Banks Cannot Be Held Liable For Cyber Frauds Where The Fraud Occurred Due To Negligent Acts Of The Complainant: Goa State Commission
The Goa State Consumer Disputes Redressal Commission has held that HDFC bank cannot be held liable for cyber fraud when the said fraud happened due to negligent acts of the complainant. A coram of Officiating President Mrs. Varsha R Bale and Member Ms. Rachna Gonsalves expressed concerns regarding the increase in cyber frauds and emphasized on the need to have a robust...
The Goa State Consumer Disputes Redressal Commission has held that HDFC bank cannot be held liable for cyber fraud when the said fraud happened due to negligent acts of the complainant. A coram of Officiating President Mrs. Varsha R Bale and Member Ms. Rachna Gonsalves expressed concerns regarding the increase in cyber frauds and emphasized on the need to have a robust digital infrastructure for detecting such fraudulent acts.
Brief Background:
The complainant is an account holder with HDFC bank and was due to receive a reimbursement amount from MAKE MY TRIP application for cancellation of a ticket. On not receiving the amount, the complainant contacted the customer care of MAKE MY TRIP. The call was answered by a representative who asked the Complainant to download “Any Desk” application on the mobile phone. The complainant followed the instructions and shared all details and code with the representative. Subsequently, monies amounting to Rs. 35000/- was debited fraudulently from the complainant's account by way of HDFC Net Banking. The complainant immediately raised the issue with HDFC bank which blocked the bank account. Thereafter a complaint was also registered with HDFC which was closed by the investigating team of the bank. The complainant sent a legal notice against the said closure of complaint and non-redressal of the issue. Since no satisfactory response was received by the complainant, a consumer complaint was filed with the consumer forum seeking appropriate compensation.
“ANY DESK” is an application which authorises a person to take control of your mobile or laptop when once the code displayed on the application is shared with that person. The person is able to operate your device and carry out any sort of activity on your behalf.
The district commission allowed the complaint and held in favour of the complainant by granting certain reliefs. The said decision was appealed by the bank to the Goa State Consumer forum.
Contentions of the Bank:
The bank stated that the grievances should be raised by the complainant against MAKE MY TRIP. Since the complainant authorized a third party to carry out the said transaction, there is no deficiency in the banking system. It was argued that the complainant has breached all the safety norms for Net banking by sharing the OTP and other banking credentials for which the bank cannot be made responsible.
Observations:
The observations of the bench are as under:
- As per RBI circular, the bank took all appropriate precautionary measures from its side by suspending and blocking the bank account of the complainant immediately on receiving the information.
- Where the complainant was not familiar with the working of the application and still gave control to a third party to all internet banking credentials, banks cannot be made liable in such situations.
- The complainant has flouted all safeguards provided for Net Banking and has acted with negligence. Hence, the decision of the district commission was set aside and the appeal was allowed.
The bench further highlighted the crucial role played by banks in today's age where cyber frauds are on the rise. Further emphasis was laid on the need to have a digital and cyber infrastructure for detection of these frauds and protection of customers.
Name of the case: HDFC bank vs Fawia Menezes Mesquita
Case number: First Appeal 27 of 2024
Date of decision: 28.11.2024