Gordon Deane: No duty of care owed to individual customer in APP fraud claim
Gordon Dean, partner at law firm Balfour Mason, discusses the impact of an increase in authorised push payment (APP) fraud in recent years.
There has been a huge rise in “authorised push payment” or “APP” fraud over recent years. The amounts involved in these scams can be significant.
The High Court in England recently rejected a claim by a bank customer who fell victim to an APP fraud. A disappointing result for individuals who have also fallen victim to this type of scam.
The facts in the case of Philipp v Barclays Bank are sadly all too familiar in the context of APP fraud. In March 2018, the claimant was the victim of an elaborate deception by a third party fraudster. She transferred £700,000 in two separate tranches from her account with Barclays to international bank accounts, in the belief that the money would be safe and that she was assisting an investigation by the FCA and the National Crime Agency.
The claimant brought a claim against Barclays to recover damages for the loss she suffered by making the two payments, alleging that Barclays owed and breached a duty of care to protect her from the consequences of the payments.
The court held that that Barclays did not owe the claimant a duty of care in respect of the APP fraud and granted summary judgment in favour of Barclays. Barclays successfully argued that the so-called “Quincecare” duty did not apply. This duty arises where a bank has received a payment mandate from an authorised signatory of its customer, and executed the order, in circumstances where (allegedly) there were red flags to suggest that the order was an attempt to misappropriate the funds of the customer.
In this case the court ruled that the “Quincecare” duty does not currently extend to individual customers. The court was not persuaded to extend the “Quincecare” duty to protect an individual customer in the context of an APP fraud, saying to do so would be contrary to the legal principles underpinning the duty.
The judge went on to make the observation that banks “cannot be expected to carry out such urgent detective work, or treated as a gatekeeper or guardian in relation to the commercial wisdom of the customer’s decision and the payment instructions which result”.
In the absence of a remedy through the courts, what options are available to any customer who has fallen victim to an APP fraud?
The best option appears to be the Contingent Reimbursement Model Code for Authorised Push Payment Scams. This was launched in 28 May 2019. A significant number of banks have signed up to the Code. This voluntary code provides full refunds to consumers, micro-enterprises and charities who are victims of domestic APP fraud although the bank can refuse to refund in cases of “gross negligence” by the customer.
The customer can also rely upon the Payment Services Regulations 2017 (SI 2017/752). These regulations are intended to protect the payer. The paying bank is obliged to refund unauthorised payments promptly. The difficulty with these regulations is that business customers have no direct ability to enforce them, except in limited cases through the Financial Ombudsman Service.