Account Takeover Fraud – Chubb’s New Cyber Fraud endorsement to the Bankers Blanket Bond

I recently had a chance to discuss their new Cyber Fraud endorsement with George Allport, Chubb’s Financial Fidelity Product Manager.  We had been talking about the coverage implications for community banks that have commercial customers experiencing account takeover fraud.  The discussion was timely, as the number of commercial customers experiencing account takeovers accelerates, and as banks are increasingly brought into the resulting loss.

Account takeover is a form of identity theft in which the fraudster assumes the identity of the victim, and then instructs the bank to transfer funds out of the account.  What appears to be a legitimate request turns out not to be.

The following is a summary of my discussion with George in Q&A form:

Chubb has introduced a newly available endorsement to the Bankers Blanket Bond.  The endorsement clarifies coverage for the insured Bank when it executes fraudulent online banking transfers on behalf of a commercial customer.  Can you describe the coverage and why it is being introduced now?

Cyber Fraud is Chubb’s new endorsement to our ForeFront Security bond for community banks. We created the endorsement for several reasons including:

  • The coverage for computer-related crime in many bankers blanket bond policies is out of date; it doesn’t reference current technologies or address future technologies. Chubb’s Cyber Fraud endorsement addresses current and future means for carrying out computer-related banking transactions.  For instance, we have expanded the definition of fraudulent communications to include “a message, including an email or an attachment to an email”.  This broader definition of “communication” will help the policy stay current with banking technology as it evolves.
  • Many fidelity bonds require the bank to call back a customer who has initiated a transfer of funds by telephone or by fax to authenticate the customer’s instructions. As technology advances, there will be many other ways of authenticating oral, faxed or emailed instructions that are just as good as a phone call or even better.  Chubb’s Cyber Fraud endorsement allows the bank to use its best efforts to authenticate instructions without requiring any specific method.  This means the bank can keep up with the best new technologies, without needing to update its coverage.

Have brokers and insureds been asking for this clarification, or does it come from Chubb’s recognition that the form needs to be updated in response to new types of fraud?

We recognized that there are new types of fraud and the old bond language is just not clear as to how it addresses them. Once we had decided to develop a new endorsement to address this issue, we elicited feedback from brokers and community banks throughout the development process, and we received very positive responses to our ideas.

If a Bank is sued for executing the fraudulent transfer instructions, does it have coverage for potential defense costs and judgments or settlements?  (If not, where might it look for coverage?)

We know that account takeover fraud continues to be a significant issue for banks and for their customers. Under current regulations, a bank that transfers funds may not be responsible for the customer’s loss if it is later found out that the transfer instructions were fraudulent. However, this situation may result in a lawsuit by the customer against the bank.  If the bank is sued, Chubb’s Cyber Fraud endorsement includes a liability insuring agreement called Failure to Stop Cyber Fraud. This provides liability coverage to the bank for defense costs and indemnification for direct damages arising out of the lawsuit.

Chubb’s Cyber Fraud endorsement provides the bank with the liability coverage it needs for this situation. Without this liability protection, the bank may have coverage under its bankers’ professional liability policy. However, many bankers’ professional liability policies do not address this exposure or may contain exclusions related to the provision of on-line services or data processing services.

Where can our readers get more information about this new endorsement, and will it be available to most of your insureds?

Our Cyber Fraud endorsement is available to any community bank insured on our ForeFront Security for Community Banks bond form. We will ask some additional underwriting questions, but we do not require an additional application.

Anyone who would like more information can contact me at gallport@chubb.com.  Of course, if they are already a Chubb insured, they can ask their agent or broker.

Thank you George; this is a welcome coverage improvement for community banks.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s