In TONY ENTERPRISES vs RESERVE BANK OF INDIA,WP(C).No.28823 OF 2017(C) and CHERIAN C.KARIPPAPARAMPIL and MINDSTRONG HR SOLUTIONS vs THE RESERVE BANK OF INDIA, WP(C).No.28824 OF 2017, appeal was filed before the Kerala High Court by Tony Enterprises and Tony Lites, a proprietary firm and a partnership firm respectively, both of which have a cash credit account at Chittoor Road branch of Oriental Bank of Commerce while in the second matter,
On 8th June, 2017, Mr.Tony Davies came to realize that a total amount of Rs.16,25,000/- had been unauthorizedly transferred from the accounts of the petitioners by way of online transactions effected through the online banking app of the Bank. The registered mobile number of Mr.Tony Davies had become dysfunctional on 6th June 2017 and he had approached the service provider, M/s. Idea Cellular on 7th June 2017 to enquire regarding the same. He was told by the representative of M/s.Idea Cellular that his number had become dysfunctional as a duplicate SIM card had been issued in respect of the number on 6th June 2017 upon the request of a person who had fraudulently represented himself as Mr.Tony Davies. Upon subsequent restoration of network services after re-issuance of a duplicate SIM, he reaslised that such amounts had been unduly transferred to several accounts from the bank accounts of the petitioners.
In the second matter, The first petitioner has overdraft facility account with South Indian Bank and the second petitioner has a current account with HDFC Bank. The petitioners had also availed the online banking facility of the Bank, the alerts in respect of which would be sent and were linked to the mobile number of the first petitioner who is also the Managing Partner of the second petitioner-firm. On 28th April 2017, Mr.Cherian came to realize that a total amount of Rs. 23,00,000/- had been unauthorizedly transferred from the accounts of the petitioners by way of online transactions effected through the respective online banking apps of the Bank. Mr.Cherian's registered mobile number had become dysfunctional on 25th April 2017 and he had approached the service provider, M/s BSNL Telecom on 27th April 2017 to enquire regarding the same. He was told by the representative of M/s BSNL Telecom that his number had become dysfunctional as a duplicate SIM card had been issued in respect of the number on 25th June 2017 upon the request of a person who had fraudulently represented himself as Mr.Cherian by furnishing ID proofs belonging to him. Upon subsequent restoration of network services after re-issuance of a duplicate SIM, he realized that such amounts had been unduly transferred to several accounts from the bank accounts of the petitioners.
Both petitioners sought a declaration to the effect that they have zero liability in the light of the Circular issued by the Reserve Bank of India. The petitioners also sought a direction to the bank to make good the loss suffered by them.
Banks took the stand that the login ID, password and telecom number are only known to the petitioners and that without laches on their part, others cannot operate their account. The Bank further states that all the transactions were initiated and completed upon proper validation of customer credentials. It is their case that a one time password was generated through the mobile number linked with the account and that the transaction was validated upon furnishing the one-time password (OTP) so generated through the system. It is also stated that all fund transfers were authenticated through the OTP which was also sent to the email addresses of the petitioners as well.
BSNL being the telecomm operator of the second matter stated an individual claiming to be Cherian C. Karippaparampil the writ petitioner in W.P.(C).No.28824/2017 approached the office of BSNL on 27.4.2017 for replacement of SIM. The individual concerned apparently also produced his original driving licence and handed over the Xerox copy of the driving licence to obtain the duplicate SIM card.
The investigation by police reveals a case of SIM swapping and identity theft.
The Reserve Bank of India issued a master circular dated 6.7.2017 protecting customers in unauthorised electronic banking transactions, wherein it has been stated that a customer has zero liability when there is contributory fraud/negligence/deficiency on the part of the bank (irrespective of whether or not the transaction is reported by the customer) or when third party breach whether deficiency lies neither with the bank nor with the customer but lies elsewhere in the system and the customer notifies the bank within three working days of receiving the communication from the bank regarding the unauthorised transaction.
The court observed that banking transaction is both contractual and fiduciary. The bank owes a duty to the customer. Both have a mutual obligation to one and another. The bank, therefore, is bound to protect the interest of the customer in all circumstances. The technology as adverted has its own defect. Online transactions are vulnerable. Whereas a 'disputed transaction' in this context has to be understood as a transaction prima facie tainted by fraud. Classifying transaction as such would depend upon the nature of allegations and investigation carried out in this regard. Referring to KERR On the Law of Fraud and Mistake 7th Edition, the court observed that no man is bound by a bargain into which he has been induced by fraud to enter, because assent is necessary to a valid contract and the transaction so induced is not void but only voidable at the election of the party defrauded. Classification of such transaction must be with reference to the events identified by the RBI. That means the very validity of the transaction is at stake. A mere challenge made by the customer would not be sufficient. If such a challenge is supported by the report of an independent investigation pursued by the Police or other such agencies, that would prima facie establish that it is a 'disputed transaction'.
The bank has a remedy by way of filing a civil suit for claiming the loss suffered in the transaction and to recover it from the person responsible. In common law jurisdiction fraud is a tort and considered as a civil wrong. It is also a penal offence under the relevant statutory provisions.
Referring to London Joint Stock Bank, Limited v. Macmillan and Arthur [1918 AC 777] and Bihta Co-operative Development and Cane Marketing Union Ltd. Vs. Bank of Bihar [AIR 1967 SC 389], Canara Bank vs Canara Sales Corporation & Ors [AIR 1987 SC 1603] & Bank of Bihar [AIR 1967 SC 389], the court decided that in the present case, the police investigation prima facie established that fraud has been committed and there is nothing on record to establish any connivance on the part of the petitioners. The police investigation also would reveal that the accused obtained duplicate SIM cards by using fake identity cards. In such circumstances, the transactions can be treated as 'disputed transactions'. These transactions would fall within the sweep of zero liability as referred to in RBI Circular. The remedy of the bank in such circumstances is to approach the civil court and recover the amount from the persons who were responsible for such transactions.
Comments
Post a Comment