Introduction

This form is designed for use for financial institutions including banks, savings institutions, securities brokers and dealers, insurance companies, finance companies, credits unions and mortgage bankers. The first three insuring agreements, for web site publishing, security breach and programming errors and omissions liability have limits beginning at $500,000 with a $5,000 deductible. Both may be increased, and the deductible may also be decreased if so desired by the insured.

The policy has a basic and an extended reporting period for the first three insuring agreements. These will be discussed where necessary. In order for the insuring agreements to apply, there must be an aggregate limit shown in the declarations.

 

Section I – Insuring Agreements

 

 

Analysis

 

The definition of "wrongful acts" is key to the understanding of coverage provided in the first three insuring agreements. For the Web Site Publishing insuring agreement, "wrongful acts" includes actual or alleged errors, misstatements or misleading statements published or posted by the insured on its web site. The posting must result in any type of infringement of another's copyright, title, slogan, trademark, trade name, trade dress, service mark or name, any defamation against a person or organization or a violation of a person's right of privacy. If an insurance company accidentally posted details of an insured's claim on the website, that would be covered.

 

"Interrelated wrongful acts" are acts that have a fact, circumstance, situation, event, transaction or cause, or series of such in common. The repeated posting of a trademark that is too similar to a competitor's trademark would be "interrelated wrongful acts."

 

Like any liability policy, coverage is for loss the insured is legally obligated to pay including defense costs as a result of the claim made during the policy period or extended reporting period if there is one. Any loss must take place after the end of the retroactive date on the declarations and before the end of the policy period.

 

The first section of the second insuring agreement, Security Breach Liability, has the exact same wording as the web site liability agreement. What is different is the definition of "wrongful acts" used for this agreement. A "wrongful act" for this agreement involves actual or alleged neglect, breach of duty or omission by an "insured" that results in a "security breach" or a "computer system" transmitting by e-mail or other means a "virus" to another person or organization. If the insured does not have proper security for its computer system and the system is hacked, spreading a virus to all customers, coverage is provided as long as the insured is legally liable. Or, if the personal information of the insured's customers is accessed and used to create false identities or simply make ill use of the customer's charge cards, coverage is provided. Defense costs are provided as well.

 

A "security breach" is defined as the acquisition of "personal information" within the "computer system" of the insured by an unauthorized person or someone authorized to access the information but who discloses it without authorization, for example hackers selling the customers' information. "Personal information" includes social security numbers, protected health information, driver's license numbers, and other protected information. A "computer system" is the computers, transportable or handheld devices, other electronic storage devices and components, systems and applications software, and communication networks by which data is collected, stored, transmitted, or retrieved. So not only are the computers in the office covered, but tablets, smart phones, and other devices used by the company and its employees.