A client of a bank carries out investment activities without having the required permits. Investment fraud is committed whilst the bank is not aware of it. The bank does not conduct any further investigation into its client's payment activities, even though the activities are cause for suspicion. Is the bank doing something wrong?
Duty of care
Banks fulfill an important function in our society. Based on established case law of the Dutch Supreme Court, banks are subject to a special duty of care towards their clients due to their function in society and their position as a professional service provider with specific areas of expertise. The duty of care is relevant in any type of contractual relationship between the bank and client, whether based on the granting of credit, the rendering of payment services, or the issuing of a bank guarantee.
It should be borne in mind that under Aruban law a bank must always act in accordance with its duty of care, irrespective of whether the client is a consumer or a professional party. Therefore, a claim by a professional party based on a breach of this duty by the bank is possible, although the duty of care is less far-reaching. In addition, a bank can be held liable for breaching its duty of care under civil law despite having complied with the regulatory rules. In contrast to a number of other jurisdictions, under Aruban law a bank has a duty of care not only towards its clients but also, under certain circumstances, towards third parties.
Third parties who believe that they suffered losses as a result of the activities of an Aruban bank can hold the bank liable. Third parties cannot rely on the rules of the contractual relationship but must base their claim on the doctrine of a wrongful act. This is explained further in case law of the Supreme Court.
The ‘Safe Haven’ judgement
In the Safe Haven judgement of December 23, 2005 the Supreme Court recognized the duty of care of banks toward third parties. In this judgement, the Dutch Supreme Court ruled that the bank violated its duty of care by not carrying out any further investigation once it had realized that one of its account holders (Safe Haven) performed investment activities without the required authorization. Safe Haven thus acted in violation of the financial supervision legislation, which aims to protect the interests of third parties (investors). The Dutch Supreme Court deemed that banks have a social function to serve not only their own clients but also society. A consequence of this social function is the existence of a special duty of care toward third parties who are not clients. It follows from the Safe Haven judgement that when a bank becomes aware of possible criminal activities on the part of a client, such as embezzlement or fraud, the bank may be required to investigate the matter further and take other appropriate measures, failing which the bank runs the risk of liability towards third parties.
Banks are required to take the reasonable interests of third parties into account on the basis of a so-called social standard of decency or standard of normality, an “open standard” in Aruban law. In the case of an open standard the outcome of a possible court case is not easy to predict. Every case is different, the judgement of the court depends on all the facts and circumstances of the case. The Dutch Supreme Court does name certain factors that play a role in the judgement. The standards of supervisory bodies and regulations relating to financial products can play a role. Guidelines relating to prevention of money laundering and terrorism can also be taken into consideration.
Moment of origin
In a judgement of the Court of Appeal of The Hague, the duty of care of the bank towards third parties was explained even more broadly. In it, the court ruled that the bank breached its duty of care towards third parties because it did not carry out any further investigation into the payment activities of its client, whilst it should have known that the activities were in violation of the law. The Court of Appeal thus goes a step further by concluding that it is sufficient for establishing liability of the bank that it should have realized that unlawful activities were taking place and that it is not necessary for liability that the bank actually realized that unlawful activities were taking place.
In 2015 the Dutch Supreme Court issued a judgement in which it gave a more detailed formulation of the duty of care: “The social function correlates with the fact that banks play a central role in the payment- and stock market traffic and related services, in those areas that are pre-eminently specialized and require possession of relevant information that others do not have. This function justifies that the duty of care of the bank also extends to protection against levity and lack of knowledge and is not limited to care for persons who are clients of the bank in a contractual relationship.” This description provides new starting points for victims of fraud and scams who wish to hold a bank liable for a lax attitude when it comes to making payment facilities available to a fraudulent client.
The judgement of the Dutch Supreme Court from 2015 makes it clear that banks in Aruba are obliged to monitor the payment traffic of their own clients and that, if necessary, they must intervene in case of a reasonable suspicion that the client is violating the interests of third parties.
The above judgements show that in principle banks also have social responsibility towards third parties. Whether a bank can be held liable for damage always depends on the circumstances of the case. In case of irregularities on accounts, the bank would be well advised to investigate and to, if necessary, take action against the client or even towards third parties. Especially if these activities are in conflict with financial supervisory laws, the bank is subject to a duty to investigate and / or an obligation to warn towards third parties. This duty of care is therefore possibly the reason why local banks are so proactive in obtaining information and asking questions regarding transactions and activities on your bank account. They are not to blame, it is a legal obligation that contributes to compliance with their many responsibilities. An interesting aspect is the question how to deal with privacy rules that are also applicable to banks.