Just released: How to raise venture capital in 2023

Download

Unmasking the Fine Print: Crypto Exclusions You Didn’t Know You Had

TL:DR

Key Takeaways

Jonathan Mitchell Founder Shield
Jonathan Mitchell

Vice President; Account Executive; Tech Team Lead

If the world has learned anything in the wake of the pandemic, it’s that cryptocurrencies aren’t going away anytime soon. In fact, since 2021, crypto ownership in the US has nearly doubled. Thus, it isn’t uncommon these days for entrepreneurs to build services in the crypto space, integrate them into their startup, or invest in them — the industry is expected to grow 13.1% annually until 2030.

But when it comes to commercial insurance, things get tricky regarding crypto gains. While there’s vast coverage for companies in the space, exclusions can hide in the cracks of several policies easily. How well do you know your startup coverage, and is crypto part of the potential exclusions in your contract?

The Growing Intersect: Crypto, Capital Gains, and Traditional Business Risks

As crypto adoption grows, startups are also welcoming it to build a fairer market. For example, startup leaders are integrating it to make long-term capital gains besides ordinary income and accommodate client preferences. For example, it’s becoming more common to accept crypto payments and go into crypto trade, invest in a digital coin on behalf of a company, start a crypto mining business, build Web3 applications, and engage with DeFi.

On the other hand, these same businesses usually lean on property, general, and cyber liability insurance as a rule of thumb to protect every inch of their company: physical assets, bodily injury and property damage claims from third-party claims, and losses from data breaches and network security flaws, respectively.

However, there’s a mismatch between these broad policies and the newer needs of modern startups.

These traditional policy frameworks struggle with the unique, intangible, volatile, and technically complex nature of digital assets. Would crypto fall into the cyber-related category or a financially inclined one?

This fluidity makes it imperative for startup leaders to clarify whether there are digital asset exclusions in their policies for the good of their company and their efforts to innovate.

GUIDE

Cryptocurrency Risk Management Guide

Decoding the Common Exclusions: Where Crypto Falls Short On Capital Losses

Spotting digital asset exclusions requires knowing what traditional insurance coverage entails, getting into the nitty-gritty of each policy to understand what they typically leave out. Let’s take a general look at some key coverage and real-world scenarios you might run into.

General Liability Policy Exclusions

This coverage is designed for bodily injury (BI) or property damage (PD) to third parties, depending on business needs. This is where it gets sticky: Crypto is an intangible asset. As such, nothing relating to such assets will fall under general liability BI or any physical PD.

To spot the exclusion, you’ll explicitly see “virtual currency” and “digital assets,” exceptions, or notice that the definition of “money” excludes crypto altogether.

For instance, let’s say your company adopted a DeFi protocol that suddenly glitches, causing users to lose funds. In this case, general liability won’t cover these financial losses from a smart contract error. Such cases should remind startup leaders that they shouldn’t rely on general liability coverage for crypto-related financial liabilities.

Commercial Property Policy Exclusions

Property damage insurance is designed to cover physical business properties, such as buildings, equipment, and inventory, against incidents like fire, theft losses, and other similar events.

Once again, as this policy focuses on physical assets, crypto wouldn’t be part of the mix. While a hard drive or physical wallet could be covered as property, the intangible value of the cryptocurrency on it is usually explicitly excluded.

To spot this exclusion, policies will define money by leaving out virtual currencies, and might even include specific exclusions for “loss of private keys” or “loss of access” to digital capital assets.

Now, say your Ledger USB wallet gets stolen. This will trigger PD insurance to cover the cost of the cold storage, but the private keys with millions in Bitcoin stored on them likely won’t be. Ultimately, this type of policy is insufficient for digital assets — you’ll only be securing physical storage with massive limitations for virtual currency.

Cyber Liability Policy Exclusions

Cyber liability insurance could be the trickiest policy of all. While it might operate under the guise of protecting all things digital, it may well have crypto exclusions as well. All in all, this insurance offers coverage for data breaches, network security failures, ransomware, and business interruption from cyber incidents, among other events.

However, it gets complex — some elements might overlap while having major gaps on other fronts. For instance, cyber liability could directly exclude the following:

  • Loss of private keys/seed phrases: If private keys are lost or stolen, and not necessarily from a network breach, then the crypto is gone and not covered by the policy.
  • Smart contract exploits: Any loss from code errors or vulnerabilities in smart contracts is typically not covered.
  • DeFi protocol vulnerabilities: Targeted attacks on decentralized finance protocols often fall outside traditional cyber policy definitions.
  • “Theft of funds” limitations: Although many policies cover funds from transfer fraud, they may exclude or severely limit coverage for theft of cryptocurrency from wallets or exchanges.

“Money” vs. “Data”

It may seem counterintuitive to cover some cyber-related intangible assets while completely excluding others. However, there’s a logic to it — the money versus data dilemma. Cyber policies focus on protecting data, and crypto is generally classified as money, which complicates coverage.

Additionally, as crypto regulations evolve by the second, it isn’t uncommon for companies to run into fines. While some cyber policies cover regulatory fines, those unique to crypto regulations, such as AML/KYC failures specific to digital asset transactions, unauthorized token offerings, and more, might be excluded or require specialized endorsements.

To offer another example, let’s say your hot wallet is hacked and crypto assets are drained. A traditional cyber liability policy might cover forensic investigation costs or data breach notification, but the actual loss of the crypto assets is often excluded or heavily sub-limited.

Enter crime insurance as a viable option, which typically responds to the theft of money. However, it’s vital to ensure that digital assets or cryptocurrency in the definition of money in your policy language. So, although cyber insurance is essential for systems and data, it’s a weak shield for digital assets themselves. Before making any sudden moves, verify what constitutes “funds” and whether “virtual currency” is explicitly excluded.

The Consequences of Uninsured Crypto Exposure for Startups

Diving into the world of crypto without properly insuring these intangible assets isn’t necessarily the most brilliant idea. Your startup might have to shoulder the costs of unexpected fines, fraud, breaches, and other incidents — 24% of illicit activity on the blockchain in 2024 was attributed to scams and fraud.

Even a relatively small loss of crypto assets can be catastrophic for early-stage startups with limited runway and even more limited opportunities to get to the next round. And devastation isn’t just financial; a major crypto loss can halt operations, damage reputation, and erode user trust.

This loss of trust will also apply to investors who perform minute due diligence to ensure their investment is safe with you. Without proper crypto risk management and insurance, savvy investors will most likely lose financial interest, see you as a red flag, and take their capital elsewhere.

On top of this, running into a regulatory fine — whether due to a lack of cryptocurrency tax reporting, tax liabilities, or other infractions — without any kind of insurance to help cover these costs can cripple nascent companies and place you at a disadvantage compared to competitors who are actively managing their crypto risks.

Proactive Steps for Founders: Securing Your Digital Future

But this doesn’t have to be your reality. Securing your digital assets to build a fair market is easier now than ever, thanks to specialized policies and crypto experts who can guide you.

Read the Fine Print to Avoid Crypto Losses

For starters, don’t just skim a policy before signing on to it — carefully read every passage to ensure you understand its exclusions. And, when in doubt, don’t hesitate to talk to your insurance broker to clarify any ambiguous terms.

  • Side Note: Although many companies claim to be crypto experts, their cyber policies continually exclude virtual currency, and you won’t know until it’s time to make a claim.

Truth be told, traditional policies might not be enough for crypto offerings. Instead, specialized crypto insurance can better adapt to your unique needs. Plus, you can add extra coverage, such as endorsements, to target more specific incidents.

Crypto Gains Risk Management

It goes without saying that you must pay extra attention to your security efforts regarding digital assets. It’s paramount to keep records of your security posture, patches, training, incident responses, and regularly update them according to policy requirements.

Lastly, remember that crypto’s fair market opportunities also demand sophisticated approaches to risk management, especially concerning insurance coverage. It’s up to you to unmask the fine print and take control of your insurance strategy, seeking help when necessary.

Talking to your broker to secure the most comprehensive coverage and building appropriate risk management strategies are the best ways to confidently innovate in the digital asset space without running into trouble. The future is digital, and your protection strategy should be too.

Related Articles

defamation on youtube
July 23 • Risk Management

Defamation on YouTube: Building a Content Strategy That’s Creative—and Compliant

YouTube copyright issues can lead to demonetization, lawsuits, and channel termination. Learn how to protect your content from copyright claims and defamation on YouTube, ensuring your growth and presence.

app development risk assessment
June 13 • Risk Management

Mobile App Development Risk Assessment: Essential Checklist

Understand essential app development risk assessment and mitigation strategies. This guide covers technical, security, UX, and compliance risks, offering insights and insurance considerations for successful, resilient mobile apps.

quantum computing startups
May 29 • Risk Management

Quantum Computing Startups: Pioneering the Future of Technology

Explore how quantum computing startups are pioneering future tech, from diverse qubit technologies and significant investments to the challenges they face and their transformative impact on industries.

future of e bikes
May 15 • Risk Management

The Future of E-Bikes: Understanding the Evolving Landscape

E-bikes are the future of sustainable urban mobility, surpassing EVs in popularity. Discover their history, types, booming market, environmental benefits, commercial adoption, and the exciting future of e-bikes.

AI influencers
May 7 • Risk Management

The Rise of AI Influencers: What You Should Know

AI influencers, virtual avatars using AI, are gaining popularity for brand marketing. Discover their appeal, the growing market, and potential risks for companies.

ai investor risk
April 29 • Risk Management

Understanding AI Investor Risk: Analyzing Recent Claims & Their Impact

AI investment surged in 2024, favoring applied projects and early-stage startups. However, significant AI investor risk exists, evidenced by lawsuits over disclosure and the need for transparency and ethical development.