IT'S NOT THE BANKS FAULT IF YOU PAY A FRAUDSTER
26/01/2021
In a detailed High Court judgment Philipp v Barclays Bank UK PLC [2021] EWHC 10 (Ch) HHJ Russen QC found that:
- The Quincecare duty is limited to fraudulent payments by a customer's agent and
- Does not extend to circumstances where a customer knowingly and willingly instructs a payment, albeit as a result of fraud.
Background
- Banks have a primary legal duty to act in accordance with their customer's mandate and to exercise reasonable care and skill in executing those instructions.
- This duty was qualified by the decision in Barclays Bank plc v Quincecare [1992] 4 All ER 363, such that a bank is required to execute an instructed payment unless
- An ordinary prudent banker would have reasonable grounds for believing that the transactions were an attempt to misappropriate their customer's money.
- In Quincecare, an officer of the customer executed a fraudulent payment instruction for their own benefit.
- The so-called Quincecare duty has been the subject of judicial consideration in recent years but has only been applied where fraudulent payment instructions are provided to a bank by a customer's agent.
- Philipp is the first case to consider whether banks owe a Quincecare duty in circumstances where,
- Although a transaction turned out to be fraudulent,
- The instructions were not.
Facts of the case
- The Claimant, Mrs Philipp, was the victim of an Authorised Push Payment ("APP") fraud, which resulted in her losing £700,000 across two international payments instructed in branch to an unidentified third party (the "Payments").
- They followed a significant deposit from the Claimant's husband's investment account into her bank account, held with Barclays Bank UK PLC (the "Bank").
- This was a 'safe account scam'.
- The Claimant believed she was protecting her money by making the Payments and assisting an investigation by the Financial Conduct Authority and the National Crime Agency.
- Instead, the payments were made to a fraudster.
- The Claimant and her husband were "under the spell of the fraudster".
- They did not believe the police who visited them on two occasions to suggest that they were being defrauded.
- The Bank was given a cover story for the Payments and was therefore not aware of their true purpose.
- The Claimant reported the scam approximately two weeks after the Payments. By then, the Bank was unable to recover any sums from the receiving banks.
The Claim
- The Claimant brought a claim for £700,000 plus interest against the Bank on the basis that, when making the Payments, the Bank had failed to comply with an alleged duty to protect her from losing her funds, albeit her instructions in making the Payments were "authorised and ostensibly free-willed" (the "Claim").
- It was argued that the Bank had an obligation to question the Claimant about the legitimacy of the Payments and that it had a duty to have in place APP fraud detection and prevention policies and procedures.
- The Bank applied to strike out the Claim or have a summary judgment entered against the Claimant.
- It argued that:
- An alleged duty to protect the Claimant from the consequences of making the Payments (which she had authorised based on a fraudulently induced belief), was not one recognised in law.
- Further, it should not be recognised because it conflicted with the Bank's established primary duty to comply with its customer's mandate.
Key finding
- Finding in favour of the Bank, HHJ Russen QC ruled that
- The only duty owed by the Bank was to exercise reasonable skill and care in processing the Payments. This was "unqualified, on [the] facts, by any meaningful Quincecare duty".
- The Quincecare duty does not apply where the customer provides a genuine payment instruction.
- The Claim was an attempt to stretch Quincecare beyond its established boundaries.
- The duty is confined to cases of attempted misappropriation by an agent of the customer i.e. where the instructions themselves are fraudulent.
- Where a bank's customer is an individual, "their authority to make the payment is not only apparent but must also be taken by the bank to be real and genuine". This does not change because the payment has been fraudulently induced by a third party.
- The Bank had no legal obligation to second guess the Claimant's instructions.
- To decide otherwise would require the Bank to assume the role of amateur detective, and would effectively elevate the Quincecare duty - which is the "subordinate or ancillary duty" - above the "primary duty" to follow customer instructions.
- The judge noted that "this would emasculate the primary duty and involve the supposedly subordinate duty carrying with it a higher level of obligation" than the previous case law had contemplated.
- The Bank could not be fixed with knowledge based on what might have been obtained by speculation or detective work.
Further findings - The judgment provides several further points of clarity in relation to the Quincecare duty itself:
- The lack of a clear framework of rules against which banks could be judged was a clear obstacle to a finding in favour of a Quincecare duty in the context of APP scam cases.
- If banks are to be required to question their customers' instructions, such a requirement should be contained in a clearly recognised banking code.
- HHJ Russen QC opined that the recently introduced voluntary Contingent Reimbursement Model ("CRM") is not such a code.
- The Bank was not legally required to have in place policies and procedures for the purposes of detecting and preventing APP fraud.
- Further, whether a bank breaches its own internal policies and procedures is not determinative of whether they have breached their legal duty to their customer (as the former may or may not reflect industry-wide standards in a particular area as opposed to what the Bank requires of itself).
- It would be "commercially unrealistic" for a bank to require its staff to question every authorised payment instruction, regardless of the amount, and impractical to set a threshold level at which such questioning may become necessary.
- The Court also warned about the dangers of applying hindsight,
- In the knowledge that a fraud has taken place, to reach unrealistic conclusions as to what could have been known at the time (especially if the alleged duty to undertake checks only "might" have revealed that the transaction in question was one the customer would come to regret).
Furthermore:
- Adducing expert evidence on a bank's duties is of limited value.
- The scope of a bank's duties, and whether or not any particular duty applies, are purely legal questions.
- The Court was reluctant to find liability in a case where the Bank had not behaved
- Dishonestly (so as to found a dishonest assistance claim) or
- Unconscionably (i.e. to commercially unacceptable standards, as in a claim for knowing receipt).
Analysis and Practical Advice
- This decision provides clarity that:
- The Quincecare duty will not apply unless
- Instructions are given by an agent of the customer, and, even then, only if there are reasonable grounds to suspect instructions themselves are fraudulent.
- This excludes its application in APP scam cases,
- Where the customer provides a genuine instruction (albeit induced by a fraudulent third party).
- The primary duty is to process customer payments.
- The Quincecare duty will not apply unless
- It is unlikely that banks' legal duties will be measured against industry codes and guidance which do not have the force of law.
- Similarly, breaching internal policies and procedures, but not what is legally required, will not necessarily result in legal liability (if those policies and procedures can be shown to go beyond the strict legal requirements – which will be the case for many financial institutions).
- This judgment will be of interest to the Financial Ombudsman Service ("FOS").
- The decision sits in contrast to the FOS' recent approach in relation to APP complaints, in which it commonly cites the Quincecare duty and upholds them on the basis of non-binding industry guidance.
- While Contingent Reimbursement Model may now offer protection to customers of participant banks, which did not exist when the Claimant instructed the Payments, customers should nevertheless be encouraged to be vigilant and cautious when providing payment instructions.
- Customer education and awareness are necessary to tackle APP fraud.
- It is likely that this issue will reach the higher appeal courts.
- However, HHJ Russen QC's carefully considered judgment did not set new law; rather, it interpreted the established authorities.
Read the full article
The Team
Meet the team of industry experts behind Comsure
Find out moreLatest News
Keep up to date with the very latest news from Comsure
Find out moreGallery
View our latest imagery from our news and work
Find out moreContact
Think we can help you and your business? Chat to us today
Get In TouchNews Disclaimer
As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[www.gov.UK/government/publications/copyright-acts-and-related-laws]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here www.gov.uk/guidance/exceptions-to-copyright]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email info@comsuregroup.com.