SHEPHERD, Circuit Judge.
A computer at the State Bank of Bell-ingham (Bellingham) became infected with malware, allowing a criminal third party to transfer $485,000 from Bellingham to a foreign bank account. Bellingham sought coverage for the loss under its Financial Institution Bond (Bond) issued by Bancln-sure, Inc. (Banclnsure). Banclnsure denied coverage based on exclusions in the Bond. Bellingham filed this action, claiming breach of contract. The district court
granted summary judgment in favor of Bellingham, and Banclnsure appeals. We affirm.
I.
Bellingham, a Minnesota state bank with five employees, used the Federal Reserve’s FedLine Advantage Plus system (Fed-Line) to make wire transfers. Wire transfers were made through a desktop computer connected to a Virtual Private Network device provided by the Federal Reserve. In order to complete a wire transfer via FedLine, two Bellingham employees had to enter their individual user names, insert individual physical tokens into the computer, and type in individual passwords and passphrases.
On October 27, 2011, Sharon Kirchberg, a Bellingham employee, completed a Fed-Line wire transfer. She completed the transaction using her token, password, and passphrase as well as the token, password, and passphrase of a second employee. At the end of the work day, Kirchberg left the two tokens in the computer and left the computer running. When she arrived at work the next day, she discovered that two unauthorized wire transfers had been made from Bellingham’s Federal Reserve account to two different banks in Poland. Kirchberg was unable to reverse the transfers through the FedLine system. Kirch-berg immediately contacted the Federal Reserve and requested reversal of the transfers, but the Federal Reserve refused. The Federal Reserve, however, did contact intermediary institutions to inform them that the transfers were fraudulent, and one of the intermediary institutions was able to reverse one of the transfers. The other fraudulent transfer was not recovered.
In 2010, Banclnsure, an Oklahoma company, sold a financial institution bond to Bellingham, which provided coverage for
losses caused by such things as employee dishonesty and forgery as well as computer system fraud. On the day of the fraudulent transfer, Bellingham notified Ban-clnsure of the loss and provided a copy of the transaction details of the two transfers. After an investigation, it was determined that a “Zeus Trojan horse” virus had infected the computer and permitted access to the computer for the fraudulent transfers. After its investigation, Banclnsure determined the loss was not covered due to certain exclusions in the Bond.
Specifically, Banclnsure claimed the loss was not covered based on employee-caused loss exclusions in sections 2(h) and 2(bb)(17), ex-elusions for theft of confidential information in section 2(bb)(4), and exclusions for mechanical breakdown or deterioration of a computer system in section 2(bb)(12).
Bellingham initiated this .diversity action in federal court, alleging Banclnsure breached the contract when it denied coverage under the Bond. Banclnsure counterclaimed. In its counterclaim, Bancln-sure (1) sought a declaratory judgment that it owes no duty under the Bond to provide coverage, (2) claimed Bellingham breached the contract when it failed to provide a complete and accurate Proof of Loss and failed to cooperate with Bancln-
sure, and (3) claimed that Bellingham engaged in malicious prosecution when it complained about Banclnsure’s actions to the Minnesota Department of Commerce.
Both parties moved for summary judgment. The district court granted summary judgment to Bellingham on its breach of contract claim. The district court held “that the computer systems fraud was the efficient and proximate cause of [Bellingham’s] loss,” and “neither the employees’ violations of policies and practices (no matter how numerous), the taking of confidential passwords, nor the failure to update the computer’s antivirus software was the efficient and proximate cause of [Bellingham’s] loss.” (Order at 39.) Further, the district court held “it was not then a ‘foreseeable and natural consequence’ that a hacker would make a fraudulent wire transfer. Thus even if those circumstances ‘played an essential role’ in the loss, they were not ‘independent and efficient causes’ of the loss.” (Order at 39.) The district court awarded Bellingham $620,187.36, which included prejudgment interest. It denied summary judgment to Banclnsure on its counterclaims for breach of contract and malicious prosecution. The court also awarded attorneys’ fees to Bellingham based on the denial of summary judgment on the malicious prosecution claim.
Banclnsure appeals, challenging only the district court’s grant of summary judgment on Bellingham’s breach of contract claim.
II.
We review the district court’s grant of summary judgment de novo, viewing the record and drawing all reasonable inferences in the light most favorable to the nonmoving party.
Shrable v. Eaton Corp.,
695 F.3d 768, 770 (8th Cir.2012). Summary judgment is appropriate if “there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law.” Fed.R.Civ.P. 56(a).
Banclnsure challenges the district court’s application of Minnesota’s concurrent-causation doctrine in this circumstance. First, Banclnsure argues the concurrent-causation doctrine does not apply to financial institution bonds. Second, assuming the concurrent-causation doctrine does apply, Banclnsure claims that the parties here contracted around the doctrine in the language of this Bond. Finally, Banclnsure argues the district court erred in determining that the fraudulent conduct of hacking into the computer system was the efficient and proximate cause of the loss.
A.
In this diversity action, both parties agree that Minnesota law governs the interpretation of the Bond. Concerning insurance contracts, Minnesota has adopted the concurrent-causation doctrine, which directs that “[a]n insured is entitled to recover from an insurer when cause of the loss is not excluded under the policy. This is true even though an excluded cause may also have contributed to the loss.”
Campbell v. Ins. Serv. Agency,
424 N.W.2d 785, 789 (Minn.Ct.App.1988) (citing
Henning Nelson Const. Co. v. Fireman’s Fund Am. Life Ins. Co.,
383 N.W.2d 645, 653 (Minn.1986);
Fawcett House, Inc. v. Great Cent. Ins. Co.,
280 Minn. 325, 159 N.W.2d 268, 270 (1968);
Anderson v. Connecticut Fire Ins. Co.,
231 Minn. 469, 43 N.W.2d 807, 812 (1950)).
Free access — add to your briefcase to read the full text and ask questions with AI
SHEPHERD, Circuit Judge.
A computer at the State Bank of Bell-ingham (Bellingham) became infected with malware, allowing a criminal third party to transfer $485,000 from Bellingham to a foreign bank account. Bellingham sought coverage for the loss under its Financial Institution Bond (Bond) issued by Bancln-sure, Inc. (Banclnsure). Banclnsure denied coverage based on exclusions in the Bond. Bellingham filed this action, claiming breach of contract. The district court
granted summary judgment in favor of Bellingham, and Banclnsure appeals. We affirm.
I.
Bellingham, a Minnesota state bank with five employees, used the Federal Reserve’s FedLine Advantage Plus system (Fed-Line) to make wire transfers. Wire transfers were made through a desktop computer connected to a Virtual Private Network device provided by the Federal Reserve. In order to complete a wire transfer via FedLine, two Bellingham employees had to enter their individual user names, insert individual physical tokens into the computer, and type in individual passwords and passphrases.
On October 27, 2011, Sharon Kirchberg, a Bellingham employee, completed a Fed-Line wire transfer. She completed the transaction using her token, password, and passphrase as well as the token, password, and passphrase of a second employee. At the end of the work day, Kirchberg left the two tokens in the computer and left the computer running. When she arrived at work the next day, she discovered that two unauthorized wire transfers had been made from Bellingham’s Federal Reserve account to two different banks in Poland. Kirchberg was unable to reverse the transfers through the FedLine system. Kirch-berg immediately contacted the Federal Reserve and requested reversal of the transfers, but the Federal Reserve refused. The Federal Reserve, however, did contact intermediary institutions to inform them that the transfers were fraudulent, and one of the intermediary institutions was able to reverse one of the transfers. The other fraudulent transfer was not recovered.
In 2010, Banclnsure, an Oklahoma company, sold a financial institution bond to Bellingham, which provided coverage for
losses caused by such things as employee dishonesty and forgery as well as computer system fraud. On the day of the fraudulent transfer, Bellingham notified Ban-clnsure of the loss and provided a copy of the transaction details of the two transfers. After an investigation, it was determined that a “Zeus Trojan horse” virus had infected the computer and permitted access to the computer for the fraudulent transfers. After its investigation, Banclnsure determined the loss was not covered due to certain exclusions in the Bond.
Specifically, Banclnsure claimed the loss was not covered based on employee-caused loss exclusions in sections 2(h) and 2(bb)(17), ex-elusions for theft of confidential information in section 2(bb)(4), and exclusions for mechanical breakdown or deterioration of a computer system in section 2(bb)(12).
Bellingham initiated this .diversity action in federal court, alleging Banclnsure breached the contract when it denied coverage under the Bond. Banclnsure counterclaimed. In its counterclaim, Bancln-sure (1) sought a declaratory judgment that it owes no duty under the Bond to provide coverage, (2) claimed Bellingham breached the contract when it failed to provide a complete and accurate Proof of Loss and failed to cooperate with Bancln-
sure, and (3) claimed that Bellingham engaged in malicious prosecution when it complained about Banclnsure’s actions to the Minnesota Department of Commerce.
Both parties moved for summary judgment. The district court granted summary judgment to Bellingham on its breach of contract claim. The district court held “that the computer systems fraud was the efficient and proximate cause of [Bellingham’s] loss,” and “neither the employees’ violations of policies and practices (no matter how numerous), the taking of confidential passwords, nor the failure to update the computer’s antivirus software was the efficient and proximate cause of [Bellingham’s] loss.” (Order at 39.) Further, the district court held “it was not then a ‘foreseeable and natural consequence’ that a hacker would make a fraudulent wire transfer. Thus even if those circumstances ‘played an essential role’ in the loss, they were not ‘independent and efficient causes’ of the loss.” (Order at 39.) The district court awarded Bellingham $620,187.36, which included prejudgment interest. It denied summary judgment to Banclnsure on its counterclaims for breach of contract and malicious prosecution. The court also awarded attorneys’ fees to Bellingham based on the denial of summary judgment on the malicious prosecution claim.
Banclnsure appeals, challenging only the district court’s grant of summary judgment on Bellingham’s breach of contract claim.
II.
We review the district court’s grant of summary judgment de novo, viewing the record and drawing all reasonable inferences in the light most favorable to the nonmoving party.
Shrable v. Eaton Corp.,
695 F.3d 768, 770 (8th Cir.2012). Summary judgment is appropriate if “there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law.” Fed.R.Civ.P. 56(a).
Banclnsure challenges the district court’s application of Minnesota’s concurrent-causation doctrine in this circumstance. First, Banclnsure argues the concurrent-causation doctrine does not apply to financial institution bonds. Second, assuming the concurrent-causation doctrine does apply, Banclnsure claims that the parties here contracted around the doctrine in the language of this Bond. Finally, Banclnsure argues the district court erred in determining that the fraudulent conduct of hacking into the computer system was the efficient and proximate cause of the loss.
A.
In this diversity action, both parties agree that Minnesota law governs the interpretation of the Bond. Concerning insurance contracts, Minnesota has adopted the concurrent-causation doctrine, which directs that “[a]n insured is entitled to recover from an insurer when cause of the loss is not excluded under the policy. This is true even though an excluded cause may also have contributed to the loss.”
Campbell v. Ins. Serv. Agency,
424 N.W.2d 785, 789 (Minn.Ct.App.1988) (citing
Henning Nelson Const. Co. v. Fireman’s Fund Am. Life Ins. Co.,
383 N.W.2d 645, 653 (Minn.1986);
Fawcett House, Inc. v. Great Cent. Ins. Co.,
280 Minn. 325, 159 N.W.2d 268, 270 (1968);
Anderson v. Connecticut Fire Ins. Co.,
231 Minn. 469, 43 N.W.2d 807, 812 (1950)).
Banclnsure insists that despite the general applicability of the concurrent-causation doctrine to Minnesota insurance contracts, the doctrine is not similarly applicable to financial institution bonds because a financial institution bond requires
the insured to initially show that its loss directly and immediately resulted from dishonest, criminal, or malicious conduct. This, Banclnsure argues, is a higher standard of proof than that provided for under the concurrent-causation doctrine. Further, according to Banclnsure, if courts allow the concurrent-causation doctrine to be applied to financial institution bonds, it would be impossible for an insurer to show a financial institution bond’s exclusions were the overriding cause of the loss.
Minnesota generally treats financial institution bonds as insurance policies.
See Alerus Fin. Nat’l Ass’n v. St. Paul Mercury Ins. Co.,
No. A11-680, 2012 WL 254484 at *2 (Minn.Ct.App. Jan. 30, 2012) (unpublished) (“Courts have treated [financial institution bonds] as insurance policies, applying general rules of contract construction to derive their meaning.”);
see also In re Guardianship of Hampton,
359 N.W.2d 740, 743 (Minn.Ct.App.1984) (explaining that fidelity bonds issued by bonding companies “are now regarded as insurance policies, in substance, and are governed for the most part by insurance law rather than suretyship law”),
aff'd in part and rev’d in part,
374 N.W.2d 264 (Minn.1985). No Minnesota case precludes application of the concurrent-causation doctrine to financial institution bonds. We find that Minnesota courts would adhere to the general rule of treating financial institution bonds as insurance polices and interpreting those bonds in accordance with the principles of insurance law. See
Friedberg v. Chubb & Son, Inc.,
691 F.3d 948, 951 (8th Cir.2012) (holding that where there are no cases on point, we “must predict how the -Supreme Court of Minnesota would rule”). Furthermore, we reject Banclnsure’s argument that the Bond imposes a higher standard-of-proof than the concurrent-causation doctrine. Bellingham still had to show that its loss was directly caused by the fraudulent transfer, and the application of the concurrent-causation doctrine did not interfere with that requirement.
B.
Next, we reject Banclnsure’s argument that the parties successfully drafted around the concurrent-causation doctrine in the Bond. Banclnsure argues that the language in Bond exclusions 2(bb)(4) and 2(bb)(12) contracted around the concurrent-causation doctrine because those exclusions also apply to “indirect” causation. Parties may include “anti-concurrent causation” language in contracts to prevent the application of the concurrent-causation doctrine; however, in those cases where courts have found the contract contains an anti-concurrent causation clause, the language used is clear and specific.
See Ken Johnson Props., LLC v. Harleysville Worcester Summary Ins. Co.,
No. 12-1582, 2013 WL 5487444, at *12 (D.Minn. Sept. 30, 2013) (recognizing language that an exclusion applies “regardless of any other cause or event that contributes concurrently or in any sequence to the loss” constitutes an adequate “anti-concurrent causation” provision and “evidences the parties’ intent to contract around the concurrent causation doctrine”). As a matter of law, the Bond’s reference to “indirectly” is not a sufficient invocation of the “anti-concurrent causation” provision, and thus the Bond at issue in this matter does not contain such a provision.
C.
Finally, Banclnsure argues that even if the district court was correct to apply the concurrent-causation doctrine to the Bond, it erred in concluding that the fraudulent hacking of the computer system by a criminal third party was the overriding, or efficient and proximate, cause of the loss. Instead, Banclnsure contends
the district court should have left that question to the jury.
We reviewed Minnesota’s concurrent-causation doctrine in
Friedberg,
691 F.3d at 951-53. The Friedbergs built their house in 1989.
Id.
at 950. In 2006, they discovered extensive water damage to the house, and a subsequent investigation determined that defective construction of the home had allowed water to enter the home and cause the damage to accumulate over the course of several years.
Id.
The Friedbergs claimed their policy covered “the water damage to their home because the loss resulted from the combination of both faulty construction and the presence of water.”
Id.
at 951. The policy contained an exclusion for losses caused by faulty construction.
Id.
at 950-51. After examining Minnesota cases applying the concurrent-causation doctrine, we explained
where an excluded peril “contributed to the loss,” an insured may recover if a covered peril is ... “the efficient and proximate cause” of the loss. Conversely, it follows that’ if an excluded peril is the efficient and proximate cause of the loss, then coverage is excluded. An “efficient and proximate cause,” in other words, is an “overriding cause.”
Id.
at 952. We reasoned that “[although water intrusion played an essential role in the damage to the Friedbergs’ house,” “[o]nce the house was plagued with faulty construction, it was a foreseeable and natural consequence that water would enter.”
Id.
Applying Minnesota’s concurrent-causation doctrine, we held that the policy did not cover the Friedbergs’ loss.
Id.
at 952-53.
We agree with the district court’s conclusion that “the efficient and proximate cause” of the loss in this situation was the illegal transfer of the money and not the employees’ violations of policies and procedures. In
Friedberg,
the district court noted that based on “the climate of Minnesota, water infiltration is certain when not prevented by proper construction,” and therefore the water damage to the Fried-berg’s home was “the inevitable physical loss.”
Friedberg v. Chubb & Son, Inc.,
832 F.Supp.2d 1049, 1058 (D.Minn.2011). Unlike the water damage in
Friedberg,
an illegal wire transfer is not a “foreseeable and natural consequence” of the bank employees’ failure to follow proper computer security policies, procedures, and protocols. Even if the employees’ negligent actions “played an essential role” in the loss and those actions created a risk of intrusion into Bellingham’s computer system by a malicious and larcenous virus, the intrusion and the ensuing loss of bank funds was not “certain” or “inevitable.” The “overriding cause” of the loss Belling-ham suffered remains the criminal activity of a third party. Therefore, the district court properly granted summary judgment to Bellingham.
III.
Accordingly, we affirm.