How to respond to online banking fraud

4 May 2016Feature

Sophia Purkis and Lisa Serrant advise solicitors on the steps clients should take to recover stolen money, particularly where the bank refuses to make a refund

Online banking fraud
is becoming more sophisticated, causing large losses to individuals and companies. Unsurprisingly,
the number of cases against banks involving online fraud is increasing.

In March, Sir Bernard Hogan-Howe, head of London's Metropolitan police, suggested banks should not fully refund victims of fraud who have not protected themselves. While not universally well received, his remarks are a reminder that there is no guarantee of a bank refund. So, if this is not forthcoming,
what steps can be taken to recover money?

Initial response

It is vital to act quickly. Money may disappear at a frightening speed, not only from the client's account but also from recipient accounts.

The duty to notify the bank immediately is long established and probably also required under the relevant account terms and conditions. Following notification, the bank should commence its recovery processes and comply with its reporting requirements. It is important to liaise with the bank and police to make sure that there is a co-ordinated approach and to minimise a client's costs.

If the bank does not take the requisite steps, clients should consider their options, such as seeking freezing or disclosure orders against the transmitting and/or receiving banks. Again speed is of the essence.

Banks' obligations

Lost sums are likely to be unauthorised payments, possibly in breach of mandate, and should be refunded by the bank with any charges and compensation for lost interest.

While the banks may have regulatory obligations to follow, for example under the 'Banking: Conduct of Business Sourcebook' (BCOBS) and the Payment Services Regulations 2009, they may be able to rely on usual banking practice to escape liability, as in Tidal Energy Ltd v Bank of Scotland plc [2014] EWCA Civ 1107 (which has an outstanding appeal).

The bank may also rely on exclusion clauses in its terms and conditions and refuse a refund if the customer acted with gross negligence.

Complaints procedure

If the bank does not provide
a refund, the terms and conditions may require the customer to make a complaint to the bank. The response could be useful to indicate the bank's potential defences to a claim.

After the bank's complaints procedure, complaints to the Financial Ombudsman Service (FOS) can be brought - if the matter falls within its jurisdiction - by individuals acting outside their trade, business, or profession and by 'micro-enterprises' (which are defined as having fewer than ten employees and a turnover or balance sheet of under €2m).

FOS complaints are usually less expensive than other remedies and there is not the same liability for opponents' costs as with legal claims. However, there is a limit on awards of £150,000.

Legal claims

First, the terms and conditions at the date of the fraud should be considered with any arrangements regarding the account, such as online banking agreements and payment mandates.

Then, consider claims against the banks for breach of contract for an account and/or a declaration that the account be re-credited as the payments were unauthorised. Also, consider consequential loss claims for any reasonably foreseeable losses.

Negligence claims for damages could be brought even if the payment was apparently authorised (e.g. a PIN was used), for example where the bank had reasonable grounds for believing the instruction to make payment was an attempt to misappropriate funds (e.g. due to the nature, timing, or destination of the payments), as found in Barclays Bank plc v Quincecare Ltd [1992] 4 All
ER 363.

If the client is a 'private person', consider arguments that the loss is suffered as a result of the bank's breach of a Financial Conduct Authority (or Prudential Regulation Authority) rule, such as those in BCOBS, then a claim for damages is available under section 138D of the Financial Services and Markets Act 2000.

Prevention is better than cure but we must be realistic: cybercrime is an ongoing reality and the number of claims arising as a result will continue to grow.

Sophia Purkis, pictured, is a partner at Fladgate and a London Solicitors Litigation Association (LSLA) committee member, and Lisa Serrant is a senior associate at Fladgate www.lsla.co.uk

Legal News desk contact: editorial@solicitorsjournal.com

AI and public law: risks, duties and compliance

AI promises efficiency and savings, but public sector use must comply with legal principles to safeguard fairness and accountability

Supreme Court judgment prompts fraud case review

The Serious Fraud Office has responded to the Supreme Court’s decision impacting several fraud convictions

GPS tags lead to crime reduction

A new report reveals the effectiveness of GPS tagging, which has reduced reoffending rates by 20 percent

Abdol Hossein Azizi v Dama Construction Limited: Appeal dismissed on construction access denial

Access denial during basement excavation leads to structural damage liability in High Court appeal

Disclosure obligations prevail over foreign prosecution concerns in cross-border investigations

High Court ruling clarifies disclosure duties amid international criminal investigations

Tribunal upholds manifestly unreasonable exception in environmental information dispute

First-tier Tribunal dismisses appeal against Information Commissioner, reinforcing limits on environmental information requests under EIR.

Forestscape Limited successfully challenges asset of community value designation

First-tier Tribunal allows appeal against woodland's ACV classification, emphasising evidential requirements for community value designations.

Jury trials under threat in fraud

Plans to replace juries with specialist judges in fraud trials spark fierce debate over justice, efficiency, and rights

UK migration crackdown could pile pressure on lawyers

Sweeping visa curbs and settlement delays pose major compliance challenges, leaving lawyers to navigate risks for clients

Tribunal upholds disclosure of hydrogen heating environmental information

First-tier Tribunal dismisses Secretary of State appeal on environmental information disclosure

High Court scrutinises prolonged immigration detention amid mental health concerns

Immigration detention challenged where vulnerable detainee's mental health deteriorates significantly

High Court refuses DoLS extension for young sexual offender on licence

High Court declines deprivation of liberty order for rehabilitating juvenile offender

Article 13(b) defence in international child abduction: YM v ML analysis

High Court ruling demonstrates stringent threshold for grave risk exception under Hague Convention.

High Court rules on employee share option rights after termination

High Court examines share option exercise rights following employment termination in Dixon v GlobalData

High Court clarifies creditor rights in DG Resources Ltd v HMRC winding-up dispute

High Court reinforces HMRC's creditor position whilst examining service requirements and cross-claim thresholds.

SJ Interview: James Palmer CBE

James Palmer CBE, Partner of Herbert Smith Freehills Kramer, has long been recognised as one of the UK’s most influential corporate lawyers and policy voices. Awarded a CBE in 2025 for his services to business and law, he has combined a high-profile career in M&A with decades of work on legal reform. In this interview, he discusses the challenges of legislative inflation and corporate advice, access to justice, and the future role of technology.

The SQE is failing its own test

Five years on, the SQE is underperforming, and targeted reforms could close persistent gaps.