Every CFO eventually has the same sobering conversation. A controller spots a rounding discrepancy in a treasury sweep. It turns into a pattern, then a hole, then a multi-year embezzlement that slipped past audits and reconciliations. The mechanics vary: a ghost vendor, forged checks, a payroll skimming scheme, the CFO’s nightmare greatest hits. What rarely varies is the aftermath. You tally the loss, notify the board, call counsel, call the bank, call your insurer. That last call becomes a referendum on how well your fidelity bond fits the risks you actually carry.
Fidelity bonds are not shiny. They are the seatbelts of financial risk management. They do not prevent theft. They transfer the financial consequence of certain dishonest acts to an insurer, within defined terms and limits. A sound bond buys you time and options while you fix the controls and rebuild confidence. A weak bond buys you litigation and regret. The difference stems from how you select, structure, and maintain the coverage.
What a fidelity bond actually covers
Despite the name, a fidelity bond functions like an insurance policy that reimburses the company for direct financial loss caused by fraud or dishonesty. The classic example is employee theft - cash, securities, or property. But modern forms extend much further if you configure them properly.
There are three core flavors that matter to most CFOs. First, the employee dishonesty bond, also called commercial crime coverage for employee theft, which addresses loss caused by employees acting alone or with others. This is the spine of most programs. Second, third-party fidelity coverage, which applies when your own employees steal from your clients, a critical requirement for service providers that handle client funds or property. Third, ERISA fidelity bonds, which are mandated for most qualified retirement plans in the United States to protect plan assets from misuse by those who handle funds.
Beyond those, broader commercial crime policies can add forgery, alteration, computer fraud, funds transfer fraud, social engineering fraud, counterfeit money, and disappearance or destruction of money and securities. Some policies also include a rider for claims preparation costs, a small but highly practical feature when you are assembling a complex proof of loss. The key is that fidelity is a defined trigger. The policy pays when a covered person commits a dishonest act with the manifest intent to cause the insured to sustain a loss and to obtain a financial benefit for themselves or another. That phrase, manifest intent, has been litigated often and is not theoretical.
Two boundaries are easy to miss. One, fidelity coverage typically addresses direct loss to the insured, not consequential loss such as reputational harm, business interruption, or the cost to improve your controls after the fact. Two, fraud by contractors, agents, or vendors may not qualify unless the policy explicitly extends coverage to those parties. As companies rely more on contingent labor, forgetting to extend coverage beyond W-2 employees is a common and costly error.
Why boards care and lenders notice
Board audit committees have wised up. They read headlines, they mark their calendars for the next fraud case, and they ask tighter questions. Their priority is not only whether you have a fidelity bond, but whether it maps to your risk profile, particularly if your company works with client funds, operates distributed cash operations, or routes high-value payments.
Lenders and investors look for the same signal. Private equity firms often condition closing on proof of crime coverage with set limits and a social engineering endorsement. Banks that provide treasury services or credit facilities may stipulate a minimum fidelity bond limit as a covenant, sometimes with specific endorsements like funds transfer fraud. If you run a money movement platform, even if you do not hold deposits, your bank partner will expect it.
In other words, fidelity coverage is both a financial backstop and a governance credential. A CFO who treats it as an afterthought signals to the market that the organization underestimates operational risk.
Start with your loss scenarios, not a template
There is no single right limit or schedule of coverages. There are only better or worse matches to the way money, data, and authority move through your company. When I step into a new finance seat, I map the loss scenarios before I touch the policy. This exercise is more practical than theoretical. You do not need a risk team to do it well, only a firm grasp of how your business moves value.
Begin with the cash pathways. Accounts payable, payroll, treasury operations, merchant processing, refunds, deposits. Identify where a single person can initiate and approve a transaction, create or edit a vendor, alter bank instructions, or reconcile their own work. Fraud often lives where duty segregation erodes during growth spurts or system transitions.
Then look at customer pathways. If you deliver services that involve client funds or property, outline how your team accesses those assets. A managed accounting firm, a TPA, a logistics company, and a SaaS platform with stored payment credentials each face different third-party risks. If your people could cause a client to suffer a loss through theft or manipulation, you likely need third-party fidelity coverage in addition to first-party coverage.
Finally, factor in digital exposures. Social engineering and business email compromise are https://sites.google.com/view/axcess-surety/license-and-permit-bonds/delaware/delaware-professional-license-bond not exotic. You see them weekly: a fake vendor bank change, a payroll rerouting request, a CEO wire emergency. The control environment matters here, but so does the policy language. Traditional computer fraud coverage may not respond to schemes that trick a human into initiating a valid transfer, while social engineering endorsements can.
Write the scenarios down in plain language, along with rough exposure amounts. Do not let perfect be the enemy of useful. Ranges are fine. If the largest daily outgoing wire is 8 million and the next largest is 1.5 million, note it. If you run 120 million a month in payroll across six countries, note it. These numbers steer the conversation with your broker more effectively than a generic “we need a fidelity bond.”
Limits and retentions that match reality
Choosing limits is part math, part judgment. The old rule of thumb for employee dishonesty was 10 to 20 percent of liquid assets or annual cash throughput, but that is a blunt instrument. I prefer a layered view. What is the plausible maximum single-incident loss for each scenario on your list? That could be one wire batch, one payroll cycle, one compromised vendor payment run, or a month of undetected skimming. What is the plausible aggregate over time if the fraud is subtle and persists? Then overlay your control strength, the speed of detection, and the liquidity impact.
A mid-market company with weekly wire runs of 5 to 10 million, payroll at 6 million per month, and vendor payments peaking at 8 million might settle on a primary fidelity bond at 10 million with a 250,000 retention, plus a 5 million social engineering sublimit. A payments platform that processes 500 million a month might need a layered program with a 25 million primary and excess towers. A professional services firm that touches client funds may require a separate third-party fidelity layer dictated by client contracts.
Retentions should sting but not dissuade you from making a claim. If the retention is too high relative to your loss patterns, you will underuse the coverage. If it is too low, you will pay for it in premiums. I often find that moving from a 100,000 to a 250,000 retention delivers a meaningful premium reduction without changing the board’s comfort. Ask your broker for sensitivity quotes across two or three retentions and two limit levels. Numbers clarify priorities faster than rhetoric.
Watch for sublimits. These are caps within the overall limit that apply to specific insuring agreements like social engineering or computer fraud. Sublimits are where claims go to die. If your social engineering sublimit is 250,000 and a fraudster talks your AP team into sending 2 million to a new “supplier,” the policy will likely cap the payout at 250,000 even if your overall limit is 10 million. Align sublimits with the size of your largest plausible manipulated transaction.
The endorsements that often pay for themselves
Fidelity forms vary widely between insurers, and the endorsements are where you tune the instrument. Several endorsements are worth sober attention.
Social engineering or fraudulent instruction coverage addresses losses arising from a person being tricked into transferring funds. Insurers often tie this coverage to documented controls, for example dual verification of vendor changes or out-of-band confirmation for wires. If your team cannot or will not follow those procedures, you may jeopardize the coverage. I have seen claims cut because the company could not show a second verification step despite attesting to it on the application.
Vendor or client coverage extends protection to theft by non-employee parties. If contractors, leased employees, or agents can access your assets or customer funds, push for language that treats them as covered persons. Be ready to document background checks, contractual controls, and oversight.
ERISA fidelity compliance is not optional. Plans generally need a bond of at least 10 percent of the plan assets with certain minimums and maximums, and more if the plan holds non-qualifying assets like private placements. Unlike commercial crime policies, ERISA bonds must be placed with sureties that meet specific Department of Labor requirements. CFOs often confuse fiduciary liability insurance, which covers breach of fiduciary duty claims, with ERISA fidelity bonds. You need both, and they solve different problems.
Discovery period and loss sustained provisions determine how far back the policy will respond to a loss discovered during the policy period. Many policies use discovery forms that cover loss discovered during the policy regardless of when it occurred, subject to a retroactive date. If you have gone through system migrations or M&A, make sure your retro dates and run-off coverage do not leave gaps.
Claims preparation cost coverage is a small rider, typically tens of thousands, that reimburses forensic accounting and legal expenses to assemble the proof of loss. If you have never prepared a fidelity claim, underestimate the effort at your peril. Ledger reviews, emails, affidavits, bank records, interviews, reconciliations - the work is real and often lands on your finance team at the worst time.
Underwriting asks for controls, and they should
Expect an underwriting process that tests your control environment. This is not red tape for its own sake. Insurers have read the same case studies you have. They will ask about segregation of duties, dual authorization thresholds, vendor onboarding controls, bank account change verification, background checks, vacation policies, and high-risk role rotations.
In practice, a few control points make the biggest difference. Dual control on payment initiation and release, with two human beings on separate credentials, blocks a remarkable amount of mischief. Vendor master change processes that require out-of-band verification using a trusted phone number, not one in the invoice email, stop many vendor impersonation schemes. Mandatory vacations for cash handlers and reconcilers, even if only one or two consecutive weeks, flush out anomalies that a diligent fraudster manages day to day. And independent bank reconciliations, performed by someone who cannot post entries, remain old-school and powerful.
If this list describes your wish list rather than your status quo, use underwriting as leverage to finish the job. Tie control improvements to premium reductions or higher limits. Document the changes. If a claim comes later, your ability to show written procedures and evidence of compliance will matter.
Claims are won in the documentation
The worst time to learn how to file a fidelity claim is the day you find the loss. Claims adjusters are not your enemies, but they are not your advocates either. They need proof that a covered person committed a dishonest act with manifest intent, that the loss amount is accurate, and that the timing fits the policy.
A prepared finance team builds a claim file as if a skeptical stranger will read it, because one will. Start with a clear chronology. What was discovered, by whom, when, and how. Map the flow of funds. Tie each dollar in your claimed loss to bank transactions or ledger entries. Identify the people and systems involved. If law enforcement is engaged, track case numbers and contacts.
You do not need to accuse anyone prematurely, but you do need to show that the loss was the result of a dishonest act. In employee cases, that usually means evidence of manipulation or concealment that goes beyond negligence. In social engineering cases, the test is different. You must show the fraudulent instruction, your adherence to required controls, and the resulting transfer. These are different proof packages. Assemble accordingly.
Time matters. Policies impose deadlines for notice and proof of loss, often 60 to 120 days for formal proofs with possible extensions. Notify early even if your numbers are preliminary. It preserves rights. Then pace your forensic work so you hit the deadlines with a defensible, well-organized package. This is where claims preparation coverage earns its keep.
Industry nuances you cannot ignore
Not all businesses face the same fidelity risks. Several sectors have quirks worth noting.
Financial services and fintech companies live under bank oversight and often must satisfy partner bank or card network requirements for crime coverage. Expect higher limits, stringent social engineering sublimits, and detailed control questionnaires. If you facilitate payments, your largest exposure is usually a manipulated or unauthorized outbound transfer, not petty cash theft. Your endorsement mix should reflect this.
Healthcare providers and systems have sprawling vendor networks and complex revenue cycles. The vendor master is a prime target. The most expensive healthcare frauds I have seen involved diverted insurer payments through bank account change spoofing that slipped past hurried billing departments. Carve out time to inspect vendor change controls and consider higher sublimits for social engineering.
Construction and real estate firms handle large draws and supplier payments with decentralized project teams. Job site theft is real, but the costliest exposures are often in AP and project accounting. Require dual approval on change orders and supplier bank changes, and monitor unused vendors. Third-party fidelity coverage can be critical when your teams handle client escrow or trust funds.
Nonprofits rely heavily on trust and often run lean control environments. Board members expect stewardship but may balk at premiums. A pragmatic approach is to raise retentions modestly to afford meaningful limits, and to pair the policy with a simple set of non-negotiable controls. Many donor agreements and grants now require proof of coverage.
Technology companies are not immune just because assets are digital. IP theft is a different insurance category, but money is still money. Mature tech companies run payroll at scale and pay vendors around the world. Distributed teams and rapid hiring create gaps in training and control adherence. If your treasury team moves funds across time zones, set approval windows that do not force single-person approvals after hours.
Buying, benchmarking, and negotiating
A good broker earns their commission here. Ask for at least two viable program designs, not a single renewal quote. One might be a higher limit with tighter sublimits and a lower retention, another a slightly lower primary limit with a meaningful excess layer and larger sublimits where you need them. Compare total cost, not just premium, including fees and taxes.
Benchmarking helps, but be careful with averages. Limits vary with revenue, cash throughput, and industry risk, and published benchmarks may lag emerging loss patterns. Use peer data as a starting point, then let your scenario map drive the final call. Boards respond well when you show both: a market view and a tailored justification.
On price, you can negotiate more than you think if your controls and loss history are strong. Provide underwriters with clean SOC reports if you have them, internal audit summaries, and evidence of control improvements. Offer to walk them through your payment workflows. The more they understand, the better the terms they can defend to their committees.
Finally, align renewal timing with your fiscal calendar and audit cycle. If a major system change or ERP implementation is underway, tell the market. Surprises at renewal strain relationships. If you are planning a new business line that changes your risk profile, bring it forward.
Integrating fidelity bonding with your control stack
A fidelity bond is one layer in a bigger system. You will not stop a determined insider with insurance. You blunt the financial damage, you buy breathing room, and you signal to stakeholders that you take the risk seriously.
Pair the bond with a few rhythms that reduce both frequency and severity of loss. Run quarterly spot checks on vendor master changes. Schedule an annual tabletop exercise for a social engineering incident where the CFO, controller, AP lead, and IT walk through roles and communication. Rotate reconcilers on key bank accounts. Require a second person to review any payment to a new beneficiary above a clear threshold, even if smaller items slip through due to operational needs.
Train for humility. The best teams admit they can be fooled. They welcome the awkward out-of-band phone call to verify a wire. They escalate when something “feels off,” even if it delays a payment. Culture beats clever fraudsters more often than technology does.
Common pitfalls that sink otherwise good programs
Three failure modes show up repeatedly.
The first is relying on a broker’s generic form without tailoring. If your operations rely on contractors or offshore teams, but your bond covers only W-2 employees in a single country, you have a gap. Read the definition of employee and insured. Push for clarity.
The second is a false sense of security about social engineering. Companies assume their computer fraud endorsement covers wire fraud following a spoofed email. It might not. Traditional language covers the fraudulent entry of data into your systems or a hacker’s instructions, not a human decision tricked by a forged message. Unless your policy explicitly addresses social engineering, you may be exposed.
The third is discovered fraud that spans policy periods without proper continuity. A multi-year skimming scheme falls across three renewals. If the new policy has a later retro date, you can lose coverage for the earliest period. Work with your broker to safeguard continuity, especially after switching carriers.
A short, pragmatic purchase checklist
Use this as a simple walk-through when you approach the market or a renewal.
- Map three to five plausible loss scenarios with rough amounts, including at least one insider theft and one social engineering event. Confirm who is covered: employees, leased staff, contractors, agents, and international subsidiaries where applicable. Set limits, retentions, and key sublimits that match transaction sizes and liquidity impact, not just revenue. Secure endorsements that fit your profile: social engineering, client or vendor coverage, discovery and retro dates, claims preparation costs. Document control procedures you attest to on the application, then verify the team follows them in practice.
What a strong bond looks like in practice
When a mid-sized distributor I advised detected a suspected AP fraud, the controller had noticed vendor bank changes that correlated with rushed approvals near quarter end. We paused payments, called the vendor on a known phone number, and discovered two fraudulent changes that diverted nearly 1.2 million over three weeks. The bond had a 250,000 retention and a 2 million social engineering sublimit nested within a 10 million overall limit. The claims team asked for proof of the out-of-band verification control we had attested to. We produced training records, procedure documents, and logs from our payment system showing that the verification step had not been used on the two fraudulent changes. That hurt. But because the policy language did not require successful verification, only that the control existed and was “reasonably designed,” the claim went through after negotiation. We tightened the control to require documented second-person approval on all bank changes above 50,000, and the carrier renewed at a modest premium increase rather than an exclusion.
Contrast that with a professional services firm that relied on contractors to manage client billing. Their bond defined employee narrowly and excluded contractors. A contractor siphoned client refunds into a personal account. The firm suffered a cash outflow and a client claim. The carrier declined coverage. The gap traced to a definition the firm had never read closely. A one-page endorsement adding “leased employees and independent contractors acting under the insured’s direction and control” would have changed the outcome.
Cost, value, and the conversation with your board
Premiums for fidelity and crime coverage range widely. Small organizations might pay a few thousand dollars for a million in coverage. Mid-market companies often land in the mid-five figures for 5 to 10 million limits with sensible sublimits. High-risk or high-volume payment environments can climb into six figures, especially with robust social engineering coverage.
Boards do not mind paying for value they understand. Frame the spend in terms of liquidity protection and covenant defense. A triggered fraud in the wrong week can tip a cash cushion into a covenant breach, which cascades into waivers, fees, and distracted management attention. A bond that funds the loss quickly can be the difference between a footnote and a crisis.
Bring scenarios, market benchmarks, and control commitments to the board. Make the trade-offs explicit. For example, “We can increase the social engineering sublimit from 500,000 to 2 million for an additional 18,000 annually, paired with a higher retention that saves 12,000, net increase 6,000. Given our largest single vendor payment is 1.8 million, I recommend we make this change.” Clear, grounded recommendations win support.
The quiet discipline that pays off
Selecting a fidelity bond is not a glamorous project. It looks like a line item until the day it is not. The discipline lives in three habits. Understand where your money can move without friction, choose coverage that matches those pathways, and keep your controls as simple and consistent as possible. Review the program when your business changes, not just at renewal. M&A, a new ERP, offshore staffing, a new banking partner, a change in payment rails - each is a reason to revisit your assumptions.
A well-chosen fidelity bond does not absolve anyone of stewardship. It does something humbler and more valuable. It admits that even competent, ethical teams can be fooled or compromised, and it gives the company a financial second chance. For a CFO, that is not an indulgence. It is responsible capital management.