Fraud insurance is not a single product — it is an umbrella term for a range of insurance coverages designed to protect individuals and businesses from financial losses caused by fraudulent or criminal acts. Understanding what exists, what each product covers, and who needs what is the starting point for making informed decisions about your protection.
The two main categories: personal and business
Fraud protection products divide broadly into two categories.
Personal fraud protection is primarily provided through bank zero-liability guarantees and government support services like IDCARE, rather than standalone insurance products. The most significant personal fraud types — identity theft, card fraud, online scams, account takeover, and investment scams — are addressed through a combination of bank protection (for genuinely unauthorised transactions), Netsafe reporting, and the IDCARE support service for identity theft recovery.
Business fraud insurance is more developed as a commercial product category. Three main insurance types are relevant:
- 1.**Fidelity insurance (employee dishonesty cover):** Covers direct financial losses caused by the fraudulent or dishonest acts of employees — embezzlement, theft, payroll fraud, forged payment authorities. Available as standalone or as part of a commercial crime package.
- 1.**Commercial crime insurance:** The broadest business fraud cover, encompassing fidelity plus external threats — computer fraud by third parties, forgery, counterfeit currency, and premises/transit theft. Products like Chubb's FraudProtector cover the full spectrum.
- 1.**Cyber insurance:** Covers the financial consequences of cyber attacks and data breaches — forensic investigation, system restoration, business interruption, ransom payments, Privacy Act breach notification costs, and third-party liability. Usually includes a social engineering fraud add-on option.
Social engineering insurance: the critical gap-filler
Business Email Compromise (BEC) and CEO fraud — where employees are manipulated into authorising fraudulent payments — sit in an awkward coverage gap. Standard commercial crime policies often have "authorised payment" exclusions. Standard cyber policies focus on hacking-based losses. A social engineering fraud endorsement (available from insurers like DUAL NZ) fills this specific gap.
Who needs what
For individuals: Bank zero-liability protects against card fraud and most unauthorised account access. IDCARE (free) supports identity theft recovery. There is no standalone insurance for online scam losses or investment fraud in New Zealand — prevention is the primary strategy.
For businesses: Most businesses with employees need fidelity or commercial crime insurance. Businesses holding customer data need cyber insurance. Businesses making regular high-value supplier payments need social engineering endorsement. For many businesses, a combined commercial crime + cyber + social engineering package provides the most comprehensive protection.
How to access business fraud insurance
Business fraud insurance is primarily accessed through insurance brokers — Rothbury, Marsh NZ, Unite Insurance, and others can all assist. For businesses seeking a referral to a licensed adviser, submit a quote request through FraudInsurance.co.nz.
Key questions to ask your broker
When reviewing fraud insurance: - Does my commercial crime policy include social engineering? If not, how do I add it? - What is the discovery period on my fidelity policy? - Does my cyber policy cover social engineering fraud, and what is the sublimit? - Are my policy limits adequate for my maximum realistic exposure? - What does the claims notification requirement look like in practice?
Understanding the answers to these questions before you need to make a claim is the most important step in building a complete fraud protection strategy.