​
​

Reading Time: 5 Minutes

Quick question:

When was the last time you stress-tested your institution's insurance policies?

If you're like most financial executives, the answer is probably "not recently enough."

We get it. Between regulatory pressures, competitive threats, and daily firefighting, insurance can fall to the bottom of the priority list.

But here's what we know after trading risk for 25+ years in the market…

Neglecting your insurance program is a gamble you can't afford. When a crisis hits, it's too late to discover your coverage has critical gaps.

That's why we've created this guide to the eight core coverage types every financial institution needs. Two weeks ago, we covered:

1. Directors & Officers Liability (D&O)
2. Errors & Omissions Liability (E&O)
3. Employment Practices Liability (EPL)
4. Fiduciary Liability (FID)

This week, we'll cover the remaining four:

1. Network Security and Cyber Liability (CYBER)
2. Electronic Computer Crime (CRIME)
3. Kidnap & Ransom (K&R)
4. Property & Casualty (P&C)

We'll keep the jargon light and the insights actionable.

Think of this guide as your insurance roadmap. By the final page, you'll be able to…

• Spot red flags in your current policies and plug coverage gaps
• Speak confidently about your institution's risk transfer strategy
• Access the expert support needed to protect what matters most

Let's dive in.

1) Cyber Liability

Cyber liability insurance covers financial institutions against losses from data breaches, ransomware attacks, system failures, and other network/device-related incidents.

When It Matters

• Ransomware attacks demanding payment to unlock systems
• Data breaches exposing customer financial information
• Business interruption from system outages or cyber attacks
• Third-party liability from vendor breaches
• Regulatory fines and notification costs

Claim Scenario

Regional carrier ABC Insurance (ABC) suffers a data breach exposing 100,000 customer records. Hackers demand $1M ransom to prevent public release.

ABC's cyber insurer deploys a breach response team. The cyber policy covers…

• IT, legal, and PR fees
• Customer notification and credit monitoring
• Ransom payment negotiations
• Lost business from system downtime
• Regulatory fines and penalties
• Third-party lawsuits alleging privacy violations

Without cyber insurance, ABC faces these mounting expenses alone—potentially destroying financial stability.

Cyber Claim Example: Evolve Bank & Trust Ransomware Attack

In February-May 2024, Evolve Bank & Trust (Evolve) a major fintech banking partner, fell victim to the LockBit ransomware group after an employee clicked a malicious link. The attackers accessed systems for months, ultimately stealing data on 7.6 million people (source).

When Evolve refused to pay the ransom, LockBit leaked 33 terabytes of sensitive banking information on the dark web, affecting multiple fintech partners including Wise, Affirm, and Mercury. The breach exposed names, Social Security numbers, bank account details, and contact information.

"Even well-regarded partners like Evolve can fall victim to sophisticated attacks, impacting their clients' data security" (source).

The incident forced dozens of fintech firms to notify millions of customers and offer credit monitoring—costs that fell on them despite Evolve holding the data.

Cyber insurance must explicitly cover third-party vendor breaches as a critical backstop for cascading financial losses.

Practical Insights

• Customize coverage to your unique risk profile
• Secure dedicated cyber insurance beyond property/crime policies
• Prioritize broad regulatory liability coverage
• Coordinate cyber insurance with tested incident response plans

LION POV: 41.8% of data breaches impacting prominent fintech companies are linked to third-party vendors (source). Your cyber policy must explicitly cover vendor breaches.

2) Crime

Crime insurance protects financial institutions against losses from criminal activities, including employee theft, forgery, computer fraud, and funds transfer fraud.

When It Matters

• Employee embezzlement or theft of funds
• Forged or altered financial instruments
• Computer fraud and electronic funds transfer fraud
• Social engineering schemes targeting employees

Claim Scenario

XYZ regional bank discovers an employee embezzled funds over several years by identifying dormant accounts and forging wire transfers to personal accounts.

By detection, the employee stole $1.5M. XYZ's crime policy covers:

• The stolen funds (within sublimits)
• Forensic accounting to determine full extent
• Legal fees for law enforcement cooperation
• Account reconstruction and customer communication

Without adequate crime coverage, the bank absorbs these losses directly.

Crime Claim Example: Wells Fargo Branch Manager Theft

Brian Davie, a Wells Fargo branch manager, used unauthorized cash withdrawals, money transfers, and cashier's checks to steal over $1 million (source). Davie targeted elderly and vulnerable customers. Eight victims were identified. One woman had more than $566,000 stolen from her retirement accounts.

The scheme operated from 2014-2019 before discovery. This case demonstrates why financial institutions need robust crime coverage with adequate sublimits—and strong controls around employee access.

Practical Insights

• Review crime coverage as fraud schemes evolve
• Watch for gaps across entities and international operations
• Understand exclusions for merchant services agreements
• Verify whether you have loss discovered or loss sustained coverage

LION POV: Small and mid-sized businesses represent 68% of all employee theft cases, suffering median losses of $290,000 (source). Review your sublimits annually.

3) Kidnap & Ransom (K&R)

K&R insurance covers financial institutions' costs related to employee kidnapping, extortion, or illegal detention incidents, including ransom payments and crisis management.

You might think: "Isn't kidnapping risk extremely low in the US?"

K&R insurance is like a parachute on a transatlantic flight—you hope never to need it, but if you do, you'll be glad it's there.

When It Matters

• Executive kidnapping for ransom (domestic or international)
• Extortion threats against employees or their families
• Wrongful detention by foreign governments
• Express kidnapping during business travel
• Virtual kidnapping schemes

Claim Scenario

A terrorist group kidnaps a U.S. bank executive abroad demanding $5M ransom. The K&R policy activates:

• Expert crisis consultants advise on negotiations
• Coordination with law enforcement for safe recovery
• Ransom payment to secure release
• Travel, medical, and counseling for executive and family
• PR support for media management
• Defense against subsequent legal actions

K&R protects both the institution's finances and its people.

K&R Claim Example

A bank teller in the Northeast was kidnapped at gunpoint with her young son. The kidnappers mistakenly believed she could access the vault.

When they realized their error, they released both victims.

But the trauma left the employee with severe emotional distress. She couldn't return to work.

The bank's K&R policy covered:

• Medical and mental health treatment
• Salary continuation during recovery
• Counseling for the employee's son
• Security consulting to prevent future incidents

Even though this kidnapping happened in the U.S., it was still very costly and traumatic.

K&R coverage is important for all employees who travel, not just top executives or those going overseas.
​
​

Practical Insights

• Cover all employee travel, domestic and international
• K&R incidents often trigger multiple coverage lines simultaneously—ensure clear coordination protocols
• Coordinate K&R with D&O policies for executive protection scenarios
• Understand workers' comp exclusions for criminal acts—K&R may be primary for kidnapping-related injuries and lost wages
• Develop crisis response plans and vendor relationships before incidents occur
• Compare standalone K&R policies vs. extortion and kidnapping coverage within cyber policies
• Consider general liability exposures from inadequate security training or failure to provide reasonable employee protection measures
• Review duty of care obligations for employees in high-risk locations or roles

LION POV: We tend to think of kidnapping as something that only happens abroad to high-profile executives. But domestic incidents can target any employee and often stem from mistaken assumptions about access to company assets.

4) Property & Casualty (P&C)

P&C insurance protects financial institutions' physical assets and operations from damage or loss, while covering liability claims from third parties.

When It Matters

• Natural disasters damaging branch locations
• Business interruption from property damage
• General liability claims from customer injuries
• Equipment breakdown and technology failures
• Tenant improvements and betterments

Claim Scenario

A severe hurricane hits Florida, damaging dozens of regional insurance company locations. The storm destroys roofs, floods lobbies, and ruins IT systems. Multiple offices close for repairs.

The property policy covers:

• Repairing/replacing damaged buildings and equipment
• Lost business income during shutdown
• Professional fees for repairs
• Extra expenses for temporary locations

The general liability policy defends against:

• Customer injury claims from storm debris
• Vendor allegations of negligent emergency preparations

Without robust P&C protection, the institution shoulders these massive costs alone.

P&C Claim Example: 2024 Hurricane Season

Citizens Property Insurance paid about $823 million in claims related to the 2024 hurricane season from hurricanes Debby, Helene, and Milton (source).

Financial institutions with coastal branches faced:

• Extended branch closures lasting weeks
• Technology infrastructure damage
• Business interruption losses exceeding property damage
• Supply chain delays extending recovery

Hurricane Milton intensified into a category 4 storm causing particular devastation (source). These events proved most institutions underestimate business interruption exposure.

Practical Insights

• Update property values and business interruption figures annually
• Address special risks for cryptocurrency or cannabis dealings
• Ensure international offices align with master programs
• Clarify cyber coverage within property and liability policies

LION POV: The 2024 hurricane season revealed a pattern—business interruption losses often exceed property damage. Your BI limits should reflect 18-24 months of disruption.

Wrap Up

You made it through the full overview.

To recap:

• Cyber, Crime, K&R, and P&C are critical pieces of your insurance architecture
• Cookie-cutter policies leave dangerous gaps
• The right protection requires customization for your specific risks
• Expert brokers who understand financial institutions make the difference

Insurance might seem overwhelming, but you don't need to master every detail. Focus on the fundamentals and partner with specialists who can guide you.

So What?

The difference between adequate and excellent coverage surfaces during claims. When ransomware hits at 3 AM, when an employee's theft is discovered, when a hurricane destroys multiple branches—that's when policy language matters most.

The LION Lens

We reverse-engineer coverage from the claim backward. Every endorsement, every sublimit, every exclusion deletion—designed to ensure your coverage responds precisely when needed.

Next Step: Let's schedule a Coverage Architecture Review—your first line of defense against the unexpected.

The Bottom Line

Directors and officers should see gaps before they become crises. This guide now arms you to spot red flags in your policies and own your risk-transfer strategy. If you need expert backup, LION Specialty is ready to help protect what matters most.
​
Because your personal assets are always on the line.

That’s why we built the D&O Contract Vigilance Blueprint—a 5-day email course that shows you how to:

• Secure stronger D&O coverage
• Shield your personal assets from shareholder claims
• Navigate indemnification pitfalls

Get the D&O Contract Vigilance Blueprint

Don’t wait for a claim to reveal your exposure.

Share this edition: copy & paste this link:
​http://lionspecialty.ck.page/posts/the-lion-lens-your-financial-institution-s-coverage-blueprint-part-2​

Missed Part 1? Read the deep dive on D&O, E&O, EPLI, and Fiduciary Liability here.

What do you want us to demystify next? Reply to this email or drop a comment below.

Stay covered,
Natasha & Mark
Co-Founders, LION Specialty