Category Archives: Funds Transfer Fraud

Taylor & Lieberman: Ninth Circuit finds No Coverage under Crime Policy for Client Funds lost in Social Engineering Fraud

By David S. Wilson and Chris McKibbin

In the recent decision of Taylor & Lieberman v. Federal Insurance Company, the Ninth Circuit Court of Appeals affirmed a decision of the U.S. District Court for the Central District of California holding that a business management firm did not have coverage in respect of client funds which it was fraudulently induced to wire overseas.

While the District Court had held that the insured had failed to establish that it had sustained any “direct” loss at all (see our July 14, 2015 post), the Ninth Circuit affirmed the result on other grounds, holding that the insured had also failed to establish that the loss came within the substantive requirements of any of the Forgery, Computer Fraud or Funds Transfer Fraud insuring agreements.

The Facts

Taylor & Lieberman (“T&L”) was an accounting firm which also performed business management and account oversight services for various clients, including the client in issue. Clients’ funds were held in separate bank accounts maintained with City National Bank. Clients granted Powers of Attorney over their accounts to a designated individual at T&L, permitting transactions to be made in the accounts.

A fraudster obtained access to the client’s email account and sent two emails from that account to a T&L employee, as follows:

  • The first email directed the employee to wire $94,280 to an account in Malaysia. The employee did so, and then sent a confirming email to the client’s email account.
  • The next day, the employee received another email from the client’s account directing her to wire $98,485 to an account in Singapore. The employee again complied, and again sent a confirming email to the client’s email account.

The employee then received a third email, purportedly from the client, but sent from a different email address. The employee contacted the client by phone, and discovered that all three emails were fraudulent. T&L was able to recover some of the funds, but had to reimburse its client and incurred a net loss of nearly $100,000.

T&L submitted a claim under each of its Forgery Coverage, its Computer Fraud Coverage and its Funds Transfer Fraud Coverage. The District Court held that each of these coverages required “direct loss sustained by an Insured” and that, as a matter of law, no direct loss had been sustained.

On appeal, the Ninth Circuit did not disturb the finding with respect to direct loss, but affirmed the result on the basis that T&L had failed to establish that the loss came within the scope of any of the insuring agreements.

The Forgery Coverage

The Ninth Circuit quickly dismissed T&L’s contention that this insuring agreement’s requirement of a “Forgery or alteration of a financial instrument” did not require proof of a “Forgery” of a financial instrument, because the insuring agreement required only proof of an alteration of a financial instrument or a free-standing “Forgery” of any document, of any type. The Court held that the insuring agreement plainly required either a “Forgery” or an alteration of a financial instrument.

More substantively, the Court rejected T&L’s contention that the emails to T&L were financial instruments:

Here, the emails instructing T&L to wire money were not financial instruments, like checks, drafts, or the like. See Vons Cos., Inc. v. Fed. Ins. Co. … (C.D. Cal. 1998) (holding that wire instructions, invoices, and purchase orders were not “documents of the same type and effect as checks and drafts.”). And even if the emails were considered equivalent to checks or drafts, they were not “made, drawn by, or drawn upon” T&L, the insured. Rather, they simply directed T&L to wire money from T&L’s client’s account. In sum, there is no forgery coverage.

The Computer Fraud Coverage

The Computer Fraud insuring agreement required T&L to demonstrate “an unauthorized (1) “entry into” its computer system, and (2) “introduction of instructions” that “propogate[d] themselves” through its computer system.” The Court held that the sending of an email, without more, did not constitute an unauthorized entry into T&L’s computer system. Further, the emails were not an unauthorized introduction of instructions that propagated themselves through T&L’s computer system:

The emails instructed T&L to effectuate certain wire transfers. However, under a common sense reading of the policy, these are not the type of instructions that the policy was designed to cover, like the introduction of malicious computer code. … Additionally, the instructions did not, as in the case of a virus, propagate themselves throughout T&L’s computer system; rather, they were simply part of the text of three emails.

The Funds Transfer Fraud Coverage

The Funds Transfer Fraud insuring agreement indemnified against:

fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions issued to a financial institution directing such institution to transfer, pay or deliver Money or Securities from any account maintained by an Insured Organization at such Institution, without an Insured Organization’s knowledge or consent.

The Court held that the requirements of the insuring agreement were not met:

This coverage is inapplicable because T&L requested and knew about the wire transfers. After receiving the fraudulent emails, T&L directed its client’s bank to wire the funds. T&L then sent emails confirming the transfers to its client’s email address. Although T&L did not know that the emailed instructions were fraudulent, it did know about the wire transfers.

Moreover, T&L’s receipt of the emails from its client’s account does not trigger coverage because T&L is not a financial institution.

As a result, there was no coverage available under the Federal policy.

Conclusion

Following the Fifth Circuit’s decision in Apache (see our October 24, 2016 post), the Ninth Circuit’s decision in Taylor & Lieberman provides another example of a clear trend on the part of the courts to refuse to find coverage for social engineering fraud losses under the “traditional” crime policy coverages (typically, computer fraud and funds transfer fraud coverages, but occasionally, as here, other coverages as well). The proliferation of social engineering frauds has created a new exposure for insureds, and fidelity insurers have responded by creating discrete social engineering fraud coverages. Like Apache, Taylor & Lieberman serves as a cautionary tale to businesses (and to their brokers) of how a business may be exposed to an uninsured loss in the event that it does not maintain such coverage.

Taylor & Lieberman v. Federal Insurance Company, 2017 WL 929211 (9th Cir.)

Leave a comment

Filed under Computer Fraud, Direct Loss, Forgery, Funds Transfer Fraud, Social Engineering Fraud

Pestmaster: Ninth Circuit affirms Fidelity Insurer’s Intent on Scope of Computer Fraud and Funds Transfer Fraud Coverages

By David S. Wilson and Chris McKibbin

In our January 6, 2015 post, we analyzed the decision of the U.S. District Court for the Central District of California in Pestmaster Services, Inc. v. Travelers Casualty and Surety Company of America and its implications for the interpretation of the Computer Fraud and Funds Transfer Fraud coverages.  On July 29, 2016, the Ninth Circuit Court of Appeals released a brief opinion affirming the District Court’s interpretations of these coverages.

The Facts

Pestmaster, a pest control business, was insured under a Travelers Wrap+ policy.  In 2009, Pestmaster hired a payroll company, Priority 1, to handle its payroll and payroll tax obligations.  Pestmaster executed an ACH authorization which authorized Priority 1 to obtain payment of Priority 1’s approved invoices by initiating ACH transfers of funds from Pestmaster’s bank account to Priority 1’s bank account.  These amounts included both payroll and payroll taxes, the latter of which Priority 1 was supposed to remit to the IRS.

In 2011, Pestmaster discovered that Priority 1 had failed to remit $373,000 in payroll taxes, and had instead diverted these funds to its own uses.  Pestmaster sought indemnity from Travelers under both its Funds Transfer Fraud and Computer Fraud coverages.

Funds Transfer Fraud

The Funds Transfer Fraud coverage indemnified Pestmaster for direct loss of money or securities contained in its transfer account on deposit at a financial institution, directly caused by Funds Transfer Fraud.  Funds Transfer Fraud was defined as:

an electronic, telegraphic, cable, teletype or telephone instruction fraudulently transmitted to a Financial Institution directing such institution to debit your Transfer Account and to transfer, pay or deliver Money or Securities from your Transfer Account which instruction purports to have been transmitted by you, but was in fact fraudulently transmitted by someone other than you without your knowledge or consent …

The Ninth Circuit affirmed the District Court’s holding that the Funds Transfer Fraud insuring agreement does not cover transactions that are authorized by the insured:

… Pestmaster argues that the transfer of funds from its bank account to Priority 1’s bank account is covered by the Funds Transfer Fraud provision.  The district court found that this provision “does not cover authorized or valid electronic transactions … even though they are, or may be, associated with a fraudulent scheme.” We agree that there is no coverage under this clause when the transfers were expressly authorized.

Computer Fraud

The Computer Fraud coverage indemnified Pestmaster for direct loss of money, securities or other property directly caused by Computer Fraud, i.e., the use of a computer to cause a transfer of money, securities or other property from inside the insured’s premises or the insured’s bank’s premises.  The Ninth Circuit interpreted Travelers’ wording as requiring an unauthorized transfer, which is consistent with the Computer Fraud jurisprudence requiring an element of unauthorized access or a “hacking” incident.  The Ninth Circuit continued:

When Priority 1 transferred funds pursuant to authorization from Pestmaster, the transfer was not fraudulently caused.  Because computers are used in almost every business transaction, reading this provision to cover all transfers that involve both a computer and fraud at some point in the transaction would convert this Crime Policy into a “General Fraud” Policy.  While Travelers could have drafted this language more narrowly, we believe protection against all fraud is not what was intended by this provision, and not what Pestmaster could reasonably have expected this provision to cover.  [emphasis added]

As such, coverage was not available in respect of the authorized transfers.

The Court remanded to the District Court the narrow issue of whether two individual transactions, made shortly before the discovery of the fraud and totalling $11,991, were unauthorized transfers.

Conclusion

The Ninth Circuit’s decision in Pestmaster provides an endorsement of fidelity insurers’ intentions as to the proper scope of the Computer Fraud and Funds Transfer Fraud coverages.  The Court’s observation with respect to the Computer Fraud coverage is of particular significance, insofar as it represents one of the clearest articulations as to how the merely-incidental involvement of a computer at some stage in a fraudulent transaction is insufficient to trigger indemnity.  Insureds often point to such merely-incidental involvement of a computer in attempting to bring a loss within the Computer Fraud coverage, even though this is not the intended scope of the coverage, and notwithstanding that there are other products (such as Social Engineering Fraud coverage) which may respond to certain types of losses involving authorized computer transfers.

Pestmaster Services, Inc. v. Travelers Casualty and Surety Company of America, 2016 WL 4056068 (9th Cir.)

Leave a comment

Filed under Computer Fraud, Funds Transfer Fraud

Blaneys Fidelity Year in Review – Fidelity Subrogation Podcast – Fidelity at the OBA

Blaneys Fidelity Year in Review

In 2015, American and Canadian courts released a number of decisions of interest to fidelity claims professionals.   We are pleased to present Blaneys Fidelity Year in Review, which provides summaries of the decisions that appeared on Blaneys Fidelity Blog in 2015.  Blaneys Fidelity Year in Review is available here.

Blaneys Podcast: Fidelity Subrogation and Fraud Recovery

For those fidelity claims professionals dealing with fraud recovery and subrogation in Canada, the Blaneys Podcast series now features our podcast on fraud recovery and fidelity subrogation.  The podcast sets out the different strategies available for identifying and pursuing fraud recovery targets and for maximizing recoveries from defaulters, beneficiaries, co-conspirators, auditors and financial institutions.  The podcast is available here; SoundCloud users may access the podcast here.

Fidelity at the OBA: A Primer on Insurance Coverage (Toronto, May 12, 2016)

The Ontario Bar Association is presenting a program on insurance coverage issues on May 12 in Toronto.  Blaneys’ Chris McKibbin will be presenting on Computer Fraud and Funds Transfer Fraud Coverages in Fidelity and Commercial Crime Policies.  The program also includes presentations on recent developments regarding the duty of good faith and the duty to defend; the “lack of fortuity” defence; and a perspective from the Bench, presented by the Honourable Mr. Justice Jamie K. Trimble.  Co-chairs Laura Hodgins of Liberty and Andrew Mercer of Mercer Law have assembled a fantastic group of speakers, and the program is eligible for four substantive hours of CPD credit.  The program agenda is available here.

Leave a comment

Filed under Computer Fraud, Funds Transfer Fraud, Subrogation, Year in Review

First National Bank of Northern California: Ninth Circuit analyzes scope of “Customer” under Financial Institution Bond’s Telefacsimile and Voice Instruction Transactions Coverage

By David S. Wilson and Chris McKibbin

In First National Bank of Northern California v. St. Paul Mercury Insurance Company, the Ninth Circuit Court of Appeals analyzed certain requirements for Telefacsimile and Voice Instruction Transactions coverage under a Financial Institution Bond issued by St. Paul (now Travelers) to First National Bank of Northern California (the “Bank”). The decision highlights the importance of clearly establishing the exact contractual arrangement between the insured financial institution and its customer in analyzing these types of transfer coverages.

The Facts

The Bank’s customers, Brent and Paula Edwards, were trustees for the Edwards Living Trust. Mr. and Ms. Edwards opened an account (the “Account”) with the Bank in 2009. They received a Deposit Account Agreement and Disclosure (the “Account Opening Agreement”). They also signed a signature card in which they “agree[d] to the terms of” and “acknowledge[d] receipt of a completed copy of this agreement, the accompanying terms and conditions, and policy disclosures.”

The Account Opening Agreement included the following provision:

 With respect to wire transfers or other transfers of funds not governed by the Electronic Funds Transfer Act, [the customers agree] to enter into and comply with [the Bank’s] wire transfer (if applicable) agreement and to comply with [the Bank’s] security procedures.

The Bank’s security procedures (the “Security Procedures”) were not provided to Mr. and Ms. Edwards, although the Bank asserted that the Security Procedures were “easily available” to them. The Security Procedures purportedly authorized the Bank to rely on voice and facsimile instructions to make wire transfers from the Account in two circumstances:

  • if there was a wire transfer agreement on file; or,
  • if, in the absence of a wire transfer agreement on file, the customer could still be verified by voice recognition or by password, government-issued ID, date of birth, or Social Security number.

The Bank never provided any wire transfer agreement to Mr. and Ms. Edwards.

On October 13, 2010, the Bank received a phone call from someone purporting to be Mr. Edwards, instructing it to transfer $412,876 from the Account to a bank in Thailand. The Bank obtained verification information and processed the transfer. The next day, the Bank received another call, seeking to transfer $98,876 to a bank in China. After obtaining the same verification information, the Bank processed this transfer as well.

Mr. and Ms. Edwards discovered the fraudulent transfers. The Bank repaid them and made a claim against Travelers under the Bond.

The Telefacsimile and Voice Instruction Transactions Coverage

The Bank’s Telefacsimile and Voice Instruction Transactions coverage indemnified the Bank where it:

suffers a loss directly from … having in good faith … transferred funds on deposit in a Customer’s account in reliance upon a fraudulent telephonic voice instruction … which purports to be from … an individual person who is a Customer …”

The definition of “Customer” contained three requirements:

an entity or natural person that:

(i)         has a written agreement with the Insured authorizing the Insured to rely on telephonic voice or Telefacsimile Device instructions to make transfers;

(ii)        has provided the Insured with the names of persons authorized to initiate such transfers; and

(iii)       with whom the Insured has established an instruction verification procedure other than voice recognition.

Travelers declined coverage, pointing out that the Bank had not established that there was any written agreement between the Bank and Mr. and Ms. Edwards authorizing the Bank to rely on telephonic voice or Telefacsimile Device instructions to make transfers. In other words, Mr. and Ms. Edwards had not agreed to the wire transfer agreement, or to the Security Procedures.

The Decision

The key issue became whether the Bank could impute the wire transfer agreement and/or the Security Procedures to Mr. and Ms. Edwards, on the basis that they had received the Account Opening Agreement and had signed the signature card. The Bank asserted that the Account Opening Agreement required Mr. and Ms. Edwards to agree to enter into, and comply with, the wire transfer agreement and to comply with the Bank’s Security Procedures, notwithstanding that Mr. and Ms. Edwards never in fact agreed to do so, and never received copies of these documents.

The Ninth Circuit rejected this argument, holding that neither the wire transfer agreement nor the Security Procedures had ever formed part of the contractual arrangements between the Bank and Mr. and Ms. Edwards. The Court observed that a contract may validly include provisions of a document not part of the physical contract, so long as the incorporation by reference is “clear and unequivocal” and the terms of the incorporated document are known, or readily available, to both parties. The Court held that the Bank had failed to establish that here:

… the signature card, account agreement, and security procedures did not qualify as a “written agreement” under the bond definition. The signature card, which is the only document that the Edwardses actually signed, does not refer to the account agreement or the security procedures. The security procedures were not provided to the Edwardses. The signature card does not contain any authorization for a wire transfer from the account by voice or fax authorization. Under these undisputed facts, the district court properly concluded that the combined signature card, account agreement, and security procedures did not constitute a written agreement with the Bank authorizing it to rely on wire transfer instructions communicated by phone or fax. Therefore, the district court correctly concluded that the Edwardses did not qualify as “customers” within the meaning of the bond.

Conclusion

Telefacsimile and Voice Instruction Transactions and similar transfer coverages are some of the most technical coverages in Financial Institution Bonds and other forms of fidelity coverage. In this case, the Bank was unable to establish that its contractual arrangement with Mr. and Ms. Edwards brought them within the Bond’s definition of “Customer”, notwithstanding that they had agreed to be bound by Security Procedures which arguably might have authorized the transfers. The decision reinforces the importance of carefully analyzing the exact contractual relationship between the insured financial institution and its customer to ensure that all coverage requirements are fulfilled.

First National Bank of Northern California v. St. Paul Mercury Insurance Company, 2015 WL 2225044 (9th Cir.)

Leave a comment

Filed under Funds Transfer Fraud

Pestmaster: U.S. District Court affirms Fidelity Insurer’s Intent on Scope of Computer Fraud and Funds Transfer Fraud Coverages

By Chris McKibbin

In Pestmaster Services, Inc. v. Travelers Casualty and Surety Company of America, the U.S. District Court for the Central District of California granted partial summary judgment in favour of Travelers on a claim advanced under its Computer Fraud and Funds Transfer Fraud coverages.  The decision provides valuable guidance regarding the scope of these coverages.

The Facts

Pestmaster, a pest control business, was insured under a Travelers Wrap+ policy.  In 2009, Pestmaster hired a payroll company, Priority, to handle its payroll and payroll tax obligations.  Pestmaster executed an ACH authorization which authorized Priority to obtain payment of Priority’s approved invoices by initiating ACH transfers of funds from Pestmaster’s bank account to Priority’s bank account.  These amounts included both payroll and payroll taxes, the latter of which Priority was supposed to remit to the IRS.

In 2011, Pestmaster discovered that Priority had failed to remit $373,000 in payroll taxes, and had instead diverted these funds to its own uses.  Pestmaster sought indemnity from Travelers under its Funds Transfer Fraud coverage or, alternatively, its Computer Fraud coverage.

Funds Transfer Fraud

The Funds Transfer Fraud coverage indemnified Pestmaster for direct loss of money or securities, contained in its transfer account on deposit at a financial institution, directly caused by Funds Transfer Fraud.  Funds Transfer Fraud was, in turn, defined as (in relevant part):

an electronic, telegraphic, cable, teletype or telephone instruction fraudulently transmitted to a Financial Institution directing such institution to debit your Transfer Account and to transfer, pay or deliver Money or Securities from your Transfer Account which instruction purports to have been transmitted by you, but was in fact fraudulently transmitted by someone other than you without your knowledge or consent;

Pestmaster contended that Priority’s transferring funds from Pestmaster’s bank account to its own bank account, in furtherance of Priority’s fraudulent scheme, constituted a fraudulent instruction to Pestmaster’s bank.

The Court rejected Pestmaster’s contention, holding that the insuring agreement does not cover authorized or valid transactions, such as the authorized ACH transfers in this case, even where such transactions are associated with an underlying fraudulent scheme.  The Court found that there was no evidence that Priority had gained unauthorized access to Pestmaster’s bank’s electronic fund transfer system or had otherwise provided any fraudulent or altered instructions to the bank in order to divert funds from the rightful recipient.  As Priority wrongfully converted the funds only after they had been transferred to Priority, pursuant to Pestmaster’s express authorization, the elements of the Funds Transfer Fraud coverage were not made out.

The Court accepted Travelers’ position that the intention of the coverage is to protect the insured or its bank from someone breaking into the electronic funds transfer system and pretending to be an authorized representative, or altering electronic instructions to divert funds from the rightful recipient.

Computer Fraud Coverage

The Computer Fraud coverage indemnified Pestmaster for direct loss of money, securities or other property directly caused by Computer Fraud, i.e., the use of a computer to cause a transfer of money, securities or other property from inside the insured’s premises or the insured’s bank’s premises.

Pestmaster contended that Priority’s use of a computer to transfer funds from Pestmaster’s bank account to Priority’s bank account, in furtherance of Priority’s fraudulent scheme, met the requirements of the coverage.

The Court rejected this contention as well, accepting Travelers’ position that the Computer Fraud coverage is engaged when someone “hacks” or obtains unauthorized access or entry to a computer in order to make an unauthorized transfer of funds.  The Court relied on Universal American, a 2013 New York decision in which a computer was used to submit fraudulent health insurance claims.  The Universal American court had concluded that Computer Fraud coverage did not apply “where an authorized user utilized the system as intended, i.e., to submit [health insurance] claims, but where the claims themselves were fraudulent.”

The Court concluded that Priority had acted pursuant to Pestmaster’s ACH authorization, and could not in any sense be considered a “hacker” or unauthorized user.  Priority’s fraudulent conduct occurred only after the authorized transfer had been completed and the funds had already been transferred into Priority’s account.

No Direct Loss

The Court also held, as alternative bases for denying coverage, that Priority’s use of its computer was merely incidental to, and not directly related to, Pestmaster’s losses, and that Pestmaster had not satisfied the “direct loss” requirement in either of the coverages.  Rather, Pestmaster’s loss was “entirely contingent on a series of events and decisions, including Priority 1’s decision to divert the funds in its account to pay its own obligations instead of using them for their agreed upon purpose of paying Pestmaster’s federal payroll taxes.

The Pestmaster decision is helpful in explaining (and endorsing) fidelity insurers’ intentions as to the proper scope of the Computer Fraud and Funds Transfer Fraud coverages, confirming that the coverage is intended to be limited to unauthorized access and “hacking” situations.  The decision is also helpful in rebutting arguments which attempt to create coverage by reliance on the merely-incidental involvement of a computer, or an electronic transfer, in the loss scenario.

Pestmaster Services, Inc. v. Travelers Casualty and Surety Company of America, 2014 WL 3844627 (C.D. Cal.)

Leave a comment

Filed under Computer Fraud, Funds Transfer Fraud