Wire transfer fraud is on the rise and has become a grave concern for businesses involved in large transactions. Firms who serve as fiduciaries for their investor’s money, such as investment firms, attorneys, and real estate developers, are especially vulnerable to this crime given the potential for financial loss, legal liability, and reputational damage. Cyber insurance has emerged as a protective measure against wire fraud, however, not all insurance contracts are created equal and may leave your financial safety net looking more like Swiss cheese. Below we highlight the potential pitfalls in wire fraud coverage and how organizations can safeguard themselves.

Understanding Wire Transfer Fraud

Wire fraud typically involves fraudulent instructions delivered through social engineering techniques such as phishing. More sophisticated efforts may involve a breach to an organization’s network or communication system.  In 2022, cybercriminals stole approximately $2.7 billion by compromising business email accounts and performing fund transfers, according to an FBI report.

Examples of wire fraud coverage gaps:

1. Custodial or escrow accounts aren’t covered: an associate for an investment manager receives an email request from an investor to wire money to their account. After the associate confirms the request with a phone call, they receive a follow up email with new wire instructions. Previously, a hacker had gained access to the investment manager’s network, monitored their email activity, and upon discovery of the investor’s request they sent fraudulent account information. The associate initiates the wire as instructed from their fund to the criminal’s account.
• Wire transfer losses from custodial and escrow accounts may not be covered. Wire fraud coverage on a cyber policy is typically considered First-Party coverage, meaning it insures against losses to your organization’s money, not losses to property owned by others. If you're a fund manager wiring investors' money, for example, then your policy will not respond unless customers’ accounts are specifically covered.

2. Exclusion for failing to properly authenticate a wire transfer: an investment advisor’s assistant receives an urgent email request from a “client” to wire money and provides a new phone number they can be reached. The assistant calls the number from the email, speaks to the “client” who confirms the request and then wires the funds.  Unfortunately, the request was sent by a criminal posing as the “client” who has just made off with their money. 
• Some policies exclude coverage for wire transfers that aren’t properly authenticated. If the wire fraud coverage contained this exclusion, then this claim would not be paid because the employee failed to authenticate the request with a phone number not provided in the fraudulent instruction. 

3. “Deep Fake” impersonation: an assistant receives a phone call from her CEO who instructs her to wire money to a vendor. Unbeknownst to the assistant, a cyber-criminal made the call using “deep fake” audio to mimic the CEO. By the time the ruse is discovered, the firm is unable to recover the wired money.
• Telecommunications fraud may be excluded. While wire fraud covers fraudulent instruction through electronic means such as email, coverage may exclude instruction by phone, video or fax.

4. Insufficient Cyber Crime coverage limits: due to the dramatic rise in cyber crime related claims, insurance companies are now using sub-limits to limit their losses. For example, your firm may have a $5,000,000 cyber policy that only covers $100,000 for wire fraud and invoice manipulation losses!  The maximum cyber crime sub-limit allowed by insurers is typically $250,000.
   • First, you should be aware of your policy’s sub-limits. Second, you can max out these sub-limits and if more coverage is needed, you may purchase a Crime policy that includes cyber crime coverage as well.  There are many benefits to having a separate Crime policy, and stacking cyber crime coverage is one of them.

The Solution

Cyber insurance serves as an effective safeguard by providing critical resources at the time of an attack and indemnifying you for your losses. To avoid pitfalls in coverage, however, you’ll need to work with an experienced insurance broker who has access to competitive carriers and understands how cyber insurance protects your firm from theft and liability stemming from a fraudulent transfer. A good broker may also recommend a crime or professional liability policy to provide additional layers of protection.

 

Mathew Kryder, MBA, CLTC

Insurance Advisor at Petschauer Insurance

Back to Blog