Banks could now be liable for push payment fraud – a watershed moment for consumers

Yesterday, in what may be a significant victory for consumers, the Court of Appeal revived a customer’s claim against Barclays Bank UK PLC, ruling that the High Court should not have granted the bank summary judgement and that banks may be liable if they fail to protect customers against Authorised Push Payment (APP) fraud. With the case now heading for trial, the retail banking sector will now be keenly watching the outcome of this dispute, which extends the scope of the duty of care owed by banks to its customers.

APP fraud is where a customer has been deceived by a fraudster to instruct their bank to transfer money from their account to one controlled by the fraudster. Mrs Fiona Philips’, along with her husband, Dr Philip, were the victims of an APP fraud in March 2018, whereby they transferred over £700,000 into two separate bank accounts in the United Arab Emirates, via Mrs Philips’ account held with Barclays. This sum accounted for around three quarters of their life savings. The couple believed they were moving the money into safe accounts in order to protect it from fraud. The fraud was fairly sophisticated in that a team of fraudsters made a series of calls since late February 2018, convincing Mrs and Dr Philips that they were part of an anti-fraud operation, with both the Financial Conduct Authority and the National Crime Agency being involved. One of those telephone calls appeared to be the NCA’s telephone number (as shown on the NCA website), whereby an associate of the fraudster encouraged Dr Philip to look up the telephone number on the internet.

Mrs Philip, along with intervention from The Consumers’ Association, contend that the bank breached their duty of care to her established by common law, an implied duty within the contract between her and the bank, and or by statute under s13 of the Supply of Goods and Services Act 1982. This duty requires banks to take reasonable care and skill when carrying out a customer’s instructions. In particular, it obliges a bank not to execute an instruction when it has reasonable grounds for believing that a received request is an attempt to misappropriate a customer’s money. It is often referred to by lawyers as the ‘Quincecare duty’ (identified by the High Court in Barclays Bank v Quincecare [1992]). At paragraph 27 of the judgement, Lord Justice Birss neatly summarises this duty in that it requires banks to exercise caution in circumstances that would ‘put an ordinary prudent banker on inquiry.’

The Court of Appeal rejected the High Court’s previous summary judgement ruling that the Quincecare duty cannot apply in this case. In the judgement, LJ Birss rejects Barclays’ Defence that it only has a duty to carry out a customer’s instructions and ‘…it was not obliged to question or advise on the commercial wisdom or otherwise of a particular transaction.’ LJ Birss also considered the potential duty owed by the bank in detail and held that the proper place to consider the issue was at trial, and not at a relatively short interim court hearing:

‘…that it is, therefore, at least possible in principle that a relevant duty of care could arise in the case of a customer instructing their bank to make a payment when that customer is the victim of APP fraud. The second part of my conclusions is that the right occasion on which to decide whether such a duty in fact arises in this case is at trial.’

For consumers, this is a revolutionary decision extending the Quincecare duty to private individuals who may potentially able to seek legal and financial redress from retail banks, if a lender does not take reasonable and careful checks to ensure its customers have not fallen victim to fraud.

For plain-speaking, comprehensive advice or to discuss a civil fraud matter, please get in touch with our litigation team.