Eleventh Circuit Holds No Coverage for Online Banking Theft

The United States Court of Appeals for the Eleventh Circuit, applying Georgia law, has held that no coverage exists under a business owner’s policy for the online theft of funds from an insured’s bank account.  Metro Brokers, Inc. v. Transportation Ins. Co., 2015 WL 925301 (11th Cir. Mar. 5, 2015).  In so holding, the Eleventh Circuit concluded that coverage was precluded for the online theft both because the electronic transfers did not fall within the policy’s forgery provision, and the policy contained an exclusion for losses caused by malicious code.

The insurer issued a business owner’s policy to the insured, a real estate brokerage firm.  The policy contained a forgery provision, providing specified coverage for loss “resulting directly from ‘forgery’ or alteration of, on, or in any check, draft, promissory note, bill of exchange, or similar written promise, order or direction to pay a sum certain,” and defined “forgery” as “the signing of the name of another person or organization with intent to deceive.”  The policy also contained a malicious code exclusion, precluding coverage for loss “caused directly or indirectly” from “malicious code,” which was defined in the policy to include, among other things, “computer viruses.”  The insured real estate brokerage firm maintained bank accounts with a third-party bank and used that bank’s online system to make payments from its accounts.  Thieves logged into the bank’s online system with login credentials they obtained from an employee of the insured using a key-logger computer virus.  The thieves authorized over $188,000 in payments from a client escrow account to several other bank accounts.  The insured filed a claim under the policy, seeking coverage for the unrecovered amounts stolen from its bank accounts.   The insurer denied coverage, citing the policy’s forgery provision and malicious code exclusion.  In this subsequent coverage action, the district court granted summary judgment in favor of the insurer, and the insured appealed.

On appeal, the Eleventh Circuit held that the policy’s forgery provision did not provide coverage for the stolen funds.  The court held that the electronic fund transfers by the thieves did not involve a “check, draft, promissory note, [or] bill of exchange,” nor did the transfers constitute a “written promise, order or direction to pay” that was “similar” to the enumerated instruments.  Specifically, the court observed that both federal and Georgia law distinguish electronic fund transfers from traditional banking transfers made by check, draft, or bill of exchange, citing the federal Electronic Transfer Fund Act and the Georgia Uniform Commercial Code.  In addition, the court found that the theft did not involve the “signing of [a] name,” even though the policy provided that electronic signatures would be considered the same as handwritten signatures, because there was no evidence that the login credentials constituted a “signature.”  In so holding, the court declined to apply Allstate Insurance Co. v. Renshaw, 258 S.E.2d 744 (Ga. Ct. App. 1979), which held that the theft of an insured’s bank card and PIN constituted a “forgery” under the homeowner’s policy at issue because that policy did not define “forgery.”

The appellate court also concluded that coverage was precluded by the policy’s malicious code exclusion.  In so holding, the court rejected the insured’s argument that the computer virus did not in fact “cause” its loss because of the intervening conduct of the thieves.  The court concluded that the broad, unambiguous language of the exclusion precluded coverage “regardless of any other cause or event that contributes concurrently or in any sequence to the loss.”

Categories

Wiley Executive Summary

Sign up for updates

Wiley Rein LLP Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek