What are the risks of not purchasing Commercial Crime insurance coverage?

Within financial risks insurance coverages, companies are increasingly prioritizing the protection of their Directors’ personal liability, aiming to safeguard their private assets in the event of legal proceedings for breach of corporate bylaws, regulatory legislations, or mismanagement.

Protection of the company’s corporate assets is often subject to strategic deliberations, typically informed by a risk mapping exercise that assesses exposures based on severity and frequency.

However, Crime-related risks remain significantly underestimated, as evidenced by the large number of companies still lacking dedicated Crime insurance policies.

To clarify, we are referring here to the financial losses and ancillary costs arising from asset misappropriation—whether perpetrated internally or externally, with or without employee collusion—including theft, embezzlement, breach of trust, forgery, and falsified documentation.

In cases of “Internal fraud”, it is not uncommon for the perpetrator to be a long-standing employee with no prior disciplinary record, who exploits procedural loopholes—sometimes discovered by chance—driven by personal financial distress or unresolved professional grievances.

“External fraud”, on the other hand, has been widely documented in the press over the past two decades, particularly in the form of “CEO impersonation” scams and fraudulent international wire transfer schemes (FOVI). These cases underscore the scale and sophistication of the threat.

The core issue lies in accurately assessing the direct and indirect financial impact of such crime, should the company be forced to absorb the full cost. Beyond the immediate financial loss—which can exceed tens of millions of euros—there are operational disruptions (additional expenses, business interruption, penalties, overdraft interest, supply chain breakdowns, deferred procurement), as well as reputational damage that can erode stakeholder confidence, including that of clients, suppliers, creditors, shareholders, and employees.

Additionally, there is a social/employment risk, as demonstrated in cases where companies have wrongfully terminated employees for negligence—often due to insufficient training in fraud detection and prevention—or, in more severe instances, have been forced into insolvency following a complete depletion of cash reserves by fraudsters.

A further latent risk concerns the liability of corporate Directors & Officers, who are expected to avoid exposing the company to undue risks. In line with the principle that “to govern is to anticipate,” it is incumbent upon leadership to implement preventive measures and, where necessary, mitigate the impact of risks that could threaten the company’s continuity.

Fortunately, tailored insurance solutions for fraud risk transfer do exist. It is important to note that traditional property insurance policies do not cover thefts without signs of forced entry or violence. Likewise, cyber insurance policies typically exclude FOVI-type scams that rely on identity theft and social engineering rather than digital cyberattacks. 

Only dedicated Commercial Crime insurance policies provide comprehensive coverage for such exposures. These policies enable risk transfer and offer access to insurers’ specialized expertise and claims handling experience. This is particularly critical in an era where deepfake technology (AI-generated fake video calls) and advanced voice/image manipulation tools are amplifying the threat landscape.

Ultimately, it is up to company Directors to determine whether to protect the organization against this growing risk. However, they must be fully aware that failure to do so may eventually result in exposing their personal liability afterwards for the consequences of such decision.