PlumBot: Bot: Creating new article from JSON

2026-03-17T13:44:21Z

Bot: Creating new article from JSON

New page

💸 '''Funds-transfer fraud''' is a form of financial crime in which a bad actor manipulates, deceives, or impersonates a legitimate party to cause the unauthorized electronic transfer of money — and it represents a significant and growing exposure within [[Definition:Commercial crime insurance | commercial crime]], [[Definition:Cyber insurance | cyber]], and [[Definition:Fidelity bond | fidelity]] insurance lines. In the insurance context, the term most commonly appears in [[Definition:Crime insurance | crime policies]] and cyber policies that provide coverage (or impose exclusions) for losses arising when an insured is tricked into wiring funds to a fraudulent account, often through [[Definition:Social engineering fraud | social engineering]] schemes such as business email compromise (BEC), invoice manipulation, or impersonation of executives and vendors.

⚙️ A typical funds-transfer fraud scenario begins with a threat actor gaining access to or spoofing a trusted email account — that of a company executive, a supplier, or even an outside counsel — and directing an employee to execute an urgent wire transfer to a bank account controlled by the fraudster. The loss occurs not because the insured's systems were technologically breached in a traditional sense, but because a human was deceived into authorizing a legitimate-looking transaction. This creates classification challenges in [[Definition:Claims management | claims]] handling: traditional [[Definition:Crime insurance | crime]] policies may require a direct, physical act of fraud and may not contemplate voluntary parting of funds induced by deception, while [[Definition:Cyber insurance | cyber]] policies often focus on data breaches and system intrusions rather than pure financial deception. Many insurers have responded by offering specific social engineering or funds-transfer fraud endorsements — sometimes with lower [[Definition:Sublimit | sublimits]] and additional verification requirements — that sit within the crime or cyber program. [[Definition:Underwriter | Underwriters]] evaluate the insured's internal controls, dual-authorization procedures, and callback verification protocols when pricing this coverage.

🛡️ The insurance industry's engagement with funds-transfer fraud extends beyond indemnifying losses to actively shaping corporate risk management practices. [[Definition:Loss control | Loss control]] guidance issued by carriers and [[Definition:Insurance broker | brokers]] typically recommends multi-factor verification of payment instructions, segregation of duties, and employee awareness training — controls that may be explicitly required as conditions of coverage. From a market perspective, funds-transfer fraud claims have risen sharply across geographies as remote work, digital payment systems, and increasingly sophisticated [[Definition:Phishing | phishing]] techniques expand the attack surface. In the U.S., the FBI's Internet Crime Complaint Center has consistently ranked BEC as one of the costliest categories of cybercrime, while European and Asian markets report parallel trends. For insurers, the challenge lies in balancing demand for this coverage against adverse selection, moral hazard, and the difficulty of aggregating exposure across a portfolio where a single well-executed campaign could trigger claims at multiple insureds simultaneously.

'''Related concepts:'''
{{Div col|colwidth=20em}}
* [[Definition:Social engineering fraud]]
* [[Definition:Cyber insurance]]
* [[Definition:Crime insurance]]
* [[Definition:Fidelity bond]]
* [[Definition:Business email compromise (BEC)]]
* [[Definition:Loss control]]
{{Div col end}}

Definition:Funds-transfer fraud - Revision history

PlumBot: Bot: Creating new article from JSON