08 Dec BANKERS BEWARE: THE DUTY TO PROTECT CUSTOMERS FROM FRAUD
In the recent case of Singularis Holdings Limited (in liquidation) v Daiwa Capital Markets Europe Limited, the United Kingdom’s Supreme Court upheld the judgments of the lower courts and found that a bank was in breach of its duty to a customer when it processed transactions that amounted to a fraud on the customer. While it has long been established that a bank has a duty, known as a Quincecare duty (see Barclays Bank plc v Quincecare Ltd and another), to use reasonable skill and care in executing customer’s orders and would be liable where it failed to make reasonable enquiries, this case is the first time that a bank has actually be found to be in breach of that duty by a UK Court. This duty is a common law duty and is therefore likely to also be applicable in Trinidad and Tobago.
The Facts In Singularis
The company in Singularis had been set up to manage the assets of a businessman. This businessman was the sole shareholder, a director, and the chairman. He was also the authorised signatory on the company’s bank accounts. Over the course of about six weeks, the businessman, purportedly on behalf of the company, gave instructions to pay all of the money held in its bank account to other related entities. It was noted that the other six directors were not involved in providing the instructions. These payments amounted to about US$204 million dollars and were found to be misappropriations of the company’s funds. The company subsequently entered liquidation and sued the bank for compensation for the payments made on the basis that the bank breached its duty to the company by executing the payments.
The bank in Singularis was found to be in breach of its Quincecare duty since at the time that the payments were made, there were obvious signs that the businessman was perpetrating a fraud on the company. Among them were that the bank knew that the company was in financial trouble, the bank knew of the possibility that at least one of the payments was a front, and though employees in the bank realised that the account should be closely monitored, no one was actually closely monitoring the account. Having had sufficient knowledge of the company and its account history to be put on inquiry in relation to the fraud, the bank was therefore held to be negligent in failing to take necessary steps to protect the company.
It should be noted that the bank in Singularis was not a typical retail bank that would administer hundreds of bank accounts with thousands of weekly payment instructions. In the case of a typical retail bank, it would likely be much more difficult to establish that the bank had sufficient knowledge of the particular customer and its circumstances to be put on inquiry.
Why Singularis Is Important
The circumstances in Singularis were described as unusual and unlikely to be repeated but the case is nevertheless important both for banks and their customers.
For banks, it shows the importance of carrying out due diligence on transactions and of properly monitoring customer accounts, particularly when they are aware or ought to be aware of any financial difficulties that the customer is experiencing. It is insufficient to show merely that the instructions from the transaction came from the authorised person(s). Banks must balance their Quincecare duty to take reasonable care, with the duty to execute instructions promptly to avoid causing loss to customers. Banks may wish to consider using the terms and conditions of customer accounts to expressly exclude the Quincecare duty but should be aware that there is a very high threshold to cross before a court will accept that the duty has been excluded. In another recent case (JP Morgan Chase Bank, NA v The Federal Republic of Nigeria) the UK Court of Appeal considered that it is possible to exclude the Quincecare duty but that doing so would require very clear words. On the facts of that case, the clauses of the agreement, which included a clause purporting to exclude liability where the bank acted in good faith on what it believed to be its customer’s instructions, were held to be insufficient to exclude the Quincecare duty.
For customers that are companies, it shows that though the threshold is admittedly high, it is possible to recover from a bank, money that was fraudulently paid from a company’s bank account, even when the fraud is carried out by a person who is otherwise authorised to operate the bank account. It should also serve as a reminder that companies are separate legal personalities from their owners and that a company can be defrauded by its owner.
For customers that are individuals, the case raises questions about banks’ duties where for example, the customer has had their identity stolen or has been a victim of a phishing attack. If the fraudster then carries out transactions which are suspicious or unusual and the bank fails to make reasonable enquiries, the bank could possibly be liable to compensate the customer for any money lost. Customers should of course not solely rely on their banks to prevent fraud but be proactive in protecting their personal and banking information.
Disclaimer: This Document Provides General Guidance Only And Nothing In This Document Constitutes Legal Advice. Should You Require Specific Assistance, Please Contact Your Attorney-At-Law.
This Article was authored by Glenn Hamel-Smith, Partner, and Riane Trotman, Associate, at M. Hamel-Smith & Co. They can be reached at firstname.lastname@example.org and email@example.com.
You can receive updates straight to your inbox by Subscribing To Our Blog!