Commercial Crime Policy Covers Loss Involving Fraudulent Email Directing Employee to Make Payments

March 4, 2022

The United States Court of Appeals for the Ninth Circuit, applying California law, has held that a loss resulting from an employee’s payments made to a third party after receiving fraudulent emails directing her to wire funds to an outside organization was covered under Computer Fraud and Funds Transfer Fraud coverages under a commercial crime policy. Ernst & Haas Mgt. Co. v. Hiscox, Inc., 23 F.4th 1195 (9th Cir. 2022).

An accounts payable clerk at an insured property management company received an email, purportedly sent by the founder of the company, directing her to wire money to an outside organization. She made two wire transfers totaling $200,000 before speaking with the founder and learning that the emails were not legitimate, resulting in a net loss of $200,000.

The company sought coverage under a commercial crime policy for its loss, which afforded Computer Fraud coverage for certain losses “resulting directly from the use of any computer to fraudulently cause a transfer of that property” from the insured’s business or its bank to a person or place outside the insured’s business or its bank. The policy also provided Funds Transfer Fraud coverage for loss “resulting directly from a [Fraudulent Instruction] to transfer, pay or deliver money” from the insured’s bank account. The policy defined a Fraudulent Instruction as including an “instruction initially received by [the insured] which purports to have been transmitted by an Employee but which was in fact fraudulently transmitted by someone else without [the insured’s] or the Employee’s knowledge or consent.” After the insurer denied coverage for the claim, coverage litigation ensued. In that coverage litigation, the district court dismissed the insured company’s lawsuit after concluding that the loss resulted from the employee’s initiation of the wire, not from the fraudulent email directing her to initiate the wire.

On appeal, the Ninth Circuit reversed. First, the court rejected the district court’s conclusion that the Computer Fraud coverage was limited to loss from “unauthorized computer use, like hacking.” The Ninth Circuit also found that the fraudulent emails were the direct cause of the loss, rejecting the district court’s ruling that the payments did not result “directly” or “immediately” from the computer fraud. Second, the court ruled that the Funds Transfer Fraud coverage also applied, rejecting the insurer’s argument that coverage was limited to fraudulent instructions sent directly from an unauthorized third party (and not an authorized employee) to a bank. For both reasons, the court ruled that the policy responded to the loss.

Practice Areas

Wiley Executive Summary

Sign up for updates

Wiley Rein LLP Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek