Coverage For Cryptocurrencies Under Traditional Policies
A 24-year-old trader is facing up to 20 years in prison for wire fraud after being charged in connection with a scheme to use approximately $3.2 million worth of his company’s cryptocurrency for personal trading activities. As with many employee embezzlement schemes, the employee allegedly felt “invincible” after a short market upswing and believed he could profit in trading with the company’s resources. Ultimately, the employee is alleged to have confessed to being a “degenerative gambler,” and his activities led his company to suffer net losses valued at $603,000. Given the recent volatility in cryptocurrency valuations (and human nature), other companies may find themselves discovering similar losses. For those companies, there is a key question they may face — is the loss of cryptocurrency covered by insurance?
Identifying the answer to this question must begin with the specific policy language. Often the first place an insured would look for coverage is under its commercial crime policy. These forms afford specified coverage for losses caused by “employee theft” or “computer fraud.” Subject to the other policy terms, employee theft coverage is triggered for covered loss resulting directly from an unlawful taking by an employee. Likewise, and also subject to other terms, computer fraud coverage is triggered for covered loss resulting directly from the use of a computer to make fraudulent transfers. Cryptocurrency-related losses may fall within the purview of employee theft or computer fraud. But there remains a key limitation under commercial crime policies — coverage is often limited to loss of “money,” “securities,” or “other property,” all of which are specifically defined. The key question insureds and insurers will face is whether cryptocurrency fits within any of these definitions. If cryptocurrency does not, there will be no coverage.
At the outset, we note that some policies now address this specific issue. For example, in 2015, the Insurance Services Office (ISO) made changes to its commercial crime program to address cryptocurrency. On these new forms, the ISO form contains a broad exclusion for “Loss involving virtual currency of any kind, by whatever name known, whether actual or fictitious, including, but not limited to, digital currency, crypto currency, or any other type of electronic currency.” For insureds that deal in virtual currency, however, the new ISO form also contains an optional endorsement titled “Include Virtual Currency as Money.” That endorsement provides specified coverage for cryptocurrency-related losses, and it addresses the thorny issue of cryptocurrency valuation.
Not all crime forms now in use specifically address cryptocurrency, however. In these instances, the policy language must be carefully analyzed to determine whether cryptocurrency would be covered. As discussed below, there are serious questions as to whether cryptocurrency constitutes “money,” “securities” or “other property” under commercial crime policy forms that are currently available. If it does not satisfy any of those definitions, coverage will be unavailable.
“Money” is defined in many crime forms to mean: “a. currency, coins and bank notes in current use and having a face value; and b. travelers checks, register checks and money orders held for sale to the public.” Even assuming cryptocurrency could be a “currency” and is deemed “in use” (which is often not the case), it does not have a face value. It also is not a travelers check, register check or money order. Thus, under this definition, cryptocurrency losses may not satisfy a standard commercial crime policy’s definition of “money.”
The term “securities” is commonly defined in commercial crime forms to mean “negotiable and nonnegotiable instruments or contracts representing either ‘money’ or property and includes: a. tokens, tickets, revenue and other stamps (whether represented by actual stamps or unused value in a meter) in current use; and b. evidences of debt issued in connection with credit or charge cards, which cards are not issued by you; but does not include ‘money.’”
In unpacking this definition, it is useful to review the definition of “securities” under federal securities law. Specifically, Section 2(a)(1) of the Securities Act of 1933 contains a broad definition of “security” to include “any note, stock, treasury stock, security future, security-based swap, bond, debenture, evidence of indebtedness, certificate of interest or participation in any profit-sharing agreement … investment contract … or, in general, any interest or instrument commonly known as a ‘security’, or any certificate of interest or participation in, temporary or interim certificate for, receipt for, guarantee of, or warrant or right to subscribe to or purchase, any of the foregoing” (emphasis added).
Whether cryptocurrency is a “security” under this statutory definition is a hotly debated issue. On the one hand, the U.S. Securities and Exchange Commission has taken the position that a cryptocurrency token is an “investment contract” and thus a “security” under federal securities laws. For this reason, the SEC seeks to regulate initial coin offerings and other transactions in cryptocurrency. On the other hand, some commentators — including prominent Wall Street law firms — have analyzed the issue and determined that a cryptocurrency token may not be an “investment contract” and thus not a “security” in appropriate circumstances. The analysis largely focuses on the nature of the token itself, which may vary across cryptocurrencies — making the issue even more complex.
Finally, a “token” under the crime policy definition is only a “security” if it represents either “money” or “property.” (The “securities” definition does not include “money,” but a contract or instrument still must represent “money” or “property” to fall within the “securities” definition). There are serious questions whether cryptocurrency could represent “money” (defined above) or “property” given its unique characteristics in how it functions, as well as its existence solely in intangible form in cyberspace.
The final definition in commercial crime forms is for “other property,” which means “any tangible property other than ‘money’ and ‘securities’ that has intrinsic value but does not include any property excluded under this insurance.” Cryptocurrency is not “tangible property” because it cannot be touched; instead, it exists solely in virtual form. As such, it does not satisfy this definition.
Companies facing cryptocurrency losses may seek coverage under their commercial crime policies. While certain newer forms specifically address the issue, there may be debate over whether cryptocurrency is “money,” “securities” or “other property” under traditional crime forms. The argument may focus on whether cryptocurrency is a “security,” and that in turn may hinge on the specific currency at issue and surrounding facts. While the issue is untested in courts to date, the prevalence of cryptocurrency and potential for significant losses may lead to coverage litigation over whether those losses are covered as well as the development of new policy forms that may explicitly cover loss of cryptocurrency.
 See United States v. Kim, No. 18-CR-107 (N.D. Ill.).
 The endorsement contains a schedule for the name of the cryptocurrency, the exchange for valuation, and the applicable sublimit. Loss is determined based on the market value on the date the loss was discovered.
 An “instrument” is “a written legal document that defines rights, duties, entitlements, or liabilities, such as a statute, contract, will, promissory note, or share certificate.” See Black’s Law Dictionary (10th ed. 2014). A “negotiable instrument” means “an unconditional promise or order to pay a fixed amount of money, with or without interest or other charges described in the promise or order” but only when it meets certain conditions – such as being payable to the bearer or to order at the time it is issued or first comes into the possession of a holder. See U.C.C. § 3-104. A nonnegotiable instrument is a financial instrument that may not be transferred from the holder to another, such as a document of title. Cryptocurrency does not fit neatly into either of these categories, and instead the authorities seem to focus on whether a cryptocurrency token is an investment contract. For that reason, we will focus on that prong of the definition here.
 See, e.g., https://www.sec.gov/news/public-statement/statement-clayton-2017-12-11#_ftn6.
 See, e.g., https://www.coinbase.com/legal/securities-law-framework.pdf.
 Cryptocurrency is considered “property” for United States federal tax purposes. State taxing authorities have treated it as intangible property. See, e.g., New York State Department of Taxation and Finance, Tax Department Policy on Transactions Using Convertible Virtual Currency (Dec. 5, 2014), available at https://www.tax.ny.gov/pdf/memos/multitax/m14_5c_7i_17s.pdf.
 See, e.g., Am. Online, Inc. v. St. Paul Mercury Ins. Co., 347 F.3d 89, 96 (4th Cir. 2003) (“The insurance policy in this case covers liability for ‘physical damage to tangible property,’ not damage to data and software, i.e., the abstract ideas, logic, instructions, and information.”).