Hacked Company Loses Insurance Battle Over Customer Payment Scam
Hacked Company Loses Insurance Battle Over Customer Payment Scam
2
A company recently faced a significant setback after losing an insurance claim dispute related to funds stolen in a fraudulent email scheme.
Cybercriminals infiltrated the business's email system, sending out fake invoices that directed clients to pay into a bogus bank account.
Consequently, two customers inadvertently transferred a total of $66,148 to the fraudulent account.
Attempts to retrieve this money were unsuccessful, and the customers refused further payments to the company.
The company, holding a management liability insurance policy, sought to claim under its third-party crime coverage to recover the outstanding bills from the customers. However, AIG Australia denied the claim, stating that the policy only addressed "direct financial loss" from theft or fraud by a third party, and argued that since the stolen money belonged to customers, the business itself did not suffer a direct loss.
The Australian Financial Complaints Authority (AFCA) reviewed the case and acknowledged the company's loss. However, it determined that the loss did not align with the policy's specific terms. The ruling emphasized that only the company's customers faced direct financial loss, whereas the company experienced an indirect one due to subsequent non-payments.
The AFCA explained that the hack did not meet the company's policy definition of theft, as the stolen funds belonged to the customers, not the business. This discrepancy meant that the policy's electronic and computer crime coverage was not applicable. Additionally, the policy's criteria for "fraudulent act," which required acts of forgery or counterfeiting the insured had acted upon, were not met since the company was unaware of the false invoices.
This case highlights the critical distinction between direct and indirect financial losses in insurance claims, emphasizing the importance of understanding policy terms. For businesses, particularly those prone to cyber threats, it underscores the significance of having insurance coverage that appropriately addresses loss scenarios stemming from such events. It also serves as a cautionary tale of the complexities involved in recovering from cybercrime attacks without adequate protection.
Moving forward, businesses should ensure robust cybersecurity measures to prevent similar email hacks, coupled with clarifying insurance policies for adequate coverage against indirect financial losses as a result of customer fraud. This scenario may lead insurance providers to reevaluate their product offerings, potentially driving the development of more comprehensive cybercrime coverages. Additionally, the financial sector might witness increased discussions on how to formulate clearer policy definitions that align with the evolving nature of cyber threats.
Published:Tuesday, 11th Mar 2025 Source: Paige Estritori
The Australian government has unveiled its inaugural National Climate Risk Assessment alongside a comprehensive National Adaptation Plan, highlighting the heightened impact of natural disasters on insurance accessibility across the nation. With an urgent call to action, the government acknowledges the impending climate threats and commits to intensifying efforts towards emission reduction. - read more
The Australian Securities and Investments Commission (ASIC) has announced an extension of the exemption allowing general insurance providers to forego appointing product distributors as authorised representatives. This decision comes with the introduction of a new legislative instrument, 2025/520, which renews the previous framework, originally established under instrument 2015/682. The relief will now continue until August 27, 2030. - read more
The recent cyberattack on Fortnum Private Wealth, accompanied by ASIC's legal action, has spotlighted the critical risks cyber threats pose to financial advice companies in Australia. With digital integration intensifying across the finance sector, the owner of Fortnum, Entireti, plans to defend the case, underscoring the necessity for ongoing vigilance in cybersecurity measures. - read more
Welcome to our guide on the step-by-step process for tradespeople to submit an insurance claim. Navigating the insurance claim process can often be daunting, especially for busy tradespeople who are focused on their day-to-day operations. In this article, we'll walk you through each stage, making the process simple and straightforward. - read more
Whether you're a carpenter, electrician, plumber, or any other type of tradesperson, your work is essential to keeping homes and businesses running smoothly. But have you ever thought about how important insurance is for your trade business? - read more
Running a trade business in Australia comes with its own set of unique challenges and risks. Whether you're an electrician, plumber, builder, or any other type of tradesperson, protecting your livelihood is crucial. - read more
Dictionary
Insurance Policy Excess
noun
The amount you will have to contribute when you make a claim.
