Reading scan time: 5 minutes

Your Friday Five

Every week our team rips through 200+ insurance, legal, regulatory, and market-risk articles so you don't have to!

Three developments caught our attention this week:

• An Illinois federal court held that employee wire transfers triggered by fraudulent emails from a compromised CFO account constituted a "direct loss" from computer crime. Two additional courts stretched third-party cyber coverage beyond its intended scope this year.
• A North Carolina Business Court allowed bad faith and unfair trade practices claims to proceed against a captive insurer in a dispute over more than $100 million in coverage. The court rejected the argument that captive status shields carriers from the state's broader consumer protection statute.
• Carriers deploying AI in underwriting and claims face the same regulatory and litigation exposure they're writing policies against. AI Governance becoming the newest coverage issue.

Courts Challenge Coverage Triggers: Three Rulings Carriers Should Read Now

Summary

Recent decisions suggest courts are reading coverage triggers broadly and structural defenses narrowly. Three rulings this year illustrate the pressure on policy language carriers drafted for a simpler threat environment.

In Office of the Special Deputy Receiver v. Hartford Fire Insurance Company, an Illinois federal court addressed whether losses from a spear-phishing attack qualified as a "direct loss" under a cyber policy's Computer Fraud insuring agreement. A cybercriminal compromised the insured's CFO email account and tricked employees into wiring funds to a fraudulent account. The carrier denied coverage, arguing the loss was not a "direct result" of the computer crime because it was the insured's employees who actually issued the payments. The court rejected that argument, holding that the transfers were a direct response to fraudulent emails from the compromised account

Other jurisdictions interpret "direct" more narrowly.

But this ruling reflects a growing pattern where courts recognize that cyber deception resulting in losses due to manipulated human behavior may be sufficiently direct to trigger computer fraud coverage, unless policies are explicitly drafted to address the scenario.

Two additional decisions pushed in the same direction on third-party coverage. In Kane v. Syndicate 2623-623 Lloyd's of London (New Mexico Court of Appeals) and Connelly Law Offices v. Cowbell Cyber (W.D. Washington), courts transformed third-party claims for an insured's failure to pay amounts due into claims "for" a security breach. Both courts found ambiguity in the word "for" and rejected plain-meaning arguments. The payees' concern was that they did not receive payment, not that the insured's systems were breached.

Yet both courts allowed the claims to proceed under third-party cyber coverage (source: wiley.law).

So what?

These rulings create real coverage pressure on both sides of the table.

For carriers: If your Computer Fraud insuring agreement relies on "direct result" language without defining what "direct" means in social engineering scenarios, the Office of the Special Deputy Receiver court just told you how it reads the silence. If your third-party insuring agreement covers claims "for" a security breach without further definition, the Kane and Connelly courts showed how far that language stretches. The window to tighten manuscript language before these interpretations become entrenched is narrowing. Forms that were adequate three years ago are now being read by courts operating in a threat environment those forms never anticipated.

For insureds: These decisions expand the arguments available to you in a coverage dispute. If your carrier denies a social engineering claim on the basis that human intervention broke the causal chain, Office of the Special Deputy Receiver gives you a federal court that disagrees. If a vendor you failed to pay after a funds transfer fraud sues you and your carrier says that is not a claim "for" a security breach, Kane and Connelly say otherwise. Document these positions now.

The leverage exists today — it may not after carriers retool their forms at renewal.

A Captive Lost Its Shield — Bad Faith Survives in North Carolina

Summary

A North Carolina Business Court ruled on March 3 that bad faith and unfair trade practices claims against a captive insurer can proceed in a dispute over more than $100 million in coverage.

In Watts Guerra LLC v. Series 1 of Oxford Insurance Company NC LLC, a Puerto Rico-based firm purchased twelve $10 million policies from a special-purpose captive to hedge an investment in a mass tort litigation portfolio valued at over $340 million. The firm paid approximately $7 million in premiums. By the time coverage expired, it had recovered roughly $2 million.

The court dismissed the breach of contract claim without prejudice because the insured had refused to provide documents the insurer requested during the claims investigation. But the bad faith claims survived. The insured alleged that Oxford representatives indicated before any claim was filed that the insurer would refuse to pay and asked the insured to delay filing while the parties explored transactions involving the litigation portfolio (source: captive.com).

The court rejected the argument that captive insurer status shields the carrier from North Carolina's Unfair and Deceptive Trade Practices Act. Captives are exempt from certain insurance-specific unfair trade practices provisions, but the broader consumer protection statute still applies. Bad faith standards and available remedies vary significantly by state, and this ruling is specific to North Carolina's Business Court and UDTP framework (source: captive.com).

The LION Lens

What happened — A North Carolina court allowed bad faith and UDTP claims to proceed against a captive insurer, rejecting captive-status immunity from the state's broader consumer protection law (source: captive.com).

Why it matters — Captive structures do not insulate carriers from the same claims-handling standards applied to traditional insurers. Recent rulings suggest courts may look through the structure to the conduct.

Practical implications — Captive insurers, fronting carriers, and their sponsors need claims-handling protocols that meet the same bar as admitted market carriers. The UDTP exposure is separate from and can survive without a breach of contract finding.

So what?

This case sits at an unusual intersection: captive insurance, litigation finance, and bad faith.

But the legal principle extends well beyond exotic structures. The enforcement environment is intensifying across the board. State attorneys general are now partnering with private law firms under contingency-fee arrangements to pursue enforcement litigation, eliminating the budget constraints that historically limited actions to large-company targets. When that expanding enforcement infrastructure meets the judicial willingness to look through organizational form, carriers operating through captives, fronting arrangements, and delegated authority structures face heightened exposure.

The LION POV

Here's how we're advising clients:

• Review claims-handling protocols across all structures. Captive programs, fronting arrangements, and MGAs operating delegated authority should document investigation timelines and information requests with the same rigor as admitted carriers. The Watts Guerra ruling makes clear that organizational form is not a defense.
• Confirm your consumer protection exposure by domicile. Bad faith standards vary by state. Identify which of your operating jurisdictions apply broader consumer protection statutes to insurance conduct, and whether your captive or alternative structures are exempt.
• Document everything before the claim. The allegations that Oxford signaled denial before a claim was filed and encouraged delay are what kept the bad faith claims alive. The claims-handling record starts before the first notice of loss.

Want to discuss how these coverage trigger rulings affect your captive or alternative risk structure? Contact LION Specialty for a confidential program review.

Carriers Face What They Underwrite (Markel's Perspective)

Summary

Carriers deploying AI in underwriting, claims processing, and customer interactions face the same regulatory and litigation exposure they are writing policies against.

Markel's management liability claims team recently outlined the operational baseline. Diverse AI development teams need to identify algorithmic bias, regular audits of AI outputs, human oversight over automated decisions, third-party vendor diligence, and documented ethical guidelines.
​
Markel's top ten:

1. Establish diversity in AI development teams
2. Regularly audit AI systems
3. Maintain human oversight
4. Don't substitute data for on-the-ground knowledge (leverage trading partner relationships)
5. Comply with privacy laws
6. Understand third-party vendor practices
7. Be careful when AI systems are part of a product offering (product liability exposure)
8. Implement ethical guidelines
9. Stay informed about regulatory compliance
10. Engage stakeholders

The practical warning underneath that guidance is straightforward.

Biased claims algorithms that unfairly deny claims or adjust premiums create the same regulatory exposure carriers see in the policies they write. Third-party AI vendors processing sensitive health and financial data carry privacy risk that flows back to the carrier. And AI-embedded products — from automated underwriting tools to chatbot interfaces — carry product liability exposure for the developers and potential vicarious liability for the owners (source: markel.com).

So what?

For boards at regional insurers and MGAs: the question is no longer whether to adopt AI governance.

It is whether your governance documentation will withstand the same regulatory scrutiny your underwriters apply to submissions. If the answer is unclear, the gap between your AI deployment and your AI governance may itself constitute an insurable exposure, and one your own carriers may decline to cover.

The Bottom Line

Courts are stretching coverage language faster than many carriers are tightening their forms.

Organizational structure is not insulating anyone from claims-handling accountability. And carriers deploying AI without documented governance face the same exposure they underwrite. The common thread...the distance between what your institution does and what it can defend is shrinking.

In Case You Missed It!

Last week we launched The Six-Line Silent AI Audit, a three-part Wednesday Intelligence series mapping every core policy line in your FI program against the AI exposures the forms were never written to address. Part 1 covers D&O and EPLI. Part 2 will cover E&O and Cyber. And Part 3 will deliver the full audit framework and what underwriters at leading FI writers are asking for at renewal.

Read Part 1 here, or listen to the audio version here.
​
​Thank you for reading today's edition!

Want to share this edition via text, email or social media? Simply copy-and-paste the link below:

​https://lionspecialty.kit.com/posts/three-courts-rewrote-your-policy-language-this-year-you-weren-t-at-the-table​

And if this briefing was forwarded to you, subscribe directly here.
​
​Stay Covered Out There Y'all,

TASH & FLIP

Co-Founders and Managing Partners

LION Specialty
​
P.S. Boards get exposed by D&O mistakes they never see coming. We built a 5-day email course on what to watch for. Comment BLUEPRINT and we'll send it.
​​
P.S.S. Nothing in this briefing constitutes legal advice. These are the opinions of the founders. It's market intelligence designed to help you ask better questions of your advisors and make sharper decisions at your next insurance renewal.