Sixth Circuit Finds Insurer Obligated to Cover Loss from Fraudulent Email Scheme

The U.S. Court of Appeals for the Sixth Circuit, applying Michigan law, has held that the computer fraud provision of a commercial crime policy covers losses from wire transfers sent by the insured pursuant to fraudulent emails.  American Tooling Ctr., Inc. v. Travelers Cas. & Sur. Co., 2018 WL 3404708 (6th Cir. Jul. 13, 2018).

The insured manufacturer outsourced some of its manufacturing work to vendors.  One of those vendors was a Chinese manufacturer; the insured company paid for the manufacturer’s work by wire transfer.  In 2015, the company received a series of emails from a third party purporting to be an employee of the manufacturer.  The emails requested that the insured make its wire payments to a different bank account because of an audit.  Over the course of several weeks, the insured company wired $834,000 to that account.  When the insured’s actual contact at the manufacturer demanded payment for outstanding invoices, the insured realized that it had been communicating with an imposter and wiring money to the imposter’s account.  The company’s insurer concluded that the crime policy did not afford coverage for the loss, and the insured sued for breach of contract.  The district court granted summary judgment in an opinion here.

On appeal, the Sixth Circuit reversed, holding that the insured company suffered a “direct loss,” and that the loss was “directly caused by Computer Fraud” as set forth in the policy.  The insurer argued that there was no “direct loss” because the insured performed a series of internal approval procedures that broke the causal connection between the request and when the loss occurred.  The appeals court rejected this argument, explaining that the insured “immediately lost its money when it transferred the [funds] to the impersonator,” which the court found represented a “direct” loss resulting from an “immediate” or “proximate” cause, as distinct from “remote or incidental causes.”  In addition, the court held that the insured met its burden of showing that the fraudulent emails were the immediate, and therefore “direct,” cause of its loss.

The appeals court also concluded that the scheme constituted “Computer Fraud” under the policy.  The policy defined “Computer Fraud” as “[t]he use of any computer to fraudulently cause a transfer of Money, Security or Other Property from inside the Premises . . . to a person . . . outside the Premises[.]”  The insurer argued that this definition requires a computer to actually cause the transfer, suggesting that the definition is limited to instances where the perpetrator gains access to or somehow controls the insured’s computers, which did not happen in this case.  The court rejected that rationale and concluded that limiting the definition of “Computer Fraud” to certain criminal behavior was not supported by the policy language, as the operative definition does not require that the fraudster cause any computer to do anything.

Finally, the court held that three policy exclusions raised by the insurer did not apply to bar coverage for the loss.

Tags

Wiley Executive Summary

Sign up for updates

Wiley Rein LLP Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek