Running a family office or managing a fund isn’t just about preserving and growing capital. It is increasingly about safeguarding operations, reputation, and trust. In today’s digital, interconnected world, the threats go far beyond market volatility. Cyberattacks, internal fraud, and social engineering have become central risk factors that can severely disrupt business continuity and erode investor confidence.
In Part 1 of our Smart Risk Protection for Family Offices and Fund Managers series, we covered the importance of Directors & Officers (D&O) and Professional Indemnity (PI) insurance. These remain foundational for protecting executives and the company’s role in a professional capacity. In Part 2, we dive into Cyber and Crime insurance, two critical complementary policies to further protect your business.
What is Cyber insurance and why do FIs need this policy?
Cyber insurance provides coverage for financial losses and liabilities arising from cyber-related incidents. For family offices and fund managers, these can include:
- Data breaches involving sensitive investor or portfolio data
- Ransomware and malware attacks
- Business interruption due to cyber events
- Incident response costs, such as forensic investigations, regulatory notifications, legal advice, and PR
- Funds transfer fraud triggered by system compromise
- Regulatory fines (where insurable)
Why it matters:
Family offices and FIs often handle large financial transactions, handle and store sensitive client data, including high net worth individuals’ client and personal information. All this is extremely attractive to hackers. Even with robust cybersecurity a breach can occur, and when it does, you need a rapid, well-resourced response. Cyber insurance ensures that you have access to expert support and financial protection to recover not just technically, but also your reputation.
What is Crime insurance and why do FIs need this policy?
Crime insurance (sometimes called Fidelity or Commercial Crime Insurance) protects against loss from dishonest acts or fraud, from employees (internal) and third parties (external). Key areas typically covered include:
- Employee theft or embezzlement
- Social engineering and impersonation fraud
- Fraudulent instructions (e.g., misdirected payments)
- Forgery or alteration of financial instruments
- Theft of money, securities, or other assets
- Wire-transfer fraud
Why it matters:
In the context of a family office or fund, crime risk is real. Relatively small teams often handle substantial assets. Transfers worth millions can be manipulated, especially if someone uses social engineering tactics or impersonates approved signatories.
Is there an overlap between Cyber and Crime insurance?
Yes, in some cases, there are overlaps between the two policies when it comes of external threats, whereby both policies may be triggered. This is especially around social engineering, fraudulent instructions and cyber-enabled theft.
1. Social engineering (phishing, impersonation, business email compromise)
Both policies can respond in these cases where staff are tricked into transferring funds. However, many cyber insurers in Singapore are now excluding social engineering losses or putting a smaller sub-limit on the claims. Crime policies on the other hand provide broader coverage for employee deception.
2. Computer fraud / cyber enabled theft
If a hacker infiltrates the system and diverts funds:
- Cyber insurance covers the breach, forensic investigation, data recovery, system restoration, business interruption and notifications
- Crime insurance covers the financial loss from the theft
Why do FIs need both Cyber and Crime policies concurrently?
FIs and family offices are prime targets for fund theft, fraudulent transfers, business email compromises and inside fraud.
Cyber insurance protects the organisation’s digital systems, data and operations, whilst also covering its legal liabilities that arise from cyber incidents.
Crime insurance protects the organisation’s financial assets, covering losses from theft, fraud and deception.
In many real-life cases, both policies work together whereby the Cyber policy handles the technical breach and the Crime policy handles the financial loss, which is why often both covers are essential.
Working with an experienced broker like Anapi is important to help you understand your risks. We can help you:
- Define the clear policy triggers, i.e. identifying which type of event would be covered by which policy to prevent coverage gaps, or coverage overlap disputes whereby insurers argue over which policy should respond and therefore delay claim payments
- Coordinate and negotiate on sub-limits and retention (deductible) levels so you don’t over insure or under insure in overlapping areas
As an experienced broker for financial institutions and fund managers, Anapi can help you navigate your risks and build a comprehensive insurance programme that protects your organisation. Reach out to start the conversation.
