Notesale: Turn your study into money

Document Preview

Extracts from the notes are below, to see the PDF you'll receive please use the links above

---

Problem Question - Etridge Protocol
Question 7
Dan opens a current account and a savings account at Bank A
...
Advise Dan
and his wife
...
Bank A’s efforts to
trace the funds have failed
...
Dan is convinced that he is entitled
to get a refund of these funds
...
Dan’s wife agrees to sign a
mortgage at Dan's request
...
The meeting was conducted in Dan’s presence
...

3) Dan fell victim to an authorised push payment fraud,
perpetrated by a third-party fraudster
...
Attempts to recall the
funds that had been transferred were unsuccessful and Dan
wants to sue his bank claiming that it owed him a duty to
observe reasonable care and skill in and about executing his
Instructions
...
Dan remembers from the Banking Law module that his bank is not entitled to
do so
...
The airline goes insolvent, and Dan is
worried that he lost his £2000 and will not be able to go on
holiday this year
...

6) Dan gives his debit card to his colleague at work so that he
can buy him a much-needed coffee
...

Dan is not sure what his rights are
...

1)
This transfer is governed as a payment instrument Payment Services Regulation 2017 (PSR)
through Reg 2
...
A payer may no longer revoke a credit transfer
once that payment instruction has been received by its bank, unless the bank agrees to its
revocation (Reg 67(3))
...

As a sort code is a unique identifier (Reg 2), a payment made in accordance with the unique
identifier will be deemed to be correctly executed (Reg 90(1))
...
Furthermore, the bank will be justified in charging Dan a fee if his
framework contract has expressly agreed to it (Reg 90(2)(b))
...

2)
Since Dan’s wife is the sole person signing the mortgage and thus is the sole customer in
transaction with the bank, if she was under undue influence from Dan - the contract will be
prima facie be set aside
...
As the
facts mention no animosity between the couple, an argument of presumed undue influence
could be made
...
Presuming the relationship is evidenced, the second step requires a
transaction that places the bank on inquiry that there is a risk of undue influence
...
These analogous facts suggest presumed
undue influence is present here
...
Upon proving they gave the surety

the opportunity to select a solicitor, provided the solicitor with necessary info, put the surety on
notice that the document will prevent revocation of consent and received written communication
of her acceptance - they will have fulfilled the protocol
...
The
entire purpose of the protocol is to allow the surety the opportunity to ask questions and make
statements freely (Etridge)
...

3)
Dan is attempting to rely on an implied contractual duty to exercise reasonable care in
complying with the customer’s mandate
...

With no signs for suspicion - there is no breach of a duty of care here
...
Leggatt LJ explained in para 59 that a customer’s instructions in APP
fraud are not dishonest attempts by a third-party to misappropriate money on behalf of the
customer
...
Only where an ordinary prudent banker feels an agent may be trying
to defraud the customer, is a bank under duty not to follow instructions until confirming with the
customer (Quincecare [376], Philipp [97])
...
The FSMA 2023 amends regulation 90 of the PSR 2017, creating automatic
reimbursements for APP over the Faster Payments Service
...
Dan’s sending to two accounts will not
disallow him from claiming, multi-step fraud involving more than one payment will also be
covered under the new Special Direction
...
If not, Dan will have no recourse to reclaim the funds
...
If Bank A and the payee bank follow the CRM
Code, they will each reimburse Dan 50% of his total loss
...

4)

Banks have a common law right to combine customer accounts where the customer is unwilling
or unable to repay the overdraft in one account, despite the other being in credit
...
However, this is set to certain limitations
...
Secondly, if Dan had made a special purpose for the deposit known to
the bank, it would limit their right to offset the overdraft
...
Thirdly, if the account
was opened to be held beneficially for a third-party, a bank would not be allowed to offset
(Bhogal v Punjab 1988)
...

5)
Dan is an individual (s 189 Consumer Credit Agreement 1974) utilising a credit-token (s14(1)
CCA) in a credit-token agreement (s14(2) CCA)
...
Therefore the CCA
1974 will apply
...
Section 75(1) will hold the supplier, in this case the airline, and the creditor, Bank A,
jointly and severally liable to the debtor, Dan
...
If the return ticket was priced as one item on a receipt or
if they were priced as two one way tickets with each valued at over £100, Dan would be entitled
to a full refund from Bank A as the creditor
...
This
is because s75(3)(b) would exclude him from accessing the s75(1) remedy for not being in the
£100 -£30,000 price range
...
Instead,
its payment instrument status under Reg 2 of the PSR will apply the latter
...
Dan should
notify his PSP, without undue delay upon being aware of the shopping spree (Reg 74(1))
...
Dan would likely be
excused from paying up £35 for his losses incurred from unauthorised payment transactions
(Reg 77(1)) of his misappropriated debit card
...

Unless, the unauthorised payment was done through a payment initiation service provider, in
which case, the payment initiation service provider would be liable for compensating the
unauthorised transaction (Reg 76(5)(b)) on request from Dan’s bank
...
This onus to prove Dan’s negligence in
complying with Reg 72 obligations would be on the bank as the PSP (Reg 75(4)) - if proven Dan
would shoulder all loss (Reg 77(3))
...
Additionally, there are no signs of
Dan’s gross negligence or delay in notification
...

7)
Banks must consider “fair” notices
...
Under the Reg 50(1), notice regarding
changes to existing framework contracts must be provided at least 2 months in advance
...
However, changes in
interest or exchange rates can be applied unilaterally without notice if agreed in the original
framework contract or are favourable to the customer (Reg 50(4)) - the former has likely
occurred as the rate has decreased
...
1
...
Taken in conjunction with
the breach of Reg 50 for appropriate notice, if Dan has suffered losses, he will be entitled to sue
under BCOBS Schedule 5 and FSMA 2000 s
...
In the FCA guidance FG18/7, it is said that
this is a test for the courts in applying the law - necessitating bank’s consideration of fairness
...
On this, FCA guidance has stated
that banks are not expected to give notices on interest changes due to it being commercially
sensitive information that would breach competition law (FG18/7)
...
(1998 words)
Introduction
In today's rapidly evolving technological and criminological landscape, the principles of
confidentiality and their qualifications outlined in Tournier hold greater significance than ever
before
...
Moreover, as artificial intelligence becomes increasingly
prevalent in banking, the interpretation of these principles will be pivotal in ensuring ethical
usage
...

Principles in Tournier
The court of appeal in Tournier laid out two principles (Stokes, Banker’s Duty of
Confidentiality…and the HRA, 2007)
...
This duty applies to all information gathered
during the bank’s relationship with the customer, even after the termination of the relationship,
and includes information sources outside the customer’s account (Atkin LJ, Tournier 1924
[485])
...
2) 1990 [281]), that arises upon receipt of confidential information that the bank knows or
has agreed is confidential
...
These exceptions are : (i) compulsion by law, such as being
compelled to provide evidence (s
...


This duty of confidence has been extended to non-bank financial institutions such as credit
unions and can possibly extend to other non-financial institutions (Bodnar v Townsend 2003)
...
Prior to Tournier, the duty of confidence was merely a moral one,
Tournier clarified the duty into one of legal character (Modestou, 2020)
...
The principles in Tournier have
essentially prevented banks from non-consensually selling or assigning information to
third-party actors - preserving the original purpose of the principle (Aplin et al
...
200,
381)
...
I agree with Modestou that Tournier’s own qualifications
have diluted the principle of banking confidence and will demonstrate this via current trends in
the banking system (Modestou, 2020)
...

Whereas the duty of confidence in Tournier merely required banks to keep customer banking
data private, data that existed in the form of physical paper at that time
...
Banks are now required (Art 19, Money Laundering Regulations 2007) to retain
consumer information for 5 years, and as data controllers under the DPA 2018, must comply to
uphold customers rights on all “personal data” - meaning any data that could identify a
consumer - wider than the duty in Tournier
...
Compounded, I agree with Walsh that this has expanded the scope of Tournier, the
principle of duty of confidence more burdensome
...

Furthering Walsh’s argument, I believe new ‘Open Banking’ policies such as the Payment
Services Directive II (PSD II) expand the scope of Tournier’s principles
...

While this technically means that consumers have better ownership of their data through the
right to select a third-parties for payment initiation - it places a reputational risk on the bank
whose customers are likely to blame for any rogue third-party’s data breaches and a confidence
risk by creating more access points of banking data
...
This is notably unfair on the

bank, the Nikita Aggarwal in Oxford Handbook on AI Governance 2022 notes that customer’s
will have cognitive limits in understanding data-gathering techniques and their self-management
can make them prone to marketing techniques (Aggarwal, 2022)
...

The Tournier principles are thus important because the duty of confidence under them has been
intensified not only by the proliferation of digital banking, but by incoming ‘Open Banking’
policies that increase data leak risks
...
Although the PSD II is a law under the
Payment Services Regulation 2017, and thus a bank would be able to rely on Tournier’s (i)
compulsion by law to justify disclosure, the increased burden and purpose of PSD II to
increasing FinTech reach is very different from the current compulsion by law qualifications
which are based around criminal acts and money laundering regulation
...
In the current era of financial technology the use of AI and
ML (AI that imitates human learning) has been increasingly used to personalise and automate
consumer financial services for banks
...

Further, ‘alternative data', meaning non-financial data, has been accumulated by banks such as
payments to streaming services, dating websites (Björkegren & Grissen, 2020), fitness plans
and how users interact with credit lender’s websites (Berg et al
...
These insights provide
inferences and predictions to consumer behaviour that third parties can derive from that data if
provided processing rights (Aggarwal, 2022)
...
168)
...

Hence, Tournier qualification (iv) as it stands, may allow banks to request one-off consent for
inferences and predictions gathered from alternative data to be distilled into values like credit
ratings
...
,
2020; Bartlett et al
...
As the use of AI is not regulated under the Lending Code
2015 and the GDPR does not extend to inferences and predictions taken from data (Wachter &
Mittlestadt, 2019), this leaves the Tournier duty of confidence to be more important than ever in
determining the scope of AI/ML usage and the sale of inferences and predictions
...
Under Tournier qualification (i) compulsion by law, banks are under a
series of obligations that have eroded the doctrine of secrecy regards to inquests by authorities
...
POCA’s definition of “criminal activity” encompasses any act as a criminal activity going beyond the EC Directive parallel (Walsh, 2016)
...
This radically changes the doctrine of secrecy of
the bank, and has changed the Tournier duty from a reactive duty, where it is justified to disclose
on inquest from an authority, to an ‘proactive’ duty where it must be forthcoming (T
...
This
is bolstered by the characterisation of ‘suspicion’ in s
...
Suspicion need not be a ‘reasonably'
held one, it is sufficient that it is ‘genuinely’ held (Hamblen J, Shah v HSBC 2009 [336])
...
The
increasing drive to enforce AML regimes have led to other compulsions by law, diminishing the
duty of confidence for authority inquests
...
9) and the
Director of the Serious Fraud Office where there is a serious or complex incident of fraud
(Criminal Justice Act 1987, s
...
Thus the Tournier principles have been more important than
ever due to AML regimes having exempted duties of confidence for governments
...
In 2020, after the G20 endorsed a ‘Roadmap for enhancing
cross-border payments’, the Financial Action Task Force identified data-sharing and
collaborative analytics to be critical for AML efforts
...
This initiative, if adopted by
all central banks that own the BIS, would cover the countries of over 95% of world GDP creating global system of banking data to shut down money laundering and terrorism finance
efforts
...

Admittedly, the UK already shares data through extraterritorial regimes with the USA (Foreign
Account Tax Compliance Act) for tax purposes - this caveats the UK bank’s duty of confidence
to its US customers (Godfrey, 2016) due to qualification (i) compulsion by law
...
The Tournier principles are thus more crucial than ever,
in being necessary to provide justification for AML regimes like Project Aurora
...
These principles have altered the duty as
new developments in banking continue, digital banking has intensified the difficulty of the duty in
regards to general third parties
...
Conversely, Anti-Money
Laundering regulations have eroded the duty in regards to government requests
...


Problem Question - CRA and PSR
Dan’s bank (Busy Bank) has issued him with a password for online
banking, a credit card and a debit card
...
Dan was tricked into sending money to a fraudster’s
account who impersonated a Busy Bank employee
...


While Dan cannot rely on CRA and PSR provisions because he authorised the transaction
himself, he can attempt to argue that the bank has breached an implied contractual duty to
exercise reasonable care in complying with the customer’s mandate
...
The Court highlighted the exceptional nature of a
duty’s breach and held that the fact that the bank knew of the fraudster’s gambling addiction
was not enough to require it to inquire into the withdrawals
...

Similarly, a Quincecare duty is unlikely to be breached in this instance
...
Therefore, the facts of

this case and the present instance should be assimilated to suggest that, as Dan himself have
the instruction, Quincecare duty does not extend to put Busy Bank on inquiry
...
As the transfer is
a payment instrument under PSR Reg 2, it will apply here
...
Therefore, as
the bank has already received and executed the instruction, Dan cannot rely on the PSR to
revoke the payment and return the funds
...
Dan wants to track his spending and understand what
he spends his monthly salary on
...
Dan is very
Disappointed
...
While this case concerned an instruction for a transaction,
an instruction to share information with a third party is likely to be similar in that it constitutes
part of the mandate given by the customer to the bank to process their personal and financial
details
...
Indeed, under Parry Jones v Law Society, a
bank-customer relationship enjoys an implied contractual duty of confidentiality
...
Thus, the information about Dan’s accounts is clearly protected by
confidentiality
...
Most relevantly,
confidentiality is restricted where the customer has given an implied or express consent to the
disclosure
...
Therefore, the bank is not bound by confidentiality and is not justified in refusing to
honour the customer’s mandate by sharing the information with the app
...
Dan decides not to think too much about spending and
buys a £10,000 holiday package
...
Dan does not want to go to court to resolve
the dispute
...
Therefore, this instance falls within CCA’s
remit
...
On the facts, the
holiday company is in contractual default by not providing the service
...

As Dan is unwilling to resort to litigation, he can file a complaint with the Financial Ombudsman
Service which provides quick dispute resolution for certain claims under FSMA s 225
...

d
...
Dan wants
to move his account to a different bank, but he thinks
that he will have to pay Busy bank high fees for
processing his request
...
As BCOBS Regulation 4
...
2 stipulates any change to T&C in the context
of retail banking service to the disadvantage of a banking customer should be accompanied by
reasonable notice to allow the customer to terminate their contract
...
Dan has the right to sue the bank for the breach and flowing
damages privately under BCOBS Sch 5
...
Because the fee is not part of the main subject matter of
the contract for provision of retail banking services under CRA s 64 (1), it will not be excluded
from assessment for fairness
...
As clarified in ParkingEye v Beavis,
good faith is likely to be satisfied where a party has legitimate interest in the term
...
As DGFT v First National held, fair and open dealing is an
important concept in fairness and implies a real ability to choose which is interfered with by the
fee
...

e
...
The company takes a £10,000 loan
from Busy bank
...
The bank manager claims that the FCA does not
regulate this type of activity
...
Therefore, the FCA
may refuse to take any action
...
Then, the bank would be bound by PRIN 2A
...
Arguably, mistreatment
would breach all of these obligations
...
Dan may file a complaint with FOS that extended their jurisdiction to
SMEs in 2019
...
As
was held in Henderson v Merrett, there can be tortious liability for negligence in provision of
financial services resulting in pure economic loss
...
The assumption of responsibility test in Henderson would be satisfied in the present case
because Busy Bank has undertaken to provide services to Dan
...
As mistreatment is likely to be a breach of this duty of
care, the bank would be liable to the SME in tort
...
Dan loses the debit card from his back pocket and
until he notices that the card is gone, someone
already uses it to buy products
...

However, PSR will apply to it because a debit card is a payment instrument under PSR Reg 2
...

Busy bank may object that, per Reg 77 (3)(b), the loss should be entirely shifted to the user,
Dan, due to him not complying with a user obligation with gross negligence
...
However, as the breach must
exhibit gross negligence, it is unlikely that this failure would be sufficient to shift the loss to the
user under Reg 77
...
As the loss is likely to be
detectable under Reg 77 (2)(a): it would suffice for Dan to just check his pockets to know of the
loss, Dan will be required to bear a loss of £35 pounds
...

g
...

PSR will apply under Reg 2 as this push payment is a payment instrument
...

Alternatively, even if the funds are still in Dan’s account, he may sue the bank for breach of
implied contractual duty to honour customer’s mandate found in Sierra Leone Telecomms v
Barclays Bank
...
Dan will be able to recover losses flowing from this breach including for injury to
credit, reputation, and profit following Kpohraror v Woolwich BS
...
Dan goes on holiday and leaves his credit card with his
flatmate, Alex
...

CCA applies because Dan’s contract with Busy Bank is a credit-token agreement under s 14 (2)
and his credit card is a credit token requiring the issuer to pay to third parties under s 14 (1)(b)
...


S 83 will exclude Dan’s liability to Busy Bank because his roommate did not act as an agent for
him, exceeding the custodial authority given by Dan
...


Essay Question - Tournier
The duty of confidentiality of today is not the same as the duty of
confidentiality in 1924 as reflected in the decision of the Court of
Appeal in Tournier v National Provincial and Union Bank of England
Discuss
...

- The right to confidence extends as far as the customer’s right to confidence, where a
customer can be compelled to reveal information, their bank can be as well (Gwendoline
Godfrey)
- Under English Law, the contract between a bank and its customer is ruled by the laws of
the country the account is kept, unless agreed otherwise
...

- As Lord Atkin stated in that case, the information which was gathered during a
bank’s relationship with a customer remains confidential even after termination
...

compulsion by law,
ii
...

the bank’s own interests
iv
...
For example, a customer
obtained damages when a bank inadvertently disclosed its customer's mark-up,
leading to the loss of a line of business
...
(Jackson v Royal Bank of Scotland
[2005] UKHL 3

Duty is the same
-

-

PROOF OF CALCIFICAITON OF EXISTING DUTIES
This is duty has been reinforced over the years through various legislation that protects
individuals processing and transfer of data - this has made the Tournier duty largely the
same in that private third parties are still unable to access consumer banking information
- More Generally there is a range of legislation that covers personal data relating
to customers and
- HRA 1998 The right to privacy is one of the basic human rights, in particular
when it comes to the financial affairs of individuals
...
g
...
This was followed by the GDPR 2018
...

-

There is also the Lending Code, a voluntary code of good practice that most
financial instituiotns in the UK have adopted, which relates to dealing with
individual customers and SMEs
- Bank’s compliance is monitored by the Banking Code Standards Board (t
...
Effectively, FATCA seeks to require entities outside the US to report
information to the US Internal Revenue Service (IRS)
- Because the UK is under an intergovernmental agreement (IGA) with the US, its
duty of confidence to US account holders and owners is caveated by the
obligation to report on these accounts due to FATCA (Gwendoline Godfrey)
- This shows that the duty is not the same as there is now extraterritorial
considerations that were not included in the Tournier qualifications
- Even if technically for the greater public policy of the UK ally, it drastically
expands the qualifications to the duty of confidence and erodes it as a
result
- Further, the UK also has agreements to exchange account information for the
Common Reporting Standard, for tax authorities to share information such as the
OECD and the EU Council Directive that implements the CRS Directive
2014/1014/107/EU Directive on Administrative Co-operation (DAC)

-

AML Regimes
- AML legislation aimed at preventing white collar crime, this was initially instigated
by an EC Directive and furthered by POCA
- POCA goes beyond the EC directive of the same topic with a broad
definition of “criminal activity” (T
...
Walsh) and
imposes specific reporting obligations on regulated persons such as
bankers, accountants and lawyers (S330 POCA)
- S330 imposes an express duty on bankers, as regulated persons, to
report any actual knowledge, or suspicion, or in circumstances where that
person has reasonable grounds for knowing or suspecting, that someone
- This heavily reduces the bank’s duty of confidentiality by changing the
Tournier duty from a reactive duty, where it is justified to disclose on
inquest from an authority, to an ‘proactive’ duty where it must be
forthcoming
- This is bolstered by the characterisation of S330 ‘suspicion’
...
It must be, at the very least, more than
merely "fanciful"
Other AML regimes have similarly affected banks,
- the police have powers to obtain information for the purposes of a criminal
investigation
...
)
- The Director of the Serious Fraud Office can require information to be
produced where there is a suspected offence that appears to involve a
serious or complex fraud
...
)

-

TECHNOLOGICAL DEVELOPMENTS
- The original Tournier duty of confidence was to merely withhold information of the
customer from the public, however the advance of technology has led banks to
act in a way where they must also record and hold memory of this information for
future law enforcement
- Walsh notes that the creation of electronic funds systems have caused greater
accessibility to banking, and hence more customer records than ever before and
a greater exposure of data to third parties
- Therefore regulations such as the Money Laundering Regulations has
required banks to retain information for a 5 year period
- This increases the duty of confidence to be a much higher burden on
banks who now require new tech to fulfil the Tournier duty
- This is especially considering banks also share with internet service providers,
under the Data Protection Act 1998, they must inform customers when personal
information is processed on it
- This leads to banks having to also take step to safeguard thei
- Level of maintenance is a lot higher

-

PUBLIC INTEREST EXPANDED
- Sunderland v Barclays
- Banks own interest, has expanded
- Can argue that this duty has expanded

-

CRA
-

Godfrey
- Credit reference agencies collect information on the creditworthiness of
individuals and then sell it to subscribers
...
Where the Lending Code
applies, it sets out the circumstances in which a bank may give
information to credit reference agencies
...
However, this will only
apply if a customer has agreed to these disclosures
...

-

Question 4
What is a bank? This is an important question to which there is no
clear answer
...

Question 5
The new consumer duty represents “a paradigm shift in the
regulator’s expectations of retail financial services in the UK”
...


Essay Question - AML
“The UK has a well-developed and robust regime to effectively
combat money laundering and terrorist financing”
...


Introduction

I will argue that the anti-money laundering regime is
-

Not well developed (well developed meaning clear and comprehensive for the
regulatees)
Not robust (robust means consistent and unfettered)
Not effective in combating money laundering

Not well-developed
Consider the primary offences and authorised disclosure regime in Proceeds of Crime Act
2002 (POCA 2002)
The definitions of suspicion and criminal property are too wide
S 328 POCA criminalises entering into an arrangement for a person which he knows or
suspects facilitates the acquisition, retention, use or control of criminal property by or on behalf
of another person
...
The suspicion does not have to be clear or
based on reasonable grounds
...

This uncertainty is evident in the statistics provided by the Law Commission: 15% of authorised
disclosures did not even meet the Da Silva suspicion test (Anti Money Laundering: the SARs
Regime by the Law Commission page 47)
Similarly, the all-crimes approach implies that any kind of crime will trigger the liability
...
(Laddie J’s opinion in Squirrell v National Westminster
Bank para 16)
POCA S 328 (2) (a)- provides a defence to the primary offence of arrangement where the
person made an authorised disclosure to a nominated officer and obtained appropriate consent
This is supposed to provide the authorities with intelligence

Lack of development leads to the regime being not effective
The extensive remit of the primary offences under POCA motivates banks to disclose as many
transactions as possible to shield themselves from liability, called defensive reporting
...

Not robust
The authorised disclosure regime also comes into conflict with other obligations of the bank
...
There, a client sued a bank for damages flowing from the failure to honour the client’s
mandate (carry out the instructions)
...
(Shah v HSBC para 35)
This conflict in bank’s obligations reveals that the AML is not robust meaning it’s not consistent
with the wider banking regulation framework and can produce results where a bank in
complying with its AML obligations branches a duty to their customer
...

The inconsistency with banks’ interests can be further considered with reference to the
obligation to conduct Customer Due Diligence in Reg 27 Money Laundering, Terrorist
Financing and Transfer of Funds Regulations 2017 (MLR 2017)
CDD is quite costly and time-consuming- one needs to verify the identity of the customer and
check the client’s beneficial ownership
...
The concerns to this end were voiced and argued to affect the
regulatees approach to compliance (The Challenges of Implementing Anti-Money
Laundering Regulation: An Empirical Analysis Illaria Zavoli and Colin King) This survey
also highlighted that one negative externality of CDD is lengthy transactions which will make
banks that comply duly with the CDD requirement will be less competitive in comparison to
banks with laxer approach, losing out on business
...
Very illustrative

example of HSBC being prosecuted by regulators for money laundering in US and being fined
for like (Wild, Stockton, Bureau of Investigative Journalism 2021)

How to fix this?
- The POCA should be reformed
...

Plus, the all crimes approach should be amended: authorised disclosure is only needed
in relation to serious crimes while the reasonable excuse defence in s 328 (2)(b) is
extended to cover not reporting the offence in relation to minor crimes
...

- Suggest that there need to be accessible tools for conducting CDD to shift the costs of
compliance from the financial sector
...
Note that the UK has a People with Significant
Control register for UK companies
...
This reveals that international cooperation is key to combating the
attempts to hide money laundering behind corporate veil in various jurisdictions
...
Therefore, this reform would reduce the costs of CDD so that banks
are more willing to carry it out
...
Dan also has
an online account with Bank A
...
His roommate sees the card and uses it to
buy products on Amazon
...

2) Not knowing that the credit card has already been used by
his roommate, Dan asks him to read him the card details
over the phone and he buys a flight back home with the
card
...


3) Dan then makes a bank transfer to his roommate’s account
to pay his half of the rent, but he makes a mistake in the
sort code and the money does not reach the payee
...

4) Someone tricks Dan into transferring a large sum of money
to an account
...
Dan also finds out
the these fraudsters are also customers of Bank A
...

5) Dan is very worried
...
The bank representative
really pushes the flexible rate mortgage but he does not
provide much information about it and Dan is not sure that
the product is suitable for him but he follows the advice
...
He remembers, however, that his
university tutor was talking about a new duty that can help
his case against Bank A
...
Since he is not using the card very
often, he only realises that he lost it after several months
...
He sends an email to Bank A and gets a
reply that it is too late to ask for a refund
...
Dan thinks that the bank breached again its duty
and that in any case, that information is not correct
...


Credit Card

Debit Card

CCA
PSR 2017

PSR 2017

1) Dan goes on holiday and leaves his credit card at home on
the kitchen table
...
Dan is not very happy and
demands a refund from Bank A
...

○ (1) The debtor under a regulated consumer credit agreement shall not be liable to
the creditor for any loss arising from use of the credit facility by another person
not acting, or to be treated as acting, as the debtor’s agent
...
S83 does not prevent the debtor under a credit-token agreement from being
made liable to any extent for loss to the creditor from use of the credit-token by a person
who acquired possession of it with the debtor’s consent
...

○ Note where PSR and CCA clash the CCA will prevail Reg 64 Dan will bear responsibility up to a maximum of £35 if the unauthorised use of the
payment card results from the card, PIN or other security features being lost, stolen or
misappropriated (77(1)
...

If it can be shown that the cardholder has intentionally or with gross negligence failed to
comply with these obligations - responsible for all losses incurred in respect of the card
(reg 77(3)
...

FCA interprets “gross negligence” to be a higher standard
than the standard of negligence under common law
...
” (Decision Reference DRN-4278942)
Conclusion - bank is obliged to refund
○ Dan retains this right as long as he notifies without undue delay no later than 13
months after the payments

2) Not knowing that the credit card has already been used by
his roommate, Dan asks him to read him the card details
over the phone and he buys a flight back home with the
card
...

●

●
●

Applying the CCA, Dan could claim against the airline under S75, any claim in respect of
misrepresentation or breach of contract, of a single item between £100 and £30,000
holds the creditor and the supplier jointly and severally liable to the debtor
...
He
wants Bank A to refund those funds, but Bank A says that it
was Dan’s fault
...

Under Reg 90 which governs incorrect unique identifiers, which a sort code can be
categorised as
If Bank A has executed the transfer in accordance with the sort code Dan has entered
then it has correctly executed the payment order and is not liable under Reg 92 of a
defective execution
Bank A does not have to refund – it must only make reasonable efforts to recover the
funds (reg 90(2)(a)) of which Bank A can charge Dan for any recovery efforts if specified
in their contract (reg 90(2)(b))
○ Bank A must cooperate with the unintended party’s bank to recover the funds
(90(3)), if unable to do so then Dan may file a written request for all relevant
information to recover funds
Direct debits can be revoked up to the end of the day
before funds are to be debited from the payers account,
unless the consent of both the payer’s bank and the
payee is obtained (reg 83)
...
It turns out that the fraudsters got hold of
the money and now Dan is out of pocket
...
Dan
thinks that Bank A breached its duty of care
...
Specifically, Section 72 of FSMA 2023 amends regulation 90 of the
Payment Services Regulations 2017 (PSRs) to enable liability to be imposed on
payment service providers where the order is executed subsequent to fraud or
dishonesty and is executed over the Faster Payments Service
...
The base rate is expected to go up and
he received a phone from Bank A to say that his fixed
mortgage is coming to an end and he needs to decide which
mortgage he would like to take
...
In
light of the rising interest, Dan is falling behind his
mortgage payments
...


●

Dan might argue that the Bank had a duty of care and had a voluntary assumption of
responsibility
...
The High Court, considering the spectrum of duties of
care that banks owe to their customers when selling financial products, held that
in certain circumstances banks owe customers a higher duty than simply not
misleading or misstating information – even if the relationship is not advisory
■ However in Thomas, the bank has voluntarily signed up for a banking
Business Banking Code (BBC) and had advertised its subscription to the
claimant customers
...
Since he is not using the card very
often, he only realises that he lost it after several months
...
He sends an email to Bank A and gets a
reply that it is too late to ask for a refund
...

● To retain the right to refund - notify without undue delay and no later than 13 months
after the payment (reg 74(1))
...

○ Note where PSR and CCA clash the CCA will prevail Reg 64 -

●

●

●

Dan will bear responsibility up to a maximum of £35 if the unauthorised use of the
payment card results from the card, PIN or other security features being lost, stolen or
misappropriated (77(1)
...

If it can be shown that the cardholder has intentionally or with gross negligence failed to
comply with these obligations - responsible for all losses incurred in respect of the card
(reg 77(3)
...

FCA interprets “gross negligence” to be a higher standard
than the standard of negligence under common law
...
” (Decision Reference DRN-4278942)
Conclusion - bank is obliged to refund
○ Dan retains this right as long as he notifies without undue delay no later than 13
months after the payments

7) Bank A shares information about Dan with Credit Reference
Agencies
...

Bank is under a duty of confidentiality, implied as a contractual term (GDPR and DPA 2018)
This is not limited to information from the customers account but in general (Tournier), as long
as Dan’s information was acquired during the relationship it should remain confidential
...

Due to the importance of CRAs managing business risk and incentivising responsible borrowing
(Jack Report) (World Bank)
- It could be justified under Qual 3 Interests of bank - as it allows it to be more
commercially advantageous
- Qual 2 - public interest : responsibility in lending
In this sense Bank A could be justified if they were disclosing default information with the CRA,
meaning standard details on creditworthiness
...
Barclays Bank the HL stated that : There is no
single test or touchstone that may be used to determine whether a defendant owes a
duty of care in respect of pure economic loss
...

Henderson v Meritt - PEL is fine
The duty to exercise a duty of care and skill is implied into the bank customer contract as
a matter of common law or section 49 of Consumer Rights Act

Question 9
‘Although banks are operated for profit and bankers are free to
make many decisions in their daily operations, banking is
commonly treated as a matter of public interest’ (K Spong, 2000)
...


QUESTIONS FOR LECTURE
Are conditions in CRA s 64 cumulative?



---