ORDER ON CROSS MOTIONS FOR AND SURETY SUMMARY JUDGMENT

ROBERT S. LASNIK, District Judge.

This matter comes before the Court on plaintiff's motion for partial summary judgment (Dkt. # 45) and defendant's motion for summary judgment (Dkt. # 58). Having reviewed the parties' briefing and exhibits, and the remainder of the record, the Court finds as follows.

BACKGROUND

Plaintiff Aqua Star (USA) Corp. (Aqua Star) is a seafood importer that does business with Zhanjiang Longwei Aquatic Products Industry Co. Ltd. (Longwei), a vendor from which it purchases frozen shrimp. In the summer of 2013, Longwei's computer system was hacked. The hacker apparently monitored email exchanges between an Aqua Star employee and a Longwei employee before beginning to intercept those email exchanges and send fraudulent emails using "spoofed" email domains that appeared similar to the employees' actual emails — for example, substituting the number "1" for a lower case "l." In these emails, the hacker directed the Aqua Star employee to change the bank account information for Longwei for future wire transfers. Aqua Star employees made the changes as directed and were ultimately defrauded of $713,890 by the hacker.

At issue in this action is whether Aqua Star's losses are covered by the "Wrap +" Crime Policy (the Policy) issued by defendant Travelers Casualty and Surety Company of America (Travelers). The Policy covered Computer Fraud: "The Company [Travelers] will pay the Insured for the Insured's direct loss of, or direct loss from damage to, Money, Securities, and Other Property directly caused by Computer Fraud." Dkt. # 22-1 at 4. This coverage was also subject to a number of exclusions. Id. at 15-17. Aqua Star sought coverage from Travelers, which denied the claim, stating that the loss was not directly caused by computer fraud and that several of the Policy exclusions applied.

Plaintiff moved for summary judgment on its claims for breach of contract and declaratory relief (Dkt. # 45). Defendant moved for summary judgment on all claims (Dkt. # 58).

DISCUSSION

A. Summary Judgment Standard

Summary judgment is appropriate if, viewing the evidence and all reasonable inferences drawn therefrom in the light most favorable to the nonmoving party, the moving party shows that "there are no genuine issues of material fact and the moving party is entitled to judgment as a matter of law." Fed. R. Civ. P. 56(a); Torres v. City of Madera, 648 F.3d 1119, 1123 (9th Cir. 2011). The moving party "bears the initial responsibility of informing the district court of the basis for its motion." Celotex Corp. v. Catrett, 477 U.S. 317, 323 (1986). Where the nonmoving party will bear the burden of proof at trial, the moving party may meet its burden by "pointing out . . . that there is an absence of evidence to support the nonmoving party's case." Id. at 325. Once the moving party has satisfied its burden, the nonmoving party must then set out "specific facts showing that there is a genuine issue for trial" in order to defeat the motion. Id. at 324. "The mere existence of a scintilla of evidence in support of the non-moving party's position" is not sufficient; this party must present probative evidence in support of its claim or defense. Arpin v. Santa Clara Valley Transp. Agency, 261 F.3d 912, 919 (9th Cir. 2001); Intel Corp. v. Hartford Accident & Indem. Co., 952 F.2d 1551, 1558 (9th Cir. 1991). An issue is genuine only if there is a sufficient evidentiary basis on which a reasonable fact finder could find for the nonmoving party. In re Barboza, 545 F.3d 702, 707 (9th Cir. 2008). On cross motions for summary judgment, the Court evaluates the motions separately, "giving the nonmoving party in each instance the benefit of all reasonable inferences." Lenz v. Universal Music Corp., No. 13-16106, 2015 WL 5315388, at *2 (9th Cir. Sept. 14, 2015) (internal quotation marks and citation omitted).

B. Interpretation of Insurance Policies Under Washington Law

Insurance policies are construed as contracts under Washington law. Weyerhaeuser Co. v. Commercial Union Ins. Co., 142 Wn.2d 654, 665 (2000), as amended (Jan. 16, 2001). The policy is to be construed as a whole and given a "fair, reasonable, and sensible construction as would be given to the contract by the average person purchasing insurance." Id. (internal quotation marks omitted). In the case of clear and unambiguous policy language, "the court must enforce it as written and may not modify it or create ambiguity where none exists." Id. (internal quotation marks omitted). A clause is ambiguous if it is "fairly susceptible to two different interpretations, both of which are reasonable." Id. (internal quotation marks omitted). When determining coverage, the initial burden of proof is on the insured to show that a loss falls within the terms of the policy. Wright v. Safeco Ins. Co. of Am., 124 Wn.App. 263, 271 (2004). The burden then shifts to the insurer to prove that the loss is not covered because of exclusionary provisions within the policy. Id.

C. Exclusion G Applies

Assuming, for the purposes of this motion, that Aqua Star's loss was caused by Computer Fraud as defined in the Policy, Travelers's denial of Aqua Star's claim was proper if it fell within a coverage exclusion. Exclusion G provides that the Policy "will not apply to loss resulting directly or indirectly from the input of Electronic Data by a natural person having the authority to enter the Insured's Computer System" unless covered under insuring agreements not applicable here. Dkt. # 22-1 at 15. Travelers relied on Exclusion G in denying coverage. In its initial denial letter, Travelers stated: "Exclusion G. excludes this loss from coverage, because there was no unauthorized use of your Computer System. Rather, access to and data input in your computer for this business transaction was accomplished by those authorized to use it." Dkt. # 51-2 at 6. In a letter from Traveler's outside counsel affirming denial of coverage, Travelers again relied on Exclusion G and summarized the facts leading to its conclusion that Exclusion G applied: "Pursuant to Mr. Curran's instructions, Ms. Tchobanenko inserted revised banking information for Longwei into Aqua Star's Computer System. Such information is Electronic Data under the Policy's definition. Ms. Tchobanenko used this Electronic Data to create Wire Confirmation Detail documents that were transmitted to Bank of America, Aqua Star's bank." Dkt. # 51-4.

Plaintiff acknowledges that Angela Tchobanenko, the Treasury Manager at Aqua Star, "saved the email with new wiring instructions, and entered the new bank account information in the Excel spreadsheet that [she] used to keep track of payments to Longwei." Dkt. # 47 at 4. This process was consistent with Tchobanenko's general practice at the time: "[I]f a vendor provided Aqua Star with new wiring instructions for paying the vendor, [she] would enter the new payment instructions in an Excel spreadsheet that [she] saved locally on [her] work computer." Id. at 2. This spreadsheet served two purposes. First, Tchobanenko included it in a packet given to Aqua Star management to approve payments to vendors. Id. at 2, 4. Second, the spreadsheet was "a convenien[t] place [for Tchobanenko] to save and store the payment details for each vendor, so [she] didn't have to look them up every time [she] made a payment." Id. at 3. Aqua Star does not contend that Tchobanenko was an unauthorized user or that she did not input Electronic Data into Aqua Star's Computer System, as defined by the policy.

In this case, the entry of data into the Excel spreadsheet on Aqua Star's Computer system was an indirect cause of Aqua Star's loss. The fraudulent bank account information was entered in Aqua Star's Computer System and used to prepare a packet of materials for approval of the payment by Aqua Star's management. Dkt. # 47 at 2. Entering this data into a spreadsheet was a necessary step prior to initiating any transfer. Id. Tchobanenko printed out a copy of the spreadsheet and included it in a package of documents that was presented to a member of Aqua Star's management for approval of the payment. Id. Even if management did not rely upon or even review the account number in the packet, however, Tchobanenko also used the information she input into the spreadsheet to prepare and initiate the wire transfers. Id. at 2-3. Therefore, the entry of Electronic Data into Aqua Star's Computer System was an intermediate step in the chain of events that led Aqua Star to transfer funds to the hacker's bank accounts. Because an indirect cause of the loss was the entry of Electronic Data into Aqua Star's Computer System by someone with authority to enter the system, Exclusion G applies. None of Aqua Star's arguments to the contrary, addressed below, justify another conclusion.

Aqua Star's primary argument against the applicability of Exclusion G is that in order to initiate the transfer, an Aqua Star employee had to enter data into the computer system of a third party, Bank of America. See Dkt. # 45 at 19-20. Although entering data into a third party's computer system may have been the final step that led to Aqua Star's loss, necessary intermediate steps prior to the transfer involved entering Electronic Data into Aqua Star's own Computer System. Aqua Star does not explain why the involvement of a third party computer system would render Exclusion G inapplicable. Aqua Star also argues that saving the bank information in the spreadsheet "was not materially different than writing the information on a sticky note or index card." Dkt. # 63 at 20. Although Exclusion G may not apply in such a case, that is not the factual situation before the Court. Here, an Aqua Star employee with the appropriate authority unquestionably entered Electronic Data into Aqua Star's Computer System rather than using a record-keeping method that did not involve Aqua Star's Computer System. Aqua Star additionally makes the argument that the "exclusion is intended to preclude coverage where a fraud is perpetrated by an authorized user of an insured's computer system, such as an employee or customer." Dkt. # 63 at 19 (citing Morgan Stanley Dean Witter & Co. v. Chubb Group of Ins. Cos., 2005 N.J. Super. Unpub. LEXIS 798 (N.J. Super. Ct.)); see also Dkt. # 78 at 12. While Aqua Star may have a view regarding what Exclusion G should cover, the clear language of the policy does not limit the exclusion to fraud perpetrated by an authorized user, although as Morgan Stanley demonstrates, it certainly could apply in that situation. Finally, Aqua Star argues that Travelers has not applied Exclusion G consistently and that "either Exclusion G is so ambiguous that Travelers' own employees do not understand the scope of the exclusion, or Travelers is asserting a strained interpretation of Exclusion G in this case in an effort to deny coverage to Aqua Star." Dkt. # 20 at 26.1 Aqua Star does not cite any authority that requires an insurance company to consistently raise an exclusion or risk waiving its ability to rely on the exclusion in the future. The Court will not impose such a rule in this case.

D. Breach of the Covenant of Good Faith and Fair Dealing and Violation of the Insurance Fair Conduct Act (IFCA)

The parties appear to agree that if the Court determines that Aqua Star's loss was not covered by the Policy, summary judgment on Aqua Star's claims for breach of the covenant of good faith and fair dealing and violation of the IFCA is appropriate. Aqua Star has offered no argument that these claims can proceed if the Court determines that coverage was properly denied. Indeed, it is difficult to comprehend how denial of coverage could be deemed "unreasonable" in violation of the IFCA or in breach of the duty of good faith if the Court has concluded that denial was proper. Therefore, the Court grants summary judgment for Travelers as to these claims.

CONCLUSION

For the foregoing reasons the Court GRANTS defendant's motion for summary judgment (Dkt. # 58) and DENIES plaintiff's motion for summary judgment (Dkt. # 45).