What Is Computer Fraud Insurance Coverage?

••• Computer image by Haris Rauf from Fotolia.com

Computer fraud insurance provides protection against the loss of money, securities or other property using a business's computers, according to the Insurance Risk Management Institute. The coverage may be bought as a stand-alone policy or as a rider to a comprehensive commercial crime policy.

Important Exclusion

Many computer fraud policies do not cover electronic funds transfers from a bank. For example, if hackers use a virus to obtain a company's bank account username and password, and those hackers then use a computer to transfer funds overseas, the computer fraud policy may not cover these types of losses. Business owners should ask if electronic funds transfers are included in the policy, or seek a policy in which both risks are included.

Inside Job

Employers should review any crime insurance they have. Jeffrey Cavignac, writing in the insurance industry newsletter, "Commercial Insurance Update," notes that many employee theft policies may offer limited protection for computer fraud committed by employees while at work. This coverage may not cover all of the loss. Travelers insurance company cites a 2008 survey conducted by the Computer Security Institute that revealed the average yearly amount of loss survey respondents reported as a result of computer fraud was $289,000. Therefore, buyers should check to make sure that computer fraud policies cover threats arising from both inside and outside the firm and that there are few gaps in coverage.

An Example

Travelers also provides an example of when computer insurance coverage may be beneficial: Company A owes Company B money. An employee of Company B hacks into Company A's computers through its website. The employee accesses Company A's accounts payable system. Once inside, she substitutes her own bank account information and routing number for Company B's, causing future payments made to Company B to actual go to her bank account. Travelers indicates that this type of scenario would be covered under a computer fraud policy. On the other hand, if the employee had hacked into Company A's actual bank account to steal the money, Company A should look for this type of action to be covered by an electronic funds transfer policy.

Information and Other Property

Joshua Gold, a shareholder in the law firm of Anderson Kill & Olick, P.C., noted in the July 2008 edition of "Corporate Counsel" that these insurance policies may be subject to other limitations. Theft of trade secrets, confidential information and other business records may not be covered, or their coverage may be subject to limits. These policies also may not cover losses to third parties.