Definition:Computer crime

💻 Computer crime, within the insurance context, refers to criminal acts carried out through or targeting computer systems, networks, and digital infrastructure — and, more specifically, to the coverage provisions within crime insurance and cyber insurance policies that respond to losses caused by such acts. Traditional fidelity and crime policies began addressing computer crime decades ago through specific insuring agreements covering fraudulent electronic fund transfers and unauthorized system access, long before standalone cyber products existed. Today the term straddles both legacy crime wordings and modern cyber policies, and careful attention to policy language is essential because the two product lines can overlap, leave gaps, or trigger disputes over which responds to a given incident.

🔐 Coverage typically operates through defined insuring agreements that specify the types of computer-related criminal activity the policy will indemnify. A traditional crime policy might cover losses resulting from an unauthorized third party manipulating a computer system to transfer funds, while a cyber policy may extend to broader consequences such as business interruption, data restoration costs, regulatory fines, and liability to affected third parties. In practice, social engineering attacks — where an employee is deceived into authorizing a wire transfer — have generated significant litigation over whether the loss falls under the computer crime insuring agreement, the funds transfer fraud clause, or an explicit social engineering endorsement. Underwriters across markets in the U.S., Europe, and Asia have responded by tightening definitions, adding sub-limits for social engineering, and requiring dual-authorization controls as risk-mitigation prerequisites.

⚠️ The rapid evolution of criminal techniques — from ransomware and supply-chain compromises to deepfake-enabled impersonation — keeps computer crime at the forefront of emerging risk discussions among insurers, brokers, and regulators. For the insurance industry itself, the threat is dual-edged: carriers must underwrite computer crime exposures for their policyholders while simultaneously defending their own operations against the same risks. Adequate coverage depends on aligning crime and cyber policy wordings so that no gap exists between them, a task that demands close collaboration between risk managers, brokers, and underwriters. As regulatory regimes worldwide — from the EU's DORA framework to evolving cybersecurity mandates in Singapore and the United States — impose stricter obligations on financial institutions, the demand for robust computer crime coverage continues to intensify.

Related concepts: