Category Archives: Direct Loss

American Tooling Center: U.S. District Court finds no Coverage for Social Engineering Fraud Loss under Crime Policy’s Computer Fraud Insuring Agreement

By David S. Wilson, Chris McKibbin and Stuart M. Woody

On August 1, 2017, the U.S. District Court for the Eastern District of Michigan released its decision in American Tooling Center, Inc. v. Travelers Casualty and Surety Company of America. The Court held that a vendor impersonation fraud loss did not fall within the terms of a crime policy’s computer fraud coverage. In coming to this conclusion, the Court found there was no direct causal link between the receipt of fraudulent emails by an insured requesting payment to the fraudster’s bank account, and the insured’s authorized transfer of funds to that bank account.

The Facts

American Tooling Center (“ATC”) is a tool and die manufacturer that outsources some of its work to third-party vendors. One of its legitimate third-party vendors is Shanghai YiFeng Automotive Die Manufacture Co., Ltd. (“YiFeng”). ATC typically sends payment to YiFeng at the completion of various production milestones.

ATC fell victim to a vendor impersonation fraud, which is one of the most common forms of social engineering fraud. On March 18, 2015, ATC’s Vice-President and Treasurer received an email purportedly sent by YiFeng requesting payment to a new bank account. The email in question was sent from the domain name “@yifeng-rnould.com”, which resembled the legitimate domain name “@yifeng-mould.com”. ATC’s Vice-President and Treasurer verified that the applicable production milestones were satisfied, but did not verify the new banking information before wiring approximately $800,000 to the new bank account. When it came to light that YiFeng had never been paid the amounts it was owed, ATC submitted a claim to Travelers.

The Computer Fraud Coverage

ATC’s policy with Travelers provided coverage for:

… the Insured’s direct loss of, or direct loss from damage to, Money, Securities and Other Property directly caused by Computer Fraud.

The Travelers policy defined “Computer Fraud” as:

The use of any computer to fraudulently cause a transfer of Money, Securities or Other Property from inside the Premises or Financial Institution Premises:

1. to a person (other than a Messenger) outside the Premises or Financial Institution Premises; or

2. to a place outside the Premises or Financial Institution Premises.

Travelers took the view that, given the intervening events between the receipt of the fraudulent emails and the authorized transfer of funds, ATC had not suffered a direct loss directly caused by the use of any computer.

The Court agreed, observing that:

the fraudulent emails did not “directly” or immediately cause the transfer of funds from ATC’s bank account. Rather, intervening events between ATC’s receipt of the fraudulent emails and the transfer of funds (ATC verified production milestones, authorized the transfer, and initiated the transfer without verifying bank account information) preclude a finding of “direct” loss “directly caused” by the use of any computer.

The Court relied upon the Fifth Circuit’s recent Apache decision (see our October 24, 2016 post), making specific reference to that court’s observation that:

To interpret the computer-fraud provision as reaching any fraudulent scheme in which an email communication was part of the process would … convert the computer-fraud provision to one for general fraud.

The Court then considered other recent computer fraud decisions, such as Pestmaster (see our August 4, 2016 post) and InComm (see our March 22, 2017 post). Applying the principles from these decisions to the case at bar, the Court concluded:

Although fraudulent emails were used to impersonate a vendor and dupe ATC into making a transfer of funds, such emails do not constitute the “use of any computer to fraudulently cause a transfer.” There was no infiltration or “hacking” of ATC’s computer system. The emails themselves did not directly cause the transfer of funds; rather, ATC authorized the transfer based upon the information received in the emails. The Ninth Circuit [in Pestmaster] has interpreted the phrase “fraudulently cause a transfer” to “require the unauthorized transfer of funds.”[:] “Because computers are used in almost every business transaction, reading this provision to cover all transfers that involve both a computer and fraud at some point in the transaction would convert this Crime Policy into a ‘General Fraud’ Policy.” See also Incomm … (noting that “courts repeatedly have denied coverage under similar computer fraud provisions, except in cases of hacking where a computer is used to cause another computer to make an unauthorized, direct transfer of property or money”). [emphasis added]

The Court granted summary judgment in favour of Travelers.

Conclusion

 American Tooling Center represents another decision in a growing line of jurisprudence which holds that there is no coverage for vendor impersonation and other social engineering fraud losses under traditional commercial crime coverages. The insurance industry has responded by introducing social engineering fraud-specific coverage, which allows insureds to obtain coverage for certain types of losses that fall outside the coverage provided under traditional policy wordings.

Given the increasing frequency of vendor impersonation and other social engineering fraud losses, insureds would be well-advised to consult with their brokers and insurers about the risks that social engineering fraud poses to their business, and the availability of social engineering fraud-specific coverage.

American Tooling Center, Inc. v. Travelers Casualty & Surety Company of America, 2017 WL 3263356 (E.D. Mich.)

Advertisements

Leave a comment

Filed under Computer Fraud, Direct Loss, Social Engineering Fraud

Taylor & Lieberman: Ninth Circuit finds No Coverage under Crime Policy for Client Funds lost in Social Engineering Fraud

By David S. Wilson and Chris McKibbin

In the recent decision of Taylor & Lieberman v. Federal Insurance Company, the Ninth Circuit Court of Appeals affirmed a decision of the U.S. District Court for the Central District of California holding that a business management firm did not have coverage in respect of client funds which it was fraudulently induced to wire overseas.

While the District Court had held that the insured had failed to establish that it had sustained any “direct” loss at all (see our July 14, 2015 post), the Ninth Circuit affirmed the result on other grounds, holding that the insured had also failed to establish that the loss came within the substantive requirements of any of the Forgery, Computer Fraud or Funds Transfer Fraud insuring agreements.

The Facts

Taylor & Lieberman (“T&L”) was an accounting firm which also performed business management and account oversight services for various clients, including the client in issue. Clients’ funds were held in separate bank accounts maintained with City National Bank. Clients granted Powers of Attorney over their accounts to a designated individual at T&L, permitting transactions to be made in the accounts.

A fraudster obtained access to the client’s email account and sent two emails from that account to a T&L employee, as follows:

  • The first email directed the employee to wire $94,280 to an account in Malaysia. The employee did so, and then sent a confirming email to the client’s email account.
  • The next day, the employee received another email from the client’s account directing her to wire $98,485 to an account in Singapore. The employee again complied, and again sent a confirming email to the client’s email account.

The employee then received a third email, purportedly from the client, but sent from a different email address. The employee contacted the client by phone, and discovered that all three emails were fraudulent. T&L was able to recover some of the funds, but had to reimburse its client and incurred a net loss of nearly $100,000.

T&L submitted a claim under each of its Forgery Coverage, its Computer Fraud Coverage and its Funds Transfer Fraud Coverage. The District Court held that each of these coverages required “direct loss sustained by an Insured” and that, as a matter of law, no direct loss had been sustained.

On appeal, the Ninth Circuit did not disturb the finding with respect to direct loss, but affirmed the result on the basis that T&L had failed to establish that the loss came within the scope of any of the insuring agreements.

The Forgery Coverage

The Ninth Circuit quickly dismissed T&L’s contention that this insuring agreement’s requirement of a “Forgery or alteration of a financial instrument” did not require proof of a “Forgery” of a financial instrument, because the insuring agreement required only proof of an alteration of a financial instrument or a free-standing “Forgery” of any document, of any type. The Court held that the insuring agreement plainly required either a “Forgery” or an alteration of a financial instrument.

More substantively, the Court rejected T&L’s contention that the emails to T&L were financial instruments:

Here, the emails instructing T&L to wire money were not financial instruments, like checks, drafts, or the like. See Vons Cos., Inc. v. Fed. Ins. Co. … (C.D. Cal. 1998) (holding that wire instructions, invoices, and purchase orders were not “documents of the same type and effect as checks and drafts.”). And even if the emails were considered equivalent to checks or drafts, they were not “made, drawn by, or drawn upon” T&L, the insured. Rather, they simply directed T&L to wire money from T&L’s client’s account. In sum, there is no forgery coverage.

The Computer Fraud Coverage

The Computer Fraud insuring agreement required T&L to demonstrate “an unauthorized (1) “entry into” its computer system, and (2) “introduction of instructions” that “propogate[d] themselves” through its computer system.” The Court held that the sending of an email, without more, did not constitute an unauthorized entry into T&L’s computer system. Further, the emails were not an unauthorized introduction of instructions that propagated themselves through T&L’s computer system:

The emails instructed T&L to effectuate certain wire transfers. However, under a common sense reading of the policy, these are not the type of instructions that the policy was designed to cover, like the introduction of malicious computer code. … Additionally, the instructions did not, as in the case of a virus, propagate themselves throughout T&L’s computer system; rather, they were simply part of the text of three emails.

The Funds Transfer Fraud Coverage

The Funds Transfer Fraud insuring agreement indemnified against:

fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions issued to a financial institution directing such institution to transfer, pay or deliver Money or Securities from any account maintained by an Insured Organization at such Institution, without an Insured Organization’s knowledge or consent.

The Court held that the requirements of the insuring agreement were not met:

This coverage is inapplicable because T&L requested and knew about the wire transfers. After receiving the fraudulent emails, T&L directed its client’s bank to wire the funds. T&L then sent emails confirming the transfers to its client’s email address. Although T&L did not know that the emailed instructions were fraudulent, it did know about the wire transfers.

Moreover, T&L’s receipt of the emails from its client’s account does not trigger coverage because T&L is not a financial institution.

As a result, there was no coverage available under the Federal policy.

Conclusion

Following the Fifth Circuit’s decision in Apache (see our October 24, 2016 post), the Ninth Circuit’s decision in Taylor & Lieberman provides another example of a clear trend on the part of the courts to refuse to find coverage for social engineering fraud losses under the “traditional” crime policy coverages (typically, computer fraud and funds transfer fraud coverages, but occasionally, as here, other coverages as well). The proliferation of social engineering frauds has created a new exposure for insureds, and fidelity insurers have responded by creating discrete social engineering fraud coverages. Like Apache, Taylor & Lieberman serves as a cautionary tale to businesses (and to their brokers) of how a business may be exposed to an uninsured loss in the event that it does not maintain such coverage.

Taylor & Lieberman v. Federal Insurance Company, 2017 WL 929211 (9th Cir.)

Leave a comment

Filed under Computer Fraud, Direct Loss, Forgery, Funds Transfer Fraud, Social Engineering Fraud

InComm: U.S. District Court holds that Computer Fraud Coverage does not respond in Prepaid Debit Card Scheme

By David S. Wilson, John Tomaine and Chris McKibbin

On March 16, 2017, the U.S. District Court for the Northern District of Georgia released its decision in InComm Holdings, Inc. v. Great American Insurance Company. The Court held that Great American’s computer fraud coverage did not respond where holders of prepaid debit cards used multiple simultaneous telephone calls to exploit a coding error in the insured’s computer system, thereby fraudulently increasing the balances on the cards. The Court also applied the recent appellate decisions in Apache (see our October 24, 2016 post) and Pestmaster (see our August 4, 2016 post) in holding that the loss scenario did not meet the direct loss requirement in the computer fraud insuring agreement.

The Facts

InComm was a debit card processor. Individuals could purchase prepaid debit cards issued by banks and then utilize InComm’s system to load funds onto those cards. InComm’s processing system consisted of an Interactive Voice Response (IVR) system and an Application Processing System (APS). The IVR system permitted cardholders, using telephone voice commands or touchtone codes, to load credit onto their cards. The APS provided transaction processing in respect of transaction instructions received through the IVR system. After the APS carried out the requested instruction, it would communicate the result to the IVR system, which would then report the result to the cardholder.

To add value to a card, a cardholder could purchase a chit from a retailer, which would then relay the funds to InComm by transferring them to an account maintained by InComm with Wells Fargo. To redeem the chit, the cardholder would call the IVR system and provide the unique PIN printed on the chit. The IVR system would then relay the information to the APS, which would verify the data and then add the value of the chit to the card.

After a chit is redeemed, InComm transfers the equivalent amount of funds to the bank that issued the card. The funds are then maintained by the issuing bank for the benefit of the cardholder until the cardholder makes a purchase, at which point the issuing bank remits funds to the vendor. InComm is not involved in payments by banks to vendors.

InComm contracted with Bancorp to serve as program manager for cards issued by Bancorp. When a Bancorp cardholder redeemed a chit, InComm would transfer the equivalent dollar amount from its Wells Fargo account to a special settlement account held at Bancorp in Bancorp’s name. The InComm-Bancorp contract provided that “[Bancorp] shall hold all Cardholder Balances in a fiduciary or custodial manner on behalf of [InComm] as holder[ ] of the Cardholder Balances for the benefit of Cardholders” and that “all Cardholder Balances shall be held in trust for the benefit of the Cardholders”.

For a period of several months in 2013 and 2014, there was a coding error in the IVR system which permitted a chit to be redeemed multiple times. Cardholders could exploit the coding error by making multiple simultaneous telephone calls to the IVR system, redeeming their chit multiple times, and obtaining multiples of the value of the chits, which were then used by the cardholders to make purchases. As a result of the misuse of the IVR system, InComm wired $10,769,039 to Bancorp in connection with these fraudulent transactions. Bancorp transmitted most of these funds to vendors, but currently retains $1,880,769 of the wrongfully-redeemed funds in its trust account.

The Computer Fraud Coverage

InComm submitted a claim under its computer fraud coverage, which provided that Great American would:

… pay for loss of, and loss from damage to, money, securities and other property resulting directly from the use of any computer to fraudulently cause a transfer of that property from inside the premises or banking premises:

a. to a person (other than a messenger) outside those premises; or

b. to a place outside those premises.

Great American reasoned that the cardholders had not engaged in computer fraud within the meaning of the policy, as they had utilized telephones, not computers, to make the calls. Great American also took the view that any loss to InComm was not a loss “resulting directly” from computer fraud. The Court accepted Great American’s position on both issues.

Relying on the Ninth Circuit’s recent Pestmaster decision, the Court held that the cardholders’ telephone usage could not be construed as the “use” of a computer, notwithstanding that their telephones were ultimately communicating with a computer system:

Use” also is not defined in the Policy. The word commonly is defined as to “take, hold, or deploy (something) as a means of accomplishing or achieving something; … A person thus “uses” a computer where he takes, holds or employs it to accomplish something. That a computer was somehow involved in a loss does not establish that the wrongdoer “used” a computer to cause the loss. To hold so would unreasonably expand the scope of the Computer Fraud Provision, which limits coverage to “computer fraud.” Cf. Pestmaster … (“Because computers are used in almost every business transaction, reading [a computer fraud insurance policy] provision to cover all transfers that involve both a computer and fraud at some point in the transaction would convert this Crime Policy into a ‘General Fraud’ Policy.”). It also would violate the Court’s obligation to read the Policy “as a layman would read it and not as it might be analyzed by an insurance expert or an attorney.” … Lawyerly arguments for expanding coverage to include losses involving a computer engaged at any point in the causal chain — between the perpetrators’ conduct and the loss — unreasonably strain the ordinary understanding of “computer fraud” and “use of a[ ] computer”. …

 The Policy does not cover InComm’s losses resulting from the unauthorized redemptions, because the cardholders used telephones, not computers, to perpetrate their scheme. [emphasis added]

Direct Loss

The Court also held that InComm had not established that it had sustained a loss “resulting directly” from the cardholders’ conduct. The Court observed that, under the terms of InComm’s contract with Bancorp, InComm retained an interest, as trustee, in the funds so long as they continued to be held by Bancorp. Consequently, a transfer from InComm’s Wells Fargo account to Bancorp was not itself a loss. The earliest that a loss could occur was when funds were paid out by Bancorp to vendors to settle the cardholders’ expenditure of the fraudulently-redeemed chits.

The Court continued:

This conclusion is underscored by the fact that funds wired to Bancorp, as a result of the fraudulent chit redemptions, are still in the Bancorp Account almost three years after the chits were wrongfully redeemed. That is, these funds have not been lost. InComm’s loss thus did not result “directly” from the fraudulent redemptions, because it occurred only after InComm wired money to Bancorp, after the cardholder used his card to pay for a transaction, and after Bancorp paid the seller for the cardholder’s transaction. … The losses here did not occur when funds were sent to Bancorp’s premises. They occurred when funds were sent, by Bancorp, to the premises or accounts of merchants from which cardholders purchased goods or services. [emphasis added]

The Court also observed that, even if the loss had occurred earlier in the process (i.e., when the funds left Wells Fargo), the loss still did not result directly from the chit redemptions. Great American pointed out that those fraudulent redemptions did not automatically transfer funds to issuers like Bancorp. A redemption did not reduce the available assets in InComm’s hands; instead, a redemption only triggered InComm’s contractual obligation to an issuer to fund the redemption.

The Court agreed. Relying on Pestmaster and Apache, the Court held that:

… InComm’s loss resulted directly — that is, immediately — from InComm’s decision to wire the funds to Bancorp, not from the cardholders’ redemptions. Apache, and the cases it discusses, warn that to find coverage based on the use of a computer, without a specific and immediate connection to a transfer, would effectively convert a computer fraud provision into a general fraud provision. … To accept InComm’s argument that the cardholders’ fraudulent redemptions resulted directly in the transfer of funds from InComm to Bancorp — where InComm itself chose to make the transfer — would violate the admonition in Apache and the other cases addressing computer fraud coverage.

The computer fraud insuring agreement in InComm’s policy is identical to the one at issue in Apache. Apache involved a social engineering fraud where someone impersonating a representative of Apache’s vendor sent “new” bank information to Apache via email, resulting in invoice payments being misdirected. In that case, the Fifth Circuit pointedly used language to lay the loss at the feet of the insured:

Doubtless, had the confirmation call been properly directed, or had Apache performed a more thorough investigation, it would never have changed the vendor-payment account information. Moreover, Apache changed the account information, and the transfers of money to the fraudulent account were initiated by Apache to pay legitimate invoices … Arguably, Apache invited the computer-use at issue, through which it now seeks shelter under its policy, even though the computer-use was but one step in Apache’s multi-step, but flawed, process that ended in its making required and authorized, very large invoice-payments, but to a fraudulent bank account.  

Similarly, the Court in InComm noted that:

InComm chose to wire funds to Bancorp because it was contractually required to do so and because, despite any reconciliation or verification process it had in place, it believed the redemptions were legitimate.

Then, borrowing language from Apache, the Court stated:

As in Apache, “the authorized transfer was made to the [Bancorp] account only because, after receiving [notice of the duplicate chit redemptions], [InComm] failed to investigate accurately new, but fraudulent, information provided to it.” [emphasis added].

Not only did the Apache and InComm courts refuse to find an “immediate” relationship between the alleged conduct and the claimed losses, they each observed that investigatory lapses on the part of the insureds could be considered intervening and superseding causes of their losses.

Conclusion

Although it arises from a rather complicated set of facts and legal relationships, InComm provides helpful general guidance on both the “use of a computer” and the “direct loss” requirements found in computer fraud insuring agreements.

The courts in Apache and Pestmaster recognized that computers are involved in virtually every business transaction, and that interpreting computer fraud coverage to cover every loss that involves both a computer and fraud at some point in the transaction would turn such coverage into a “general fraud policy”. The Court in InComm built on this insight by interpreting “the use of any computer to fraudulently cause a transfer” to require the fraudster’s use of a computer, not the use of a telephone to interact with the insured’s computer.

Further, the Court implicitly applied a “direct means direct” causation approach in finding that the loss was not one resulting directly from the cardholders’ conduct. This is underscored by the Court’s requiring a “specific and immediate connection” between the conduct and the loss, which could not be established, given the intervening steps which occurred here.

[Editors’ Note: Our guest co-author, John Tomaine, is the owner of John J. Tomaine LLC, a fidelity insurance and civil mediation consultancy in New Jersey.  After over thirty-one years with the Chubb Group of Insurance Companies, he retired as a Vice President in 2009.  He is an attorney admitted in Connecticut and New Jersey, and holds a Master’s Degree in Diplomacy and International Relations.  He is available to serve as an expert witness in fidelity claim litigation and to consult on fidelity claim and underwriting matters.]

InComm Holdings, Inc. v. Great American Insurance Company, 2017 WL 1021749 (N.D. Ga.)

Leave a comment

Filed under Computer Fraud, Direct Loss

Hantz Financial Services: U.S. District Court applies “Direct Means Direct” Approach in Finding No Coverage for Third-Party Losses under Financial Institution Bond

By David S. Wilson and Chris McKibbin

In Hantz Financial Services, Inc. v. National Union Fire Insurance Company of Pittsburgh, PA., the U.S. District Court for the Eastern District of Michigan held that a Financial Institution Bond did not provide coverage to a financial services firm in respect of frauds perpetrated by an employee upon the firm’s clients. The decision is notable in that the Court applied the “direct means direct” approach to loss causation under the Bond. The Court also made some interesting comments with respect to the manifest intent requirement for coverage, and whether a defaulter can manifestly intend a loss to the insured in a third-party loss scenario.

The Facts

Hantz Financial Services, Inc. (“Hantz”) employee Michael Laursen stole more than $2.6 million which Hantz’s clients had provided to him to invest and/or to purchase insurance on their behalves. Initially, Laursen deposited cheques written by clients directly into his personal bank account. Some cheques were written to Laursen directly, while others were made payable to “Hantz Financial Services”, “HFS”, “Hantz” or “Hantz Consulting”. At one point during the course of the fraud, Laursen opened a bank account in the name of “Henary Firearms Service” and directed his clients to write cheques payable to “HFS”, which he then deposited into that account. The fraud came to light in March 2008. In all, 23 clients were affected by Laursen’s fraud.

The Employee Dishonesty Coverage

Hantz submitted a claim to National Union under its Financial Institution Bond. The Bond covered Hantz for:

Loss resulting directly from dishonest or fraudulent acts committed by an Employee with the manifest intent: (a) to cause the insured to sustain such loss. …

The Bond also excluded “Indirect or consequential loss of any nature.”

National Union determined that there was no coverage under the Bond because Laursen stole money from Hantz’s clients, not from Hantz directly. Accordingly, Hantz’s liability was indirect, arising only by virtue of clients’ subsequent claims against it.

Direct Loss Requirement

Hantz commenced an action on the Bond, and also sought coverage from its E&O insurer in the same litigation. The Bond claim proceeded to cross-motions for summary judgment on the issue of whether there had been a direct loss to Hantz.

In seeking a determination of no coverage under the Bond, National Union relied on the Sixth Circuit’s 2012 decision in Tooling, Manufacturing & Technologies Association, in which the Court adopted the “direct means direct” approach to causation, which requires that the loss follow immediately in time and place from the defaulter’s conduct, rather than merely being the proximate result thereof. The Court agreed with National Union, holding that:

This Court is bound by the holding in Tooling. Thus, if Hantz’s losses followed “immediate[ly]” from Laursen’s conduct, there would be coverage under the Bond. Hantz’s characterization of its losses requires the opposite conclusion. As will be discussed further below, Hantz, in seeking coverage under the E & O Policy, argues that its losses derive from third-party claims for negligent supervision. So Hantz acknowledges that the money belonged to its clients, and Hantz’s own losses resulted from having to reimburse those clients for Laursen’s misappropriation, not from Laursen taking Hantz’s money. Thus, if the Court were to find that Hantz’s losses were covered by the Bond, it would be finding that an employee fidelity bond covers third-party losses. But Tooling’s “direct is direct” approach precludes such a finding.

Hantz contended that Tooling was distinguishable because it involved loss sustained by a subsidiary, whereas Laursen had stolen cheques directed to HFS itself. The Court rejected this contention, holding that:

Even if, absent Laursen’s theft, the money would have passed through Hantz’s hands, there is no question that the money belonged to Hantz’s clients. This is demonstrated by Hantz’s decision “to offer each claimant a dollar-for-dollar return of their principal investment stolen by Mr. Laursen.” … And this conclusion is bolstered by the Bond’s requirement that the employee have “the manifest intent: (a) to cause the insured to sustain such loss.” … Laursen surely intended to cause his clients to lose the money he stole, but no reasonable jury could find that he manifestly intended that Hantz reimburse the clients and thereby sustain a loss. The Court agrees with National Union that the money Hantz paid its clients to reimburse them for Laursen’s theft is not a covered loss under the Bond. [emphasis added]

The Court concluded that, as a matter of law, Hantz’s losses were indirect and therefore not covered by the Bond.

Conclusion

Hantz is significant for two reasons. First, it is a further example of recent fidelity decisions in which U.S. courts have affirmed that the “direct means direct” approach is the proper approach to causation under fidelity bonds carrying a direct loss requirement, as opposed to the proximate cause approach adopted in a minority of jurisdictions. The recent Taylor & Lieberman decision (which we discussed in our July 14 post) is to similar effect.

Second, the Court made a rather striking statement in observing that, in the circumstances alleged by Hantz, no reasonable jury could find that Laursen manifestly intended that Hantz reimburse the clients and thereby sustain a loss. This is significant, insofar as it is sometimes argued that such intent might be inferred where a defaulter has stolen money from his clients in circumstances in which it was likely that his employer would eventually be found vicariously liable to those clients. While the Court’s observations with respect to manifest intent might be characterized as obiter dicta, the Court’s statement may nonetheless be helpful to fidelity insurers in rebutting manifest intent arguments advanced in support of establishing coverage for third-party losses.

Hantz Financial Services, Inc. v. National Union Fire Insurance Company of Pittsburgh, PA., 2015 WL 5460632 (E.D. Mich.)

Leave a comment

Filed under Direct Loss, Manifest Intent

Taylor & Lieberman: U.S. District Court applies “Direct means Direct” Causation Requirement in finding No Coverage for Client Funds lost in Wire Transfer Fraud

By David S. Wilson and Chris McKibbin

In Taylor & Lieberman v. Federal Insurance Company, the U.S. District Court for the Central District of California applied the “direct means direct” approach to causation in holding that a business management firm did not have coverage in respect of client funds which it was fraudulently induced to wire overseas.

The Facts

Taylor & Lieberman (“T&L”) was an accounting firm which also performed business management and account oversight services for various clients, including the client in issue. Clients’ funds were held in separate bank accounts maintained with City National Bank. Clients granted Powers of Attorney over their accounts to a designated individual at T&L, permitting transactions to be made in the accounts.

A fraudster obtained access to the client’s email account and sent two emails from that account to a T&L employee:

  • The first email directed the employee to wire $94,280 to an account in Malaysia. The employee did so, and then sent a confirming email to the client’s email account.
  • The next day, the employee received another email from the client’s account directing her to wire $98,485 to an account in Singapore. The employee again complied, and again sent a confirming email to the client’s email account.

The employee then received a third email, purportedly from the client, but sent from a different email address. The employee contacted the client by phone, and discovered that all three emails were fraudulent. T&L was able to recover some of the funds, but had to reimburse its client and incurred a net loss of nearly $100,000.

Direct Loss Requirement

T&L submitted a claim under each of its Forgery Coverage; its Computer Fraud Coverage; and its Funds Transfer Coverage. The Court noted that each of these coverages required “direct loss sustained by an Insured” and held that, as a matter of law, no direct loss had been sustained.

The Court observed that there are differing approaches with respect to the causation requirements found in fidelity policies, but noted that most courts have adopted the principle that “a loss is not direct unless it follows immediately and without intervening space, time, agency, or instrumentality” – more commonly known as the “direct means direct” approach.

The Court held that the client’s loss was a third-party loss. While T&L may have been liable to the client for the loss of the funds, the Federal coverage was first-party indemnity coverage only, and T&L had not suffered any direct loss of its own funds.  T&L asserted that its Power of Attorney over client funds effectively made it tantamount to a bailee or trustee of client funds (an argument which would bring the funds within the policy’s ownership condition, relied on in such decisions as Vons Companies) which, the argument ran, made the loss a direct loss. Federal’s response was that T&L was not a bailee or trustee of the funds, because the client’s funds were held not by T&L in its own account, but in a separate account in the client’s name.

The Court accepted Federal’s position. Relying on Vons Companies and on Pestmaster (which we discussed in our January 6 post), the Court held:

The Court finds Defendant’s reasoning more persuasive. If the funds had been held in an account owned or attributed to Plaintiff, such as an escrow account … and a hacker had entered into Plaintiff’s computer system and been able to withdraw funds such that Plaintiff’s accounts were immediately depleted, then Plaintiff would be correct in asserting coverage from the Policy.

Here, however, a series of far more remote circumstances occurred: Client gave Plaintiff power of attorney over Client’s money held in Client’s own account; a perpetrator of fraud motivated Plaintiff’s agent to use the power of attorney to transfer funds out of Client’s account; Plaintiff discovered this fraud and attempted to recover the funds; Client requested repayment of the lost funds and Plaintiff obliged; Plaintiff now requests Defendant indemnify it for the losses that were transferred from Client to Plaintiff. These are not the circumstances that dictated the results in Vons … and they are not the circumstances [which] appear to be within the contemplation of the Policy.

In view of these intervening steps, T&L could not establish a direct loss of the client funds. As a result, it was unnecessary for the Court to analyze the other requirements of the three coverages in issue.  Notably, the Court did not mention the Federal policy’s ownership condition in its analysis.

Discussion and Conclusion

Taylor & Lieberman is notable insofar as it reinforces the “direct means direct” approach to causation under fidelity policies, an approach which the majority of courts have embraced.  Given the number of intervening events between the fraud and the ultimate pecuniary loss to T&L, the loss was not one which followed “immediately and without intervening space, time, agency, or instrumentality” from the fraud.

In our view, it is interesting that the Court relied on ownership condition concepts (such as whether T&L could be considered to be the equivalent of a trustee or bailee of the client’s funds) in its direct loss analysis. The ownership condition arguably reinforces the circumscribing intent of the direct loss requirement, but the coverage requirement and the condition are analytically distinct; client funds which do not fall within the ownership condition constitute property which falls outside of the policy entirely. It is arguable that the ownership condition in the Federal policy constituted a second, independent basis for denying coverage in this case.

Taylor & Lieberman v. Federal Insurance Company, 2015 WL 3824130 (C.D. Cal.)

Leave a comment

Filed under Direct Loss