The recent decision by the Court of Appeal found no fault for the principal that had ordered a transfer as part of a corporate officer’s identity fraud. New area of risk for banks in this growing market despite omnipresent prevention? Better prospects for the victim companies?
Warnings from the French government, the film “Je compte sur vous” (I’m counting on you), a “serious game” that puts you in the role of a fraudster as part of a video game, press articles describing the most unbelievable stories… There are many ways to raise personnel awareness regarding “corporate officer’s identity fraud”(1).
And yet, the number of victims continues to increase. According to the OCRGDF(2), the overall loss(3) in France since 2010 is equal to more than €485 million. This type of fraud, the invention of which is attributed to the Franco-Israeli Gilbert Chikli, can affect any type of company, including public administration. Recently, the Defence Minister’s identity was apparently used to pay a ransom after a so-called hostage-taking involving secret agents!
Of course, this French invention has gone well beyond our borders. The FBI reports an increase of more than 270% of cases since January 2013, raising the number of victims to nearly 18,000, for losses of more than $2.3 billion in 80 countries worldwide
Finally, if you should unfortunately become the victim of such a fraud, don’t lose hope! Everything may well not be lost, as demonstrated by the decision of the Paris Court of Appeal on 14 April 2016(4), reported by “Les Echos”(5) newspaper. In this dispute, the victim company filed suit against the bank for having performed a transfer after the theft of its director’s identity
More specifically, in this case, instructions to carry out a transfer to Cyprus as part of a “secret operation” were sent to the accounting service of the victim company, from an e-mail address supposedly used by the director of this same company. Unaccustomed to performing bank transactions, the accountant sent a transfer order to the bank for €100,000 that included the director’s signature, which had apparently been crudely falsified. After calling back the accountant in question (unauthorised but the usual contact person in case of the director’s absence), the bank proceeded with the transfer. The Court of Appeal decided that the bank had carried out a false transfer order, and that no fault on the part of the victim company could be demonstrated. It ordered the bank to reimburse the entire transfer.
Will this decision truly constitute a new precedent with regard to the execution of false transfer orders in the event of corporate identity theft fraud? Could it be extended to disputes involving non-falsified transfer orders, for which execution is requested after the theft of the identity of the directors? Would it be fair to have the banks bear the entire loss for which the cause is very often linked to a certain degree of carelessness on the part of the originators? Will the bank in question appeal the decision?
To be followed.
Financial risks loss adjuster, GM Consultant Group
1 Process by which a swindler usurps a company director’s identity and convinces an employee to carry out a transfer.
2 The Central Office for the Repression of Major Financial Fraud (OCRGDF)
3 The OCRGDF figure also includes supplier fraud (a variant of chairman fraud in which the supplier’s identity is stolen).
4 Paris Court of Appeal, N° 14/23355