You and your firm may be at risk of having claims that are not covered by the compulsory professional liability indemnification policy. Commercial insurance companies have developed insurance policies to protect you and your firm for different risks which continue to evolve to respond to new risks in doing business. There are different insurance options available and the terms of cover, including deductible amounts, may vary between insurers and brokers. Additional information is in the chart to the left, and below are brief descriptions of commercially available insurance products commonly sought by law firms. Talk to one or more brokers selling commercial insurance for law firms to learn what is best for you and your firm.

  • Crime (fidelity) provides coverage for employee fraud or theft. It can also include other coverages that will respond if you or your bank accounts are the target of a thief. Often crime policies are written on a discovery basis (provides uninterrupted coverage, reaching back across your firm's history, regardless of your prior policy structure) and can include the following coverages:
  1. loss resulting directly from employee fraudulent or dishonest acts, such as an employee forging your signature and withdrawing money from an account;
  2. client coverage;
  3. loss of money and securities from inside or outside your premises;
  4. loss resulting directly from the acceptance of counterfeit drafts and paper currency;
  5. loss resulting directly from forgery or alteration of a financial Instrument issued by you;
  6. computer and transfer fraud, including coverage for loss caused by a hacker or virus, fraudulent instructions sent to the your financial institution, and fraudulently induced transfers (social engineering fraud), and restoration expense coverage;
  7. extortion against persons or property;
  8. first party claims expenses / professional fees coverage for all insuring agreements.
  • Network security breach (cyber) insurance protects businesses and individual users for financial loss resulting from a data breach caused by Internet-based risks, and more generally from risks relating to information technology infrastructure and activities. Risks of this nature are typically excluded from traditional commercial general liability and professional liability policies, or at least are not specifically defined in traditional insurance products. Cyber policies are not standardised and contain unique terminology, and are flexible so you can choose the coverages you want.  Also, with the expansion of privacy law(s), employee privacy concerns have increased as private employee data is stored electronically. Although there may be limited coverage for this under an employment practices liability policy, cyber liability and network security policies and more commonly the primary source for this type of coverage. Cyber coverage typically provdes both first party loss and third party liability coverage.  First party coverage may include:
  1. loss or damage to electronic data caused by hacking, a virus or a denial of services attack;
  2. loss of income and extra expenses;
  3. cyber extortion;
  4. notification costs may include access to a breach coach and other professionals to assist with a data breach event, or credit monitoring services and establishment of a call centre;
  5. costs to protect your firm's reputation.

Third party coverage may include:

  1. network security and privacy liability;
  2. electronic media liability for defamation;
  3. regulatory proceedings.
  •  Commercial general liability insurance is the "first line" of coverage that a business typically purchases. CGL insurance covers many of the common risks that can happen to any type of business, such as bodily injury or property damage on the business premises or due to the business operations, personal and advertising injury, and medical payments. It specifically excludes certain types of risks, including professional services, pollution, liquor, and directors and officers liability. Separate insurance policies are available to cover these situations.
  • Property insurance provides protection against most risks to property, such as fire, theft and some weather damage. Property is insured in two main ways—open perils and named perils. Open perils cover all the causes of loss not specifically excluded in the policy. Common exclusions on open peril policies include damage resulting from earthquakes, floods, nuclear incidents, acts of terrorism, and war.
  • Employment practices liability insurance deals with wrongful termination, sexual harassment, discrimination, invasion of privacy, false imprisonment, breach of contract, emotional distress, and wage and hour law violations. EPL insurance is sold as a type of management liability insurance, which is related to professional liability insurance.
  • Directors & officers liability (often called Management Liability Insurance or Executive Liability Insurance) insurance covers exposures faced by directors, officers, managers, and business entities that arise from governance, finance, benefits, and management activities. This includes (1) directors and officers (D&O) liability insurance, (2) employment practices liability (EPL) insurance, (3) fiduciary liability insurance, and (4) "special crime" insurance (covering kidnap, ransom, and extortion exposures). These coverages may be written as stand-alone insurance policies or combined into a single, "package" policy.
  • Social engineering fraud insurance protects you if, for instance, a fraudster tricks you into transferring trust funds to them by pretending to be a legitimate client or third party. This coverage is also known as Business Email Compromise or Impersonation Fraud (and by a variety of other names) and typically involves someone close to the insured law firm (an employee, an executive, a vendor or a client) being impersonated - often quite convincingly - and tricking the firm into transferring funds to the fraudster. One BC law firm targeted by this fraud re-directed sales proceeds that it was holding in trust for a real estate client on revised instructions from someone that the firm believed was the client. Before the firm wired the funds to the client, it received an email, purportedly from the client, directing the funds to be wired to a different account. In this case, the email address used by the fraudster was identical to that used by the client, except for one letter. The funds were sent, but apparently to the fraudster’s account. (Some protection for social engineering frauds, including the 'bad cheque' scam, is also provided to you through Part C of the Policy.) These funds are often then quickly transferred offshore making recovery very challenging. Most traditional insurance policies do not cover this type of loss.