Many policyholders consider they’re lined for theft, fraud, and forgery when their computer systems are hacked, and they’re duped out of cash. They learn their insurance policies’ phrases concerning theft, fraud, and forgery and fairly assume that if somebody steals their cash by deception, the insurance coverage will reply. A current unpublished South Carolina appellate determination involving a $250,000 wire switch loss exposes simply how unsuitable that assumption could be. 1
On this case, a legislation agency’s e-mail system was compromised. A trusted worker obtained what gave the impression to be professional directions from the agency’s principal to wire funds. The worker did precisely what she was imagined to do. The cash was despatched. Solely later did everybody notice {that a} hacker had been orchestrating your entire alternate. The funds had been gone.
The policyholder turned to its insurance coverage service, pointing to a number of provisions that appeared to offer protection—cash and securities protection, theft protection, and forgery endorsements. From a common sense perspective, this seemed like a textbook lined loss. In any case, if this isn’t theft or fraud, what’s?
The insurer noticed it very in another way. The denial rested on the “false pretense” or “voluntary parting” exclusion. That clause eliminates protection the place the insured or its worker “voluntarily” transfers property, even when induced by fraud. In different phrases, if you’re tricked into sending the cash, the insurer claims it’s not theft in the best way the coverage contemplates.
The policyholder argued that this interpretation made no sense. How can a switch be “voluntary” if it was induced by deception? This argument and consider is a typical one in a lot of these circumstances. The appellate courtroom, nevertheless, sided squarely with the insurer.
The courtroom held that the coverage was unambiguous. It reasoned that endorsements offering protection for theft or cash losses remained topic to exclusions, together with the false pretense clause. It additional concluded that the worker’s act of wiring the cash was “voluntary” as a result of she meant to make the switch, although she was deceived in regards to the motive for the switch. The truth that a hacker orchestrated the fraud didn’t change the characterization of the switch.
The courtroom additionally rejected the argument that the forgery endorsement utilized. It narrowly construed that protection to use to conventional devices like checks or promissory notes, to not emails or invoices demanding cost.
This determination shouldn’t be an outlier. It displays a nationwide pattern. Courts are drawing a vibrant line between pc hacking losses that set off particular cyber or funds-transfer fraud protection and social engineering schemes the place an worker is duped into sending cash. Within the latter class, the pattern is to seek out that the voluntary parting exclusion prevails.
Most conventional property insurance policies had been written for a unique period. They had been designed to handle bodily theft, worker dishonesty, and paper-based fraud. They weren’t developed in an period to deal with phishing emails, spoofed domains, or refined cyber deception. But many companies proceed to depend on these legacy varieties, believing that broad phrases like “theft” or “fraud” will cowl trendy dangers. They usually don’t.
The lesson is that protection for a lot of these losses should be bought explicitly. Trendy cyber insurance policies and specialised social engineering endorsements are designed to fill this hole. They deal with exactly the state of affairs that defeated the policyholder on this case: a licensed worker, performing in good religion, is manipulated into transferring funds to a felony. With out that particular cyber and social engineering protection, policyholders are left arguing in opposition to exclusions that courts routinely implement.
Insurance coverage is meant to offer safety in opposition to unexpected dangers. Few dangers are extra foreseeable at present than cyber fraud. When insurance policies promise safety in opposition to theft and fraud however fail in the most typical real-world state of affairs, it raises professional questions on whether or not the trade is preserving tempo with the dangers it purports to cowl. The trade ought to make a lot of these protection within the major protection varieties except the policyholder opts out.
For policyholders, nevertheless, the lesson is sensible, not philosophical. Don’t assume that yesterday’s coverage language will defend in opposition to at present’s cybercrimes. Policyholders and their brokers should ask direct questions on cyber losses and social engineering fraud. Be certain the coverage bought covers these perils. Pc scams and hacking at the moment are a significant threat.
For these thinking about studying extra about cyber and social engineering losses, I counsel studying The Cyber Insurance coverage Bait and Swap No one Desires to Admit.
Thought For The Day
“South Carolina is simply too small for a republic and too giant for an insane asylum.”
— James L. Petigru
1 Speights v. Chubb Restricted, No. 2023-001845, 2026 WL 1165625 (S.C. App. Apr. 29, 2026). See additionally, Policyholder Transient and Insurer Transient.