In the early years of cryptocurrency, there were no cryptocurrency-specific insurance coverages. Instead, policyholders experiencing losses had to try to access coverage from traditional insurance policies such as:
- Director and officer policies (breach of duty, securities violation, regulatory investigation).
- Commercial Crime Policies: “[T]typically provides several different types of crime coverage, such as: employee dishonesty coverage; coverage against tampering or alteration; coverage against computer fraud; funds transfer fraud coverage; cover of kidnapping, ransom or extortion; cash and securities cover; and money order and counterfeit currency coverage.
- Cash policies (approval of a crime policy covering specifically listed high value assets such as fine art and jewellery).
- Cyber Policies: While there are many differences between these policies, they generally cover incidental charges, breach notification, resolving identity theft issues, recovery of lost or compromised data, network downtime , response to cyber extortion, repair of computer systems and sometimes , loss of business. They generally do not compensate for stolen assets.
- Errors and omissions policies: Generally, “protects the insured from liability for committing an error or omission in the performance of their professional duties. Typically, these policies are designed to cover financial loss rather than liability for bodily injury (BI) and property damage (PD).
- First party policies: Insurance applying to the policyholder’s own property (eg home insurance).
- Third party policies (otherwise called CGL): Insurance applying to claims made against the insured by third parties. This cover often contains an obligation to defend the policyholder against claims by third parties as well as an obligation to indemnify the policyholder for settlement or judgment costs.
- Kidnap and Ransom coverage: Often available for purchase as part of crime policies (although policy provisions often prevent the policy holder from disclosing their existence).
Since these policies were not designed for the unique characteristics of cryptocurrency and digital assets such as NFTs, early commentators discussed the existence of various potential barriers to coverage.
It is often discussed whether the loss involved “covered property”. Many criminal policies define this to include “money, security, or other property” with “money” defined as currency, coins, and banknotes in use and having value nominal, or travelers checks. Insurers argue that cryptocurrency does not reasonably fall within the definition of “money”. Securities are generally considered negotiable or non-negotiable instruments or contacts, an asset class that cryptocurrency may also fall short of. And insurers often argue, based on older cases, that tangible property does not include data (although, given current knowledge of computer data, it is difficult to envision a court reaching to a similar result). In counterpoint, the IRS treats cryptocurrency as property and taxable. See for example, Kimmelman vs. Wayne Insurance GroupNo. 18 CV 1041, 2018 WL 11417314, at *2 (OhioCom. pl. September 25, 2018) (Court relied on IRS federal tax assessment to conclude that virtual currency is treated as property.). Insurers can also point to other issues, such as whether there was physical loss, coverage for contractual risks or regulatory seizure as the cause of loss, and proof of ownership. And while not an exclusion, fluctuating cryptocurrency prices can lead to significant valuation issues.
That’s not to say that these defenses are viable or expected to succeed, but rather that they reflect the kinds of arguments insurers can make in an attempt to avoid traditional policy coverage.
On the other hand, insurers should readily recognize that some of these traditional insurance policies, such as errors and omissions or third party, cover litigation and liability costs for the defense of certain claims, such as breach of copyright, trademark infringement and false advertising.