The Eastern District
of Michigan recently entered summary judgment in favor of an insurer in a
coverage dispute concerning a computer fraud provision in American Tooling
Center, Inc. v. Travelers Cas. & Sur. Co. of America, 2017 WL 3263356.
An insured
manufacturer outsourced some of its operations to overseas manufacturers. The
insured customarily paid its vendors through wire transfers after receiving
email invoices. A third party sent a counterfeit invoice to the insured using a
confusingly similar email address to that used by one of the insured’s Chinese
vendors. The third party requested the insured send the requested funds to an
account different than the one traditionally used by the vendor. The insured
transferred approximately $800,000 to the fraudster’s account without verifying
the new banking instructions. The insured filed a claim under its Travelers
policy when it discovered the fraud.
The policy covered
“direct loss of, or direct loss from damage to Money, Securities and Other
Property directly caused by Computer Fraud.” “Computer Fraud” was defined to
include “[t]he use of any computer to fraudulently cause a transfer of Money,
Securities or Other Property.…” Travelers denied coverage, arguing that the
insured’s loss was not a “direct loss” that was “directly caused by the use of
a computer.”
The Eastern District
of Michigan agreed with Travelers, granting its Motion for Summary Judgment.
The court cited Sixth Circuit case law defining the term “direct” as
“immediate, without anything intervening.” It reasoned that the fraudulent
emails that resulted in the loss “did not directly or immediately cause the
transfer of funds.” Rather, multiple intervening events took place between the insured’s
receipt of the emails and the insured’s transfer of funds, including the
verification of production of milestones, the transfer authorization, and the
fund transfer itself. The email in this case was “merely incidental” to the
insured’s loss, which could have been brought about by other means of
deception. “To interpret the computer-fraud provision as reaching any
fraudulent scheme in which an email communication was part of the process
would…convert the computer-fraud provision to one for general fraud.”
As hacks, phishing
schemes, and other computer intrusions become more prevalent in everyday life,
the need for computer fraud insurance is increasing. We expect the American Tooling case to be the
first of many opinions which clarify the circumstances under which an insured
does or does not suffer a “direct loss” that is “directly caused by computer
fraud.”
