I am going to try to convince you to purchase a really good cyber policy. And I am not talking about your run of the mill cyber policy. I am talking about paying for the right policy. No. . .not because the CFPB is going to make you buy one. (Query whether compliance with Pillar #6 requires a cyber policy in addition to an E&O Policy at this point in time.) I am going to try to talk you into not only purchasing a cyber policy, but perhaps additional policies as well — mostly because I worry about you. A couple of months ago, in an earlier edition of The Quill, I told you my own experience with would be cyber thieves. They failed in their endeavor to steal my money, largely because I had been exposed to some of the stories that are out there and I sniffed them out. However, by and large, I am not a target for these schemes because I don’t have any where near the volume flowing through my trust account that you all do. I recently came across yet another horror story, this time told by a NATIC VP located in Ohio. The story goes like this: A closing agent received a purchase contract from one of their trusted referral sources for property worth $1.6M, along with an earnest money check for $300,000. What the Agent did not know was that the Realtor had never met the prospective buyer, an alleged physician in Canada. The buyer backed out of the deal due to alleged deficiencies with the structural integrity of the home. The buyer asked for the earnest money to be returned by wire and sent wiring instructions from what appeared to be a fax machine at a medical facility. Prior to initiating the wire, the Agent called it’s Bank to verify that the funds had been credited to its trust account. The Bank confirmed that the funds had been credited to their Trust Account. The wire to the prospective buyer was sent 14 days after the earnest money check was initially deposited. Three days later, the Bank informed the Agent that the check was fraudulent. [If you want to read about all the details of this case, e-mail me and I will forward to you the NATIC piece prepared by Michael Holden.]
The Agent in question had three insurance policies in place: an E&O policy, a Cyber Policy and an Escrow Security Policy. The Agent filed claims under all three policies. The Cyber Policy carrier denied the claim because the loss was not caused by a breach of a physical system. In other words, the cyber thief didn’t hack into the Agent’s computer system and steal the money. The carrier of the Escrow Security Policy also denied the claim choosing to interpret the events that occurred as “fraud” and not as a “theft”. For reasons that are likely obvious to us, the E&O Carrier also denied the claim. The result…the Agent went out of business.
First and foremost, it is incumbent that you have proper protocols in place to discover and deter these kinds of thefts. Perhaps only slightly less important, buy a policy that protects you from check fraud or wire fraud. Don’t make any assumptions. Read the covered risks very carefully. If these kinds of acts are not covered by your Cyber Policy, consider purchasing a separate Crime Policy.
Also in this edition…