News‎ > ‎

CYBERCRIME BY WIRE FRAUD – ARE YOU INSURED?

posted Mar 6, 2018, 7:33 AM by Kim Whitlock   [ updated Mar 6, 2018, 7:35 AM ]

Do you stay up at night wondering whether your insurance will cover a wire fraud scam?  

According to a 2015 cyber and privacy insurance survey by The Betterley Report, out of 31 leading cyber insurance providers, only eight cover fraudulent wire transfer. Of those eight insurers, “a lot have further restrictions if the insured is involved in the wire fraud,” says Garrett Droege, executive director of TechAssure, an international association of technology-related risk insurance experts.[1]  

Under traditional commercial crime policies, courts draw a distinction between losses where a thief hacks the insured’s computer systems, and losses where the insured voluntarily transfers funds. Courts have found  that losses from voluntary transfer of funds, including social engineering losses, are generally not covered because they arise from an authorized transfer of funds. In addition, many commercial crime policies contain a “voluntary parting” exclusion on which the carriers will seek to rely in order to argue that coverage for these types of losses is precluded.

When negotiating your coverage you should aim for breadth and flexibility with respect to such coverage and remember that, while email is likely to be involved, it is unlikely to be the singular cause of loss. 

The language matters:  Four recent lawsuits by companies seeking coverage under similar crime policies provide useful insight to businesses looking to recover money lost to social engineering scams and other types of fraudulent transfers. In each case, employees were tricked into wiring money to cybercriminals who used fraudulent emails to impersonate legitimate vendors, clients or company executives.  Although the facts in these cases were similar, the court in each relied more on specific language of the policy to reach opposite decisions.  These four recent cases emphasize the importance of having the right language in your insurance policy for the type of frauds you are most likely to experience. 

Two recent victories for policyholders:  In perhaps the most relevant case for the type of wire fraud scam we have seen in the real estate industry, the court in Principle Solutions Group LLC v. Ironshore Indemnity Inc.[2]  granted summary judgment in favor of the policyholder, finding the language of the crime policy’s “computer and funds transfer fraud” provision is ambiguous and must therefore be interpreted in the policyholder’s favor. The fact that there were multiple steps between the initial email and the transfer does not free the insurer from its coverage obligations. 

In Medidata Solutions Inc. v. Federal Insurance Co,[3] it was found that the computer fraud provision in the crime policy covered losses that resulted from the “fraudulent entry” or changing of data in the policyholder’s computer system.  The policy at issue defined “computer system” broadly to include “communication facilities…utilized by” the insured and “data” as including any “representation of information.” Those definitions proved pivotal in the court’s decision.  Had the crime policy defined the terms more narrowly—for example, to cover only systems “owned and operated by” the company, as many policies do—the policyholder would have been out of luck.

Two Insurer Friendly Decisions:  In American Tooling Center Inc. v. Travelers Casualty and Surety Co. of America and Apache Corp. v. Great American Insurance Co, the respective courts determined that the fraudulent emails did not cause the wire transfers, people did by failing in their processes and scrutiny. Insurers commonly argue that fraudulently-induced losses are not covered because the purported “loss” was “authorized,” either because the policy excludes coverage for “authorized” transfers or only covers “unauthorized” transfers.

The computer fraud provision in Apache’s commercial crime policy extended coverage for losses “resulting directly from the use of any computer to fraudulently cause a transfer.”  The panel emphasized that the fraudulent email was just one step in an intricate scheme that ultimately led Apache employees to authorize legitimate transfers, albeit to a bogus account.[4]

Similarly, American Tooling’s crime policy extended coverage to any “direct loss” that was “directly caused by” the use of a computer.  Again,  the company took several steps between when it received the fraudster’s emails and when it wired the funds.[5]

Will you be covered?

Some Carriers are Now Offering Social Engineering Fraud Coverage on a Limited Basis.  The endorsements are designed to provide coverage when an employee is intentionally misled by electronic or written instructions from a person purporting to be a company executive or employee, vendor, client, or customer, to transfer money or property. These endorsements are often called “social engineering fraud” endorsements or “payment instruction fraud” endorsements. Some carriers will require companies seeking this type of coverage to complete a supplemental application or provide other underwriting information.



[1] The Betterely Report; http://betterley.com/samples/cpims15_nt.pdf

[2] The district court case is Principle Solutions Group LLC v. Ironshore Indemnity Inc., case number 1:15-cv-04130, in the U.S. District Court for the Northern District of Georgia, Atlanta Division. The appellate court case is Principle Solutions Group LLC v. Ironshore Indemnity Inc., case number 17-11703, in the U.S. Court of Appeals for the Eleventh Circuit.

[3] The district court case is Medidata Solutions Inc. v. Federal Insurance Co., case number 1:15-cv-00907, in the U.S. District Court for the Southern District of New York. The appellate court case is Medidata Solutions Inc. v. Federal Insurance Co., case number 17-2492, in the U.S. Court of Appeals for the Second Circuit.

[4] The case is Apache Corp. v. Great American Insurance Co., case number 15-20499, in the U.S. Court of Appeals for the Fifth Circuit.

[5] The district court case is American Tooling Center Inc. v. Travelers Casualty and Surety Co. of America, case number 5:16-cv-12108, in the U.S. District Court for the Eastern District of Michigan. The appellate court case is American Tooling Center Inc. v. Travelers Casualty and Surety Co. of America, case number 17-2014, in the U.S. Court of Appeals for the Sixth Circuit.

Comments