Update (6/7/19): We had the pleasure of wiring millions of dollars to clients this week and, while at the bank initiating the wire transfer, we noted a new filing in the bank-wire fraud case described below.
This made our transaction a bit more nerve-wracking than it otherwise would have been.
The question the bank is tackling: if an authorized person of a banking customer orders the bank to transfer money AND (hypothetically) the bank does not have commercial reasonable security procedures, who’s liable for a fraud loss? According to the bank (and the many cases on which it relies), the customer bears the loss. Executing the demand of an authorized person insulates the bank from liability for the transfer, according to the bank regardless of any evidence of the bank’s security procedures (or lack of them).
Quoting a law review article, Fifth Third points out: “The principle is fairly simple: The bank bears the loss from external fraud; the customer bears the loss from internal fraud.”
But, in a “man-in-the-middle” fraud such as this, is the fraud external or internal?
Update (May 24, 2019): When a fraudster scams a bank customer, when is the bank responsible for the customer’s loss? When is the customer responsible?
Update (April 5, 2019) (under the headline: “The Smell of Fear”): We have covered Upsher-Smith vs. Fifth Third Bank for a while now (see below) and it is looking like trial may be coming soon (or not). It seems that the prospect of trial is quite disturbing to the defendant Fifth Third Bank, which appears desperate to avoid trial feeling strongly that the claims against it should not have survived summary judgment.
Plaintiff Upsher-Smith, represented by hard-chargers from one of the preeminent Minneapolis civil litigation firms, Anthony Ostlund Baer & Louwagie, are pushing hard against what it characterizes as Fifth Third’s attempt to delay the day of reckoning.
Chief Judge John R. Tunheim (D. Minn.) promptly rejected Fifth Third’s motion for reconsideration or, alternately, for interlocutory appeal this week.
The issues in this case are quite fascinating but, as we discuss below in this thread of posts, we have been somewhat limited in researching the case because much has been filed under seal. But that makes sense. The case is about an internet-related scam of multiple millions of dollars. Presumably internal bank safe-guards and other related information is best kept secret. On the other hand, apportioning legal responsibility between the various actors is of great public interest. We will continue to follow the case, hobbled though we are by the sensitive subject matter involved.
Update (July 9, 2018) (under the headline: PRACTICE POINTER: VERBOSITY KILLS): “Why say something in three pages when you can say it in 30 pages?” is one of our oft-repeated go-to jokes about the work product of many lawyers (and some judges).
We heap derision on our fellow lawyers: they were vaccinated with a phonograph needle (which only old people now understand)…they own stock in paper companies, etc., etc.
We once sat before a federal judge who stacked all of the submissions on cross-motions for summary judgment in a case on his desk in his chambers and said to trial counsel (with apparent sincerity): “Why should I take all of the time to read all of this? It would be faster just to have a trial.”
He also said, “This case should settle today and it should settle for $XXX,XXXX.00.”
Lo and behold, it did settle for that amount (the next day).
The point: your client faces a serious challenge if you cannot say quickly and clearly why your client should win on summary judgment. If you don’t take our word for it, consider the sage wisdom of Minnesota preeminent trial lawyer Richard Ostlund quoting then retired Minnesota Supreme Court Chief Justice Bob Sheran.
In the case described below in which Mr. Ostlund represents Plaintiff Upsher-Smith Laboratories, Upsher-Smith got tricked and lost about $37 million in an internet scam. Some foreign evil-doer(s) posed as the company’s CEO and sent orders to a now former Upsher-Smith employee to wire money for bogus foreign exchange trades. Upsher-Smith’s bank, Defendant Fifth Third, received the wiring instructions and acted upon them. The issue is whether Fifth Third should be liable for Upsher-Smith’s $37 million loss.
Playing the devil’s advocate on Fifth Third’s request for more pages to make its summary judgment case, word count limits are arbitrary, are they not? And few of us know the details of international wiring or banking processes, which presumably have to be explained to the Court. Further, Minnesota Litigator (and most of our readers) don’t have detailed knowledge of the claims in the Upsher-Smith case. We don’t know the number of counts, the number and complexities of state law, federal law, the interaction with multiple layers of banking laws, regulations, regulators, etc. etc Fifth Third must explain all of this to the Court.
And further, the case does involve a lot of money. Shouldn’t Fifth Third be allowed to make its best arguments and use its best judgment on the length of its summary judgment brief? Let’s not prejudge the merits of Fifth Third’s request for 10,500 more words in addition to the 12,000 allowed by our federal district court’s local rule.
Nevertheless, in the end, remember: “de maximis non curat lex.” This is an expression we have just coined for which we propose this translation: “The law does not care for wind-bags.” And one more neologism to express the same warning: “Caveat loquax.” (“Windbag Beware.”)
Update (December 1, 2017) (under the headline: Getting Government Information on Internet Criminal Activities to Defend a Civil Lawsuit): When a federal agency refuses to share information with a civil litigant who claims a need for the information to defend a lawsuit by another non-government litigant, what is a court to do? Let’s say the agency invokes the “the investigatory files privilege”? Is that the end of the inquiry? Can the private litigant drag a federal agency into court? Into which court? Under which law? Does the agency have to substantiate that confidentiality claim? With what kind of evidence? And how much evidence?
What degree of deference does the court owe to the agency’s confidentiality decision?
Surprisingly, courts across our federal system answer these questions inconsistently and the U.S. Court of Appeals for the Eighth Circuit has yet to weigh in.
The decision seems correct in analysis and outcome. In particular, the defendant bank, Fifth Third, wants federal investigator notes of the duped bank employee’s interview but Fifth Third appears not to have bothered to seek out and depose the employee. The bank suggests that the witness might not remember things as she did in her initial interview and Judge Bowbeer fairly points out that this requires some speculation. Furthermore,
Upsher-Smith alleges, among other things, that Fifth Third Bank violated its contractual obligations by executing the foreign currency wire transfers at the direction of a single employee at the company and thus breached its duty to obtain approval from at least two employees prior to executing such trades.
If, in fact, the bank agreed by contract to have “double approval” of foreign currency transfers, presumably (1) it has a record of this contractual obligation; and (2) it has a record of whether it met this obligation.
Original post (9/25/2017): Upsher-Smith Laboratories got tricked and lost about $37 million in an internet scam. Some foreign evil-doer(s) posed as the company’s CEO and sent orders to a now former Upsher-Smith employee to wire money for bogus foreign exchange trades.
Upsher-Smith’s bank, Fifth Third, received the wiring instructions and acted upon them.
This kind of scam is more common than most people believe and a typical reaction among victims is to try to place blame or responsibility on one’s bank.
It comes down to who is “the least cost avoider“? Or, to put that into clearer English, who is in the best position to minimize the identified risk (here, financial fraud) at the lowest cost?
In most but not all cases, the answer is the financial fraud victim rather than the bank. When a client gives a bank wiring instructions and tells the bank to wire the money for a specified account (which banks do many times every day, of course), do we really want banks to have to vet the legitimacy of the underlying transaction? Isn’t the bank customer, whose money it is, in a better position to implement internal policies and procedures to prevent these scams (requiring verbal confirmation, requiring double-signatures, requiring supervisory approval for transactions over a certain $$ threshold)?
On the other hand, one can imagine scenarios where a bank might have to look past a veritable storm of red flags, where any reasonable banker would have reason to question the legitimacy of a transaction, and, under those circumstances, presumably the bank would be the “least cost avoider”? One can imagine cases where banks, being relative experts in the transfer of money, could give bank customers (many of whom are unsophisticated and vulnerable) some basic pointers to avoid being scammed (and, if the banks fail to provide the pointers, the banks would be liable)?
The Upsher-Smith case has an added level of complexity because the bank involved, the bank being sued, seeks discovery of the federal investigation of the scam. The feds have not been forthcoming. Why, you might ask? Are the feds in cahoots with the thieves? Of course not.
The issue is that **************** is the ************ for *********** because****************.
In other words, the U.S. government’s response to Fifth Third Bank’s motion is heavily redacted so Minnesota Litigator is at a loss to evaluate the argument. Nevertheless, the government’s brief is an interesting and valuable exposition of the ways the litigants can (or cannot) get information from the government when the government is not a party.