Hantz Financial Services: Sixth Circuit enforces Suit Limitation Provision in finding No Coverage under Financial Institution Bond

By David S. Wilson and Chris McKibbin

On November 9, 2016, the Sixth Circuit Court of Appeals released its decision in Hantz Financial Services, Inc. v. American International Specialty Lines Insurance Co., affirming the U.S. District Court for the Eastern District of Michigan’s grant of summary judgment in favour of National Union in a claim advanced on a Financial Institution Bond.

As we discussed in our September 29, 2015 post, the District Court held that no coverage was available to the insured, Hantz Financial Services, Inc. (“Hantz”), for losses resulting from its employee’s perpetrating a fraud on its clients, as such losses were indirect. The District Court also suggested that the employee could not, in defrauding the clients, have had the manifest intent to cause a loss to Hantz.

The Sixth Circuit’s decision affirmed the result, but did so on the basis of the expiration of the suit limitation provision contained in General Agreement F of the Bond. The Sixth Circuit’s decision provides a useful reminder of the enforceability of suit limitation provisions in fidelity and crime policies, even where the insurer undertakes significant investigatory steps in the course of assessing the first-party claim.

The Facts

Hantz is a licensed securities broker-dealer that offers clients investment advice. Hantz does not provide its own investment products to clients; instead, it introduces clients to investment products offered by other financial services companies.

Hantz employee Michael Laursen stole more than $2.6 million that Hantz’s clients had provided to him to invest, or to purchase insurance, on their behalves. Initially, Laursen deposited cheques written by clients directly into his personal bank account. Some cheques were written to Laursen directly, while others were made payable to “Hantz Financial Services”, “HFS”, “Hantz” or “Hantz Consulting”. At one point during the course of the fraud, Laursen opened a bank account in the name of “Henary Firearms Service” and directed his clients to write cheques payable to “HFS”, which he then deposited into that account. The fraud came to light in March 2008.

As a result of the fraud, Hantz ended up in litigation with two sets of clients:

  • Bolton Claimants: the Bolton claimants initiated a Financial Industry Regulatory Authority (FINRA) arbitration action against Hantz, which was settled for $600,000 on July 24, 2009.
  • Monroe Claimants: the Monroe claimants initiated a FINRA arbitration action against Hantz and recovered $587,063. A Michigan state court entered judgment confirming the FINRA arbitration award on December 17, 2010; this judgment was affirmed by the Michigan Court of Appeals on January 24, 2012.

Hantz commenced its coverage action against National Union on March 18, 2013.

The National Union Coverage and the Suit Limitation Period

General Agreement F of Hantz’s Financial Institution Bond with National Union provided that, with respect to losses arising from legal proceedings against Hantz:

the Insured may not bring legal proceedings for the recovery of such loss after the expiration of 24 months from the date of such final judgment or settlement.

It will be noted that the trigger for the suit limitation period in General Agreement F of the Bond, drafted specifically to apply to losses resulting from legal proceedings against the insured, is “the date of … final judgment or settlement” in such litigation. Almost invariably, fidelity coverages contain a “general” suit limitation period, which is triggered by the insured’s discovery of the loss. For example, in the 1999 decision of the Supreme Court of Canada in Guarantee Co. of North America v. Gordon Capital Corp., the Court enforced a 24-month suit limitation period which was triggered by the insured’s discovery of “facts which would cause a reasonable person to assume that a loss of a type covered by this bond has been or will be incurred”.

Before the Sixth Circuit, Hantz contended that the suit limitation period in General Agreement F did not apply in respect of the Bolton and Monroe claims. With respect to the Monroe claim, Hantz asserted that the Bond did not define “final judgment” and was therefore ambiguous as to whether it meant the December 17, 2010 judgment from the Michigan state court, or the January 24, 2012 appeal judgment. After reviewing extensive authority, the Court held that:

Accordingly, as a legal term of art, “final judgment” virtually always designates the judgment by a court that determines all the rights and obligations of the parties in a case so that it can be appealed—not a judgment that has been resolved after appeal. Mindful that we must not read ambiguity into contracts where none exists, we do not find Hantz’s proposed construction of the term to be a reasonable alternative interpretation. And no other language that could support its reading of “final judgment” — i.e., words like “appeal,” “exhaust,” “affirm,” or “deny” — appears anywhere in this section of the Bond.

The March 18, 2013 action was initiated subsequent to the expiration of the 24-month suit limitation period following the December 17, 2010 judgment. Accordingly, no coverage was available to Hantz in respect of the Monroe claim.

With respect to the Bolton claim, Hantz took a different approach. Hantz asserted that, as a result of National Union’s thorough investigation of the first-party claim over a period of almost three years, National Union was equitably estopped from relying on the suit limitation period. The Court held that National Union’s investigative steps did not equitably estop it from relying on the suit limitation period:

National Union’s contractual limitations defense survives despite its investigative efforts. No evidence supports Hantz’s argument that National Union “induced” Hantz to believe it would not enforce the limitations clause. Although National Union spent nearly three years investigating Hantz’s claims and requested Hantz’s cooperation throughout the process, it never implied it would waive the contractual limitations provision, nor did it suggest that it would cover the losses. Quite the contrary: National Union’s letters conveyed that the insurer planned to contest coverage, albeit on grounds other than the Bond’s limitations period. …

Even assuming that National Union was responsible for unnecessary delays in the claims investigation process, as Hantz contends, delay alone won’t support a reliance finding. [emphasis added]

As a result, the 24-month suit limitation period was enforceable in respect of the Bolton claim, and had expired prior to the commencement of Hantz’s action.

Conclusion

Hantz Financial Services is notable insofar as it affirms the enforceability of a suit limitation provision on its plain terms. Although the Sixth Circuit was considering General Agreement F of the Financial Institution Bond, there is no reason why the same interpretive approach should not apply to discovery-triggered suit limitation periods; indeed, this was the result in the Supreme Court of Canada’s decision in Gordon Capital.

Hantz Financial Services is also significant in its rejection of the insured’s contention that National Union’s investigative actions gave rise to equitable estoppel precluding reliance on the suit limitation provision. While prudence suggests that an insurer may wish to expressly advert to a suit limitation period in the course of investigating a first-party loss, the Sixth Circuit has rejected the contention that the mere fact of investigating and gathering information, without specifically broaching the suit limitation period, necessarily gives rise to equitable estoppel.

Hantz Financial Services, Inc. v. American International Specialty Lines Insurance Co., 2016 WL 6609544 (6th Cir.)

Leave a comment

Filed under Suit Limitation Provision

Apache Corporation: Fifth Circuit holds that Commercial Crime Policy’s Computer Fraud Coverage does not extend to Social Engineering Fraud Loss

By David S. Wilson and Chris McKibbin

On October 18, 2016, the U.S. Court of Appeals for the Fifth Circuit released its opinion in Apache Corporation v. Great American Insurance Company.  This is one of the first appellate decisions to consider coverage for a social engineering fraud loss under “traditional” commercial crime policy wording since the widespread introduction of social engineering fraud endorsements.  In holding that the loss did not trigger indemnity under the Computer Fraud coverage, the Fifth Circuit adopted the interpretive approach to Computer Fraud coverage taken by the Ninth Circuit in Pestmaster Services v. Travelers (which we discussed in our August 4, 2016 post) and applied it in the context of social engineering fraud.

The Facts

Apache is an oil production company which is headquartered in Texas and which operates internationally.  In March 2013, an Apache employee in Scotland received a call from a person claiming to be a representative of Petrofac, a legitimate vendor of Apache.  The caller instructed the employee to change the bank account information which Apache had on record for Petrofac.  The Apache employee advised that such a change request would not be processed without a formal request on Petrofac letterhead.

A week later, Apache’s accounts payable department received an email from a @petrofacltd.com email address.  Petrofac’s legitimate email domain name is @petrofac.com.  The email advised that Petrofac’s bank account details had changed, and included as an attachment a signed letter on Petrofac letterhead setting out the old and new account numbers and requesting that Apache “use the new account with immediate effect.”

An Apache employee called the telephone number on the letterhead and confirmed the authenticity of the change request.  Next, a different Apache employee approved and implemented the change.  A week later, Apache was transferring funds for payment of Petrofac’s invoices to the new bank account.

Within a month, Petrofac advised Apache that it had not received payment of approximately $7 million which Apache had transferred to the new account.  Apache recovered some of the funds, but still incurred a net loss of approximately $2.4 million.

The Computer Fraud Coverage

Apache maintained a Crime Protection Policy with Great American, but it does not appear that the policy included social engineering fraud coverage.  Apache asserted a claim under its Computer Fraud coverage, which provided that:

We will pay for loss of, and loss from damage to, money, securities and other property resulting directly from the use of any computer to fraudulently cause a transfer of that property from inside the premises or banking premises:

 a) to a person (other than a messenger) outside those premises; or

 b) to a place outside those premises.

In Great American’s view, no indemnity was available because the @petrofacltd.com email did not cause the transfers in issue, and because the coverage was limited to losses resulting from hacking and other incidents of unauthorized computer use.

The Fifth Circuit accepted Great American’s position.  Noting that there was no Texas law directly on point, the Court embarked on what it described as a “detailed — but numbing — analysis” of the authorities interpreting the Computer Fraud coverage.  Chief among these was the Ninth Circuit’s recent decision in Pestmaster, in which that Court interpreted the coverage to require an unauthorized transfer of funds, rather than simply any transfer which involved both a computer and a fraud at some point.

The Fifth Circuit contrasted that requirement with the lengthy chain of events that had resulted in Apache’s loss:

Here, the “computer use” was an email with instructions to change a vendor’s payment information and make “all future payments” to it; the email, with the letter on Petrofac letterhead as an attachment, followed the initial telephone call from the criminals and was sent in response to Apache’s directive to send the request on the vendor’s letterhead.  Once the email was received, an Apache employee called the telephone number provided on the fraudulent letterhead in the attachment to the email, instead of, for example, calling an independently-provided telephone contact for the vendor, such as the pre-existing contact information Apache would have used in past communications.  Doubtless, had the confirmation call been properly directed, or had Apache performed a more thorough investigation, it would never have changed the vendor-payment account information.  Moreover, Apache changed the account information, and the transfers of money to the fraudulent account were initiated by Apache to pay legitimate invoices. 

The Court observed that the authorities generally refuse to extend the scope of the Computer Fraud coverage to situations where the fraudulent transfer is not a direct result of computer use, but rather results from other events.

In concluding that no indemnity was available under the Computer Fraud coverage, the Court held that:

The email was part of the scheme; but, the email was merely incidental to the occurrence of the authorized transfer of money.  To interpret the computer-fraud provision as reaching any fraudulent scheme in which an email communication was part of the process would, as stated in Pestmaster…, convert the computer-fraud provision to one for general fraud.  …  We take judicial notice that, when the policy was issued in 2012, electronic communications were, as they are now, ubiquitous, and even the line between “computer” and “telephone” was already blurred.  In short, few — if any — fraudulent schemes would not involve some form of computer-facilitated communication.  [emphasis added]

Conclusion

The Fifth Circuit’s decision in Apache is broadly significant to the fidelity insurance industry not only because, like Pestmaster, it reaffirms the intended scope of the Computer Fraud coverage, but also because it reinforces the purpose behind insurers’ introduction of discrete social engineering fraud coverage in the last few years, i.e., the lack of coverage for social engineering frauds under traditional computer and funds transfer coverages.

The proliferation of social engineering fraud has undoubtedly exposed insureds to greater risk.  However, insurers have responded by underwriting discrete social engineering fraud coverages.  There is no need for courts to depart from the traditional interpretation of computer fraud and funds transfer fraud coverages in order to address this perceived problem, because a solution is already available.

As a practical matter, Apache confirms that insureds need Social Engineering Fraud coverage for these types of  losses.  The decision provides greater certainty on the part of insureds, insurers and brokers as to the intended scope of each coverage, and makes it easier for all industry participants to ensure that insureds obtain the coverages they require for the types of potential losses that they face.

Apache Corporation v. Great American Insurance Company, 2016 WL 6090901 (5th Cir.)

Leave a comment

Filed under Computer Fraud, Social Engineering Fraud

Tesoro Refining: Fifth Circuit analyzes scope of “Unlawful Taking” and “Forgery” in Commercial Crime Policy’s Employee Theft Coverage

By David S. Wilson, Chris McKibbin and Stuart M. Woody

In our April 14, 2015 post, we analyzed the decision of the U.S. District Court for the Western District of Texas in Tesoro Refining & Marketing Company LLC v. National Union Fire Insurance Company of Pittsburgh, Pennsylvania and its implications for what constitutes “unlawful taking” for the purposes of the Employee Theft coverage.  The Fifth Circuit Court of Appeals recently affirmed the District Court’s grant of summary judgment in favour of National Union.

The Facts

The insured (“Tesoro”) was a refiner and marketer of petroleum products.  In 2003, Tesoro began selling fuel to Enmex, a petroleum distributor, on credit.  The manager of Tesoro’s Credit Department, Leavell, managed Enmex’s account.

By late 2007, Enmex’s credit balance had grown to $45 million, and Leavell (and Tesoro’s auditors) became concerned about Enmex’s ability to pay down the outstanding debt.  In discussions with Tesoro’s auditors in December 2007, Leavell represented that the Enmex account was secured by a $12 million letter of credit (LOC).

Between December 2007 and March 2008, a series of documents purporting to be LOCs (and, in one case, a security agreement) were created in Leavell’s password-protected drive on Tesoro’s server.  Leavell provided these to the auditors as evidence of Enmex’s creditworthiness.

By September 2008, the Enmex balance had reached almost $89 million.  In October 2008, a document purporting to be a new $24 million LOC was created on Leavell’s drive.  A PDF version of this document, with a Bank of America logo added, was created a few days later and saved in the Credit Department’s shared folder.

In December 2008, Tesoro presented the $24 million LOC to Bank of America, which confirmed that the LOC was not valid.  Tesoro ceased selling fuel to Enmex, and was not paid for some of the fuel it had already sold.  Tesoro submitted a crime claim to National Union, alleging that Leavell had forged the LOCs and the security agreement, resulting in Tesoro’s loss.

The Employee Theft Coverage

The insuring agreement provided that:

We will pay for loss of or damage to “money”, “securities” and “other property” resulting directly from “theft” committed by an “employee”, whether identified or not, acting alone or in collusion with other persons.

For the purposes of this Insuring Agreement, “theft” shall also include forgery.

“Theft” was defined as “the unlawful taking of property to the deprivation of the insured.”  Unlike some other forms of the theft coverage, National Union’s insuring agreement defined “theft” to include forgery.

Interpreting the Insuring Agreement

Tesoro contended that the District Court erred in holding that an “unlawful taking”, whether by forgery or by other means, was required to create coverage under this insuring agreement.  In Tesoro’s view, the sentence in the insuring agreement addressing forgery created coverage for losses from any employee forgery, irrespective of whether there was any unlawful taking by the employee.

National Union contended that the employee theft insuring agreement always required proof that an “unlawful taking” had occurred, irrespective of the form of that taking.  National Union took the position that the term “include”, as used in the sentence addressing forgery, meant that a forgery that is within the category of “theft” is covered, but the insuring agreement does not create coverage for acts of forgery wholly distinct from “theft”.

The Court accepted National Union’s interpretation, holding that:

Tesoro’s interpretation isolates the sentence addressing forgery from its context.  Context is key and can in part be provided by a document’s title… This insuring agreement is titled “Employee Theft”… When an “Employee Theft” insuring agreement contains a sentence explaining that “theft”, a defined term, shall also include forgery, that sentence is making clear that a forgery that leads to “theft” is covered.

The Court also noted that Tesoro’s proposed interpretation would nullify the “Acts of Employees” exclusion when applied to the Forgery or Alteration insuring agreement.  Such an interpretation would result in the policy excluding all employee forgery involving commercial paper from the Forgery or Alteration insuring agreement, while covering all forms of employee forgery under the Employee Theft insuring agreement.

There was no “Unlawful Taking” by Leavell

Tesoro further contended that, even if it was required to prove an “unlawful taking” under the Employee Theft coverage, it could still do so, insofar as Leavell’s conduct met the requirements of the Texas criminal offence of theft (in particular, theft by deception).  The Court did not endorse Tesoro’s equating of the policy’s “unlawful taking” requirement with any act constituting a theft under state criminal law, but accepted it arguendo for the limited purpose of determining whether summary judgment could be properly granted in favour of National Union.

The Court noted that proving theft by deception would require Tesoro to show that the forged security documents were a substantial or material factor in inducing it to continue selling fuel to Enmex.  The Court held that the available evidence did not support that conclusion.  Indeed, Tesoro had continued selling fuel to Enmex during periods in which it knew that the receivable was not secured.  Thus, Tesoro could not demonstrate that it was induced to do anything differently as a result of the alleged deception.  On that basis, the Court held that summary judgment had been properly granted to National Union.

Conclusion

For those Employee Theft coverages that include forgery within the meaning of theft, the Fifth Circuit’s decision in Tesoro Refining provides guidance as to how to interpret and apply the provision, including ascertaining whether the alleged forgery actually induced the insured to do anything it would not have done in the absence of the forgery.  The Court’s finding on causation is significant, notwithstanding that it came in the context of analyzing the Texas criminal offence of theft by deception.

As a general observation, we suggest that caution be exercised in relying on criminal law provisions and concepts as an interpretive guide to fidelity policies.  In Tesoro Refining, the Court made it clear that it was analyzing the Texas provision solely because Tesoro had advanced the argument as a basis for denying summary judgment to National Union.  Other courts in the United States and Canada have cautioned against too easily equating fidelity coverage concepts and criminal law concepts.  In Iroquois Falls Community Credit Union Limited v. Co-operators General Insurance Company, for example, the Court of Appeal for Ontario overturned the motions court’s grant of summary judgment to an insured credit union, specifically rejecting the holding that the credit union had to have notice of criminal conduct before it was obligated to put its insurer on notice. 

More broadly, the Court’s overall interpretive approach (reading and interpreting the policy as a whole, including the headings and related insuring agreements and exclusions) is of assistance to fidelity insurers in rebutting arguments which seek to create ambiguity by interpreting a particular sentence (or even a subset of words within a sentence) without regard to the intended scope of coverage as evidenced by the headings and related insuring agreements and exclusions in the policy.

Tesoro Refining & Marketing Company LLC v. National Union Fire Insurance Company of Pittsburgh, Pennsylvania, 2016 U.S. App. LEXIS 13838 (5th Cir.)

Leave a comment

Filed under Employee Theft, Forgery

Pestmaster: Ninth Circuit affirms Fidelity Insurer’s Intent on Scope of Computer Fraud and Funds Transfer Fraud Coverages

By David S. Wilson and Chris McKibbin

In our January 6, 2015 post, we analyzed the decision of the U.S. District Court for the Central District of California in Pestmaster Services, Inc. v. Travelers Casualty and Surety Company of America and its implications for the interpretation of the Computer Fraud and Funds Transfer Fraud coverages.  On July 29, 2016, the Ninth Circuit Court of Appeals released a brief opinion affirming the District Court’s interpretations of these coverages.

The Facts

Pestmaster, a pest control business, was insured under a Travelers Wrap+ policy.  In 2009, Pestmaster hired a payroll company, Priority 1, to handle its payroll and payroll tax obligations.  Pestmaster executed an ACH authorization which authorized Priority 1 to obtain payment of Priority 1’s approved invoices by initiating ACH transfers of funds from Pestmaster’s bank account to Priority 1’s bank account.  These amounts included both payroll and payroll taxes, the latter of which Priority 1 was supposed to remit to the IRS.

In 2011, Pestmaster discovered that Priority 1 had failed to remit $373,000 in payroll taxes, and had instead diverted these funds to its own uses.  Pestmaster sought indemnity from Travelers under both its Funds Transfer Fraud and Computer Fraud coverages.

Funds Transfer Fraud

The Funds Transfer Fraud coverage indemnified Pestmaster for direct loss of money or securities contained in its transfer account on deposit at a financial institution, directly caused by Funds Transfer Fraud.  Funds Transfer Fraud was defined as:

an electronic, telegraphic, cable, teletype or telephone instruction fraudulently transmitted to a Financial Institution directing such institution to debit your Transfer Account and to transfer, pay or deliver Money or Securities from your Transfer Account which instruction purports to have been transmitted by you, but was in fact fraudulently transmitted by someone other than you without your knowledge or consent …

The Ninth Circuit affirmed the District Court’s holding that the Funds Transfer Fraud insuring agreement does not cover transactions that are authorized by the insured:

… Pestmaster argues that the transfer of funds from its bank account to Priority 1’s bank account is covered by the Funds Transfer Fraud provision.  The district court found that this provision “does not cover authorized or valid electronic transactions … even though they are, or may be, associated with a fraudulent scheme.” We agree that there is no coverage under this clause when the transfers were expressly authorized.

Computer Fraud

The Computer Fraud coverage indemnified Pestmaster for direct loss of money, securities or other property directly caused by Computer Fraud, i.e., the use of a computer to cause a transfer of money, securities or other property from inside the insured’s premises or the insured’s bank’s premises.  The Ninth Circuit interpreted Travelers’ wording as requiring an unauthorized transfer, which is consistent with the Computer Fraud jurisprudence requiring an element of unauthorized access or a “hacking” incident.  The Ninth Circuit continued:

When Priority 1 transferred funds pursuant to authorization from Pestmaster, the transfer was not fraudulently caused.  Because computers are used in almost every business transaction, reading this provision to cover all transfers that involve both a computer and fraud at some point in the transaction would convert this Crime Policy into a “General Fraud” Policy.  While Travelers could have drafted this language more narrowly, we believe protection against all fraud is not what was intended by this provision, and not what Pestmaster could reasonably have expected this provision to cover.  [emphasis added]

As such, coverage was not available in respect of the authorized transfers.

The Court remanded to the District Court the narrow issue of whether two individual transactions, made shortly before the discovery of the fraud and totalling $11,991, were unauthorized transfers.

Conclusion

The Ninth Circuit’s decision in Pestmaster provides an endorsement of fidelity insurers’ intentions as to the proper scope of the Computer Fraud and Funds Transfer Fraud coverages.  The Court’s observation with respect to the Computer Fraud coverage is of particular significance, insofar as it represents one of the clearest articulations as to how the merely-incidental involvement of a computer at some stage in a fraudulent transaction is insufficient to trigger indemnity.  Insureds often point to such merely-incidental involvement of a computer in attempting to bring a loss within the Computer Fraud coverage, even though this is not the intended scope of the coverage, and notwithstanding that there are other products (such as Social Engineering Fraud coverage) which may respond to certain types of losses involving authorized computer transfers.

Pestmaster Services, Inc. v. Travelers Casualty and Surety Company of America, 2016 WL 4056068 (9th Cir.)

Leave a comment

Filed under Computer Fraud, Funds Transfer Fraud

Aqua Star: U.S. District Court applies “Authorized Entry” Exclusion to claim under Computer Fraud Coverage

By David S. Wilson and Chris McKibbin

On July 8, 2016, the U.S. District Court for the Western District of Washington released its decision in Aqua Star (USA) Corp. v. Travelers Casualty and Surety Company of America.  The decision offers guidance to fidelity insurers with respect to the application of the “authorized entry” exclusion found in the base wording of many commercial crime policies (sometimes referred to as the “authorized access” exclusion), and illustrates how this exclusion may operate in the context of a social engineering fraud loss.

The Facts

The insured, Aqua Star (USA) Corp. (“Aqua Star”), is a seafood importer that had a pre-existing relationship with a legitimate vendor, Zhanjiang Longwei Aquatic Products Industry Co. Ltd. (“Longwei”).  In the summer of 2013, Longwei’s computer system was hacked.  The hacker apparently monitored email exchanges between an Aqua Star employee and a Longwei employee before intercepting those email exchanges and using “spoof” email domains to send fraudulent emails to the Aqua Star employee.  In the spoofed emails, the hacker directed the Aqua Star employee to change the bank account information Aqua Star had on record for Longwei for future wire transfer payments.

The Aqua Star employee inserted the revised banking information into Aqua Star’s computer system.  This revised information was then used to create Wire Confirmation Detail instructions that were transmitted to Aqua Star’s bank, the Bank of America.  As a result, $713,890 was wired to the hacker’s account before the fraud came to light.

The Travelers Coverage

Aqua Star maintained a Wrap+ Crime Policy with Travelers.  The policy covered Aqua Star for its “direct loss of, or direct loss from damage to, Money, Securities, and Other Property directly caused by Computer Fraud”, as defined.  Travelers relied on Exclusion G to the policy, which provided that the policy:

will not apply to loss resulting directly or indirectly from the input of Electronic Data by a natural person having the authority to enter the Insured’s Computer System. 

As a general observation, this type of exclusion is intended to encompass (among other things) social engineering fraud losses.  At present, social engineering fraud coverage is typically added to commercial crime policies by endorsement, with the endorsement providing that the exclusion in the base wording does not apply in respect of coverage afforded by the endorsement.  The intent is to reinforce that only social engineering fraud coverage, and not the “traditional” computer or funds transfer fraud coverages, responds to social engineering fraud losses.

It is not clear from the Court’s decision whether Aqua Star also maintained social engineering fraud coverage.

The Decision

On the parties’ cross-motions for summary judgment, the Court confined itself to the question of whether Exclusion G applied to the loss, and did not opine on whether the loss fell prima facie within coverage.  The Court held that, on its face, Exclusion G clearly applied to the facts.  The “revised” banking details were information, which fell within the meaning of “Electronic Data”.  The employee in question was a natural person and had the authority to enter banking details into Aqua Star’s computer system.  As a result, the exclusion applied.

Aqua Star advanced two substantive arguments in an effort to avoid the application of the exclusion.  First, Aqua Star asserted that the exclusion did not apply because, in order to initiate the wire transfers, an Aqua Star employee had to enter data into the computer system of a third party (i.e., its bank, the Bank of America).  The Court rejected this contention, observing that:

Although entering data into a third party’s computer system may have been the final step that led to Aqua Star’s loss, necessary intermediate steps prior to the transfer involved entering Electronic Data into Aqua Star’s own Computer System. Aqua Star does not explain why the involvement of a third party computer system would render Exclusion G inapplicable.

Second, Aqua Star contended that Exclusion G was actually intended to preclude coverage where a fraud is perpetrated by an authorized user of an insured’s computer system, such as an employee or legitimate customer.  The Court did not accept this argument either, but did note that:

the clear language of the policy does not limit the exclusion to fraud perpetrated by an authorized user, although … it certainly could apply in that situation [as well]. 

As a result, Exclusion G applied to the loss.

Conclusion

In providing a detailed analysis of Exclusion G to the Travelers Wrap+ policy, Aqua Star reflects the intended boundary between social engineering fraud coverage and “traditional” computer fraud and funds transfer fraud coverages.  Courts have generally interpreted the computer fraud coverage as being intended to cover loss due to unauthorized hacking by third parties (see, for example, Pestmaster, which we discussed in our January 6, 2015 post), not employees’ authorized entries of data that are induced by external fraud.

To address this perceived gap, many insurers have introduced social engineering fraud endorsements to respond to the latter scenario.  The “authorized entry” exclusion reinforces insurers’ intent that the two coverages respond to different loss scenarios.  In our view, it is appropriate to keep this context in mind in assessing both the applicability of “authorized entry” exclusions and the dividing line between social engineering fraud coverage and other coverages.

Aqua Star (USA) Corp. v. Travelers Casualty and Surety Company of America, 2016 WL 3655265 (W.D. Wash.)

Leave a comment

Filed under Authorized Access/Entry Exclusion, Computer Fraud, Social Engineering Fraud

Telamon: U.S. District Court finds Insured’s Vice-President to be Independent Contractor falling outside Crime Policy’s Employee Theft Coverage

By David S. Wilson and Chris McKibbin

In Telamon Corp. v. Charter Oak Fire Ins. Co., the U.S. District Court for the Southern District of Indiana held that a Vice-President of Major Accounts who provided management and marketing services to a telecommunications company was not an “Employee” within the meaning of the employee theft coverage afforded by its Travelers Wrap+ policy, but rather an independent contractor.

The Facts

The insured, Telamon Corporation (“Telamon”), is a telecommunications company headquartered in Indiana.  Telamon installed telecommunications equipment for customers such as AT&T.  The alleged defaulter, Juanita Berry, operated a one-person telecommunications consulting company, J. Starr Communications, Inc. (“J. Starr”).

Pursuant to a Consulting Services Agreement dated June 1, 2005 between Telamon, Berry and J. Starr, and subsequent renewals thereof (the “CSAs”), J. Starr agreed to provide Berry’s services to Telamon.  The CSAs specifically provided that Berry provided these services as an independent contractor.  Berry initially worked with Telamon as a senior sales consultant, primarily due to her existing relationship with AT&T.  In 2007, Berry transitioned into an account management role, and oversaw sales and installation projects for AT&T and other accounts.

In 2009, Berry assumed the title of Vice-President of Major Accounts and, in that capacity, was the most senior representative of Telamon’s Dayton, New Jersey facility.  Consistent with her title, she had “operational oversight” with respect to that facility, including engineering, installation, warehouse inventory management and other responsibilities.  Telamon allowed Berry to hold meetings with clients, hire and fire Telamon personnel, set employee salaries and approve expenses.  She also had access to Telamon’s project accounting software, which permitted her to review and manage projects for which she was responsible.

Meanwhile, commencing in 2007, Berry spearheaded Telamon’s “AT&T Asset Recovery Program”, through which Telamon removed old telecommunications equipment from AT&T sites and returned it to Telamon facilities.  Unbeknownst to Telamon executives, Berry also allegedly directed Telamon employees to package and ship the equipment to a Florida company known as WestWorld Telecom (“WestWorld”).

In 2010, Telamon accounting personnel discovered unusual updates in Telamon’s project accounting system, including purchases being charged to jobs for which the material charged was not compatible.  These entries were traced back to Berry.  A subsequent physical inventory of the Dayton warehouse revealed that a significant amount of telecommunications equipment was missing.  Subsequent investigation revealed Berry’s alleged diversion of this equipment to WestWorld, and payments by WestWorld to J. Starr, rather than to Telamon.

The Employee Theft Coverage

Telamon terminated Berry and submitted claims to its crime insurer, Travelers, and its property insurer, Charter Oak Fire, for over $5 million.  Travelers declined coverage on the basis that Berry was not an “Employee” within the meaning of the crime coverage.  The relevant portions of the definition provided that:

Employee means …

 any natural person . . . who is leased to the Insured under a written agreement between the Insured and a labor leasing firm, while that person is subject to the Insured’s direction and control and performing services for the Insured. …

 Employee does not mean

 any … independent contractor or representative or other person of the same general character not specified in paragraphs 1. through 5., above.

Travelers reasoned that the CSAs made it clear that Berry worked as an independent contractor, and that J. Starr could not reasonably be considered to be a labour leasing firm.  Telamon disputed Travelers’ position, contending that J. Starr was a labour leasing firm because it had provided Berry’s consulting services to Telamon in exchange for payments; as Berry was a “leased employee”, the exception for independent contractors could not apply.

On Travelers’ and Telamon’s cross-motions for summary judgment, the District Court rejected Telamon’s contentions.  The Court examined non-fidelity authority on the interpretation of the term “labor leasing firm”, finding that it meant a company that is in the business of placing its employees at client companies for varying lengths of time in exchange for a fee.  The Court concluded that J. Starr was not such a company:

There is nothing in the CSAs to support Telamon’s interpretation of J. Starr as a labor leasing firm.  The CSAs that governed Berry’s employment identify J. Starr and Berry as the “Consultant” and “independent contractor,” and expressly state that “[t]he personnel performing services under this Agreement [i.e., Berry] shall… not be employees of [Telamon].”

 Moreover, the evidence establishes that J. Starr was a one-person consulting company in the business of selling telecommunications equipment to, inter alia, WestWorld Telecom.  Indeed, Telamon’s Chief Operating Officer, Stanley Chen, testified that J. Starr and Berry sold telecommunications equipment before, during, and after Berry’s involvement with Telamon.  Berry provided sales consulting services primarily aimed at Telamon’s major client, AT&T.  Thus, J. Starr was not in the business of providing employees to client companies in exchange for a fee and was not, therefore, a “labor leasing firm” within the meaning of the Travelers Crime Policy.  Instead, Berry was an independent contractor pursuant to the terms of her employment with Telamon.  Telamon even admits this fact.  Therefore, Berry falls outside the coverage grant for theft by “Employees” under the Crime Policy.  [citations omitted]

As a result, the Travelers policy did not afford coverage in respect of Berry’s alleged acts.

Conclusion

Telamon provides a good illustration of the employee-independent contractor distinction found in most crime policies.  The decision demonstrates the importance of assessing whether an alleged defaulter comes within the definition of “Employee” in a theft claim; here, Berry was held out by Telamon as a Vice President, and exercised considerable power over Telamon’s operations and personnel, but performed these duties as an independent contractor.  With more work relationships moving away from the traditional employment contract model, it is essential that fidelity claims professionals ensure that the precise legal status of the alleged defaulter’s work relationship with the insured is established as part of the coverage analysis.

Telamon also provides specific guidance with respect to the meaning of “labor leasing firm” and, arguably, similar terms used in other fidelity coverages.  Although J. Starr did, in the narrowest and most technical sense, supply its (only) worker to another company for payment, the Court rejected Telamon’s attempts to characterize J. Starr as a labour leasing firm, instead focusing on the clear provisions of the CSAs to the effect that Berry served as an independent contractor, rather than as an employee.  This finding is of assistance to fidelity claims professionals who are confronted with creative arguments which attempt to bring similarly-situated workers within the definition of “Employee”.

Telamon Corp. v. Charter Oak Fire Ins. Co. and Travelers Cas. and Surety Co. of Am., 1:13-cv-382-RLY-DML (S.D. Ind. December 10, 2015) [Note: this decision recently came to our attention and does not appear to be accessible online; please contact us if you would like a copy.]

Leave a comment

Filed under Employee Theft

Blaneys Fidelity Year in Review – Fidelity Subrogation Podcast – Fidelity at the OBA

Blaneys Fidelity Year in Review

In 2015, American and Canadian courts released a number of decisions of interest to fidelity claims professionals.   We are pleased to present Blaneys Fidelity Year in Review, which provides summaries of the decisions that appeared on Blaneys Fidelity Blog in 2015.  Blaneys Fidelity Year in Review is available here.

Blaneys Podcast: Fidelity Subrogation and Fraud Recovery

For those fidelity claims professionals dealing with fraud recovery and subrogation in Canada, the Blaneys Podcast series now features our podcast on fraud recovery and fidelity subrogation.  The podcast sets out the different strategies available for identifying and pursuing fraud recovery targets and for maximizing recoveries from defaulters, beneficiaries, co-conspirators, auditors and financial institutions.  The podcast is available here; SoundCloud users may access the podcast here.

Fidelity at the OBA: A Primer on Insurance Coverage (Toronto, May 12, 2016)

The Ontario Bar Association is presenting a program on insurance coverage issues on May 12 in Toronto.  Blaneys’ Chris McKibbin will be presenting on Computer Fraud and Funds Transfer Fraud Coverages in Fidelity and Commercial Crime Policies.  The program also includes presentations on recent developments regarding the duty of good faith and the duty to defend; the “lack of fortuity” defence; and a perspective from the Bench, presented by the Honourable Mr. Justice Jamie K. Trimble.  Co-chairs Laura Hodgins of Liberty and Andrew Mercer of Mercer Law have assembled a fantastic group of speakers, and the program is eligible for four substantive hours of CPD credit.  The program agenda is available here.

Leave a comment

Filed under Computer Fraud, Funds Transfer Fraud, Subrogation, Year in Review