The Eighth Circuit's finding Friday that a bank employee's failure to secure a computer network doesn't nix insurance coverage for a fraudulent transfer loss caused by a hacker bolsters policyholders seeking coverage for digital fraud by laying blame at the hacker's feet despite the employee's negligence, experts say.
In a published opinion, a panel of the appeals court ruled Friday that BancInsure Inc. must foot the bill for a loss suffered by Minnesota-based State Bank of Bellingham after a hacker broke into the bank's computer network and orchestrated a fraudulent transfer to an overseas account.
The Eighth Circuit panel agreed with the lower court's rationale, saying that the Bellingham employee may have failed to follow proper security protocols, but the overriding cause of the bank's loss was still the hacker's criminal conduct.
Anderson Kill shareholder Joshua Gold pointed out that in most instances of computer fraud, insurers can always argue with 20/20 hindsight that the policyholder could have safeguarded money, securities or property better than it actually did. However, if courts accepted those arguments, banks and other policyholders could often have their crime coverage negated, he said.
"That kind of argument, if allowed to stand, would make coverage illusory in too many theft situations," Gold said.