Clark Hill Strasburger Secures Two Important Victories for the Fidelity Industry
RealPage, Inc. v. National Union Fire Insurance Company of Pittsburgh, Pa., and Beazley Insurance Company, Inc., No. 3-19-cv-01350-B (N.D. Tex., [Doc. 131] Feb. 24, 2021):
In a major win for the industry, a federal district court, applying Texas law, entered summary judgment for primary and excess insurers involving a claim for computer fraud and funds transfer fraud coverage under a Commercial Crime Policy. The insured, RealPage, Inc., provides a service to owners and operators of residential properties whereby tenants can go online and arrange for their rental payments to be made by credit card or ACH bank transfer. The tenants’ payments are deposited in a bank account belonging to Stripe, Inc., a third-party payment processor. Stripe then directs its bank to transfer most of the funds to bank accounts belonging to RealPage’s customers, based on information supplied by RealPage.
Imposters used a phishing email to obtain the credentials of a RealPage employee and were able to change the bank account information for the transfers from Stripe’s bank account. After approximately $10 million was diverted by the imposters, RealPage voluntarily reimbursed its customers for their losses and sought reimbursement from National Union and Beazley for the payments. The court entered summary judgment for the insurers because:
- Stripe, not RealPage, was in possession of the relevant bank account funds at the time of the theft, and thus RealPage did not “hold” or possess them;
- The payments to the customers did not involve a “direct loss,” and
- The indirect loss exclusion applied to preclude coverage.
After a detailed analysis of the issues, the court held that the covered property condition in the primary policy required either ownership or physical possession by the insured for potential coverage. Mere “control” of the property is insufficient. The court also rejected RealPage’s claims against National Union under the Texas Insurance Code.
Mississippi Silicon Holdings, LLC v. AXIS Insurance Company, No. 20-60215 (5th Cir. Feb. 4, 2021):
In this case, the Fifth Circuit Court of Appeals compared coverage under a Social Engineering Insuring Agreement with a Computer Transfer Fraud Insuring agreement. When Mississippi Silicon Holdings (MSH) received an email identifying new banking information for payments, MSH believed the email was from its Russian vendor, later wired funds on two occasions to the new account, and suffered a loss. AXIS paid the claim under the social engineering coverage (with a $100,000 limit) but declined coverage under the Computer Transfer Fraud Insuring Agreement. MSH sued for coverage under computer fraud (with a $1 million limit). The Northern District of Mississippi granted summary judgment in favor of AXIS, holding that only the social engineering coverage applied, and the Fifth Circuit affirmed. The Fifth Circuit’s analysis is notable in two important respects. First, the court analyzed the technological aspects of the actual fraud, as well as the type of fraud that each separate insuring agreement was intended to cover. The email at issue had no functionality and did not manipulate the computer system to make a transfer. As part of its analysis of computer transfer fraud, the court declined MSH’s invitation to follow Medidata Solutions, Inc. v. Federal Insurance, 268 F.Supp.3d 471 (S.D.N.Y. 2017), aff’d 729 F. App’x 117 (2d Cir. 2018). Second, the court analyzed the plain meaning of the two insuring agreements, reading them in harmony with one another and giving proper meaning to each, in order to ensure it reached a proper conclusion about coverage. While there was no provision in the policy stating that a loss could not be covered under two separate insuring agreements, the court focused on the fact that the plain meaning of each insuring agreement was determinative. Finally, the court affirmed the principle recognized in previous decisions, including the Fifth Circuit’s earlier decision in Apache Corp. v. Great American Ins. Co. 662 F. App’x 252 (5th Cir. 2016), that the mere receipt of an email does not constitute computer fraud under a crime policy.
About Clark Hill's Fidelity Group
Clark Hill fidelity and surety attorneys have been called upon by leading industry groups to act as trusted advisors, both for purposes of drafting standard industry forms and assisting with educational programs, including serving as advisors to The Surety & Fidelity Association of America and the Fidelity Law Association of America. Our lawyers have extensive experience, both at home and abroad, advising clients in the investigation of claims involving employee dishonesty, theft, financial institution, savings and loan, commercial crime, and mortgage banker bonds. Our vast experience in handling every type of imaginable claim allows us to quickly and efficiently analyze the underlying facts of a claim and assess a client’s potential exposure.
We have been able to achieve excellent results for our fidelity and surety clients in the investigation phase of the claim, in analyzing and handling claims, in preparing the case for trial, in mediating and arbitrating bond claims, and in trying and winning trials and appeals. As a result, we are national fidelity bond claims counsel for one of the leading insurers in the industry, regional fidelity and surety counsel for other insurers, and we frequently are asked to represent clients both throughout North and South America, as well as overseas. We have been selected to represent insurers in some of the largest and most significant cases in the history of the industry. We are truly the “go to” firm for fidelity and surety representation across the United States, and beyond.
2024 Cybersecurity and Data Privacy Laws Summit Chicago
This event will include a panel discussion with expert industry leaders, offering a deep dive into the most pressing issues and advancements in AI and data privacy laws. You’ll gain critical knowledge and explore the implications of AI in legal and privacy domains so you can update your practices to reflect the highest standards of data stewardship.
WEBINAR: The Race to 2024: Politics and Social Media in the Workplace and Employer Rights.
Over the last several years, employers have seen and continue to see increased political activities from their employees at work and on social media platforms, including on business-related social media platforms, like LinkedIn. Managing employee expression causes unique challenges for employers and HR professionals, and in a General Election year, these challenges are likely to increase as the Presidential race, and other races, heat up.
Webinar: A Cookieless Future and Promise of PETs: A Primer on Privacy Enhancing Technologies
This webinar will explore PETs – we will define what they are, what problems PETs exist to address, and emerging PET standards including the National Institute of Standards and Technology (NIST) draft guidance on how to evaluate PET effectiveness. We will provide specific PET use cases and discuss how PETs may be utilized to address the phase out of third party cookies by certain browsers for purposes of targeted advertising.