American Tooling Center, Inc. v. Travelers Casualty & Surety Co. of America, No. 17‑2014, 2018 WL 3639951 (6th Cir., petition for reh’g or reh’g en banc filed, 07/31/18).
In a proceeding relating to the interpretation of an insurance contract, the United States Court of Appeals, Sixth Circuit, reversed a lower court decision that an insurance provider’s “Computer Fraud” policy did not cover a loss stemming from wire transfers to a third party that impersonated the intended recipient.
American Tooling Center, Inc. (“ATC”) is a tool and die manufacturer in Michigan. ATC purchased a business insurance policy (the “Policy”) from Travelers Casualty and Surety Company of America (“Travelers”) that was in force from October 1, 2014 to October 1, 2015. In March 2015, ATC received an email purportedly from one of its Chinese vendors requesting that its outstanding invoices be sent to a different account than usual. The same vendor had previously changed its banking details, and ATC had no process for verifying the changed information. ATC proceeded to transfer approximately $834,000 in a series of wires until the real company demanded payment and ATC realized it had wired the money to an imposter. ATC agreed to pay the company approximately 50% of the outstanding debt, with the rest contingent on ATC’s insurance claim with Travelers.
ATC sought recovery for its loss from Travelers, arguing that the loss fell within the “Computer Fraud” provision of the Policy. The relevant provision of the Policy stated that “The Company will pay the Insured for the Insured’s direct loss of, or direct loss from damage to, Money, Securities and Other Property directly caused by Computer Fraud.” Travelers argued that (1) ATC did not suffer a “direct loss”; (2) the case was not one of “Computer Fraud”; and (3) the loss was not “directly caused by Computer Fraud.” After Travelers denied its claim, ATC sued in federal district court for breach of contract. The district court granted Travelers summary judgment holding that ATC’s loss was not covered under the Policy.
On appeal, the Sixth Circuit Court of Appels (the “Court”) reversed the district court’s grant of summary judgment to Travelers and granted summary judgment to ATC. The Court agreed with ATC that it suffered a direct loss when its funds left its bank account. Travelers had argued that the loss did not arise until ATC discovered the fraud and agreed to pay the vendor part of the money still owed. In support of its argument, Travelers cited a Sixth Circuit case in the context of Michigan employee‑fidelity bonds which held that “direct” means “immediate”. The Court noted that the Michigan Supreme Court had not previously analyzed the meaning of the word, but pointed to an unpublished decision by the Michigan Court of Appeals which referred to a “direct” loss as one resulting from an “‘immediate or proximate’ cause.” The Court held that under either definition, ATC suffered a “direct loss” when it transferred the funds to the impersonator. The fact that ATC contractually owed the money to its vendor and that it later entered into a subsequent loss‑spreading agreement with the vendor had no bearing on whether the loss was directly suffered by ATC.
The Court also rejected Travelers’ argument that the impersonator’s conduct did not constitute “Computer Fraud” as defined under the Policy. Travelers interpreted the term to mean that a computer cause, rather than merely facilitate, a fraudulent transfer. To support its argument, Travelers cited an unpublished Ninth Circuit case which held that the same language required “an unauthorized transfer of funds”. The Court distinguished the facts from those of the precedent, in which the fraudulent conduct occurred without the use of a computer, and rejected the attempt to limit the definition of “Computer Fraud” to hacking or similar criminal manipulation of a computer’s controls or data. The Court noted that Travelers could have tailored a narrower policy if it had wanted to restrict coverage under the Policy to such criminal behavior.
Finally, the Court ruled that ATC met the burden of showing that its “direct loss” was “directly caused” by the computer fraud. Distinguishing the facts from an unpublished case in the Eleventh Circuit, the Court noted that after ATC received the fraudulent emails, it conducted a series of internal actions, all induced by the fraudulent emails, which led to the transfer of the money to the impersonator. The “point of no return” occurred once ATC transferred its money in response to the fraudulent emails. The Court also rejected Travelers’ arguments concerning exclusions, noting that exclusion provisions under Michigan law are strictly construed against the insurer.