Business owners are increasingly learning a painful lesson about modern fraud scams. They are evolving faster than the traditional policy language found in many commercial crime policies. A recent federal case involving forged merchant cash advance agreements shows exactly how that gap can swallow a seven-figure claim. 1
In this case, a fraudster impersonated the CEO of a technology company and used DocuSign to execute multiple “Merchant Agreements” selling future receivables in exchange for immediate cash advances. The agreements authorized automatic ACH withdrawals from the company’s bank account. Money flowed in. Then money flowed out. By the time the dust settled, the business had suffered significant losses and turned to its Commercial Crime Policy for protection under the forgery insuring agreement.
The insurer denied coverage and moved to dismiss. The policy covered “loss resulting directly from forgery or alteration of checks, drafts, promissory notes, or similar written promises, orders or directions to pay a sum certain in money.” That language sounds broad. It is not.
The court focused on two issues that regularly defeat these types of claims. First, the forged merchant agreements were not checks, drafts, or promissory notes. They were contracts for the sale of receivables. They were conditional. They were contingent on business performance. They included numerous undertakings beyond a simple promise to pay. Courts routinely interpret “similar written promises” narrowly under the doctrine of ejusdem generis, limiting coverage to instruments that function like negotiable instruments. These merchant agreements did not.
If you wish to understand “ejusdem generis” more fully, please read “What Is Ejusdem Generis and How Can it Help Clarify Ambiguous Policy Language If My Insurer Denies Coverage?”
Second, the policy required the loss to “result directly” from forgery. In many jurisdictions, including the Eleventh Circuit, “directly” means immediately and without intervening steps. Here, after the forged agreements were executed, ACH authorizations were processed, and debits were initiated through banking channels. The court concluded that too many steps intervened between the forgery and the actual transfer of funds. The motion to dismiss was granted.
The forgery theory was dead on arrival, not because there was no fraud, but because the coverage grant was drafted decades before DocuSign, merchant cash advances, and automated clearing house withdrawals became common tools of deception. Traditional forgery coverage was built to protect businesses relying on negotiable paper, such as altered checks, forged drafts, and counterfeit notes. It was never designed to address modern impersonation schemes executed through digital platforms and ACH networks. Trying to stretch that language to fit modern financial engineering rarely succeeds.
But that does not mean coverage is impossible. It means you have to look in the right place.
Many commercial crime policies contain separate insuring agreements for Computer Fraud and Funds Transfer Fraud. Computer Fraud coverage often protects against losses resulting directly from the use of a computer to fraudulently cause a transfer of money. Funds Transfer Fraud coverage typically addresses fraudulent instructions directing a financial institution to transfer funds. Those provisions do not depend on negotiable instruments. They depend on the mechanism of the transfer.
In cases involving forged DocuSign agreements and automatic ACH debits, those coverages may provide a stronger path forward, particularly if the transfer was automated and the insured had no meaningful opportunity to intervene once the fraudulent authorization was in place.
There is also another increasingly critical endorsement known as Social Engineering or Fraudulent Impersonation coverage. These coverages were developed specifically to address scenarios where a fraudster impersonates an executive or trusted vendor and induces a transfer of funds. If that endorsement exists, the coverage analysis shifts dramatically.
The key lesson is that businesses cannot assume their traditional “crime package” automatically protects against digital impersonation schemes. The structure of the fraud must match the structure of the insuring agreement.
Business owners and their agents should be discussing whether their policy includes Computer Fraud coverage that is not artificially restricted by narrow causation language. They should confirm whether Funds Transfer Fraud coverage applies only to instructions sent directly to a bank or more broadly to fraudulent transfer mechanisms. They should evaluate whether a Social Engineering endorsement exists and what sublimits apply. They should also review whether a standalone cyber policy provides broader financial fraud protection, as many cyber forms now include coverage for fraudulent transfers triggered by electronic deception.
Modern financial fraud does not respect the old distinctions between paper and electronic instruments. Policies often still do. This is a major risk area all business owners, Chief Financial Officers, and risk managers cannot overlook. If your business moves money electronically, and nearly every business does, this is not an academic exercise.
Thought For The Day
“An investment in knowledge pays the best interest.”
—Benjamin Franlkin
1 Convergence Technologies v. Berkley Ins. Co., No. 9 :25-cv-81260 (S.D. Fla. Feb. 10, 2026). See also, Berkley Insurance Motion to Dismiss, and Convergence Technologies Response to Motion to Dismiss).