Embed Size (px)
Citation preview
SEPTEMBER 2015 FINANCIAL INSTITUTIONS BULLETIN
AJGINTERNATIONAL.COM
BANK OF NEW YORK MELLONCOMPUTER GLITCH – CYBER ORPROFESSIONAL INDEMNITY?
SEPTEMBER 2015
A recent article in the Financial Times (26th August - Funds scramble to assess computer glitch) has documented the problems experienced by one of the largest custodian banks as the result of a computer glitch. In short, it appears that the computer systems used by the bank to calculate the Net Asset Values (NAVs) of its fund clients has suffered problems following a failed software upgrade by one of its suppliers. This may have led to investors buying or selling funds at inaccurate prices and the funds in question being unable to disseminate accurate price information.
Considering this event from an insurance perspective it is tempting to consider purely the impact to the custodian. We, however, suspect more widespread ramifications to third party funds and investment managers as they are likely to be first in line for any investor complaint. In addition whilst the funds and investment managers may be able to seek redress from a custodian this may well be subject to liability caps and potentially involve joining a queue of other institutions.
Below we detail where the claims may emanate and how insurance could react in a similar scenario:
INVESTMENT MANAGERS AND FUNDS
Investors in the funds may allege loss having bought or sold securities at incorrect prices or having subscribed to or exited the funds on incorrect NAVs. The fund is likely to have a duty to put their investors right but having outsourced management of the fund will be able to seek redress from the fund manager who may well purchase professional indemnity insurance.
A well drafted professional indemnity policy will provide coverage where liability has been incurred regardless of fact that the original liability at the custodian involved a failure of computer systems. Some professional indemnity policies will contain a ‘software and mechanical breakdown exclusion’ however as long as this has been amended to only apply to claims arising directly from such failure it will not impact this scenario.
In addition, coverage should be available under professional indemnity policies for mitigation costs, i.e. payments made and costs incurred in avoiding claims that if they were to be made would be covered under the policy. For example, it may be possible for an insured financial institution to make payments to third parties that have been affected by problems with computer systems prior to such parties making formal claims.
CUSTODIAN
Having provided a fund administration service the custodian may be liable to the investment managers for supplying incorrect NAV’s. Professional indemnity insurance will cover this scenario, again assuming any software and mechanical breakdown exclusion has been amended to only exclude direct claims as in this instance the claims against the custodian will emanate from investment managers and be for loss resulting from incorrect NAV numbers not the software glitch.
Additional coverage would be available under cyber insurance by virtue of a non-damage business interruption insuring clause. This would cover the increased costs of working following the glitch for example costs of overtime and third party contractors and potentially costs associated with specific actions in a disaster recovery plan.
SEPTEMBER 2015 FINANCIAL INSTITUTIONS BULLETIN
AJGINTERNATIONAL.COM
THOMAS FALCONTechnical Director E: [email protected] T: +44 (0)20 3425 3233
CONDITIONS AND LIMITATIONSThis information is not intended to constitute any form of opinion and recipients should not infer any opinion from its content. Recipients should not rely exclusively on the information contained in the bulletin and should make decisions based on a full consideration of all available information. We make no warranties, express or implied, as to the accuracy, reliability or correctness of the information provided. We and our officers, employees or agents shall not be responsible for any loss whatsoever arising from the recipient’s reliance upon any information we provide and exclude liability for the statistical content to fullest extent permitted by law.
Arthur J. Gallagher (UK) Limited is authorised and regulated by the Financial Conduct Authority. Registered Office: The Walbrook Building, 25 Walbrook, London, EC4N 8AW. Registered in England and Wales. Company Number: 1193013.
If you would like more information, please contact your Account Executive or:
www.ajginternational.com @AJG_INTL /arthur-j-gallagher-international
About the Arthur J. Gallagher Financial Institutions Team
The dedicated Arthur J. Gallagher Financial Institutions team offers advice, design and execution services for a wide range of standard and bespoke insurance products. We provide competitive, cost-effective solutions for the full range of liability and crime risks faced by financial services firms and their directors and officers, including civil liability, professional indemnity, fraud, cyber risks and directors’ and officers’ liability.
DAVID ROGERSExecutive Director E: [email protected] T: +44 (0)20 3425 3217
