Commercial Crime Insurance
Commercial crime insurance protects businesses against direct financial losses resulting from criminal acts, including employee theft, forgery, robbery, computer fraud, funds transfer fraud, and increasingly, social engineering schemes. Unlike liability policies that cover third-party claims, crime insurance is a first-party coverage — it reimburses the insured business for its own stolen or misappropriated funds, securities, and property. It is written on a discovery basis, meaning it covers losses discovered during the policy period regardless of when the criminal act occurred.
Why Commercial Crime Matters for Independent Agents
Employee theft and occupational fraud impose staggering costs on U.S. businesses. According to the ACFE's 2024 Report to the Nations, the median loss per occupational fraud case is $145,000, with cases involving owners or executives averaging $500,000. These aren't rare events — the ACFE estimates that organizations lose about 5% of annual revenue to fraud, with small businesses disproportionately affected because they typically lack the internal controls and oversight that larger organizations maintain.
For independent agents, commercial crime insurance is a coverage that clients rarely ask for but frequently need. Business owners don't want to think about the possibility that their trusted bookkeeper is embezzling funds or that their office manager is forging checks. But the reality is that most employee theft is committed by long-tenured, trusted employees — precisely the people the business owner would never suspect.
The cross-sell opportunity is strong because crime insurance fills a gap that other policies leave open. General liability does not cover theft by employees. Commercial property insurance covers loss of business personal property by theft from a third party (a burglary), but it does not cover employee dishonesty. The BOP typically includes limited coverage for employee dishonesty — often $10,000 to $25,000 — which is grossly inadequate for a bookkeeper who has been skimming $5,000 a month for three years. A standalone crime policy with proper limits is the only real protection.
How Commercial Crime Works
Commercial crime policies follow the ISO Crime Coverage Form or carrier-proprietary forms and include several insuring agreements, each covering a different type of criminal act:
- Employee dishonesty (Insuring Agreement A) — Covers loss of money, securities, and property caused by theft, embezzlement, or fraud committed by employees. This is the most frequently triggered coverage in a crime policy. A controller who writes company checks to a fictitious vendor and deposits them into a personal account triggers this coverage.
- Forgery or alteration (Insuring Agreement B) — Covers losses from forged or altered checks, drafts, or similar instruments. An employee or outsider who forges the business owner's signature on company checks triggers this coverage.
- Computer fraud (Insuring Agreement C) — Covers losses resulting from the unauthorized use of a computer to transfer money or securities from the business. A hacker who gains access to the company's banking portal and initiates wire transfers triggers this coverage.
- Funds transfer fraud (Insuring Agreement D) — Covers losses from fraudulent instructions directing a financial institution to transfer funds from the insured's account. This is distinct from computer fraud because the fraudulent instruction may come via phone, fax, or email impersonation rather than direct computer access.
- Social engineering fraud — An increasingly critical endorsement that covers losses when an employee is tricked into voluntarily transferring funds based on fraudulent communication. The classic scenario: a CFO receives an email appearing to come from the CEO instructing an urgent wire transfer to a "new vendor." The FBI's IC3 reported $2.77 billion in business email compromise losses in 2024 alone, underscoring the scale of this threat. Social engineering coverage is not included in the base crime form — it must be added by endorsement, and limits are often sub-limited, typically ranging from $100,000 to $250,000.
Carriers like Hartford, Travelers, and Hiscox offer commercial crime as standalone policies or as part of a management liability package that bundles crime with D&O and EPLI. For small businesses, crime coverage may be available as an endorsement on a BOP with higher limits than the default.
Underwriting factors include the business's revenue, number of employees with access to funds, internal financial controls (dual signatures, segregation of duties, regular audits), industry type, and prior crime losses. Businesses that handle large amounts of cash or have employees with fiduciary responsibilities over client funds — such as property management companies, law firms, and accounting practices — face higher premiums.
When placing crime coverage, agents should gather the client's annual revenue, number of employees, description of internal financial controls, banking and fund transfer procedures, and any prior theft or fraud incidents. Most carriers require a crime-specific supplemental application beyond the ACORD 125.
Frequently Asked Questions
What is commercial crime insurance? Commercial crime insurance protects businesses against direct financial losses from criminal acts including employee theft, forgery, computer fraud, funds transfer fraud, and social engineering schemes. It is a first-party coverage — paying the insured business for its own losses — not a liability policy. It is written on a discovery basis, meaning it covers losses discovered during the policy period regardless of when the theft or fraud actually occurred.
Why is BOP employee dishonesty coverage usually insufficient? Most BOPs include employee dishonesty coverage, but the sub-limits — typically $10,000–$25,000 — are grossly inadequate for real-world embezzlement scenarios. The median occupational fraud loss is $145,000, and cases involving executives average $500,000. A bookkeeper who has been skimming $5,000 per month for three years would generate a $180,000 loss that a standard BOP employee dishonesty sub-limit cannot begin to cover.
When do independent agents recommend standalone crime coverage? Agents should discuss crime insurance with any business that handles significant cash or fund transfers, employs people with access to financial accounts, or lacks strong internal financial controls. High-priority targets include property management firms, law firms, accounting practices, nonprofits, and professional associations — but employee theft can happen in any organization with three or more employees and any meaningful banking relationship.
What is social engineering fraud and does crime insurance cover it? Social engineering fraud occurs when an employee is tricked into voluntarily wiring money to a fraudulent account — typically through a business email compromise scheme impersonating a CEO or vendor. The FBI reported $2.77 billion in business email compromise losses in 2024. Standard crime forms do not include social engineering coverage automatically; it must be added by endorsement, and limits are often sub-limited at $100,000–$250,000. Agents should always discuss this endorsement when placing crime coverage.
Related Terms
- General Liability Insurance — GL covers third-party claims of bodily injury and property damage but does not cover internal theft or fraud losses
- Business Owner's Policy (BOP) — BOPs include limited employee dishonesty coverage, but the sub-limits are typically insufficient for meaningful protection
- Directors & Officers (D&O) Liability — D&O and crime insurance are often bundled in management liability packages since the same leadership team faces both governance and fraud exposure