bank cyber insurance cyber liability insurance banking cyber coverage bank insurance

Bank Cyber Insurance – Key Issues

Bank cyber insurance is the number one topic I get calls on in my bank insurance consulting practice.

Insurers have built the bank cyber policies to mesh with the bank bond and bankers management liability insurance. Exclusions and coverage limitations have been added to the basic bank policies, making bank cyber insurance (AKA e-banking insurance) a necessity. Buy it. If you don’t have it, buy it now.

Suppose that your computer system is hacked and private data is breached. Customer information is in the hands of the bad guys. Lawsuits will be filed based on your failure to protect customer privacy, breach of duty, and lost business opportunities.

Bank cyber liability insurance is concerned with liability claims that come from computer systems, Internet banking, and electronic commerce.

First, recall that your financial institution bond provides coverage for your loss of money due to computer theft and fraud losses. The “injuries” to third parties and subsequent legal actions triggered by Internet and computer use are the realm of bank cyber liability insurance.

As with most bank specialty insurance policies, bank cyber liability policies are unique to each insurance carrier and must be studied carefully. The following are some common coverage sections and considerations.

 

Coverage – Cyber Liability Loss Event Protection

The basic policy includes coverage for bank cyber liability claims that arises out of any unauthorized use of, or unauthorized access to, electronic data or software within your covered electronic business systems. Coverage is also usually included for bank cyber liability claims of spreading a virus or malicious code, computer theft, extortion, or any unintentional act, mistake, error, or omission made by your employees or your subcontractors in the course of their duties for your bank.

 

Policy Aggregate

Most policies include a limit per claim and an aggregate limit that caps your total bank cyber liability coverage for the combination of all claims. Be aware of what coverage sections in your bank cyber liability insurance are included in the aggregate.

 

Coverage – Cyber Business Income Loss

In the event that your e-banking system goes down, you may (so the theory goes) lose income or incur extra expenses in advertising. This section provides coverage for such losses.

 

Coverage – Intellectual Property Liability

Indemnifies the bank from the liability caused by the inappropriate use of the intellectual property of others on a Web site or e-banking facility. Can include copyright infringement, theft of ideas, and trademark misuse. Note that most policies exclude patent infringement.

 

Coverage – Public Relations Expenses

Provides payment for the use of public relations firms and advertising to mitigate the damage to public perception should a privacy/data/or cyber breach occur. (Note: Your bank faces enormous risks for events that cause a loss of reputation. Public relations expense coverage in your e-banking liability insurance funds a relatively minor part of your overall reputation risk exposures. How’s your risk management plan?)

 

Privacy Breach Remediation Expenses

A hacker gets into your computer system. Private customer data is released. Your bank’s e-banking insurance will/should provide coverage for lawsuits that come from the breach. How about the expenses of informing customers of the breach and providing credit tracking services?

Simply put, there is usually no coverage in most bond, D&O, or e-banking insurance policies for these expenses. Some insurers add coverage by endorsement (and separate charge). Some offer coverage within the package policy (Chubb and OneBeacon, namely). I have seen coverage endorsed to the bond and to the D&O policy. Talk with your insurance advisor to see how your insurance responds to these issues.

 

Policies Involved In Cyber Protection

–Bankers Fraud Bond (AKA The Bond or The Financial Institutions Bond)

–Cyber Liability Policy

–Management Liability Policy

–Computer Coverage (AKA Inland Marine or EDP)

–Business Property Coverage

–Equipment Coverage (AKA Machinery Coverage or Boiler & Machinery Insurance)

 

What Should You Do Now?

Well, take action! Let’s set up a call and talk. I spend about 75% of my time with bankers talking about cyber insurance issues. Let’s discuss your current situation and come up with a plan of action.  Most banks start with a review of coverage.  We can review your cyber issues or all your bank insurance coverages. Call me at 207-284-0085 or email Scott@ScottSimmonds.com.