Onebeaconpro.com 860.773.6150 t 806.773.6095 f 09.22.2014 Cyber Liability Insurance Coverages and Trends Affecting Community Banks Craig M. Collins President,

onebeaconpro.com 860.773.6150 t806.773.6095 f

09.22.2014

Cyber Liability Insurance Coverages and Trends

Affecting Community Banks

Craig M. Collins President, Financial Services

OneBeacon Professional Insurance


09.22.2014

LEGAL DISCLOSURE

The diverse views expressed are solely those of the respective presenters and are not those of OneBeacon Professional Insurance or any of its affiliates.


09.22.2014WHAT DO THESE HAVE IN

COMMON?


09.22.2014 THE SCARY STUFF

The Scams:

•Malware-infected software (mainly keystroke viruses)•Tech support scams •Phishing (fake email from a trusted source)•Spear phishing (email from a trusted source)•Smishing (compromising your smart phone)•Traditional social engineering


09.22.2014 THE SCARY STUFF

The Trends:

•One in seven American networks has malware•Phishing emails have a 70% “open” rate•Gas pump skimmers are now “Bluetooth enabled”•Majority of wire fraud activity comes from outside the US

• Estonia, Latvia, Russia, Ukraine, China, African Countries

•Political cyber attacks

• China, Iran, Russia, North Korea (US alleged creator of Stuxnet)

•Technological innovations in banking – New ATM machines,•Online banking, remote capture, ACH, Check 21, etc.


09.22.2014 INSURANCE COVERAGES

Financial Institution Bond (1st Party)

• Electronic / Computer Systems Fraud (includes online funds transfers)

• Telefacsimile, Email and Voice Instruction Transactions Coverage

Cyber Liability

• Cyber Liability (3rd Party)

• Intellectual Property (3rd Party)

• Breach Event Expense (1st Party)


09.22.2014 FINANCIAL INSTITUTION BOND

Coverages:

Electronic / Computer Systems Fraud – Protects the Bank (1st Party) for loss due to theft occurring within the Bank’s own Computer System. (A direct “hack” of funds in your care/custody/control within the bank).

Example:


09.22.2014FINANCIAL INSTITUTION

BOND

Coverages:

• Telefacsimile, Email and Voice Instruction Transactions Coverage – Protects the bank for loss due to a fraudulent Fax, Email, or Voice Instruction.

However, to have Financial Institution Bond coverage, the bank MUST:

• Have a pre-arranged written agreement with the customer, authorizing transfers

AND

•If the transfer is larger than the bank’s bond deductible, there must be a call back to the customer verifying the transfer request.


FIRST COMMERCIAL STATE BANK

FRAUDULENT WIRE ATTEMPT

Wire Transfer Included:

•A written wire transfer agreement with customer

•Authorization Form

•Call Back Procedure

09.22.2014

9



E-MAIL EXCHANGES:

From: Johnson, James [mailto:[email protected]]Sent: Tuesday, August 26, 2014 12:24 PMTo: Hartman, Sarah

Hello,

I need to make an international wire transfer, please forward a copy of the

form I need to complete.

James

LAW OFFICE OF JAMES JOHNSONTELEPHONE- (816) [email protected]

10

09.22.2014



From: Hartman, Sarah Sent: Tuesday, August 26, 2014 12:33 PMTo: Johnson, James [mailto:[email protected]]

Hello,Attached is the wire transfer form. As you know since this is not an “In Person” wire transfer, Henry will

have to confirm with you by phone once the form is received. He is in a meeting right now but should be out

shortly.

SarahFirst Commercial State Bank

From: Johnson, James [mailto:[email protected]] Sent: Tuesday, August 26, 2014 12:46 PMTo: Hartman, Sarah

The completed form is attached. Are you available in the office? I am in a meeting, but I can be reached on my cell

at 816-584-2997 and I just want to know if you are available in the office.

James

LAW OFFICE OF JAMES JOHNSONTELEPHONE- (816) [email protected]

09.22.2014

11



From: Johnson, James [mailto:[email protected]]Sent: Tuesday, August 26, 2014 1:15 PMTo: Hartman, Sarah.

Sarah,

Are you available in the office? I can be reached on my cell at 816-584-2997.

LAW OFFICE OF JAMES JOHNSONTELEPHONE- (816) 584-2991

[email protected]

From: Baker, Henry Sent: Tuesday, August 26, 2014 1:33 PMTo: Johnson, James [mailto:[email protected]]

James,

I am out of my meeting and I will give you a call to confirm the wire transfer.

HenryFirst Commercial State Bank

09.22.2014

12



Fraudulent Attempt:

• International wire transfer request received

• Policy and procedures were followed correctly

• The fraud was prevented!

09.22.2014

13


09.22.2014 CYBER LIABILITY INSURANCE

Coverages:

• Cyber Liability is designed to protect the bank from losses/litigation coming from 3rd parties (mainly customers, suppliers, other banks, etc.) due to an error/omission/breach of duty in which the bank is legally obligated to pay.



Coverages:

Parts of a Cyber Liability Policy• Basic Cyber Liability (3rd Party)

• Failure to protect private or confidential information from unauthorized access

• Libel, slander, defamation

• Denial of access and/or service

• Loss or damage to Electronic Data of a customer

Claims Example: “Electronic Statement Error”



Coverages:

Parts of a Cyber Liability Policy• Intellectual Property (3rd Party)

• Protects the bank from litigation/loss involving infringement of copyright, trademark, trade name, etc.

Claims Example : “Interest rate Error”



Coverages:

Parts of a Cyber Liability Policy• Breach Event Expense (1st Party Coverage) -Reimburses the

bank for certain costs incurred due to the unauthorized access to, or acquisition of, customer information that is in the care, custody, or control of the bank.

• Costs of Notification to the customers.

• Costs to change account numbers/reissue cards

• Provides credit monitoring services to impacted customers

Claim Example: “Debit Card Error – Bank responsible”


09.22.2014 WIRE TRANSFER ROOM

Some Employee “Best Practices”.

• Train, re-train employees on policies and procedures.

• Violations of policy should become a terminable offense.• Allow wire employees the ability to reasonably “upset” a

customer because of the need to follow policies and procedures to the letter.

• Test wire room by having members of Sr. Management or members of the Board of Directors call to attempt to make transfers in excess of the policies and procedures (a new approach by fraudsters).


09.22.2014

CORPORATE ACCOUNT TAKEOVERS

Corporate Account Takeovers are the fastest growing “criminal actions” being reported to bank insurers.

Issues: • Customer service is in direct conflict with proper internal

controls• Social engineering scams are much more successful in

smaller companies• Customer’s internal controls are significantly less

sophisticated than the banks.

Claims Example:


09.22.2014

CORPORATE ACCOUNT TAKEOVERS

Some Customer “Best Practices”:

• Have the proper written agreement with the customer that includes “Hold Harmless” wording and specifically spells out who/what/where/when and how.

• Require customers who have higher frequency or dollar amount transactions to have a stand alone computer.

• No browsing

• No email

• No USB capabilities• Require customers who have higher frequency or dollar

amount transactions to have computer crime insurance - ask for a certificate of insurance


09.22.2014

Questions?

Onebeaconpro.com 860.773.6150 t 806.773.6095 f 09.22.2014 Cyber Liability Insurance Coverages and Trends Affecting Community Banks Craig M. Collins President,

Documents