29 Aug Think Your Cyber Insurance Covers Wire Fraud? Think Again.
Since 1992, Golsan Scruggs has closely monitored the evolving challenges faced by advisors on the front lines. By tracking claims data, we’ve been able to identify emerging risk trends. Among our Advisor clients, one trend stands out: in 2024, claims related to Social Engineering / Wire Fraud surged by a staggering 500% versus 2022.
This dramatic increase raises a crucial question: What are the major types of Social Engineering and how can this risk be properly insured?
What Is Social Engineering?
Social engineering is a type of cyber threat that uses manipulation and deception to trick individuals into revealing sensitive information—such as login credentials—or authorizing fraudulent transactions. These incidents generally fall into two loss categories: First-Party Losses and Third-Party Losses.
First-Party Losses
First-party losses occur when the organization itself is directly victimized by a social engineering scheme.
Example: An advisory firm recently attempted to pay its IAR contractors using banking instructions from a spreadsheet that appeared legitimate but was, in fact, fraudulent. The document was crafted to mimic actual contractor account details and was submitted to the CFO by someone impersonating the COO. The result: over $600,000 in firm capital lost to fraud.
Third-Party Losses
Third-party losses impact external stakeholders, typically clients, due to a compromise in the advisor’s or client’s environment.
Example: An advisor received a seemingly valid wire transfer request from a client and processed the transaction after verbal confirmation. Two weeks later, the client reported that the funds were never received. Investigations revealed that the advisor’s email account had been compromised, and emails from the client were being intercepted. As a result, the advisor unknowingly executed a fraudulent transfer.
How Does Cyber Insurance Respond?
Many assume cyber liability insurance will fully cover these incidents. However, most cyber policies limit or exclude coverage for the actual loss of funds. While some First-Party losses may be covered, Third-Party financial losses are frequently excluded altogether.
If Not Cyber Insurance, Then What?
Because these events often involve both cybersecurity breaches (e.g., phishing, email compromise) and financial theft (e.g., wire fraud), multiple insurance lines may apply.
- Cyber insurance may cover system breaches or email compromises.
- Crime insurance may provide coverage for stolen funds—if properly structured.
It’s important to understand that not all crime policies are alike. Many include strict limitations or sublimits that reduce the recoverable amount in the event of wire fraud. To ensure comprehensive protection, it’s critical to work with a knowledgeable broker who can coordinate cyber and crime coverage effectively.
By Bryant Wood & Cameron Norris – Golsan Scruggs
Golsan Scruggs is an insurance brokerage firm operating throughout the United States specializing in investment advisor E&O errors & omissions insurance (aka professional liability insurance) for RIA registered investment advisors. As one of the largest insurers of RIA firms in the U.S., we have a dedicated staff that understands the risks of the financial services industry and delivers superior results. We make the underwriting process painless.
At Golsan Scruggs, we believe it is incumbent upon us to earn the right to be appointed as your insurance and risk-management agent. Our RIASURE process exists to serve that purpose.
Our RIASURE Review will analyze your fiduciary exposures, provide rate details and comparisons, and provide a contract comparison. No application required.
To obtain your complimentary RIASURE Review, please provide the following information or contact us at (800)273-5883. Fields marked with * are required.