A Jersey bank is hit by an "APP Fraud" during a London property transaction
- In the Jersey Royal Court, there is a discovery case involving Standard Chartered Bank, Jersey Branch [Defendant] and its customers, Ishal Agarwal [First Plaintiff] and Mira Agarwal [Second Plaintiff]. And the discovery case is in connection to an Authorised Push Payment Fraud ("APP Fraud") where the plaintiffs paid money to a fraudster and not the client account of Bedell Cristin at a bank in Jersey.
- In late 2019 customers (the Agarwal's) of Standard Chartered Bank, Jersey Branch [the bank] decided to purchase a property in London and engaged Bedell Cristin to act as their conveyancing lawyers. The partner responsible was Mr Jeff O'Boyle.
- The Agarwal's paid a deposit in January 2020 to a client account of Bedell Cristin at a bank in Jersey.
- And the sale of the property was due to complete on 31st July 2020. And the balance of the purchase price and disbursements were due on this date.
- The bank spotted a [big] problem with the lawyers' emails following the payment. The domain name in the email sent by the fraudster was
- "bedellcristn" instead of
DUTY OF CARE OWED BY THE BANK
- The Agarwal's consider the bank should have spotted the fraud. And as set out in paragraph 4 of the order of justice as follows: -
- "4. SCB owed to Mr and Mrs Agarwal contractual and /or customary law duties to act with reasonable skill and care in providing banking services.
- The standard of care is to be judged by reference to a bank operating in a regulated environment and handling international money transfers, in the context of the known vulnerability of such transfers to fraudulent activity."
SHOW US YOUR PROCEDURES
- The plaintiffs' now wish to see: -
- The defendant's policies and procedures in relation to fraud awareness and Authorised Push Payment Fraud ("APP Fraud");
- The training undertaken by certain individuals of the defendant in relation to fraud awareness and APP Fraud during a defined period; and
- Any warnings notices or similar alerts disseminated within the defendant's Jersey branch between specified dates.
AN EXPENSIVE LESSON LEARNED?
- Although we don't know the property value if Mr. and Mrs. Agarwal win their case, this could prove to be an expensive incident for the bank!!!
The full of the matter https://www.jerseylaw.je/judgments/unreported/Pages/JRC011.aspx
And the complete account of the transaction and arguments are shown below:
- The following background is taken from the pleadings and a schedule of facts where the parties had sought to identify what factual issues were and were not in dispute. It is a summary only and is not intended to amount to any definitive findings against either party.
- The plaintiffs were customers of the defendant's Jersey branch. In late 2019 they decided to purchase a property in London and engaged Bedell Cristin to act as their conveyancing lawyers. The partner responsible was a Mr. Jeff O'Boyle.
- The plaintiffs paid a deposit in January 2020 to a client account of Bedell Cristin at a bank in Jersey. The first plaintiff had been provided with details of the client account by Bedell Cristin.
- The sale of the property was due to complete on 31stJuly 2020. The balance of the purchase price and disbursements were due on this date.
- By an email dated 28thJuly 2020 a person or persons unknown purporting to be Mr O'Boyle ("the fraudster") asked the first plaintiff to send payment of the balance of the purchase price to a bank account identified in an attachment to that email.
- The named holder of the bank account was said to be a company called Construction Services Limited and the payee bank identified was HSBC Bank in St Helier.
- The first plaintiff therefore instructed the defendant by email to transfer the balance of the purchase price to the bank identified in the email of 28thJuly 2020.
- That same day before effecting the transfer an employee of the defendant called the first plaintiff to confirm the account details provided by the first plaintiff in reliance on the information given to him by the fraudster.
- On the morning of 30thJuly 2020 an employee of the defendant emailed the first plaintiff passing on a query from the defendant's payments team, namely that the beneficiary of the payment was not Bedell Cristin. The first plaintiff subsequently confirmed this was correct in reliance on the explanation given by the fraudster.
- Later on 30thJuly 2020 a second employee of the defendant identified that the account location given to the first defendant did not correspond with the sort code location of the account number itself, which was for HSBC Bank in Leicester.
- This discrepancy was brought to the attention of the first plaintiff who suggested that the defendant reply to the sender of an email dated 28thJuly 2020. This employee therefore contacted the sender of the email of 28th July 2020 who confirmed the account details and payment was then made.
- After payment had been made the email used by the fraudster was noted by the defendant to contain a domain name "bedellcristn" instead of "bedellcristin".
THE BREACHES COMPLAINED OF ARE SUMMARISED AT PARAGRAPHS 20 TO 24 OF THE ORDER OF JUSTICE AS FOLLOWS: -
- The defendant was on notice that the payment details given by the first plaintiff were not those of Bedell Cristin's usual client account and were on notice that the payment details given by the first plaintiff did not match the bank's location;
- It was implausible that Bedell Cristin would have set up a company with a bank account in Leicester called Construction Services Limited and with no reference to Bedell Cristin;
- The defendant was said to be further on notice that law firms are obliged to keep client monies separate from their own monies and that client transfers are already made to an account including the words "Client Account";
- The bank failed to verify the account details in a way sufficient to discharge its duty of care;
- The bank had failed to notice that the email addresses were not legitimate Bedell Cristin email addresses;
- The explanation given from the fraudster confirming the account details was implausible and grammatically unusual;
- The account details were entirely different to those provided previously for the same transaction by Bedell Cristin in relation to the deposit; and
- The defendant should have been alert to the risk of fraud given that frauds of this kind were not uncommon, especially in connection with property transactions;
IN RELATION TO THE ALLEGED BREACHES THE DEFENDANT'S CASE IS AS FOLLOWS: -
- It denied it was under any duty to identify the fraud;
- It denied that the defendant failed to exercise reasonable care and skill in executing the Plaintiffs' instructions (or, insofar as relevant, otherwise in providing banking services);
- The defendant's primary duty was to give effect to the plaintiffs' instructions;
- It was denied that the defendant was under a duty to second guess instructions or to protect the plaintiffs from the consequences of their own decisions;
- It was denied that the defendant took responsibility for verifying the account details. Rather the defendant followed the first plaintiff's instructions to query the account details;
- The defendant was not under any obligation to conduct a forensic review of emails or to identify the missing 'i' in Bedell Cristin; and
- Having identified the discrepancy in the account details, the defendant followed the first plaintiff's instructions to query the account details in an email to the person the first plaintiff had himself introduced and represented to SCB as his attorney.
Read here the full discovery hearing -
Meet the team of industry experts behind ComsureFind out more
Keep up to date with the very latest news from ComsureFind out more
View our latest imagery from our news and workFind out more
Think we can help you and your business? Chat to us todayGet In Touch
As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[www.gov.UK/government/publications/copyright-acts-and-related-laws]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here www.gov.uk/guidance/exceptions-to-copyright]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email firstname.lastname@example.org.