The only thing worse than being a fraud victim is finding out afterwards that your “cyber” coverage actually does not cover you the way you thought it did.
Not all insurance policies are created equal, and unless you know what to ask for, your coverage may leave you empty handed.
In the insurance world, the term “Cyber” has taken on a broad range of perils. As a title agent, it is important to know the various exposures surrounding “cyber” risks and how to properly protect your agency.
A Breakdown of Cyber Risks and Coverage
Examples of cyber coverage include:
- Data breach
- Privacy liability
- Computer crime
- Funds transfer fraud
- Breach mitigation
- Business interruption
- PCI fines
- Cost to notify
- Fidelity
- Fraudulently induced wire transfers
Much of the separate “cyber liability” policies follow the same insuring agreements and coverages, but the sublimits of those coverages are what differentiates them.
With one exception, all of the examples of cyber risks mentioned above are covered by the major cyber carriers. Fraudulent wire transfers is the one coverage line where you’ll see significant differences. One leading insurer used to offer $1M limits, but is now down to $500k. Others specifically exclude the coverage or have low sublimits.
Unfortunately, many insurance carriers will cover only specific cyber scenarios, if any at all. Some title agent E&O policies actually exclude coverage for losses involving cyber aspects.
It is important to note that there is a difference between 1st and 3rd party coverages, as well. A policy could cover “data breach,” for a 3rd party, but not cover your agency (1st party) for the same loss.
The Truth is in the Details
Everyone knows that there has been a dramatic increase recently in the number of fraudulently induced wire transfers. You would think that “funds transfer fraud” coverage on one of your policies would cover such a loss. This is where the definition and insuring agreement are important.
A policy could cover “funds transfer fraud,” but exclude coverage if the insured (you) had any involvement in the transfer. It is always a good idea to work with an insurance agent who knows the title industry, and periodically review different factual scenarios with them to be sure you are buying what you really need. As with any insurance product, the coverage is set out in the policy (not marketing materials or articles) and for that reason it is important to read and understand your policies.
Policy Options (generally)
- Cyber Liability/Data Breach Policy: A full, separate, cyber policy to include 1st and 3rd party coverages as well as fraudulently induced wire transfers.
- Business Owners Policy (“BOP”, GL, Property): Endorse your “BOP” to include a broadening cyber endorsement. Not as comprehensive as a separate cyber policy, but is a cost effective option. Review 1st vs 3rd party and wire fraud coverages.
- Title Agents E&O: Endorse your title agents E&O policy to include a cyber form. Few carriers have this option. Limited coverage. Generally 3rd party coverage only.
- Fidelity Bond: Generally 1st party coverage only. Endorse your fidelity bond to include computer crime, funds transfer fraud, social engineering. Many of your fidelity bond carriers now offer these coverage lines.
You are the first line of defense. Educate your employees on the risks and set policies/procedures to help mitigate these losses…
…and buy the RIGHT insurance.
by Matt Becraft and Howard Turk
Howard Turk is the President of ProsperitasForward, a consulting firm led by a team of title insurance veterans, formed to help title agencies improve top line revenue and bottom line results. ProsperitasForward offers a blend of new-age and traditional approaches designed to build strong, high-performance cultures. Howard can be reached at 310-294-9199, or .
Matt Becraft runs the Professional Liability Division of Sandy Spring Insurance. Matt can be reached at 410-897-5807, or by email.