
    METRO BROKERS, INC., Plaintiff-Appellant, v. TRANSPORTATION INSURANCE COMPANY, Defendant-Appellee.
    No. 14-12969
    Non-Argument Calendar.
    United States Court of Appeals, Eleventh Circuit.
    March 5, 2015.
    David John Hungeling, Adam Scott Ru-benfield, Law Office of David J. Hungel-ing, PC, Atlanta, GA, for Plaintiff-Appellant.
    Eric John Magnuson, Damien A. Riehl, Robins Kaplan Millér & Ciresi, LLP, Minneapolis, MN, William H. Stanhope, Robins Kaplan Miller & Ciresi, LLP, Atlanta, GA, Taylor Layne Davis, Clyde & Co. U.S. LLP, Atlanta, GA, for Defendant-Appel-lee.
    
      Before TJOFLAT, WILSON and EDMONDSON, Circuit Judges.
   PER CURIAM:

In this insurance coverage dispute, Metro , Brokers, Inc. (“Metro”) appeals the district court’s (1) grant of summary judgment in favor of Metro’s insurer, Transportation Insurance Company (“TIC”) and (2) denial of Metro’s motion for reconsideration. No reversible error has been shown; we affirm.

Metro is a real estate brokerage firm conducting business in Georgia. Metro maintained bank accounts with Fidelity Bank (“Bank”) and used the Bank’s online system to make payments from Metro’s accounts. On 10 December 2011, thieves logged into the Bank’s online banking system using a Metro employee’s access ID and password. Then, using a randomly generated single-transaction security code, the thieves authorized various payments— totaling over $188,000 — from a Metro client escrow account to several other bank accounts. Over $154,000 of the stolen funds remains unrecovered.

Although the exact details of the theft are unknown, the parties agree that all available evidence suggests that the thieves used a key-logger virus known as “Zeus” (which was found on several Metro computers) to gain access to Metro employee access IDs and passwords.

Metro filed a claim for the loss under Metro’s insurance policy (“Policy”) with TIC. TIC denied coverage based on the Policy’s malicious-code and system-penetration exclusions. Metro, on the other hand, contends that the loss is not excluded and is covered by the Policy’s Fraud and Alteration (“F & A”) endorsement.

In two detailed and well-reasoned opinions, the district court concluded that the Policy did not cover Metro’s loss and, thus, that TIC was entitled to summary judgment on Metro’s breach of contract claim. The district court determined that Metro’s loss was not covered by the Policy’s F & A endorsement for two reasons: (1) the fraudulent electronic transfers did not involve a “check, draft, promissory note, bill of exchange, • or similar written promise, order or direction to pay a sum certain;” and (2) Metro’s loss fell within the Policy’s exclusions for losses caused by malicious code or system penetration. Because Metro’s claim was not covered under the Policy, the district court granted summary judgment for TIC on Metro’s claims for breach of contract and for bad faith.

We review de novo a district court’s grant of summary judgment, viewing the evidence and drawing all reasonable inferences in favor of the non-moving party. Harrison v. Benchmark Elecs. v. Huntsville, Inc., 593 F.3d 1206, 1211 (11th Cir.2010).

Under Georgia law, “[a]n insurance policy is governed by the ordinary rules of contract construction.” Banks v. Bhd. Mut. Ins. Co., 301 Ga.App. 101, 686 S.E.2d 872, 874 (2009). Whether the language in an insurance policy is ambiguous is a matter of law for the court to decide. Id. “Extrinsic evidence to explain ambiguity in a contract becomes admissible only when a contract remains ambiguous after the pertinent rules of construction have been applied.” Claussen v. Aetna Cas. & Sur. Co., 259 Ga. 333, 380 S.E.2d 686, 687 (1989). “When the language of a policy is unambiguous and capable of but one reasonable construction, we enforce the contract as written.” Banks, 686 S.E.2d at 874. “The words used in policies of insurance, as in all other contracts, bear their usual and common significance, and policies of insurance are, as in all other contracts, to be construed in their ordinary meaning.” Lawyers Title Ins. Corp. v. Griffin, 302 Ga.App. 726, 691 S.E.2d 633, 636 (2010).

Metro argues that its loss is covered by the Policy’s F & A endorsement. We disagree. The Policy’s F & A endorsement provides that TIC “will pay for loss resulting directly from ‘forgery’ or alteration of, on, or in any check, draft, promissory note, bill of exchange, or similar written promise, order or direction to pay a sum certain....” The term “forgery” is defined in the Policy as “the signing of the name of another person or organization with intent to deceive.”

The electronic fund transfers in this case did not involve a “check, draft, promissory note, [or] bill of exchange.” The transfers also cannot be characterized as involving a “written promise, order or direction to pay” that was “similar” to the three enumerated instruments. Under both federal and Georgia law, electronic fund transfers are distinguished from — and treated differently from — fund transfers made by check, draft, or bill of exchange. See 15 U.S.C. § 1693a(7) (emphasis added) (the Electronic Fund Transfer Act defines an “electronic fund transfer” as “any transfer of funds, other than a transaction originated by check, draft, or similar paper instrument, which is initiated through an electronic terminal, telephonic instrument, or computer or magnetic tape so as to order, instruct, or authorize a financial institution to debit or credit an account.”); O.C.G.A. § 11-4A-108 (providing expressly that Georgia’s Uniform Commercial Code on fund transfers does not apply to electronic fund transfers governed by the federal Electronic Fund Transfer Act).

Moreover, Metro has also failed to demonstrate that the theft involved the “signing of [a] name,” as required under the Policy’s “forgery” definition. Although the thieves used the stolen access ID and password to access the Bank’s online system (and then used a randomly generated security code to authorize the transfers), nothing establishes that doing so constituted the “signing of the name of another person or organization” under the terms of the Policy.

First, nothing about the Policy’s provision that “signatures that are produced or reproduced electronically” will be considered “the same as handwritten signatures” — in and of itself — establishes that an access ID and password constitute a “signature” (electronic or otherwise) within the meaning of the Policy.

Second, contrary to Metro’s argument, the Georgia Court of Appeals’ decision in Allstate Ins. Co. v. Renshaw, 151 Ga.App. 80, 258 S.E.2d 744 (1979), does not control here. In Renshaw, the state court concluded a loss resulting from the theft of plaintiffs bank card and personal identification number (PIN) constituted a “forgery” under plaintiffs homeowners insurance policy. Because the policy contained no definition of the term “forgery,” the court relied on the definitions of “forgery” and “writing” found in Georgia’s criminal code. The court concluded that the recording of plaintiffs PIN number was a “writing” within the meaning of Georgia’s criminal code. Here — unlike in Ren-shaw — the Policy defined expressly and unambiguously the term “forgery.” Thus, we need not (and must not) rely on Georgia’s criminal code to interpret the Policy’s language. The question of whether the unauthorized use of Metro’s access ID and password was a “writing” under Georgia’s criminal code has no significance to this case.

Because Metro has failed to demonstrate that its loss was covered under the Policy’s F & A endorsement, TIC was entitled to summary judgment on Metro’s breach of contract claim. See Allstate Ins. Co. v. Grayes, 216 Ga.App. 419, 454 S.E.2d 616, 618 (1995) (“To establish a prima facie case on a claim under a policy of insurance the insured must show the occurrence was within the risk insured against.”).

We also agree with the district court’s conclusion that Metro’s claim fell under the Policy’s malicious-code exclusion. That the thieves (in some way) used a computer virus to commit then-theft is undisputed. The Policy defines “malicious code” as including, among other things, “computer viruses.” Although Metro argues that the computer virus did not in fact “cause” the loss (because of the thieves’ intervening conduct), the Policy states unambiguously that it does not cover losses “caused directly or indirectly” by malicious code “regardless of any other cause or event that contributes concurrently or in any sequence to the loss.” Based on this broad (but plain) exclusionary language, we conclude that Metro’s loss is excluded.

Because Metro’s loss is not covered by the Policy, Metro’s claims for both breach of contract and for bad faith must fail. See Lawyers Title Ins. Corp. v. Griffin, 302 Ga.App. 726, 691 S.E.2d 633, 636-37 (2010) (concluding that, to establish a bad faith claim under O.C.G.A. § 33-4-6, an insured must show, among other things, that his claim is covered under the insurance policy).

AFFIRMED. 
      
      
         Because we conclude that Metro’s loss is excluded under the malicious-code exclusion, we do not decide whether the loss would also fall under the system-penetration exclusion.
     