Employee's theft of clients' property CR 04 01

Employee theft – name or position schedule CR 04 08

Excess over underlying insurance CR 20 33

Exclude Digital Tokens and Other Electronic Instruments CR 20 42 05 23 

In Section D.1. Exclusions Applicable To All Insuring Agreements, the following exclusion is added:

 Digital Tokens 

Loss involving digital tokens of any kind, by whatever name known, whether actual or fictitious including, but not limited to, non-fungible tokens, crypto tokens or any other type of digital token.

 Analysis:

CR 20 42 05 23 is a new optional endorsement amending the commercial crime coverage form, the commercial fidelity and forgery policy, and the government crime and government fidelity and forgery policies. The rise in popularity of digital tokens creates unanticipated exposures not previously contemplated under the ISO crime policies. As such, the purpose of the endorsement is to provide an option to exclude loss involving any kind or type of digital token, regardless of how they are known or called, to be all-inclusive of all such tokens. This exclusion includes but is not limited to non-fungible or crypto tokens or any other type of digital token.

To effect this exclusion, the definition of "securities" is replaced to encompass these types of tokens, as follows: 

In Section F. Definitions:

1.  The definition of "securities" is replaced by the following:

"Securities" means:

1.  Tangible negotiable and nonnegotiable instruments or contracts representing either "money" or property and includes:

(1) Tokens and tickets in current use;

(2) Revenue and other stamps (but also including their unused value in a meter) in current use;

(3) Gift certificates, gift cards or similar instruments issued by you;

(4) Evidences of debt issued in connection with credit or charge cards, which cards are not issued by you; and

(5) "Certificated securities"; and

 b. "Uncertificated securities";

but does not include "money".

 Analysis:

There are two necessary changes in this definition of securities. The first change identifies securities as tangible and negotiable instruments that represent either money or some type of property. As in the commercial crime policy definition, even though the securities represent money, they differ from and are not "money". Unlike the commercial crime policy definition of securities, here the securities must be tangible and they can be either certified or uncertified. In earlier editions of the forms, the definition did not include the requirement that they be tangible instruments, as there was no need for such distinction given that covered instruments existed mainly in tangible, non-digital form. Generally speaking, securities that are certified means that they exist in tangible form, while those that are uncertified are intangible, appearing only in book-entry form. Both forms of securities are covered.

Digital tokens are what is being excluded by this endorsement. While securities can be valued in some manner, such as via the exchange rate on the stock exchange, the value of digital tokens cannot be readily valued. Note that the term non-fungible tokens, otherwise known as NFT's, are specifically excluded. Non-fungible means that it is unique and can't be replaced. By contrast, physical money and cryptocurrencies are fungible, which means they can be traded or exchanged for one another. Each NFT is a unique digital signature that reportedly cannot be replicated. They are recorded on a blockchain and are used to certify authenticity and ownership of digital or physical objects such as music, event tickets, video clips, art, collectibles, and real estate, among other items.  

Fungible refers to items or commodities that can be exchanged with other assets or commodities of the same type. They are fungible assets because they can be interchangeable with a like asset or commodity. For example, a $1.00 bill can be interchanged with 100 pennies, 10 dimes, four quarters, or two fifty-cent coins. A bitcoin is also a fungible asset, as each unit of bitcoin is the same as any other unit of bitcoin and can be exchanged and traded on a like-kind basis. However, even though bitcoin may be considered a fungible currency, it is a type of digital, or crypto, token. As such, bitcoin and all other digital or crypto token types are explicitly excluded by this endorsement. A cryptocurrency, or crypto, is a form of digital asset, made up of encrypted computer algorithms, and based on a network that is distributed across a large number of computers. For more detailed information on crypto, refer to our article Cryptocurrency Bitcoin and Blockchain.

The endorsement also adds two new definitions with respect to this exclusion: 

2. The following definitions are added: 

1. "Certificated security" means a share, participation or other interest in property of, or an enterprise of, the issuer, or an obligation of the issuer, which is:

  (1) Represented by a written instrument issued in bearer or registered form;

  (2) Of a type commonly dealt in on securities exchanges or markets or commonly recognized in any area in which it is issued or dealt in as a medium for investment; and

  (3) Either one of a class or series or by its terms divisible into a class or series of shares, participations, interests or obligations.

  "Uncertificated security" means a share, participation or other interest in property of, or an enterprise of, the issuer, or an obligation of the issuer, which is:

  (1) Not represented by a written instrument and the transfer of which is registered upon books maintained for that purpose by or on behalf of the issuer;

 (2) Of a type commonly dealt in on securities exchanges or markets; and

  (3) Either one of a class or series or by its terms divisible into a class or series of shares, participations, interests or obligations.

 Analysis:

These definitions were added to identify the types of securities being excluded. These definitions should be all-encompassing of any type of security, in that for the purpose of the exclusion, securities are not money and therefore are excluded, regardless if they are certified or not. 

Amend Verification Condition CR 25 55 05 23

1.  Under the Commercial Crime Coverage Form and Commercial Crime Policy, Paragraph 2.e. of Section E. Conditions is replaced by the following:

 e. Under Insuring Agreement A.7.

 

 (1) Change Of Account Requests

You must make a reasonable effort to verify, but not through email or by using contact information included in a "change of account request", the authenticity of any such "change of account request" with:

 

(a) The "client" or "vendor" purporting to have issued the "change of account request"; or

(b) An "authorized person", but not the "authorized person" purporting to have issued the "change of account request";

and contemporaneously document the result of your effort before transferring any property.

  (2) Transfer Instructions

You must make a reasonable effort to verify, but not through email or by using contact information included in a "transfer instruction", the authenticity of any such "transfer instruction" with:

(a) The "client" or "vendor" purporting to have issued the "transfer instruction"; or

(b) An "authorized person", but not the "authorized person" purporting to have issued the "transfer instruction";

and contemporaneously document the result of your effort before transferring any property.

 Analysis:

CR 25 55 05 23 is a new optional endorsement amending the commercial crime coverage form, the commercial fidelity and forgery policy, and the government crime and government fidelity and forgery policies. Paragraph A. applies to the Commercial Crime Coverage Form and the Commercial Crime Policy. While not printed here, Paragraph B. is identical to paragraph A. but this paragraph applies to the Government Crime Coverage Form and the Government Crime Policy. 

These forms already contain certain verification process requirements under the terms of the Fraudulent Impersonation Insuring Agreement. At a minimum, the insured must make a reasonable attempt to verify change of account requests and transfer instructions with the sender (i.e., the customer, vendor or another employee) before transferring any property.

To help prevent social engineering frauds, particularly through email compromise, this new endorsement is being made available as an additional underwriting tool. The conditions in this endorsement do not remove any of the verification requirements already included in the policy, but in situations where additional verification controls are appropriate, this endorsement will put additional requirements on the verification process. 

Often, the contact information in a change of account request or a transfer request is used as part of the scam to defraud the insured. As such, this endorsement removes the ability to simply use email request or contact information as authentication of an account change or transfer request. With this endorsement the insured must make reasonable efforts to verify the authenticity of these requests, and to document such efforts before transferring any property. While not identified in the endorsements, some examples might include personally contacting the person requesting the changes, or verifying the request by contacting that person by telephone. It would be best to discuss with the insurer what steps the insured should use to meet the terms of this endorsement, rather than leaving it to guess.

Employee Theft of Clients' Property CR 04 01 05 23

E.   In Section E.1. Conditions Applicable To All Insuring Agreements:

 

1. Under the Government Crime Coverage Form and Government Crime Policy, Paragraph (3) of the Duties In The Event Of Loss Condition is replaced by the following:

 

(3) If you have reason to believe that any loss (except for loss covered under Insuring  agreement A.1.a., A.1.b., A.2. or this Insuring Agreement) involves a violation of law, you must notify the local law enforcement authorities. 

 Analysis:

The only change in this revised edition of CR 04 01 is the insured's duties in event of loss, Section E. This is a clarification of the condition because the earlier edition amended paragraph (3); however not all of the forms being amended contained a paragraph (3). This amendment is made to clarify that the duty to report law violations applies to all policies, regardless if paragraph (3) is included – namely the fidelity and forgery policies.

Employee Theft – Name or Position Schedule CR 04 08 05 23

 Analysis:

The first amendment in this newer edition of the endorsement is to effect the same type of change as in the previously discussed CR 04 01 endorsement. 

Further, the endorsement has also been amended to reflect the coverage forms and policies that the kidnap, ransom, extortion and other unlawful demands exclusion applies; and which coverage forms and policies the additional premises or employees condition, or additional employees condition, do not apply.

Excess Over Underlying Insurance CR 20 33 05 23

B.   Under the Commercial Fidelity And Forgery Policy and Government Fidelity And Forgery Policy, in the Duties In The Event Of Loss Condition:

 

1. Paragraph (1)(a) is replaced by the following:

(a) Notify us as soon as possible of any loss of the kind covered by this insurance that exceeds the amount of Underlying Insurance set forth in the Schedule, whether or not we are liable for the loss;

 2.  Paragraph (2) does not apply. 

Analysis:

The only change in this revised edition of CR 20 33 is the insured's duties in event of loss condition. Paragraph (1)(a) requires the insured notify the carrier of any loss in excess of the amount covered by the underlying policy, regardless if there is coverage under the policy. This will ensure that the carrier is aware of all excess loss activity of the insured.

Due to the requirement of paragraph (1)(a) that requires reporting of all excess loss activity, there is no longer a need for the paragraph (2) condition, which required the insured to submit a sworn proof of loss within 120 days.

Includes copyrighted material of Insurance Services Office, Inc., with its permission.