WKB attorneys win before the Court of Appeal in a case of great significance for banks in terms of their liability related to posting transfers.

WKB represented one of the leading banks in Poland in a case brought by a citizen of England who transferred several million Polish zlotys to an open account as a result of Business E-mail Compromise fraud committed by unknown perpetrators. The funds have been irrecoverably lost. The claimant stated that the bank had failed to exercise due diligence in posting the transfer, in particular, by not verifying the details of the transfer recipient against the details of the owner of the account to which the transfer was eventually made. This constituted the basis for the claimant to seek from the bank a full refund of money lost as a result of the crime.

The lack of liability of a bank that posts a transfer based on the account number detailed in the transfer order (a unique identifier) seems indisputable in light of current EU regulations. From 2011, this matter has been implemented in the Act on Payment Services (based on Directive 2007/64/EC being then in place). Nevertheless, because the transfer in the case in question was made from outside the EU (and EEA), EU regulations did not apply.

Therefore, the Regional Court in Warsaw, before which the case had been pending, had to consider whether a bank posting a transfer from outside of the European Union is obliged to verify only the recipient’s account number as detailed in the transfer order.

The case conducted on behalf of the bank by WKB attorneys, Bartłomiej Jankowski, Natalia Kabacińska, and Krzysztof Wasiewicz, was discontinued by the Regional Court in Warsaw’s decision to dismiss the action. The Regional Court’s answer to the above question was affirmative, and it emphasized that “technical issues related to automation of transfers (posting transferred funds on accounts via an IT system) renders it impossible to require banks to have personal data of transfer recipients verified by bank employees, given the intensity of current financial turnover conducted with the use of bank transfers and under legal requirements concerning deadlines for payment transactions”.

The Court of Appeal in Warsaw, which heard the appeal made on behalf of the citizen of England, agreed with the above stance. By issuing a final and unappealable judgment, the Court of Appeal confirmed that the bank performing the transfer (regardless of its amount) is only required to verify the accuracy of the account number of the transfer recipient against the account number detailed in the transfer order.

These judgements are consistent with prior case-law vital for the entire banking sector, which seems to homogenize due diligence standards imposed on banks in terms of positing transfers, irrespective of the territory from which they originate. The courts are expressly taking a stance of rationalising the liability of banks in light of the requirements imposed by the dynamics of financial turnover in today’s world.
The above remains relevant also in connection with the amended Act on Counteracting Money Laundering and Financing of Terrorism of 30 March 2021 which became effective on 31 October 2021.

This change in provisions does not modify the general rules concerning banks’ liability for performing transfers as described herein. However, the new regulations tighten the verification obligations of banks in specific situations – e.g. in the case of financial transactions related to high-risk third countries, the list of which is determined by the European Commission. The catalogue of these countries includes, among others: Afghanistan, Bahamas, Cambodia, Iran, Iraq, Jamaica, Pakistan, Panama, Syria, Uganda or Zimbabwe.