Start of Main Content

Governance

Enterprise Risk Management

Mitigating risks while identifying and acting upon opportunities that will support Stewart in achieving its strategic, financial, operational and institutional goals is key to Stewart’s success. That is the objective of Stewart’s Enterprise Risk Management (ERM) program.

The board and executive management team are responsible for ERM and have established an ERM committee to assist with oversight. The ERM committee is chaired by the chief risk officer and consists of representatives from across the enterprise. The ERM committee regularly provides presentations and updates to the board and executive management on current and emerging risks and provides recommendations on how to improve risk management processes.

Key elements of the ERM program include:

  • Managing risk within a defined governance structure as established by the board and executive management 
  • Using an enterprise-wide portfolio approach and framework for the management of enterprise risks through the formalization of an ERM process that will identify, assess, respond, manage, monitor and report on key risks the company faces in a timely manner 
  • Implementing appropriate risk management strategies that are responsive to the company’s risk profile, business strategies, risk appetite, specific key risk exposures and risk tolerance thresholds 
  • Integrating consideration of risk and risk management into business decision-making throughout the company 
  • Communicating necessary information with respect to key risks to senior executives and, as appropriate, to the board or relevant committees 
  • Assessing environmental, social and governance risk 
  • Identifying and assessing emerging risks that may impact the organization 

Information Technology and Security

Our Privacy Policy defines how we protect the non-public, personal information of our clients and partners. Stewart also recognizes the importance of protecting our clients’ and partners’ confidentiality and data integrity. To that end, we continuously and methodically evaluate cyber risks, how they evolve and how they affect us.

Stewart’s Cybersecurity Program takes into account the evolving legal and regulatory requirements, industry standards, cybersecurity risks, and geopolitical environment. We are committed to cybersecurity education and training across our entire organization, including our employees, partners and customers. Stewart continuously evaluates and monitors third-party risk relating to the protection of sensitive data and information systems. Our program focuses on a broad area of security domains, including:

  • Risk management
  • Data protection
  • Security event monitoring
  • Identity and access management
  • Threat and vulnerability management
  • Disaster recovery
  • Business resiliency
  • Continuity

Our chief information security officer oversees, implements and enforces the Cybersecurity Program and provides annual and periodic reports on the status of cybersecurity across the organization. Our cybersecurity team routinely challenges our employees and the effectiveness of existing controls. A dedicated group, which includes our chief information security officer, runs simulated tabletop exercises to prepare for any attack.

Wire Fraud Prevention

The real estate industry is a major target for wire fraud attempts, due to the large sums of money that are exchanging hands. Wire fraud is a serious issue that we have been focused on combatting for several years. According to the FBI’s 2024 Internet Crime Report, the real estate sector suffered losses of more than $173 million in 2024 with more than 9,300 complaints filed to the FBI Internet Crime Complaint Center (IC3). While these numbers are a significant improvement from the prior year, we must continue to do everything we can to combat wire fraud.

We have several measures in place, including a strict policy on how to provide and receive wiring instructions, callback verification, secure email transmission, centralized control of bank account access, email warnings, and education and awareness for customers, real estate agents and all employees. All employees are required to complete mandatory wire fraud and security awareness training each year.

We are an industry leader in taking concrete steps to protect our customers, partners and company against wire fraud. In Canada, we partner with Treefort™ for identity authentication technology to protect our customers. In the U.S., our partnership with CertifID® is an important part of our overall program.

CertifID Program

Stewart, our Stewart Trusted Provider independent agent network, and customers, have access to CertifID, the leading provider of wire fraud protection for the title industry. CertifID facilitates sending wire instructions more securely. The service also includes insurance coverage in the event of loss as well as fraud recovery services.

  • On wire transfers they facilitate, CertifID: 
  • Confirms client identities and receipts of wiring details Secures the transfer of bank account information 
  • Provides mortgage payoff protection through wiring instruction verification 
  • Guarantees each wire transfer up to $5 million against fraud 
  • Provides funds recovery services to assist in the return of stolen funds Validates the authenticity of wiring instructions to ensure payments aren’t sent to fraudsters 
  • Validates the authenticity of wiring instructions to ensure payments aren’t sent to fraudsters 

Learn More About CertifID

Fraud and Forgery Watch Program

Our Fraud and Forgery Watch Program rewards our employees and those of our independent agents who discover and report fraud or forgery connected with a title insurance order or policy.

Business Continuity

As part of our emergency response management, Stewart has an enterprise-wide business continuity program (BCP) and disaster recovery (DR) plan to ensure continued operations of critical services in the event of a disruption to regular operations. Our board of directors review the BCP.

Key elements of the program include:

  • Annual updating of individual BCP and DR plans for all critical Stewart offices and corporate support functions 
  • BCP plans with standardized procedures across the company, where appropriate, as well as individual elements to reflect unique considerations of each business operation or support function 
  • Company-wide policies and guidelines detailing responses to a range of potential business disruptions, such as natural disasters and pandemics 
  • Emergency management team consisting of Stewart senior leadership team members to ensure a quick and coordinated response to events 
  • Annual testing of the effectiveness of Stewart’s response to various scenarios 

AI Governance

In early 2025, Stewart’s AI Council was restructured to strengthen engagement, improve governance, and increase operational efficiency. Key updates include:

  • Optimized our intake process for AI projects enabling more efficient review and routing by project type 
  • Enhanced leadership structure by onboarding a dedicated AI Project Manager and forming a high-level group to guide EMT and enterprise-level POCs 
  • Hosted strategic learning and development sessions on compliance/governance  
  • Restructured council meetings to prioritize updates on executive and board initiatives while fostering team input and cross-functional awareness. 

The AI team at Stewart Used artificial intelligence to create business improvements such as our Virtual Underwriter AI Agent benefiting both employees and customers. The AI Agent – Virtual Underwriter Explorer, or VUE – represents a meaningful enhancement of the platform and reflects our overall goal of utilizing AI in conjunction with our employees to provide the best solutions for our customers.

Anti-Corruption

Stewart and its family of companies have robust policies against corruption of any kind. Most are set forth in the company’s Code of Business Conduct and Ethics. The Code also establishes Stewart’s foundational expectations and core values for its employees and board of directors. Violations lead to employment action up to and including termination. Several areas in the Code and in other company policies, bulletins and guidelines, such as the Related Party. Transactions Policy, Vendor Risk Management Policy and the Securities Trading and Investment Policy form the basis of Stewart’s Anti-Corruption philosophy.

The areas include:

  • Improper payments 
  • Conflicts of interest 
  • Prohibited personal use of corporate property and corporate information 
  • Gifts, loans and entertainment 
  • Laws, regulations and government-related activities 
  • Antitrust 
  • Insider trading 
  • Real Estate Settlement Procedures Act (RESPA) 
  • State anti-kickback and referral fee laws 
  • Foreign Corrupt Practices Act (FCPA)
  • Office of Foreign Assets Control (OFAC)
  • Fair dealing
  • Related party transactions
  • Wire fraud
  • Government business
  • Vendor risk
  • Political contributions

Our policies and guidelines provide information, support and resources to ensure that we act ethically and in compliance with the laws and regulations that affect our business. Adherence is vital for Stewart to continue as a leader in our industry and to preserve the company’s reputation for integrity and strong ethical standards. Employees have access to training materials on all related topics. For example, each year, affected employees complete training and certification for FCPA compliance purposes.

Board of Directors

A board of ten members brings diverse experience and guides key company decisions.

Learn More
Compliance

Compliance is a core part of our culture, ensuring we act with integrity and ethics.

Learn More
Enterprise Risk Management

Managing risks and seizing opportunities is key to Stewart’s success.

Learn More
Political Activity

We respect employees’ right to engage in lawful political activities using their own resources.

Learn More