FIFTH CIRCUIT EXAMINES CRIME-PROTECTION INSURANCE POLICY AND FINDS NO COVERAGE FOR LOSS CLAIMED UNDER “COMPUTER FRAUD” PROVISION
Last Tuesday, the Fifth Circuit analyzed coverage for a loss claimed under a “Computer Fraud” insurance provision and found that no coverage was afforded under the facts presented, and rendered judgment in favor of the insurer as a matter of law. In Apache Corporation v. Great American Insurance Company, 2016 WL 6090901 (5th Cir. October 18, 2016), an Apache employee received a call from a person claiming to be a vendor representative requesting a change to their bank account information for payments to Petrofac, the vendor. The Apache employee asked that they send the request on the Petrofac’s letterhead. The criminals then set up a false email domain, “petrofacltd.com” which is very similar to Petrofac’s actual domain – “petrofac.com” – and emailed the requested letter. The email and letter provided both old and new bank account information and requested that the change take effect immediately. The Apache employee called the phone number on the false letterhead to confirm the authenticity of the request and then another Apache employee implemented the change. Apache made transfers of almost $7 million before it learned of the fraud a month later.
Apache recouped a substantial portion of the money but sought coverage for loss in the amount of $2.4 million. Great American Insurance Company (GAIC) denied coverage and a lawsuit followed. The Computer Fraud policy provision provided coverage in relevant part for “loss of… money resulting directly from the use of a computer to fraudulently cause a transfer of that property…”. The trial court granted summary judgment finding coverage for the loss and this appeal followed. The Fifth Circuit addressed the matter as one of first impression under Texas law, finding no Texas authority interpreting the provision. So making an Erie-guess, the court observed the Texas Supreme Court’s policy preference for “uniformity when identical insurance provisions will necessarily be interpreted in various jurisdictions” then turned its analysis to decisions from other jurisdictions.
As a preliminary matter, the court agreed with the Ninth Circuit’s observation that “[b]ecuase computers are used in almost every business transaction, reading this provision to cover all transfers that involve both a computer and fraud at some point in the transaction would convert this Crime Policy into a ‘General Fraud’ Policy essentially covering losses from all forms of fraud rather than a specified risk category.” And after a detailed analysis of court decisions from other jurisdictions and, unpublished Texas court decisions addressing similar issues, the court determined that while a computer and emails were involved, under the facts presented it was the faulty verification and investigation process that caused the loss. Accordingly, the trial court’s judgment was vacated and judgment was rendered for Great American Insurance Company.