bank cyber insurance cyber liability insurance banking cyber coverage bank insurance

Bank Cyber Insurance – Key Issues

Bank cyber insurance is the most requested topic for my bank insurance clients. Cyber liability is a part of almost every conversation.

Insurers have built the bank cyber policies to mesh with the bank bond and bankers management liability insurance. Exclusions and coverage limitations have been added to the basic bank insurance policies, making bank cyber insurance (AKA e-banking insurance) a necessity. Buy it. If you don’t have it, buy it now.

Suppose that your computer system is hacked and private data is breached. Customer information is in the hands of the bad guys. Lawsuits will be filed based on your failure to protect customer privacy, breach of duty, and lost business opportunities.

Bank cyber liability insurance is concerned with liability claims that come from computer systems, Internet banking, and electronic commerce.

First, recall that your financial institution bond provides coverage for your loss of money due to computer theft and fraud losses. The “injuries” to third parties and subsequent legal actions triggered by Internet and computer use are the realm of bank cyber liability insurance.

As with most bank specialty insurance policies, bank cyber liability policies are unique to each insurance carrier and must be studied carefully. The following are some common coverage sections and considerations.

 

Coverage – Cyber Liability Loss Event Protection

The basic policy includes coverage for bank cyber liability claims that arises out of any unauthorized use of, or unauthorized access to, electronic data or software within your covered electronic business systems. Coverage is also usually included for bank cyber liability claims of spreading a virus or malicious code, computer theft, extortion, or any unintentional act, mistake, error, or omission made by your employees or your subcontractors in the course of their duties for your bank.

 

Policy Aggregate

Most policies include a limit per claim and an aggregate limit that caps your total bank cyber liability coverage for the combination of all claims. Be aware of what coverage sections in your bank cyber liability insurance are included in the aggregate.

 

Coverage – Cyber Business Income Loss

In the event that your e-banking system goes down, you may (so the theory goes) lose income or incur extra expenses in advertising. This section provides coverage for such losses. While most insurers provide this in bank insurance policies, I’m not convinced its all that valuable. Banks don’t lose money when their computers are shut down – not like a web-retailer, for example.

 

Coverage – Intellectual Property Liability

Indemnifies the bank from the liability caused by the inappropriate use of the intellectual property of others on a Web site or e-banking facility. Can include copyright infringement, theft of ideas, and trademark misuse. Note that most policies exclude patent infringement.

 

Coverage – Public Relations Expenses

Provides payment for the use of public relations firms and advertising to mitigate the damage to public perception should a privacy/data/or cyber breach occur. (Note: Your bank faces enormous risks for events that cause a loss of reputation. Public relations expense coverage in your e-banking liability insurance funds a relatively minor part of your overall reputation risk exposures. How’s your risk management plan?)

 

Privacy Breach Remediation Expenses

A hacker gets into your computer system. Private customer data is released. Your bank’s e-banking insurance will/should provide coverage for lawsuits that come from the breach. How about the expenses of informing customers of the breach and providing credit tracking services?

Review the limits of coverage you have for the expenses of mitigating a data breach in your bank computer system. Costs can include legal fees in building the letters to send to customers, the cost of printing and mailing, cost of a call-center to answer customer questions, costs of credit watch services. Even the smallest bank should have $500,000 of mitigation expense coverage.

 

Policies Involved In Cyber Protection

–Bankers Fraud Bond (AKA The Bond or The Financial Institutions Bond)

–Cyber Liability Policy

–Management Liability Policy

–Computer Coverage (AKA Inland Marine or EDP)

–Business Property Coverage

–Equipment Coverage (AKA Machinery Coverage or Boiler & Machinery Insurance)

 

What Should You Do Now?

Well, take action! Let’s set up a call to talk about your bank’s insurance. My practice is 99% bank insurance. Of that, I spend about 75% of my time with bankers talking about cyberbanking insurance issues. Let’s discuss your current situation and come up with a plan of action.  Most banks start with a review of coverage.  We can review your cyber issues or all your bank insurance coverages. Call me at 207-284-0085 or email Scott@ScottSimmonds.com.