I can't tell a specific story of this, but I'm also told now with automated intelligence that they can take a video recording that could be readily found online probably and simulate your voice enough to call up and leave a voicemail or even have a conversation. But I understand one of the things from some banker friends that's happening is people are calling up, leaving a voicemail saying, I want to call and confirm the wire transfer I sent by email. So even if you have a voicemail that appears to be from somebody, be careful. And yeah, I'll just put out one other tip on this with confirming. I'm always told if you do not know yourself what the phone number is, look it up on some source other than the document you get to confirm because one of the things the thieves have done is to send me a document saying call this number to confirm the transaction. But the number I'm calling is not actually, you know, to the law firm or the board member or whoever I should actually be calling. So, the thieves are really smart on this. We have a lot of exposure. We hope by having industry information like this out there not only encourages people to buy the insurance, but to be more aware of the exposure.

(19:51) Joel Meskin: Yeah, and one of the things that I'll just add to it, and you probably see this every day of your life. Is, you know, a lot of board members and a lot of people have a very false sense of security thinking it's not going to happen in a community association. Who wants to hack or do something with the community association? And, you know, all the community association people have credit cards, and the credit cards may be kept on file because people are doing credit card payments and I mean this is why you need a property manager, you know, a lot of self-insured and I just say, you know what, you know, you're going down a rabbit hole. You really need to have a professional, so.

(20:28) Paul K. Mengert: Yeah, it’s probably been ten years ago now that our company stopped accepting credit card information. And you know, we have that all handled by a third-party financial institution that, you know, can have way more cybersecurity than we have. But on the other hand, it seems like every week I'm reading about some big company being hacked into. So, there's never a perfect solution. Yeah, we have another AMG Community Leaders Series newsbreak. And we'll be right back with Joel Meskin.

(21:03) Speaker: And here's another HOA Solutions Today newsbreak.

(21:07) Newsbreak: Is having a Reserve Study really necessary? The answer is yes, if not more so, since the Reserve Study provides critical information about the needed repairs and upgrades for the HOAs, it should be important to conduct them every 3 to 5 years in order to stay up to date with the latest regulations. These studies are costly, not only because the work is thorough and gives an accurate reflection of the state of the building at the time, but also because they will require involving a mechanical engineer and other consultants or experts. In addition, tackling emergency repair jobs are always more costly than planned ones, so it makes sense for Fannie Mae, one of the governments backed loan buying organizations, to put buildings on its do not lend list if they are not putting 10% of their operating budget toward a reserve fund each year as part of future planning efforts that can help prevent special assessments. Does your community have a Reserve Study? Let us know by leaving a comment at HOACommunityLeaders.com.

(22:02) Paul K. Mengert: Welcome back, folks. I'm Paul K. Mengert and I'm discussing cybersecurity today with Joel Meskin, who probably knows more about how to insure against these risks than anyone else in the country. Joel, you know, I think we've laid out some of the issues, probably scared the beejeebers out of some folks about what the exposures and risks are. Give our listeners some ideas about what they should be doing and what they should be looking for in their insurance policies.

(22:33) Joel Meskin: Well, the first thing and especially these days when we have it's such a good price point, I'd love to be able to say that as an insurance person that I have a product that has a good price point. But the stand-alone policies, there's really no reason not to have a standalone policy. A lot of carriers will throw in a coverage, they'll put in even a few coverages, but they'll have sub limits. And you know, once people see, oh, we have cyber liability, but you know, they don't really understand. So, the very first thing you got to do, and I think this is with any insurance is you have to find a community association insurance specialist who knows cyber liability data breach and has really been keeping up with the exposures and the limits that are needed and what's changing in the market. I think that's really when you're looking for a policy, the first thing to do. The second thing and again, this goes back to what we were just talking about in the last segment was you have to be proactive. You know, risk management isn't we have transfer of risk, and we have proactive protection against risk. And if you don't have various systems in place, if you don't have multifactor authorization, if you don't change, you know, passwords, I have to change passwords quite often just because I forget them. But a lot of people, you know, have had the same and they people just have really bad decision making. So, when you look at the policies for the cyber liability data breach, it's a little bit different than some of the other policies. It's actually similar in some ways to combination of directors and officers and fidelity crime because we have the key one is cyber liability. And that's I've rarely seen the cyber liability at this point, but that would be where the association or even a management company doesn't have their system up to date or they don't put in the proper defenses, and they actually get sued. And so, this would be a defense and indemnity type coverage. The other one and this I think if you had nothing else, this one I think is worth its weight in gold, and that's the data breach response services. That goes to, you know, providing computer forensic legal services, notifications. Because when you're dealing with a data breach, if it meets certain thresholds you got to report it to the Attorney General and then the Attorney General is going to do probably an investigation. There's a management company, a few years ago in Massachusetts that basically did this, and they got fined for $15,000. But, you know, that could ruin a manager's whole day. So, they ended up doing that. But then the most expensive stuff was they got fines and penalties, which generally aren't covered under any general liability policy. They get a defense and there's not going to be a defense to this in a general liability policy. But they get public relations and crisis, a lot of education provided. And that's one of the things that I try to get people, you know, when we send them a policy, even on my, you know, in the employment practices side, you know, we have a lot of services that are free, you know, and thought free would be something that would make a board feel pretty good. But so that's really one of the things. So that sort of answers the question, who do I call? And they have the number of who you call. And we gave the example of the last segment. Then you have the regulatory defense, because if you fail to give the notice, then you're going to be sued by the Attorney General. And it's not a private right of action. The Attorney General is going to do it and you'll actually get coverage for a defense and potentially indemnity. And the next big thing is fines and penalties are covered under these policies, which, as you know, fines and penalties are excluded from the definition of loss in most different policies.

(26:36) Paul K. Mengert: Well, this is really helpful information. When a board member is considering, is it worth a little extra cost? I certainly think it is. And we're very much encouraging our clients to pick up standalone policies in this area. No one wants to be in a position of going to an annual meeting and having to explain why we're having to have a special assessment, or a fee increase to cover a loss because we didn't think we could afford the insurance.

(27:06) Joel Meskin: So, I just have one last comment to throw into the mix here, because it's one of these that a lot of people I don't think realize, you'd spoken a couple of times about the social engineering. One of the things in the area of social engineering is they don't offer really high limits anymore because it's one of the more prevalent situations. So, what I have, and I presume other programs have it too, is I will offer the cybercrime coverages, social engineering, wire transfer fraud, and computer fraud in addition to the other. And that would be in the price that I just talked about earlier. And what that does is it stacks higher limits on top of what you get in your fidelity crime policy. So that that's something to keep in the back of your mind and share that with your broker because think they would probably find that something they'd probably recommend.

(28:00) Paul K. Mengert: Make sense. And I just want to go back and emphasize really the first thing you said in this segment was you’ve really got to talk to insurance agent who is really familiar with community associations and the exposure, preferably somebody who has maybe been certified through CAI for their work in this field. Now, Joel, your company doesn't actually sell directly to associations, so to obtain coverages through the McGowan Group, you have to go to a qualified agent and then they would propose McGowan maybe as part of a package of insurance that they might propose to the association. Is that right?

(28:42) Joel Meskin: That’s correct. And so usually what we have in and actually we're going to have our package policy back out on the street soon. But my world, we have directors and officers, liability, fidelity crime, cyber liability, data breach umbrella, and then one which is just going gangbusters, is my special event policy. When somebody rents, it's a nice transfer mechanism, but even more than that, it saves people, you know, time, because brokers don't make any money with those policies. It's a pain in the neck for the manager. So here they go to a portal, they pay for it with a credit card. It goes directly to the management company. They're all done. So those are things that, you know, my whole thing is let's transfer as much risk as we can. Let's tell people as best as they can how to prevent some of the silly things that occur. And that's as a risk manager, that's what we attempt to do.

(29:39) Paul K. Mengert: Thank you, Joel. This has just been great information. I think our clients will find it very valuable. We're going to take one final newsbreak today.

(29:50) Speaker: And now our final HOA Solutions Today newsbreak.

(29:55) Newsbreak: A Roswell, Georgia community of only two streets where the residents have lived for more than 20 years, asked their local government for help after rainwater causes a sinkhole, a road to collapse and other flooding issues. Back in 2019, the quiet community of 30 homes had a one-acre green space at the center of the neighborhood that once served as a shared picnic area until a 15-foot sinkhole that had been forming for two years prior caved in. Repairing a decade old underground pipe could lessen the problems. But owners need help to afford the $300,000 cost. City officials are currently exploring ways to not only fund the pipe upgrade, but how to tackle the stormwater problem that is common in private residential communities in Roswell. To read the full story, go to HOACommunityLeaders.com.

(30:41) Paul K. Mengert: We're back with Joel Meskin everyone, as we close out today, I think it's important to kind of summarize what we've talked about. And Joel, I'm going to throw out my three big takeaways and certainly welcome your comments on these. One of the things I think communities really need to analyze is their cyber risk and fidelity exposures in general. And in most cases, they really need to look at independent coverages on their insurance because there's a good chance that the management company’s coverage, whether it be AMG or some other management company, when you get down to the end, the management company’s insurance likely will not cover the association's money. Number two, we really need to work with everybody in our industry, both the professionals and the volunteer community leaders, to be vigilant against cyber and other crimes that could affect the association. And finally, number three, takeaway is none of us can know enough about this to navigate it on our own. We really must work with an insurance agent who specializes in this area, and AMG encourages association leaders to meet with their insurance agent, either in person or virtually at least once a year, to review all of these matters. Joel, any follow up comments?

(32:13) Joel Meskin: The only thing I would like to emphasize and if we were in a longer presentation, we went through this a little bit deeper, would be just take an audit of all the different items that you use on a daily basis, from iPhones to card keys to everything. And what you'll find out is you have a lot of potential exposure that, you know, you really never had. And once you have all those exposures, then I think you have to reel them in, develop some policies, which is what the board is supposed to do, and minimize the potential exposure. And, you know, and a lot of people, you know, it's like telling your kid to go to his room and write a paper. You know, most people don't want to do that kind of thing.

(32:56) Paul K. Mengert: Well, thank you, everyone, for tuning into our episode. And our special gratitude goes to Joel Meskin for sharing his insight on cybersecurity exposures for community associations. Joel, it's been a real pleasure having you today. Thank you very much for all you have done to help us and help our clients over the years, and we certainly look forward to continuing to work with you.

(33:23) Joel Meskin: I appreciate the opportunity, as always.

(33:25) Paul K. Mengert: In closing, I'd like to sincerely thank our episode sponsor, Law Firm of the Carolinas. The firm is renowned for maintaining the highest standards of integrity, ethics, and expertise. Law Firm Carolinas is dedicated to assisting clients in making crucial decisions that have profound impacts on their lives, communities, and businesses. To learn more about Law Firm Carolinas or to obtain their service, please visit their website at www.lawfirmcarolinas.com or get in touch with them at 336.378.1899. And of course, many of you know this law firm as being the firm of Jim Slaughter and Steve Black, as well as many other fine attorneys. I'm Paul Mengert, your host for AMG Community Leaders Series 2023 Podcast Edition. If you would like to explore more of our podcast episodes or access additional 2023 CLS content, please visit HOACommunityLeaders.com.

(34:32) Speaker: Thanks for listening to 2023 AMG's Community Leaders Series Podcast Edition. To find more information on this episode, please visit HOACommunityLeaders.com.

(34:44) Speaker: This podcast is a production of BG Ad Group. All rights reserved.

• Communities need to analyze their cyber risk and fidelity issues.

• Professionals and volunteers need to work together to be vigilant against cyber and other crimes that could affect the association.

• Communities are not experts on cybercrimes; therefore, it is important to find and work closely with an insurance agent who specializes in this area.

Click HERE to read Joel’s recent article on cyber liability/data security. (Page 10 - 15)

Waterfront North Bay Village Condo Building Targeted For Potential Buyout

A developer in South Florida expressed interest in buying out a nearly 60-year-old waterfront condo building in North Bay Village. The firm’s portfolio includes other older condos, which are becoming more common in South Florida. Now, developers are directing their buyout efforts towards older buildings located on land with favorable zoning. The process of condo buyouts and terminations can be lengthy. However, older properties are becoming increasingly expensive to maintain, leaving owners, including those on fixed incomes, struggling with the rising costs of insurance and construction, particularly when major upgrades are required. While the potential sale is still in its early stages, it remains uncertain if the majority of owners are willing to sell, especially given the high cost of real estate in the area and the reluctance of owners to do so.

How Often Does Our Board Need To Do A Reserve Study For Our Building?

Is having a reserve study really necessary? The answer is yes, if not more so. Since a reserve study provides critical information about the needed repairs and upgrades for HOAs, it should be important to conduct them every three to five years in order to stay up to date with the latest regulations. These studies are costly, not only because the work is thorough and gives an accurate reflection of the state of the building at that time, but also because they will require involving a mechanical engineer and other consultants or experts. In addition, tackling emergency repair jobs are always more costly than planned ones, so it makes sense for Fannie Mae, one of the government-backed loan buying organizations, to put buildings on its 'do not lend list' if they are not putting 10 percent of their operating budget toward a reserve fund each year as part of future planning efforts that can help prevent special assessments. Does your community have a reserve study?

Roswell Neighbors Fear Sinkholes, Stormwater Damage Will Lead To Roads Caving In

A Roswell, GA, community of only two streets where the residents have lived for more than 20 years asks their local government for help after rainwater causes a sinkhole, a road to collapse, and other flooding issues. Back in 2019, the quiet community of 30 homes had a one-acre greenspace at the center of the neighborhood that once served as a shared picnic area, until a 15-foot sinkhole that had been forming for two years prior caved in. Repairing a decades-old underground pipe could lessen the problems, but owners need help to afford the $300,000 cost. City officials are currently exploring ways to not only fund the pipe upgrade but how to tackle the stormwater problem that is common in private residential communities in Roswell.