Disputed e-banking transactions

Category Abuse and fraud | Source Annual Report 2019/19

The client who turned to the Ombudsman in the present case was already at an advanced age and was represented by her grandson. She had opened an account with the bank several years ago and found that it was practically emptied by means of payment orders totalling around CHF 70,000, which were issued via e-banking. She was not aware that she had ever concluded an e-banking contract, did not, according to her, own a computer and had no computer skills. It turned out that the client’s son-in-law had intercepted the access data for e-banking sent by the bank to her address. He had then transferred his mother-in-law’s money to his account and his wife’s account at the same bank and finally used it up. The bank refused to compensate the client and refused to make any concessions in the ombudsman procedure. It was severely criticised for this by the Ombudsman. However, he had no choice but to refer the elderly customer to the ordinary courts.

The customer demanded compensation from the bank for the payments made without her order. The bank refused to do so, basing its decision on the due diligence and liability provisions of the e-banking agreement concluded with the client in accordance with the bank’s instructions. When asked when and how this agreement was concluded, the bank provided evasive, if not misleading information in its correspondence with the client and also in its initial replies to the Ombudsman.

In response to the Ombudsman’s inquiries, it finally stated that it was to be assumed that the client had expressed the wish to have e-banking access when opening the account, in which she had been accompanied by her daughter. She claimed that when the account was opened, the client was given a document in which all services, including e-banking, were listed. However, the bank could not provide a personalised copy of this document. The relevant contractual terms and conditions were then accepted during the first e-banking log-in. For this log-in, the bank card and the corresponding PIN were absolutely necessary. Both were still in her possession when the client withdrew cash at a bank counter. She had breached her duty of care by allowing the fraudster to gain possession of the card and the PIN. The bank was not responsible for the fact that the fraudster, who was a member of the client’s family, had also intercepted the card reader and a password, which were required in addition to the bank card and the PIN to access e-banking. Finally, the client had failed to inquire about the missing account statements, which were sent to her monthly and apparently also intercepted by the fraudster. Had she done so, she could have discovered the fraudulent transactions earlier and prevented further such transactions.

The Ombudsman found it highly unusual that the bank could not clearly prove the alleged conclusion of the e-banking agreement with the client and had to derive it on the basis of such assumptions. This e-banking agreement described the client’s duties of care. It also contained the basis on which transactions that were not carried out by the client could be attributed to her and debited to her account. The Client contested the conclusion of such a contract because she did not want any e-banking services, did not have the necessary electronic devices and, according to her information, would not have been able to operate such devices due to a lack of the necessary knowledge. As a neutral mediator, the Ombudsman must respect the credibility of the parties and is unable to provide binding clarification of a disputed matter by means of a procedure of taking evidence. During the mediation procedure, it therefore had to remain open which party was right with regard to the disputed conclusion of an e-banking agreement.

After considering the party’s points of view, the Ombudsman considered it useful to resolve the dispute by way of settlement. In doing so, he assumed that the Bank was obliged to provide evidence for the conclusion of the contract it had asserted. He had serious doubts as to whether the bank would be able to provide such proof in court proceedings. The customer, on the other hand, probably had to accept the fact that the fraudster had come into possession of the bank card and the associated PIN. However, it did not seem reasonable to him that she should also be responsible for the interception of the card reader and the e-banking password if, as she claimed, she had not concluded an e-banking contract and was not expecting such delivery. On the other hand, the fact that she had in fact never inquired about account statements and was therefore unable to check them actually contributed to the increase in damage.

On the basis of these considerations, the Ombudsman called on the bank to accommodate the customer to a large extent. However, the bank categorically refused to make any concessions. He therefore had to discontinue his mediation efforts and refer the client to the ordinary courts in a final notice. He expressed to the bank his lack of understanding for her unwillingness to settle and her behaviour during the ombudsman procedure.

More from this Category