The Claimant, the Saudi Arabian subsidiary of an Italian corporation that constructs gas and oil plants, had taken out a loan of US$7.5 million from Tecnimont SpA (TCM) in July 2018 to cover a cash flow shortfall.
TCM requested repayment legitimately by email on 25 October 2018. Unbeknownst to the Claimant, however, TCM's Group Finance Director (GFD) was subsequently the victim of a phishing scam and the scammer gained access to his email account. An email was then sent to the Claimant on 27 October 2018 from the GFD's email account with a demand for repayment of US$5 million of the loan into a NatWest bank account with the name "Asecna Tecnimont SpA".
The Claimant gave instructions to Saudi Arabia British Bank to make the transfer, which was then paid to NatWest (the Defendant) through an intermediary bank in the US. As is common with such transfers, it involved each bank in the chain adjusting their balances and "netting off" sums against one another.
On 30 October 2018, the US$5 milion was credited to the fraudster's NatWest account. The same day, six payments were made out of that account totalling US$667,287.51.
On 31 October at 10.10am, the Defendant received an alert from its fraud detection software and the account was suspended. However, the Defendant reviewed the user activity, concluded that there was no suspicious activity and reversed the suspension, following which further payments were made from the account totalling some UD$4.3 million.
A further alert was triggered at 1.04pm the same day and the account was again suspended. The second alert was subsequently reviewed and reversed by the Defendant.
On 1 November, the Defendant was notified that payment had mistakenly been made to the fraudster's account, but the Defendant failed to act in time to stop a final payment being made out of the account.
By that time, the US$5 million had been dissipated all over the world. The Claimant was eventually able to trace and recover only US$600,000 of the US$5 million.
The Claimant sought restitution of the lost funds from the Defendant on the basis that:
- The Defendant's internal fraud detection practices were deficient;
- The Defendant had sufficient awareness of the fraud that its receipt of the monies could be deemed "knowing receipt" of trust property in breach of trust, which imposes on the bank a duty to account as a constructive trustee for the funds received;
- The Defendant was enriched at the expense of the Claimant; and
- It would be unjust to deny restitution to the Claimant.
The Defendant denied any such liability in restitution.
Both parties adduced expert evidence on the adequacy of the Defendant's fraud detection practices.
While it was noted that the review of the second fraud alert had been conducted incorrectly by the Defendant, Bird J nevertheless noted that the Defendant's internal practices were geared towards protecting the account holder from fraud, rather than towards identifying fraud perpetuated by an account holder, which made it less likely that the fraud could have been discovered by the Defendant even if the correct process had been followed.
Bird J then turned to the issue of the Defendant's knowing receipt of funds received in breach of trust. This is an equitable principle which deems that, where assets are received that are known to be received in breach of trust, or where the recipient's state of mind is such that it would be unconscionable for them to retain the benefit of the receipt, the recipient becomes liable to account as a constructive trustee for such assets.
However, the Claimant's argument rested on the proposition that the transferred funds represented trust property "because the transfer itself was procured by fraud" . The Court was unpersuaded by this, as the Defendant had received the deposit for its customer and not for its own use .
For that reason, this claim failed.
The Judge then considered the claim for unjust enrichment, which required consideration of four main issues:
- Whether the Defendant had been enriched;
- If so, whether that enrichment had been at the expense of the Claimant;
- Whether the enrichment was unjust; and
- Whether the Defendant might avail itself of any defences, such as the defence that the bank had so changed its position since receiving the funds that it would be inequitable to order restitution.
The Judge's starting point was the principle in Investment Trust Companies v HMRC  UKSC 275, outlined at paragraph 41, that "the purpose of the law of unjust enrichment….[is] to correct normatively defective transfers of value, usually by restoring the parties to their pre-transfer positions."
The Court did not accept, therefore, that the question of whether the Claimant had suffered a loss was the correct starting point for this analysis, since "the function of a restitutionary remedy is not to compensate for a loss" [110d].
The Court held that whether or not there had been a "transfer of value" to the Defendant was not straightforward in this case, where the transfer of funds itself was effected by a series of transactions that required the adjustment of balances between various banks.
On close analysis, the Judge noted that the funds might have been said to be transferred to the Defendant by at least three parties . The Judge therefore concluded that the series of transactions making up the transfer had been too indirect to constitute a "transfer of value" from the Claimant to the Defendant.
Significantly, the Judge found the Claimant had acted reasonably in the circumstances, since the email requesting payment had been sent from the GFD's real TCM email address, which had been hacked, and that the enrichment had therefore been unjust.
However, while the unjust enrichment claim failed in any event on the basis that there had been no proper "transfer of value", the Judge concluded it would not be just to order restitution notwithstanding this on the basis that, despite some failings on the Defendant's part, "the Bank's conduct at no stage was such that it would be unjust to permit it to rely on the defence of change of position" .
In considering the Defendant's conduct, the primary distinction that the Judge drew between this and other cases was one of time.
In essence, the longer the period following which a bank is notified of fraud and takes no action to prevent payments being made to a suspected fraudster, the less likely the Court is to be persuaded that restitution should not be awarded because the bank has changed its position.
In this case, had the Defendant acted sooner after being notified of the fraud, it could only have prevented the final payment of £30,000 being made from the fraudster's account, and the Court held the Defendant was in any event entitled to "proceed on the basis that its customers operate legitimately" .
For that reason, the Defendant was, in the alternative, entitled to rely on the defence of change of position, and the Claimant's claim was dismissed.
This case serves as a cautionary reminder of the limits of a claim in restitution, particularly since the Judge concluded the Claimant had behaved entirely reasonably in assuming the payment request it had received from TCM was legitimate, but its claim for unjust enrichment against the Defendant failed nonetheless.
The Court found overwhelmingly in the bank's favour, rejecting the Claimant's arguments that the bank ought to have had systems that could detect fraud in real-time, noting that, if accounts were monitored in real time and frozen whenever there was suspicion of fraud, this itself might tip-off the customer .
In reaching this conclusion, the Court scrutinised the Defendant's response to each of the fraud alerts in a depth of detail and the conclusions drawn illustrate valuable lessons for parties who may need to make such a claim in restitution in due course:
- The more direct a payment is, the better: The fewer banks that are involved in a transfer of funds, the more likely that transfer is to be deemed a "transfer of value at the expense of the Claimant";
- Timing is key: The sooner a bank is notified that a payment has been made by mistake, the less likely they are to be able to avail themselves of the defence of change of position in due course; and
- Banks are permitted to give their customers the benefit of the doubt: Serious internal failures of anti-fraud compliance are likely to be needed to establish a claim for unjust enrichment against a financial institution.
It appears the Courts are unwilling to allow the equitable principle of unjust enrichment to protect a victim of fraud who has mistakenly transferred money to an unwitting recipient bank, unless there are substantive failures of process by the bank that might prevent the bank from relying on the defence of change of position.
Given the increasingly sophisticated nature of phishing scams and the need in turn for increasingly sophisticated systems to identify fraud, it will be interesting to see if the Court's approach towards such cases continues in the future.
This article was authored by Fieldfisher dispute resolution associates Suzanne Loding and Bhavul Haria.
Sign up to our email digest