Cyber Insurance Pitfalls in Wire Transfer Fraud Coverage
Cyber Insurance Pitfalls in Wire Transfer Fraud Coverage
Wire transfer fraud is on the rise and has become a grave concern for businesses involved in large transactions. Firms that serve as fiduciaries for their investor’s money, such as investment firms, attorneys, and real estate developers, are especially vulnerable to this crime, given the potential for financial loss, legal liability, and reputational damage. Cyber insurance has emerged as a protective measure against wire fraud. However, not all insurance contracts are created equal and may leave your financial safety net looking more like Swiss cheese. Below, we highlight the potential pitfalls in wire fraud coverage and how organizations can safeguard themselves.
Understanding Wire Transfer Fraud
Wire fraud typically involves fraudulent instructions delivered through social engineering techniques such as phishing. More sophisticated efforts may involve a breach of an organization’s network or communication system. In 2022, cybercriminals stole approximately $2.7 billion by compromising business email accounts and performing fund transfers, according to an FBI report.
Examples of wire fraud coverage gaps:
1. Custodial or escrow accounts aren’t covered: an associate for an investment manager receives an email request from an investor to wire money to their account. After the associate confirms the request with a phone call, they receive a follow up email with new wire instructions. Previously, a hacker had gained access to the investment manager’s network, monitored their email activity, and upon discovery of the investor’s request they sent fraudulent account information. The associate initiates the wire as instructed from their fund to the criminal’s
account.
– Wire transfer losses from managed and escrow accounts may not be covered. Wire fraud coverage on a cyber policy is typically considered First-Party coverage, meaning it insures against losses to your organization’s money, not losses to property owned by others. If you’re a fund manager or real estate developer wiring investor’s money, for example, then your policy will not respond unless customers’ accounts are specifically covered.
2. “Deep Fake” impersonation: an assistant receives a phone call from her CEO, who instructs her to wire money to a vendor. Unbeknownst to the assistant, a cyber-criminal made the call using“deep fake” audio to mimic the CEO. By the time the ruse is discovered, the firm cannot recover
the wired money.
– Telecommunications fraud may be excluded. While wire fraud covers fraudulent instruction through electronic means such as email, coverage may exclude instruction by
phone, video, or fax.
3. Fake invoicing: a management consultant follows up with a client for an unpaid bill only to learn payment was made weeks earlier to another account. Forensics confirms a cybercriminal had gained access to the consultant’s network and monitored their billing. Upon discovery of the invoice the hacker had altered the billing instructions to the client. The client refuses to repay the invoice and the consultant has no recourse since the loss stemmed from an attack on their system.
– Not all cyber policies cover Invoice Manipulation. Cyber insurance typically defines coverage based on who gets duped and most cyber crime covers situations where you, the insured, are duped. In this situation, however, your client is the one tricked into transferring money to the wrong account. If the consultant did not have “Invoice Manipulation” on their cyber policy, then this loss would not be covered.
4. Insufficient Cyber Crime coverage limits: due to the dramatic rise in cyber crime related claims, insurance companies are now using sub-limits to limit their losses. For example, your firm may have a $5,000,000 cyber policy that only covers $100,000 for wire fraud and invoice manipulation losses! The maximum cyber crime sub-limit allowed by insurers is typically $250,000.
– What can you do? First, you should be aware of your policy’s sub-limits. Second, you should max out these sub-limits and if more coverage is needed, you can purchase a Crime policy that includes cyber crime coverage as well. There are many benefits to having a separate Crime policy, and stacking cyber crime coverage is one of them.
The Solution
Cyber insurance serves as an effective safeguard by providing time-critical resources at the time of an attack and indemnifying you for your losses. To avoid pitfalls in coverage, however, you’ll need to work with an experienced insurance broker who has access to competitive carriers and understands how cyber insurance protects your firm from theft and liability stemming from a fraudulent transfer. A good broker may also recommend a crime or professional liability policy to provide additional layers of protection.
