Summary: Category 04 of crime forms in the ISO program lists several optional crime and fidelity endorsements. Many of these endorsements have been updated in the past two years. The endorsements amend the crime policy by adding various insuring agreements. The changes to these endorsements are the subject of this treatment.

One change appears on every endorsement, and that change contains language stating that the provisions of the form or policy that the endorsement is attached to apply unless the endorsement modifies those provisions. This is to clarify that all other policy provisions apply unless specified.

Topics covered: Clients' Property—CR 04 01

Funds Transfer Fraud—CR 04 02

Extortion – Commercial Entities—CR 04 03 or Government Entities—CR 04 04

Inside The Premises – Theft of Other Property—CR 04 05

Inside The Premises – Robbery or Burglary of Other Property—CR 04 06

Inside The Premises – Robbery or Safe Burglary of Money and Securities—CR 04 07

Employee Theft – Name or Position Schedule—CR 04 08

Lessees of Safe Deposit Boxes—CR 04 09

Securities Deposited with Others—CR 04 10

Guests' Property—CR 04 11

Safe Depository—CR 04 12

Destruction of Electronic Data—CR 04 13

Unauthorized Reproduction of Computer Software by Employees—CR 04 14

Fraudulent Impersonation—CR 04 17

Clients' Property CR 04 01 08 13

 This endorsement adds the agreement to cover "money," "securities," and "other property" that belongs to the named insured's client. Remember that "client" is a defined term that means anyone for whom the named insured performs services under the terms of a written agreement. The client's property is covered for loss from theft by an "identified employee." Although the policy covers the named insured's property for theft by both identified and unidentified employees, this endorsement limits coverage for clients' property to theft by an identified employee.

 As in the policy, the employee committing the theft may be acting alone or "in collusion with others." While endorsement CR 04 01 requires that the offending employee be identified, it does not require identification of others who may be colluding with the employee.

 The endorsement modifies one definition and adds two others. While the policy says that a theft must be to the deprivation of the named insured, this endorsement changes that to the deprivation of the named insured's client. While the earlier form of endorsement CR 04 01 covers property inside the client's premises, the current endorsement has removed such language. Therefore property that the client holds for others is covered on or off the client premises. The endorsement also broadens coverage in that coverage applies whether or not the client is legally liable for the loss. In the earlier form, the client needed to be liable for coverage to apply. With the current change, property the client holds in any capacity is still covered, even if the client is not legally liable for the property. This significantly broadens coverage. Finally, the endorsement repeats the definition of "occurrence" applying it, as well, to this additional insuring agreement. Theft is defined as the unlawful taking of property to the deprivation of your client. Earlier forms listed loss of money and securities.

 Endorsement CR 04 01 removes one exclusion. In the crime policy, exclusion D.1.b. eliminates coverage for theft unless the theft is covered under the "employee theft" insuring agreement. The exclusion specifies that the policy does not apply to theft by "employees, managers, directors, trustees, or representatives" except as provided by the agreement A.1. By removing this exclusion, endorsement CR 04 01 covers almost all instances of employee theft of covered property.

 The policy spells out four duties of the insured following a loss. The first specifies that the insured must notify the insurer "as soon as possible." It also requires the insured to notify the police if a violation of the law is suspected. Endorsement CR 04 01 removes the police notification requirement.

 Funds Transfer Fraud CR 04 02 03 00

 This endorsement applies in both the commercial crime and the government crime program. It adds an insuring agreement to cover loss of "funds" from the named insured's "transfer account." The loss must be caused by "fraudulent instruction."

 A "transfer account" is one that the insured maintains at a financial institution from which he or she can "initiate the transfer, payment, or delivery of funds." Such transfer can be accomplished in many ways: electronically; via telegraph, cable, FAX, phone, etc.; or through any funds transfer mechanism. The transfer account also allows transfer of the funds via written instructions.

 This endorsement protects against "fraudulent transfer" of funds from such an account. The endorsement provides a rather lengthy definition of "fraudulent instruction," but it comes down to being instructions to the bank to transfer funds. The instruction must "purport to have been issued" by the named insured, but was really issued by someone else without the knowledge of the named insured. There have been no changes in this endorsement.

 Extortion – Commercial Entities CR 04 03 08 13 or Government Entities CR 04 04 08 13

 Sometimes a business or government entity is threatened by a kidnapper (or someone who purports to be a kidnapper) or other type of extortionist. This person threatens bodily harm to someone at the company (or their relatives). The threat to government entities may be to their officials, employees, or representatives (or relatives). Other threats to a business or government entity involve potential damage to its premises or property. Newer threats involved damage to computer systems by denial of service attacks, introduction of viruses or malicious software, dissemination of the insured's proprietary or confidential information, the confidential information of others, weaknesses in the source code of the computer system, introduction of "ransomware", or even contamination of an insured's products or goods.

 Endorsements CR 04 03 and CR 04 04 add an insuring agreement to cover damage from such threats. It agrees to pay for loss of covered property as a result of threats of bodily injury or property damage. The "loss" is the insured's paying money, securities, or other property to the extortionist as a result of his or her threats. Coverage for the newer exposures has been added to the 2013 form in the Insuring Agreements.

 The endorsement, however, adds one exclusion. It denies coverage if the named insured surrenders the property before he or she makes a "reasonable effort" to report the extortionist's demands. This report must be made to an associate, local law enforcement, and to the Federal Bureau of Investigation. Note that all three must be notified; the use of "and" instead of "or" dictates this. Simply reporting the loss to an associate does not mitigate the exclusion; all three must be notified in order for coverage to be applied. This exclusion helps to eliminate the possibility of collusion between the named insured and an extortionist.

 Endorsements CR 04 03 and CR 04 04 add one condition and change two others. The additional condition requires that the threat to the named insured actually be "communicated during the policy period." The territory is expanded to include "other locations shown in the Schedule." The expanded territory aids companies and government entities who may have locations in rather unfriendly places. The territory condition covers "loss that you sustain resulting directly from an "occurrence"" instead of acts committed within the given territory.

 For purposes of this endorsement, the valuation of "securities" is amended. Instead of their value at the time they were stolen, they are valued at their market value at the time they are surrendered to the extortionist.

 "Other property" (defined as other tangible property) is valued at the lesser of its replacement cost or the limit of insurance.

 "Ransomware" is a new definition and is any software that encrypts "electronic data" within the "computer system" and demands a ransom payment in order to free the data. For example, CryptoLocker was ransomware that was transmitted via email; once the email was opened the files on the computer would be encrypted, and the ransom must be paid in order to unencrypt the files. An estimated $3 million was paid before CryptoLocker was shut down.

 Inside The Premises—Theft of Other Property CR 04 05 08 13

 The commercial crime policy limits the inside premises coverage of "other property" to the perils of robbery and safe burglary. This endorsement expands that coverage on "other property" to include the peril of "theft." It also covers damage to the premises that results from a theft or attempted theft of "other property".

 Property must be inside the premises in order for coverage to apply. "Premises" has the same definition as in other crime coverage forms—"the interior of that portion of any building" the named insured occupies in conducting its business. Accordingly, all premises that meet this description are automatically covered, even if acquired after policy inception.

 Endorsement CR 04 05 adds eight exclusions to the crime policy:

 1. The insurer will not pay for "loss occurring while there is any change in the condition of the risk within (the named insured's) control that increases the possibility of loss." For example, if an insured is responsible for maintaining his or her premises including replacing broken windows, and does not do so, there is no coverage if a loss occurs while the windows remain unreplaced.

 2. The endorsement does not cover a loss that results from the giving or surrendering of "covered property" in any exchange or purchase. If, for example, the insured gives or surrenders covered property in a fraudulent transaction, the resulting loss is not covered. This exclusion accomplishes much the same result as the exclusion of voluntary parting of the title to property, discussed below.

3. There is no coverage damage to the "other property" by fire. However, the exclusion does not apply to damage to a safe or vault by fire. This exclusion has been modified and now contains what used to be exclusion four, loss resulting from a theft that occurs during a fire inside the premises.

 4. Losses that can only be proved by an inventory computation or a profit and loss computation are not covered.

5. This exclusion makes it clear that the endorsement does not cover motor vehicles, trailers, or semi-trailers or equipment and accessories attached to them.

 6. This exclusion eliminates coverage for loss of property that has been transferred or surrendered to a person or place outside the premises. Several new conditions have been added to this exclusion, (1) through (6).

 a. On the basis of unauthorized instructions;

or

b. As a result of a threat including, but not limited to:

(1) A threat to do bodily harm to any person;

(2) A threat to do damage to any property;

(3) A threat to introduce a denial of service attack into any "computer system";

(4) A threat to introduce a virus or other malicious instruction into any "computer system" which is designed to damage or destroy or corrupt data or "computer programs" stored within the "computer system"; in this section the defined terms are now used for "computer system" and "computer programs" instead of generic terms.

(5) A threat to contaminate, pollute or render substandard your products or goods; or

(6) A threat to disseminate, divulge or utilize:

(a) Your confidential information;

(b) Confidential or personal information of another person or organization; or

(c) Weaknesses in the source code within any "computer system". The same applies here as in (4); the defined term of "computer system" is used.

 7. Loss from damage to the "premises" or its exterior or to any "other property" by vandalism or malicious mischief.

8. Loss resulting from you, or anyone acting on your express or implied authority, being induced by any dishonest act to voluntarily part with title to or possession of any property.

 The endorsement adds two conditions to this coverage for "other property." The first says that after a loss, the coverage is suspended until the security at the premises is restored to its pre-loss condition. However, if the named insured employs a watchperson, this condition does not apply.

 The second additional condition imposes a $5,000 per occurrence limit on payment for items such as precious metals and stones, furs, manuscripts, and drawings.

 Inside The Premises—Robbery or Burglary of Other Property CR 04 06 08 07

 The commercial crime policy covers "other property" while inside the premises for the perils of "robbery" of a "custodian" or safe burglary (taking of the property while it is in a safe or the taking of the safe itself). This endorsement expands that coverage to include robbery of a "watchperson" and "burglary."

 The form changes the definition of watchperson. While in the policy a watchperson is someone whom the insured hires who has no other responsibility than to care for the covered property, the endorsement now also considers a janitor the insured employs that has care and custody of covered property as a watchperson. The other broadening of coverage is the addition of the peril of burglary. Burglary involves a person who takes the covered property and unlawfully enters or leaves the premises.

 The commercial crime policy covers damage to the premises done while a custodian is being robbed or during a safe burglary. This endorsement expands that coverage to include damage to the premises during a robbery or burglary.

 Inside The Premises—Robbery or Safe Burglary of Money and Securities CR 04 07 08 13

 The commercial crime policy covers "money" and "securities" for theft, disappearance, or destruction while inside the premises. This endorsement expands that coverage to include robbery of a "custodian" and "safe burglary." It also picks up coverage for damage to the premises or for damage to a locked safe or vault that results from robbery or safe burglary.

 Endorsement CR 04 07 adds these three exclusions:

 1. Loss from fire. However, it does cover fire loss to money, securities, and to a safe or vault.

 2. This next exclusion eliminates coverage for loss of property after it has been transferred or surrendered to a person or place outside the premises or financial institution premises. This is a change from the prior form; previously it was banking institution, but since not all financial institutions are banks, this broadens coverage. Four conditions apply to this exclusion. The transfer must have taken place: (1) on the basis of unauthorized instructions; (2) because of a threat to do bodily harm to any person; (3) due to a threat to do damage to any property; (4) due to a threat to introduce a denial of service attack into the computer system; (5) due to a threat to introduce a virus or other malicious instruction into your computer system. The virus must be designed to damage, destroy, or corrupt data; (6) due to a threat to contaminate, pollute, or render substandard products or goods; or (7) due to a threat to disseminate or use confidential information or weaknesses in the computer system source code. Included in this condition is that the threat also applies to dissemination of divulgence of confidential or personal information of another person or organization.

 3. The final exclusion removes coverage for damage to the premises or "other property" from vandalism or malicious mischief.

 Employee Theft—Name or Position Schedule CR 04 08 08 13

 This endorsement limits employee theft coverage to those employees who can be identified, whether by name or by position. While the crime policy allows coverage for identified or unidentified employees, this endorsement specifies that the employee must be identified. The employee may be acting alone or in collusion with others.

 The limit of liability in the crime policy is very simple. The policy says that the most it will pay for all loss resulting from an occurrence is what is shown on the declarations. The endorsement has been changed to reflect this updated language in section B. It defines "occurrence" as "all loss caused by each employee, whether the result of a single act or series of acts." This endorsement changes the word "declarations" to "schedule." It also adds more restrictive language.

 Since the "name schedule" specifies employees who are covered, the endorsement limits coverage for any named employee to the highest limit applicable to that employee.

 When written on a "position schedule" the endorsement says that even if an employee serves in more than one position, the most payable is the largest amount that applies to any one position at the time of the loss. When writing a "position schedule" policy, the agent must specify the number of employees serving in each position. If more employees are serving in a position than are indicated on the endorsement, the limit of insurance is reduced. The formula is similar to the co-insurance formula in a property policy—number of employees shown divided by actual number of employees times the limit of liability.

 For example: the endorsement shows 5 employees for a position when there are really 10. The limit of liability is $100,000. The limit of liability for any loss would be reduced to $50,000—5 divided by 10 times $100,000.

 The deductible clause states that the insurer is liable in excess of the deductible up to the limit of coverage for an insured occurrence. The endorsement makes no mention of more than one deductible applying.

 The endorsement has the following exclusions to theft coverage under this endorsement: inventory shortages; trading; and warehouse receipts. The employee cancelled under prior insurance exclusion has been removed from the endorsement. Therefore, if an employee who was cancelled under prior insurance is caught stealing, there is coverage for that employee where formerly there wasn't. This broadens coverage.

 The "additional premises or employees" condition is removed from the conditions section; the additional employees condition has been removed as well. The endorsement also removes the "consolidation – merger" condition. Thus, if the insured acquires new employees in a merger, it does not have to report them to the insurer. While the crime policy requires the named insured to report any possible violation of the law to legal authorities, that requirement is removed in this endorsement. The endorsement specifies that the "employee benefit plan(s) condition" also applies, and that in the definition of "money", paragraph c.(1) extends to the insuring agreement for this endorsement. Paragraph c.(1) states that money means, in insuring agreements A.1 and A.2, deposits in the insured's account at any financial institution.

 Lessees of Safe Deposit Boxes CR 04 09 08 13

 This endorsement adds an insuring agreement covering "securities" while they are in a safe deposit box or vault. The securities are covered for the perils of theft, disappearance, or destruction. The depository where the box or vault is located must be shown on the endorsement. The securities are also covered if they are "temporarily" in another location at the depository, while the named insured is adding to the box/vault or removing from it. The limit and deductible per occurrence are also specified.

It adds three definitions for this insuring agreement:

 1. Burglary—is the unlawful taking of property from a box/vault inside the "depository premises" shown on the schedule. Evidence of forcible entry must exist.

 2. Depository—as indicated on the schedule.

 3. Depository premises—the interior portion at the address indicated.

 The endorsement also covers "other property" in a box/vault. Again, the name and location of the depository must be shown, as well as the limit of liability and the deductible. "Other property" is covered for the perils of: actual or attempted burglary, robbery, or vandalism.

 The crime policy excludes loss from theft committed by the insured's "employees, managers, directors, trustees, or representatives" other than as specified in the insuring agreement. This endorsement specifies that the named "depository" is not an "authorized representative" of the insured.

 The endorsement specifies that the following exclusions apply to this insuring agreement:

 1. Giving or surrendering of property in any exchange or purchase.

 2. Loss to "other property" from fire.

 3. Loss to property owned by the depository.

 4. Loss to property held by the depository as collateral or in trust for more than thirty days.

 5. Unauthorized transfer of property outside the premises.

 6. Trick and device.

 Under exclusion 4, which is d. in the revised version, the exclusion for threats to introduce viruses or malicious instruction into "computer systems" to damage "electronic data" or "computer programs" are now using the terms defined in the commercial crime policy. Previously the terms used were not defined terms. Also, included in the exclusion for threats to disseminate, divulge or utilize the insured's confidential information or weaknesses in the system are threats to disseminate the confidential or personal information of another person or organization.

 Securities Deposited with Others CR 04 10 08 13

 This endorsement adds coverage for securities that the insured has deposited with others—other than in a safe deposit box or vault. As with endorsement CR 04 09, name and address of the depository must be shown. The name of the custodian must also be shown. The securities are covered for theft, disappearance, or destruction and must be on the custodian's premises; conveyed by the custodian off the premises; or on deposit with the custodian for safe-keeping in a depository.

 The endorsement adds the following definitions:

 1. Custodian—as shown in the schedule.

 2. Custodian's premises.

 3. Depository—as shown in the schedule.

 The limit of insurance and deductible sections read just as they do in form CR 04 09.

 As form CR 04 09 specifies that the named "depository" is not an "authorized representative" of the insured, form CR 04 10 does also and it adds "custodian" as not being an authorized representative of the insured.

 The endorsement specifies that the following exclusions apply to this insuring agreement:

 1. Giving or surrendering of property in any exchange or purchase.

 2. Loss in any premises the named insured occupies.

 3. Loss to property owned by the custodian or depository.

 4. Loss to property held by the custodian or depository as collateral or in trust for more than thirty days.

 5. Unauthorized transfer of property outside the premises.

 6. Trick and device.

 The exclusion for threats to introduce viruses or malicious instruction into "computer systems" to damage "electronic data" or "computer programs" are now using the terms defined in the commercial crime policy. Previously the terms used were not defined terms. Also, included in the exclusion for threats to disseminate, divulge or utilize the insured's confidential information or weaknesses in the system are threats to disseminate the confidential or personal information of another person or organization.

The endorsement adds one condition. If the custodian changes depositories, the insurance applies to the new depository if named insured notifies the insurer within thirty days. The unauthorized transfer of property exclusion has been modified to add more conditions under which the transfer is excluded. These conditions are: due to a threat to introduce a denial of service attack into the computer system; due to a threat to introduce a virus or malicious instruction into your computer system designed to damage, destroy or corrupt data; due to a threat to contaminate, pollute or render substandard your product; as a result of threat to disseminate or use confidential information or weaknesses within the computer system source code.

 Guests' Property CR 04 11 08 13

 This endorsement is intended for any insured that has guests staying on its premises—such as a hotel, motel, or nursing home.

 The first section adds the two insuring agreements to the commercial crime coverage forms. Both state that the insurer will pay as damages those sums the insured becomes "legally obligated to pay." Agreement "a" covers guests' property "in a safe deposit box inside the premises"; while agreement "b" covers the same property while it is "inside the premises or in" the named insured's possession. The endorsement also promises to provide the insured with a defense if he or she is sued for refusal to pay for loss or damage to guests' property.

 The guests' property endorsement adds one definition and changes one. The additional one defines the covered property—"guests' property." Just as the crime policy covers "money," "securities," and "other property" that belongs to the named insured, this endorsement covers the same items belonging to a guest.

 The crime policy defines "premises" as the interior of any building that the named insured occupies for the conduct of his or her business. This endorsement limits "premises" to the interior of the building that is shown on the schedule.

 The guests' property endorsement provides coverage for theft of guests' property by employees. It accomplishes this by removing the exclusion for "acts of employees" in the crime policy.

 This endorsement also adds several exclusions:

 1. Liability assumed under a contract. However, it makes an exception for such liability if the named insured enters into the contract with a guest prior to an occurrence.

 2. Loss or damage from fire.

 3. Guests' property is not covered for loss or damage that is caused by the "spilling, upsetting, or leaking" of food or drink.

 4. Loss or damage caused by insects is not covered. The endorsement also excludes damage from animals, wear and tear, and deterioration.

 5. Even though the endorsement covers guests' property in the insured's care, it specifically excludes damage to the property that the insured causes by "laundering or dry cleaning" it.

 6. If the named insured releases another party from liability and that causes a loss, there is no coverage.

 7. Again, although the endorsement is intended to cover guests' property, it specifies no coverage for items the guest holds for sale or as samples.

 8. The final exclusion emphasizes that the endorsement does not cover motor vehicles, their equipment, or anything inside a vehicle.

 The guests' property endorsement removes one condition found in the crime policy, adds one, and changes one. It specifies that the "records" condition does not apply. That condition requires the insured to keep records about the covered property. Since the property covered by this endorsement does not belong to the named insured, it would be impossible to keep such records.

 The first added condition is "bankruptcy." Since this policy now involves liability to a third party, the condition clarifies that even if the named insured declares bankruptcy, the insurer will still live up to its obligations.

 The crime policy limits covered property to property that the insured owns or for which the insured is legally responsible. This endorsement changes that condition so that it limits coverage to the property of guests "in a safe deposit box, inside the premises, or in [the named insured's] possession." The endorsement retains the wording that the insurance is for the benefit of the named insured only. It emphasizes that no one else—"including your guest"—has any rights under the endorsement. In order for a loss to be paid, the claim must be brought by the named insured.

 Safe Depository CR 04 12 08 13

 This endorsement provides the named insured with "bailees' coverage" for the property of others. The first insuring agreement provides the insured with legal liability coverage for customers' property in a safe deposit box, a vault, or elsewhere on the insured's premises. It also promises to provide a defense to the insured if he or she is sued by a customer for damage to that customer's property. It covers "loss or damage" to the property.

 The second insuring agreement provides more limited coverage. It covers the customer's property only for the perils of robbery, burglary, destruction, or damage. This is direct damage coverage—there is no legal liability requirement. The agreement covers damage to the premises done during a robbery or burglary. Finally, it also covers damage to any locked safe, vault, or safe deposit box suffered during a robbery or burglary.

 Burglary involves the unlawful taking of the property from a locked box. If the property is not in a locked box, then there must be signs of forcible entry.

 The limit of insurance and deductible sections read just as they do in forms CR 04 09 and CR 04 10.

 The acts of employees, etc. exclusion does not apply to the first insuring agreement.

 The endorsement adds one exclusion to the first insuring agreement: liability assumed in a written contract.

 It also adds two exclusions to the second insuring agreement:

 1. Loss caused by fire, other than damage to a safe deposit box, safe, or vault.

 2. Loss from animals, insects, wear and tear, deterioration, and inherent vice.

 The endorsement removes one condition, adds one, and changes one. It removes the "records" condition. It adds that the bankruptcy of the named insured does not relieve the insurer of its obligations. The "ownership of property" is changed so that it applies to property belonging to the named insured's customers. The only changes in this endorsement are minor wording changes.

 Destruction of Electronic Data CR 04 13 08 13

 CR 04 13 adds an insuring agreement to section A. of the crime coverage forms. The insurer, through CR 04 13, agrees to pay for costs that the named insured incurs to restore or replace damaged or destroyed electronic data or computer programs stored within any computer system owned, leased or operated by the insured; this is a change from the prior policy, which applied to the insured's computer system. This broadens coverage significantly, depending on how much equipment the insured owns, borrows, or rents. The damage or destruction must result from a virus designed to damage or destroy data or computer programs, or from vandalism by a person who has gained unauthorized access to the computer system. Vandalism is broken into two sections now; vandalism by an employee, and vandalism by a natural person who has gained unauthorized access to the insured's computer system; in other words, a hacker. Vandalism by an employee is newly added.

 The endorsement also adds some exclusions. The exclusion for loss resulting from the fraudulent preparation or input of electronic data or computer programs has been removed from this endorsement. Loss resulting from errors or omissions in the design of computer programs is not covered. And, loss resulting from errors or omissions in the programming or processing of electronic data is not covered.

 The previous version of CR 04 13 defined computer programs, computer system, and electronic data. The current form removes those definitions since they are now part of the commercial crime policy. Modifications to the definition of occurrence include all covered costs incurred by the insured between the time the damage or destruction was discovered and the time the computer system is restored to its operational capability immediately before the virus occurred. This just clarifies what falls under an occurrence; recurrence of the same virus once the system has been restored is considered a second occurrence. So if a virus is transmitted by email that an employee opens, if that virus is eradicated and the system repaired, but a different employee opens an email with the same virus which again damages data, that is a second occurrence. Just because it is the same virus does not make it a single occurrence unless it occurs before the original repairs are complete.

 Unauthorized Reproduction of Computer Software by Employees CR 04 14 08 13

 This endorsement provides coverage for fines and penalties that the named insured incurs resulting directly from the unauthorized reproduction of computer software by an employee that is in violation of a licensing agreement with a third party vendor. The coverage is provided if the unauthorized reproduction is done without the knowledge of the named insured, any partner, officer, or director, or without the knowledge of any other person having responsibility for compliance with the terms of the software licensing agreement. The definition of occurrence has been revised for clarification in the updated form.

 Fraudulent Impersonation CR 04 17 11 15

 The Fraudulent Impersonation form provides coverage for loss that is a direct result from an employee being deceived into transferring money, securities, or other property based on the fraudulent instruction by someone impersonating another employee of the insured or a customer or vendor.

 The form includes a schedule for impersonation of employees or impersonation of vendors and customers. In the schedule, the insured is to indicate which type of fraud is being covered, and within each category certain subcategories may be indicated. The subcategories are to indicate if verification is required for all transfers, if verification is required for transfer instructions over a certain dollar amount, of if verification of transfer instructions is not required. Depending on the amounts of funds at risk, the insured may opt for no verification, some verification, or verification of all transfers.

 A transfer instruction is an instruction to transfer money, securities, or other property. There is no specification that the instruction be received in person, by phone, fax, email, letter, or in any particular form. The second section provides the same coverage, but when the fraudulent instruction seems to come from an organization's vendor or customer. The situation is the same: the employee receives instructions he thinks are legitimate to transfer money, securities, or other property to an entity that seems to be legitimate but in actuality is fraudulent.

 The endorsement explains what is required when the verification options are selected. Depending on which transfer option the insured selects, he must either verify all the transactions or all the transactions over a certain dollar limit. The insured needs to establish protocol for transfer verification; either a callback number or some other way to verify the validity of the transfer instruction, and the insured should have procedures in place so employees know what steps need to be taken for each transfer. A record of the verifications should be retained in the insured's records. Otherwise, in event of a claim, if the insured cannot prove that the instructions were verified, coverage could be denied. The territory provision is standard and provides coverage anywhere in the world.