No Coverage for Fraudulent Withdrawal of Electronic Funds

In Metro Brokers, Inc. v. Transp. Ins. Co., 2015 U.S. App. LEXIS 3473 (11th Cir. Ga. Mar. 5, 2015) an all risk policy was held to not provide coverage to an insured real estate brokerage company for online fraudulent withdrawals from the company’s bank account.

On December 10, 2011, thieves logged into the insured’s online banking system and authorized payments totaling over $188,000 from the insured’s escrow account to several other bank accounts. They had used a virus known as “Zeus” to gain access to an employee’s ID and password and hack into the system.

Coverage was denied for two reasons. Firstly, because losses caused by electronic transfers were not covered under the fraud and alteration endorsement in the policy, and secondly, based on the malicious-code system-penetration exclusions in the policy which included, among other things, computer viruses.

The Eleventh Circuit, applying Georgia law, upheld the lower court’s summary judgment in favor of the insurer. The court held that the policy provision which provided for coverage for losses “resulting directly from ‘forgery’ or alteration of, on, or in any check, draft, promissory note, bill of exchange, or similar written promise, order or direction to pay a sum certain….” did not apply because electronic transfers of money are distinguishable from fund transfers made by check, draft, or bill of exchange.

The court also held that the insured was incorrect in their argument that the malicious-code system-penetration exclusions did not apply. The assured had argued that the computer virus did not cause the loss because of the thieves’ intervening conduct and therefore the exclusions should not apply. The court noted that the exclusions apply to losses “caused directly or indirectly” by malicious code “regardless of any other cause or event which contributes concurrently or in any sequence to the loss”. Therefore, the transfers at issue the exclusions apply to preclude coverage under the policy.

The District Court did not err in granting summary judgment to the insurers.

Leave a Reply

Next ArticleNAIC Seeks Comment on Proposed Principles for Effective Cybersecurity Insurance Regulatory Guidance