According to the Department of Justice and the Federal Trade Commission, the nation’s computer fraud problem is increasing on a yearly basis. Those using computers to perpetrate their crimes have introduced the business community to a plethora of risks that are typically uninsured by traditional insurance policies. However, there are several insurance products designed to protect against the risks posed by those intent on using computers to carry out their crimes.
One such risk involves the loss of property resulting from computer fraud. The Department of Justice generally defines computer fraud (or Internet fraud) as any type of scheme that relies on the Internet to present fraudulent transactions, or to transmit the proceeds of fraud to others connected with the scheme. Such schemes often use chat rooms, e-mails, message boards, and Web sites to perpetrate the fraud.
Funds transfer (or wire transfer) fraud is another type of computer fraud which may result in significant losses to a business. Although a computer is not necessarily required to execute a fraudulent transfer of funds, a common scenario involves the transmission of an electronic instruction to a bank which appears to have been given by a company’s authorized representative, when the instruction was in fact sent by someone else without the company’s knowledge or consent. In these cases, a fraudulent e-mail may have been sent to the financial institution or the perpetrator may have fraudulently gained access to a company’s online banking account.
A typical crime insurance policy may provide coverage for losses resulting from these kinds of computer fraud. Additionally, since an estimated 75% of employees reportedly steal from their employers, a business may increase the scope of protection afforded by a crime policy if employee theft coverage is also obtained.
In addition to these typical coverages, products aimed at specific computer-related risks may also be obtained. For example, if a business relies on electronic data, computers or networks to support its critical operations, it may be especially vulnerable to computer-related criminal activity. In such instances, a business should be insured against any criminal activity which constitutes a denial of service attack, which jeopardizes the ability to protect sensitive client data, or which otherwise causes network damage, such as unplanned network interruption or electronic infection.
If a business stores sensitive information, then insurance may be obtained to protect against security breaches resulting in privacy injuries, such as identity theft. Insurance may also help cover the often substantial cost of complying with security breach notice laws, which may require notice to those individuals affected by a breach of security involving their non-public, personal information.
For those seeking comprehensive coverage for many of the risks faced by those businesses relying on computers and networks, various insurance products offer protection against privacy injury liability, security and content injury liability, qualifying professional liability, extortion, and network loss. Some policies even provide business interruption coverage for network dependent income.
Given the variety of products in this market, a comprehensive risk analysis must be undertaken to determine the precise risk in any particular situation and to avoid duplicate coverage or gaps in coverage. Failing to understand the risk may lead to a policy that does not adequately address the risk.
Those dependent on computers and networks for the continued and successful operation of their business face developing and sophisticated computer-related risks to their bottom-line. However, the right insurance policy can go a long way toward neutralizing the threat.
If you would like more information about insuring against crime, including computer fraud, please contact us.