Fifth Circuit Says "Computer Fraud" Requires More Than "Incidental" Use Of A Computer
Time 2 Minute Read
Categories: Cyber

In a seemingly illogical decision, the Fifth Circuit Court of Appeals ruled in Apache Corp. v. Great American Ins. Co., No 15-20499 (5th Cir. Oct. 18, 2016), that loss resulting from a fraudulent e-mail did not trigger coverage under a crime policy's "computer fraud" coverage because the loss was not the "direct result" of computer use.

Apache involved a fraudulent inducement of the policyholder, Apache Corporation, to wire $7 million in invoice payments to a fraudulent bank account under the belief that the account was that of a vendor, Petrofac. The inducement was precipitated by a phone call and confirmed with a fraudulent e-mail that purported to be on Petrofac letterhead. The fake letter also included a phony telephone number, which Apache personnel used to confirm the change request. Shortly after the transfers, Apache was notified that Petrofac had not received its payments that had been made to the new, and fraudulent, bank account. Apache recouped a portion, but not all, of the payments. Apache sought to recover the balance from its insurer.

The district court awarded summary judgment in favor of Apache. On appeal, the Fifth Circuit reversed finding that the loss did not result directly from the use of any computer. Rather, as the court explained, the email was part of the scheme, but, the email was merely incidental to the occurrence of the authorized transfer of money. Thus, the court concluded that to interpret the computer-fraud provision as reaching any fraudulent scheme in which an email communication was part of the process would convert the computer-fraud provision to one for general fraud.

Not only is Apache indicative of the ease by which imposters can fraudulently induce payment of millions of dollars by unwary policyholders, but the decision is illustrative of the significant gaps in coverage that still exist for cyber and other technology-related losses. A review of Apache's so-called computer fraud coverage by experienced coverage counsel would likely have identified that Apache's narrow coverage applied only where the loss resulted directly from the use of a computer, thus affording Apache an opportunity to negotiate a broadening of its coverage so that it actually protected its accounts payable operations.

  • Partner

    Mike is a Legal 500 and Chambers USA-ranked lawyer with more than 25 years of experience litigating insurance disputes and advising clients on insurance coverage matters.

    Mike Levine is a partner in the firm’s Washington, DC ...

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Authors

Archives

Jump to Page