Adams Stirling PLC
Menu
A-Z

FIDELITY BOND & CYBER CRIME INSURANCE

Print   Share   Report Broken Links

FIDELITY BOND
Beginning January 1, 2019, associations are required to purchase what the statute refers to as a "fidelity bond." (Civ. Code § 5806.) This is in addition to D&O Insurance.

Terminology. Although the statute calls it a fidelity bond, associations will actually purchase an insurance policy that covers employee dishonesty (fidelity) plus non-employee theft. A bond is a three party arrangement. Insurance is not. The preferred terminology is a Fidelity/Crime policy. The policies are two sides of a coin. On  one side is Fidelity/Employee Dishonesty and on the other side is non-employee crime coverage.

Employee Dishonesty. Employee dishonesty coverage protects an association against dishonest acts such as embezzlement committed by an employee as defined by the policy. In a common interest development, the definition of “employee” must be broadened to include the board of directors as non-compensated employees of the association, as well as the community manager and management company.

Computer and Funds Transfer Fraud. This protect against dishonest acts committed by third parties. Unlike a typical local embezzler who would be inclined to steal a little bit at a time to avoid detection, these individuals don't live in the association, are not on the board, and have no emotional connection to the community. Depending on their geographic location, they may feel they are unlikely to be tracked down and prosecuted for the crime. As a result, they are more likely to transfer as much money as they can, as quickly as they can, from an association's accounts.

Standalone Policy. Associations should explore standalone policies. Sometimes required coverage an association's Master Package Policy does not comply with Davis-Stirling requirements, or Fannie Mae and Freddie Mac requirements. Sometimes they do not cover wire transfer fraud, computer fraud, or social engineering. Boards should ask if the policy covers the following:

  1. Fidelity. Employee theft, ERISA fidelity where there is a defined benefits plan, and client property.
  2. Forgery or Alteration. Loss caused by forgery or alteration of a financial instrument.
  3. Premises Coverage. Robbery, theft or safe burglary.
  4. Transit Coverage. Robbery or theft of money or destruction or disappearance of money while in transit.
  5. Computer Crime. Losses from computer fraud by someone who has gained unauthorized access to the association's computer system. Also, loss due to a computer virus designed to damage or destroy electronic data.
  6. Restoration Expense. Reasonable costs incurred restoring a computer system following a computer crime.
  7. Funds Transfer Fraud. Loss of money resulting from a fraudulent instruction directing a financial institution to transfer, pay or deliver money from the association's account.

Amount of Coverage. As required by Civil Code § 5806, associations must:

  • purchase a fidelity policy with coverage limits in an amount equal to or greater than the combined amount of the reserves and total assessments for three months unless the governing documents call for greater limits),
     
  • cover all persons handling funds, including officers, directors, employees, managing agents and the management company, and
     
  • include in the policy coverage for "computer and funds transfer fraud" in the same amount or greater (unless the governing documents call for greater limits).

Management Companies. Management companies should carry their own fidelity insurance to protect against losses resulting from the dishonest acts of management company employees.

Reporting Requirements. Actual and potential claims must be timely reported to the association's insurance carrier or the association may lose coverage.

Internal Controls. Internal controls can help avoid losses but cannot guarantee it. Thus, the need for insurance.

CYBER CRIME INSURANCE
Associations are increasingly vulnerable to liability for cybersecurity breaches involving electronic data. Their files may be compromised or lost from viruses, hackers and cyber thieves. It can also be lost through old-fashioned theft of computers, laptops, flash drives and smart phones. See 2018 Survey of Cybersecurity in Community Associations conducted by the Foundation for Community Association Research. "Cyber Crime Insurance" covers security breaches and losses whether from internal or external threats related an association's internet and networks. Coverage may include:

  • financial losses
  • costs related to notifying members of a breach
  • lawsuits resulting from a data security breach
  • errors and omissions by an association
  • business interruption
  • data restoration
  • privacy liability

Insurance Review. Cyber insurance varies widely from company to company and boards need to inquire about coverage to make sure it's appropriate to their needs before purchasing a particular policy. If your Board does not have a tech-savvy member who is also versed in insurance policy review, consider having your association attorney review any policy to ensure you’re getting the coverage you think you are, before you purchase it.

ASSISTANCE: Associations needing legal assistance can contact us. To stay current with issues affecting community associations, subscribe to the Davis-Stirling Newsletter.

Adams Stirling PLC