Learn when cyber losses trigger crime coverage instead. Discover policy overlap, exclusions, and how to coordinate cyber and crime policies.
Cyber and crime insurance are often treated as separate products, but several loss types trigger both policies and create coverage questions. Business email compromise (BEC) / wire fraud attacks are the most common overlap: a CEO email spoofing attack that results in a fraudulent wire transfer could potentially be covered under cyber (if email compromise is included) or crime (if the loss is financial fraud). The distinction matters because cyber policies often exclude social engineering or impose very low sublimits on BEC losses, while crime policies (particularly crime policies with financial fraud coverage) may be primary for wire fraud claims. Additional overlaps include employee embezzlement via compromised accounts (is it cyber, crime, or both?), ransomware payments (cyber typically covers extortion/blackmail), and data breach costs (cyber covers breach notification and remediation; crime does not). The critical issue is policy language: a cyber policy with a social engineering exclusion will deny coverage for BEC losses, leaving the crime policy to respond. Conversely, some crime policies exclude losses involving computer fraud or hacking, creating a gap if cyber is denied. Brokers should conduct a side-by-side policy review at renewal: identify potential claims that span both policies, understand which policy is primary for each type of loss, check for exclusions that create coverage gaps, and identify sublimit issues. A wire fraud loss of $500,000 is devastating if the cyber policy has a $50,000 BEC sublimit and the crime policy has a $100,000 fraud limit—creating a $350,000 gap.
Broker handles cyber and crime insurance separately from different teams. At renewal, coverage questions arise (e.g., 'What covers BEC?') but broker hasn't compared policies side-by-side. Client suffers BEC loss; claim presented to cyber first; denied due to social engineering exclusion; broker then submits to crime policy, but policy denies due to 'computer fraud' exclusion.
Cyber and crime policies reviewed separately with no overlap analysis. Broker unfamiliar with cyber policy exclusions on social engineering. Crime policy language may exclude computer-assisted fraud. No visibility into sublimit issues. Claim disputes arise post-loss.
Side-by-side policy comparison showing cyber and crime coverage for key loss types (BEC, wire fraud, ransomware, embezzlement, data breach), flagging overlaps, gaps, sublimits, and whether primary coverage exists.
BindLedger coverage comparison tool can analyze cyber and crime policies together to identify overlap, gaps, and primary coverage.
View policy comparison tools
View policy comparison tools →“BEC was second on the dollar list, with close to $2.8 billion in losses in a single year.”
“Crime insurance protects your money and securities from theft, fraud, and forgery. Cyber insurance protects your data, systems, and liability from internet-based attacks.”
“Understanding how current insurance policies would respond to key risk scenarios is imperative and will provide confidence in insurance strategy while clearly identifying where gaps and overlaps occur.”
“Cyber policies generally provide more robust coverage and charge a more appropriate premium for the exposure, and many crime underwriters have initiatives underway to remove extortion and related reimbursement costs from crime policies.”
“Total cybercrime losses reached $16.6 billion in 2024, a 33% increase from the previous year.”