Commercial Update 100: What Obligation Do Banks Have To Protect Their Customers?

In the world of financial transactions and banking, trust is paramount.

Customers rightly rely on banks to protect their funds and assets, and banks, in turn, have a duty of care towards their customers.

This includes a duty is known as the “Quincecare duty,” a legal principle that places a significant responsibility on banks to detect and prevent fraudulent activities on their customers’ accounts.

This derives from the 1992 case of Barclays Bank plc v. Quincecare Ltd and arises from the special relationship between banks and their customers. Customers trust banks to act as their agents and exercise reasonable skill and care in handling their accounts. While the duty was initially applied in the context of corporate customers, its principles have been extended to cover individual customers as well.

The reason for the mention of the Quincecare duty is that it had been thought that it applied to cases where a bank has received instructions to make a payment from a customer’s account. If there are reasonable grounds for the bank to suspect that the payment is fraudulent, the bank must take reasonable steps to investigate the transaction further.

However in the case of Philipp v Barclays Bank UK PLC in June this year, the UK Supreme Court has concluded that the bank here did not owe its customer a duty not to carry out a payment instruction if the bank has reasonable grounds for believing the customer is being defrauded. In the case, which involved authorised push payment fraud (which occurs where fraudsters deceive a customer into authorising a payment from the customer’s account to one controlled by the fraudster), the Court concluded that this duty did not apply here as the customer had unequivocally authorised the bank to make the payment and the bank therefore had a duty to execute the transaction.

In conclusion, the Court clarified Quincecare as part the general duty of care owed by a bank to ascertain and act in accordance with its customer’s instructions, but subject to the caveat above.

There was also an unresolved issue about the scope of any duty to attempt to claw back payments when a customer reports a fraud. The Court refused summary judgment on this point in Philipp, such that it is now a matter for the first instance court to decide at trial. Customers should also note the recent passing of the Financial Services and Markets Act 2023, which provides a framework for banks to reimburse victims of fraud in qualifying cases under the Faster Payments Scheme. In practice many future victims of fraud may end up going to that legislative framework, rather than seek redress for breach of any contractual or common law duty owed by the bank.

Regards, Roger