After being the victim of payoff fraud, a title company sought coverage under its cyber protection insurance policy. Its insurance company denied coverage, arguing that the title company failed to meet the requirements under the policy. The case eventually went before the 11th U.S. Circuit Court of Appeals.
The case is Star Title Partners of Palm Harbor LLC v. Illinois Union Insurance Co. (11th U.S. Circuit Court of Appeals, No. 21-13343).
Star Title Partners of Palm Harbor LLC was the settlement agent for a real estate transaction. Dee Osborn was assigned as the processor and Kathy Wellington was the closer. The seller of the property identified Capital Mortgage Services of Texas (CMS) as his lender. Osborne confirmed the lien on the property and contacted CMS for payoff information. She was instructed to email [email protected] to request a payoff letter.
Osborne then received what turned out to be a fraudulent email from Kaitlyn Holt, who purported to be a CMS payoff representative. Osborne didn’t suspect the email was fraudulent and verified the information she provided in her initial email. The email from Holt provided a payoff statement.
Star Title also received a copy of the payoff statement via fax, purportedly sent by CMS. Osborne reviewed the copy of the payoff statement and, believing the payoff statement was legitimate, listed the amount on the final ALTA Settlement Statement presented to the buyers and sellers at closing.
Osborne was aware of online banking fraud in the real estate industry and was on high alert for red flags of possible fraud. She found no red flags in this transaction and proceeded to initiate Star Title’s two-person authentication protocol. After setting up the wire transfer, she notified Wellington that the wire was ready for review. Wellington then cross-referenced the hard copy of the wiring instructions with the information in the software system.
Osborne was later notified by the seller’s real estate agent that CMS had not received the payoff funds. She reached out to a representative at CMS, who informed her that the wire information she had received via email and fax was incorrect. Star Title conducted an internal investigation to determine if there was something it could have done differently. It concluded there was not but conceded that at the time of the wire transfer, Star Title did not have policy in place to call the lender directly to verify the wire transfer information.
Star Title submitted a claim to Illinois Union Insurance Co. under its cybercrime endorsement of its insurance policy. The endorsement included a deceptive transfer fraud insuring clause. To secure coverage, Star Title had to show that its loss resulted from the intentional misleading of Osborne; was relied upon by Osborne; sent via one of the delineated methods of communication; by a person purporting to be an employee, customer, client or vendor; and the authenticity of the wire transfer instructions was verified according to Star Title’s internal procedures. Illinois Union denied coverage because CMS was not an employee, customer, client or vendor of Star Title, and Star Title failed to verify the transfer request according to its procedures.
Star Title filed suit for breach of contract and then filed a motion for partial summary judgment asserting coverage under the deceptive transfer fraud provision of the cybercrime endorsement of its policy. Illinois Union filed a cross-motion for summary judgment.
The district court denied Star Title’s motion for partial summary judgment and granted Illinois Union’s cross-motion for summary judgment. It explained that CMS was not an employee, customer, client or vendor of Star Title under the plain meaning of those terms and that Star Title made no attempt to verify the authenticity of the alleged wire instructions. Star Title appealed.
The appellate court affirmed the lower court’s decision, agreeing that Star Title failed to show it was entitled to coverage under its insurance policy.
“As a reminder, the deceptive transfer fraud clause requires that the misleading communication—in this case the email and fax—be ‘sent by a person purporting to be an employee, customer, client or vendor,’” the court stated.
“Here, the fraudster who sent the email and subsequent fax identified himself/herself as ‘Kaitlyn Holt,’ a representative of CMS,” the court continued. “But CMS is a mortgage lender, not an employee customer, client or vendor of Star Title. Star Title does not employ CMS for any purpose or control CMS’ work performance in any manner. Nor does Star Title sell CMS any particular product or provide it any particular service. Star Title argues that in holding the payoff funds in its escrow account and delivering those funds to CMS on behalf of the seller, Star Title is providing a service to CMS. In the same vein, in receiving the payoff funds and applying them to the seller’s account, CMS provided a service to Star Title. But we are unconvinced by this creative reframing of the relationship between CMS and Star Title. As CMS’ chief executive officer explained, CMS provides ‘services to consumers related to all elements of a mortgage transaction, including the funding of loans.’ In this case, CMS’ consumer was the seller of the residential home who had obtained the loan, not Star Title. Similarly, Star Title’s client—by explicit contract—was also the seller of the residential home. The reality is that CMS did not have any sort of contract or agreement with Star Title. CMS only owed an obligation to the seller, with whom it had a lien on the subject property. Star Title was tasked by the seller to function as a settlement agent. Among its responsibilities was identifying any liens and executing payoff funds if necessary. Star Title did just that on behalf of the seller. We therefore cannot construe CMS to be a customer, client or vendor of Star Title.
“Star Title argues that Florida law requires coverage clauses to be construed as broadly as possible to provide the greatest amount of coverage,” the court stated. “With that assumption as a backdrop, it contends that the deceptive transfer fraud clause should be ‘understood’ to include ‘persons and entities involved in the real estate transaction.’ As attractive as that proposition may be, it is simply not what the clause provides. It limits coverage to misleading communications ‘sent by a person purporting to be an employee, customer, client or vendor.’ If we read the provision as broadly as Star Title would like us to, we would essentially omit specific terms including in the contract or expand them beyond recognition. We are prohibited under Florida law from altering the terms bargained to be parties to a contract. Although we understand that cybercrime is on the rise, and that it makes sense to provide coverage for situations like this one, the relevant provision does not provide coverage for this fraudulent transfer.”