We protect your heritage and your digital estate with a coordinated programme that eliminates gaps between “financial” and “technological” risk.
Why combine Cyber & Crime
An incident can start in email (phishing) and end with a manipulated payment instruction. Or the other way round: a funds-transfer fraud can be accompanied by an IT intrusion. That’s why we place both policies together, harmonising definitions, sublimits and policy priority so one of them always responds – and you never fall between them.
What each policy covers
- Crime: Direct loss of money caused by dishonest or fraudulent acts by employees or third parties (embezzlement, forgery, funds-transfer fraud, theft of money/securities). It’s the financial shield when the risk is fraud.
- Cyber: Operational, legal and reputational damage arising from digital incidents (ransomware, data breaches, human error impacting privacy/IT) and the end-to-end response (forensics, GDPR counsel, communications, continuity).
Core coverages
Crime pillar (fraud and dishonesty)
- Employee dishonesty: theft, embezzlement, manipulation of cash/accounts.
- Computer fraud and unauthorised funds transfers (fake instructions, IBAN change, CEO fraud) as per wording.
- Forgery/alteration of cheques, promissory notes, payment orders.
- Theft of money or securities on premises or in transit (if included).
- Extensions: client losses due to employee acts, social engineering, computer fraud (subject to wording).
- What Crime does NOT cover: digital forensics, notification to data subjects, IT restoration or loss of income due to technology downtime — that sits with Cyber.
Cyber pillar (digital incidents & GDPR)
- Attacks (ransomware, phishing, malware) with forensic investigation, system restoration and, where permitted, ransom handling within limits.
- Privacy/GDPR: notification costs, defence, services to affected data subjects and potential fines where legally insurable and properly placed.
- Liability for data breaches and third-party damages caused by outages.
- Integrated response: specialised legal, cybersecurity experts and reputation management.
- Network interruption or loss of profits. It indemnifies the insured for loss of income and operating expenses when its business is interrupted or suspended due to a network security failure.
- Risk reality: around 80% of incidents have a human root cause, and misconfigured AI can amplify them. A wrong click or a mass email with visible recipients can end in a fine.
Overlap zones (and how we close the gap)
- Social engineering / impersonation: may sit under Crime or Cyber (or both with sublimits). We align definitions (e.g., “social engineering”, “funds transfer fraud”) and policy priority so there’s always a response.
- Computer theft vs. data breach: if the outcome is missing money, Crime typically responds; if there’s also IT damage or data exposure, Cyber comes in. We coordinate covers and sublimits to avoid surprises.
We map financial/digital exposure and test key controls (segregation, dual authorisation, call-backs, hygiene).
We align Crime & Cyber wordings—definitions, sublimits, exclusions—and tailor endorsements incl. social engineering/client fraud.
On claims, we quantify direct Crime loss and orchestrate Cyber forensics, legal and communications.