Dentons LLP has recently become embroiled in a coverage dispute with its insurer over an approximate 1.7 million dollar loss after falling victim to an email scam. Recent Ontario Superior Court decision, Dentons Canada LLP v. Trisura Guarantee Insurance Company1 tells the tale of how an email scam induced the large multinational law firm into misdirecting approximately $2.5 million dollars of a client's funds which were held in trust.
The series of events which perpetrated the firm's loss began innocently enough:
An associate of Denton's Vancouver office was representing a client in a real property matter. The mortgage for this property was held by Timbercreek Mortgage Servicing Inc. (“Timbercreek”). In order to discharge a portion of the mortgage against the property, the firm was to transfer Timbercreek $2,518,250 of the client's funds which were being held in the firm's trust account.
On December 28, 2016, a representative from Timbercreek provided wire transfer instructions and banking information to Dentons via email. Other representatives from Timbercreek were copied on this email. On January 3, 2017, Dentons received another email from the same Timbercreek representatives. The email requested that the funds be directed to an international third party account located in Hong Kong, under the name of Yiguangnian Trade Co. Ltd. (“Yiguangnian”). Dentons attempted to contact the representative from Timbercreek and left a voicemail asking for confirmation of the instructions it received. The firm did not receive a response from the representative. Dentons proceeded to receive more emails from the Timbercreek representative explaining that this requested was being made because the bank account mentioned in the initial email was being audited. After receiving signed authorizations from both Timbercreek and Yiguangnian, Dentons proceeded to transfer $2,518,250 to the third party account.
Soon after on January 6th, Dentons was contacted by a representative of Yiguangnian. This individual informed the firm that it did not know Timbercreek, nor who signed the authorization on its behalf for the wire transfer. The individual advised that they were not expecting the wire transfer, and asked Dentons to recall it. Ten days later, Dentons received an email from the actual representative of Timbercreek inquiring on the status of the payment. Soon after, the firm realized it had been duped into transferring its client's funds to a fraudulent account.
Dentons subsequently submitted a claim to its insurer, Trisura Guarantee Insurance Company (“Trisura”), in the amount of $2,518,250. The firm recovered $784,739.59. Trisura denied coverage for the firm's net loss of $1,733, 510.50. Dentons sought coverage for its claim under the policy's Computer Fraud Rider provision which states:
Loss resulting from the wrongful abstraction of Money, Securities or other property which follows and is related to the use of any computer to fraudulently cause the transfer of such property from inside the Premises or a Banking Premises or similar recognized places of safe deposit to a person (other than a Messenger) or to a place outside those Premises.2
However, Trisura maintained that this provision was not applicable to Dentons' loss. Trisura's position was that a computer was not used to fraudulently transfer the payment, as the transfer itself was not fraudulent. Trisura argued that this loss fell under the Social Engineering Fraud Rider provision which Dentons had declined to obtain. Furthermore, Trisura insisted that its policy had an exclusionary clause. The policy also contained a condition XIII(B) which stated:
If there is any other valid and collectible insurance which would apply in the absence of such insuring agreement, the insurance under this bond shall apply only as excess insurance over such other insurance, provided the insurance shall not apply:
- to property which is separately described and enumerated and specifically insured in whole or in part by any other insurance, or
- to property otherwise insured unless such property is owned by the insured.3
Trisura argued that section B of the above clause excluded coverage to Dentons because Dentons was not the owner of the funds which were misdirected. Further, Trisura also argued that Dentons had policies under various other insurers which could potentially cover the claim. This could render Trisura an excess insurer as per the above provision.
Dentons brought forward an application seeking an “advisory opinion”4 from the court on the interpretation of the Computer Fraud Rider provision, without the consideration of the Condition XIII. In response, Trisura started a Declaratory Action to allow the court to determine the dispute in consideration of all the relevant parties involved, including the various other insurers that could potentially provide Dentons coverage for the claim.
On December 11, 2018, Justice Carole Brown ultimately decided that the best use of the court's resources would be for the application to be converted into an action. Justice Brown explained, “[t]he full factual matrix is not before this Court, and is needed to make a comprehensive determination of the issues of coverage.”5
This case serves to remind us all to exercise caution in the face of modern-day security threats. The eventual outcome of this matter will be a relevant insight into the law for both insurers and insureds, as no one is immune to the risks of our modern day scams.
It also reminds us that with the rising incidents of cybercrimes, it is essential that we review and update our insurance coverages. Just having a Cyber rider may not be enough.
1. 2018 ONSC 7311
2. Ibid at para 14
3. Ibid at para 15.
4. Ibid at para 26.
5. Ibid at para 48.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.