Court Favors Bank in Fraud Dispute

Judge: Choice Escrow Declined Bank's Dual Controls

By , March 22, 2013.
Court Favors Bank in Fraud Dispute

A federal court has sided with a Mississippi bank in a lingering dispute with a customer over financial losses linked to an account takeover incident dating back to March 2010. That means the bank will not have to cover the cost of the loss or pay damages.

See Also: Scaling Security with Virtualized Infrastructure

On March 18, in a summary judgment filed in a U.S. District Court in Missouri, a magistrate judge favored BancorpSouth in its legal dispute with Choice Escrow Land Title LLC over a $440,000 loss that resulted from fraudulent wire transfers.

In his ruling, Judge John Maughmer points to Choice Escrow's decision to decline BancorpSouth's offers for dual or two-person authorization on wires. That refusal, the judge determined, relieves the bank of responsibility for the losses that later resulted.

"On two different occasions, Choice was offered the opportunity to employ 'dual control' as part of its utilization of BSB's [BancorpSouth's] InView system and Choice refused the option on both occasions," the judgment states. "There can be little doubt that 'dual control' meets the definition of a security procedure."

Maughmer, however, acknowledges in his ruling that cases involving disputes over ACH and wire fraud have been increasingly heated, and while both banks and commercial customers may believe they have taken adequate steps to protect themselves, courts must base decisions on the letter of the law and contractual agreements.

"The tension in modern society between security and convenience is on full display in this litigation," Maughmer states in his summary judgment. "Choice understandably feels as though it did nothing wrong, but yet is out $440,000. BSB [BancorpSouth], as well, feels as though it has done nothing wrong. In essence, both parties are correct - yet someone must bear the risk of loss."

Long Legal Battle

Choice sued BancorpSouth in November 2010 to recover the losses, which resulted from a fraudulent transfer approved by the bank and wired to an overseas account in Cyprus. Since then, the two parties have been in a back-and-forth legal dispute, with each suing the other over the losses.

In August 2012, a district court in Missouri dismissed BancorpSouth's counterclaim that sought to have Choice held liable for losses, damages and legal costs in the case.

Choice executives declined to comment on whether they planned to appeal the latest ruling in favor of BancorpSouth.

Uniform Commercial Code

The court's decision is supported by a provision within the Uniform Commercial Code's Article 4A that governs how financial institutions should handle incidents of wire-transfer fraud. The court notes that if a bank offers security procedures that a commercial customer refuses, then according to that UCC provision, the customer is liable.

"The experts in this case agree that the fraud would not likely have occurred if Choice had utilized the 'dual control'" offered by the bank, the judgment states. "It elected not to ... twice."

Dan Mitchell, the attorney who represented PATCO Construction Inc. in its federal appeal of another fraud-related case, says the Choice ruling marks the first time a court has based its decision involving an ACH/wire fraud dispute on that UCC liability provision.

But Mitchell also says the reason the provision is not often referenced is because it's not typical for a commercial customer to refuse a security feature offered by a bank. "Most clients take the procedure when it's offered," he says.

David Navetta, co-founder of the Information Law Group and co-chairman of the American Bar Association's Information Security Committee, offers an analysis of why the bank won a favorable ruling. "It came down to this: The bank customer turned down 'dual control,'" he says. "Under UCC 4A-202(c), if a bank offers a commercially reasonable security procedure and that offer is turned down by the customer, and the customer agrees in writing to be bound by payment orders, even if they didn't authorize them, then the customer bears the risk of loss."

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Senate Passes Cybersecurity Skills Shortage Bill

Legislation that aims to help the Department of Homeland Security recruit and retain cybersecurity...

Latest Tweets and Mentions

ARTICLE Senate Passes Cybersecurity Skills Shortage Bill

Legislation that aims to help the Department of Homeland Security recruit and retain cybersecurity...

The ISMG Network