Select how you’d like to proceed with your insurance needs.
Talk to a real insurance expert on your time.
15-minutes consultation with licensed advisors
Perfect if you’re unsure about coverage needs
Get personalised recommendations
Already have coverage? Let’s simplify your service
Keep your current carriers & policies
Simple digital authorisation process
Seamless transition to better service

Commercial crime insurance may cover direct financial loss from employee theft, fraud, stolen business money, stock, and unauthorised transfers, depending on the policy. It is also called fidelity insurance, employee dishonesty insurance, or business crime insurance.
It is different from cyber insurance. Crime insurance may respond when money or property is stolen or diverted through dishonest acts. Cyber insurance may respond when data is breached or systems are attacked. The two products cover different risks, even though some incidents can involve both.
Business email compromise and social engineering scams sit in a grey zone between crime and cyber. Some crime policies include a social engineering extension. Others exclude scam payments where the business authorised the transfer, even if the email appeared genuine. Policy wording determines which product responds. For BEC-specific detail, see business email compromise insurance.
Business crime does not always look like a break-in. It can be a staff member changing supplier bank details, a warehouse employee stealing stock, a bookkeeper creating fake payments, or a refund process being used to move money out of the business.
The common thread is access. If employees can approve payments, process refunds, manage payroll, update supplier details, or handle stock, the business may have crime exposure.
Commercial crime insurance is business insurance for direct financial loss caused by criminal acts. It primarily covers employee dishonesty, but depending on the policy, it may also extend to forgery, collusion, and some forms of external fraud, subject to policy terms.
The key phrase is "direct financial loss." Crime insurance is designed to respond when money, stock, securities, financial instruments, or other business assets are stolen, diverted, or destroyed through a covered criminal act. It does not cover indirect losses like business interruption, lost revenue, or reputational damage.
"Employee dishonesty" is sometimes sold as a narrower product covering only employee theft. "Commercial crime" is broader and may include forgery, unauthorised transfers, social engineering, and computer fraud depending on the insurer and wording.
Crime insurance can be purchased as a standalone policy with dedicated limits or bundled as a section within management liability insurance. The choice depends on how much crime exposure the business has relative to other management risks.
This is the most common confusion. Both involve financial loss. Both can involve computers. But they cover different things.
The social engineering grey zone is where these two policies overlap. When an employee is tricked into voluntarily making a payment to a fraudster, the loss can fall under either policy depending on the wording.
upcover's crime insurance product page notes that social engineering scams are often excluded where the business authorised the transfer, even if the email looked real. Some policies offer a social engineering extension with a separate sub-limit. Businesses with both crime and cyber cover may have better protection for this overlap.
The difference is not "online vs offline." The difference is how the loss happened and which policy section actually responds.
Crime can be a standalone product or a section inside management liability.
Standalone crime may be relevant where employee theft and fraud are the primary concern. Standalone policies may offer higher dedicated limits than the crime section inside an ML policy, depending on insurer and policy wording.
ML-bundled crime may be relevant where the business wants D&O, EPL, statutory liability, tax audit, and crime under one policy with administrative simplicity. The crime sub-limit inside ML may be lower than a standalone policy.
For more, see what is management liability insurance and what does management liability cover.
Coverage depends on the insurer and policy. These are the main coverage areas found in Australian crime policies. Some policies may also cover investigation costs to identify and quantify a covered loss.
The core of any crime policy. May cover direct financial loss from employees stealing cash, stock, or business assets, diverting payments through banking systems, or making unauthorised electronic transfers, subject to policy terms. Covers full-time, part-time, and in some policies, contractors.
Triggers: A bookkeeper changes supplier bank details and diverts payments to a personal account. Cash goes missing from the office safe. An employee with payment access initiates transfers to an unrelated account.
May cover losses from forged cheques, altered payment instructions, or counterfeit currency, subject to policy terms.
Trigger: Someone forges the business owner's signature on a company cheque.
May cover losses where an employee works with a third party to steal from the business, subject to policy terms.
Trigger: A warehouse employee and an external contact collude to steal stock and split the proceeds.
Some policies include a social engineering extension, often with a separate sub-limit. May cover losses where an employee is tricked into transferring funds by someone impersonating a trusted party. Not always included by default and often sub-limited.
Trigger: An employee receives an email impersonating a supplier with updated bank details. The payment is made to a fraudulent account.
If the loss involves an employee acting dishonestly with company money or assets, crime insurance is the starting point. If the loss involves a system breach or data compromise, cyber insurance is the starting point.
Fake supplier payments. An employee creates a fake supplier and approves payments to their own account. Crime insurance may respond, subject to policy terms.
Payroll fraud. A payroll employee adds false hours or changes bank details to divert wages. Crime cover may respond, subject to policy terms.
Refund manipulation. A retail worker processes fake refunds to their own card. Crime insurance may respond where dishonesty and direct loss can be proven.
Supplier impersonation. A fraudster emails updated bank details and the business pays the wrong account. This may fall under social engineering or BEC and is not automatically covered by crime insurance. Policy wording determines whether crime, cyber, or neither responds.
Most crime policies operate on a loss-discovered basis. The policy in force when the loss is discovered is the one that may respond, and businesses typically have a set period (often 60 days) to notify the insurer after discovering the loss. Late notification can affect whether a claim is accepted.
Commercial crime insurance may be relevant for any business where employees can access money, payments, stock, or financial systems.
The risk is not the industry. The risk is the access. If employees can approve payments, process refunds, or update supplier bank details, the business may have crime exposure.
Crime insurance cost depends on the business's turnover, industry, number of employees, employee access to money or stock, internal payment controls, prior fraud or theft losses, selected limit, sub-limits, and whether social engineering or computer fraud extensions are included.
Businesses with stronger internal controls may be assessed differently from businesses with limited oversight over payment processes.
You are usually asked for your ABN, industry, turnover, employee details, who handles payments, internal controls, prior fraud or theft losses, desired limit, and whether you want standalone crime or management liability.
upcover arranges crime insurance for eligible Australian businesses. Get a quote.
upcover arranges crime insurance as a standalone product and as part of management liability insurance for eligible Australian businesses with selected insurers and underwriters. Depending on insurer and policy wording, cover may include employee theft, stolen business money, unauthorised transfers, theft of financial instruments, and collusion with others.
For related guides, see what is management liability insurance, what does management liability cover, management liability claims, and business email compromise insurance.
upcover Pty Ltd ABN 17 628 197 437 is a Corporate Authorised Representative (CAR 1299211) of Experience Insurance Services Pty Ltd ABN 41 657 596 506, AFSL 539078.
Commercial crime insurance may cover direct financial loss from employee theft, fraud, embezzlement, unauthorised transfers, and other dishonest acts, subject to policy terms. It is also called fidelity insurance or employee dishonesty coverage.
Not always. Employee dishonesty is usually the core of a crime policy. Commercial crime can be broader and may include forgery, unauthorised transfers, social engineering, and computer fraud depending on the insurer and wording.
Employee theft and dishonesty is the core trigger for most crime policies. It may cover direct financial loss from employees stealing money, stock, or business assets, subject to policy terms.
If an employee creates fake supplier invoices and diverts payments, crime insurance may respond. If a third-party fraudster sends a fake invoice and the business pays it voluntarily, that may fall under social engineering, which is not always covered.
Some policies include a social engineering extension, often with a separate sub-limit. Others exclude payments the business authorised, even if the instruction was fraudulent. Check the policy wording.
BEC is usually treated as a cyber risk. If the compromise involves system access, cyber insurance may respond. If an employee is tricked into making a voluntary payment without system compromise, a crime policy's social engineering extension may apply, depending on wording.
Crime insurance covers direct financial loss from theft and dishonest acts. Cyber insurance covers incident response, data breach costs, and liability from system attacks. Social engineering can sit under either depending on policy wording.
Crime is often available as a section within management liability, alongside D&O, EPL, statutory liability, and tax audit. It can also be purchased as a standalone policy with dedicated limits.
Common exclusions include social engineering payments the business authorised, indirect losses, data breaches, known prior losses, accounting shortages without proof of dishonesty, acts by owners or principals, and theft of intellectual property.
You are usually asked for your ABN, industry, turnover, employee details, payment controls, prior losses, and desired limit. upcover arranges crime insurance as standalone cover and as part of management liability.
The information in this article is general in nature and provided for informational purposes only. It does not constitute personal insurance, financial, or legal advice. Cover types, inclusions, exclusions, sub-limits, and social engineering extensions vary between insurers and policies. Always read the relevant Product Disclosure Statement before purchasing. All insurance products arranged through upcover are subject to the terms, conditions, limits and exclusions in the relevant PDS. Before deciding whether a product is right for you, consider your circumstances. upcover Pty Ltd ABN 17 628 197 437, CAR 1299211 of Experience Insurance Services Pty Ltd ABN 41 657 596 506, AFSL 539078.
We are digitising commercial insurance and risk management for small, mid-market and technology businesses. We work with a global network of underwriters, challenging legacy brokers and delivering market leading coverage to our customers.