In Chavez v. Mercantil Commercebank, N.A., No. 11-15804 (11th Cir. Nov. 27, 2012), the Eleventh Circuit found that the parties did not have an agreed-upon security procedure so as to allow the bank to qualify for safe harbor under Article 4A of the Uniform Commercial Code, as enacted in Florida, and avoid liability for an allegedly fraudulent payment order.
In Chavez, the plaintiff alleged a fraudulent payment order was presented to a bank representative in-person by an imposter that resulted in the bank's transfer of $329,500 from plaintiff's account to someone in the Dominican Republic. Plaintiff’s account was subject to a Funds Transfer Agreement (“FTA”) which required the bank customer to select at least one of three security procedure options. Chavez, No. 11-15804 at 3. The plaintiff selected the first option which required written payment orders to be (i) delivered by an authorized representative (ii) in original form in person, by mail or by facsimile transmission and (iii) signed by an authorized representative. Id. at 4-5. When the payment order was presented by the alleged imposter to the bank, the bank employee confirmed the information on the payment order, the customer’s identity via identification provided by the customer, the funds in the account, the FTA’s existence, and the authenticity of the signature on the payment order before approving the transfer of the funds. Id. at 6.
Upon verifying the balance in his account, Plaintiff learned of the fraudulent transfer and sued the bank to recover the transferred money. In response, the bank asserted, inter alia, an affirmative defense premised upon Fla. Stat. § 670.202(2), which protects a bank from liability for fraudulent transfers if the bank and the customer agree on a commercially reasonable “security procedure” as defined by Fla. Stat. § 670.201, and the bank follows the procedure in good faith.
The District Court granted summary judgment to the bank, holding that, the bank’s security procedures for authenticating an in-person delivered payment order were Article 4A security procedures, commercially reasonable, and were followed in good faith. See Chavez v. Mercantil Commercebank, N.A., Slip Copy, 2011 WL 5285713 (S.D. Fla. 2011). In reversing the District Court, the Eleventh Circuit determined that the bank used security procedures that did not satisfy Fla. Stat. § 6070.201’s definition of a security procedure and as such could not apply for safe harbor. Section 201 states that “[c]omparison of a signature on a payment order or communication with an authorized specimen signature of the customer is not itself a security procedure,” therefore indicating an additional step is required. The Court noted how the security procedures offered to the customer in the FTA did not even require a signature comparison and were silent as to how a bank would verify a payment made in person. Therefore, the Court found that the agreed-upon procedures did not qualify for safe harbor.
This decision is important because this is an issue of first impression in the Eleventh Circuit, and in fact one of the few decisions nationwide that addresses the treatment of in-person wire transfers. The holding’s applicability to future cases may affect how the commercial reasonableness of security procedures are evaluated and when a bank can qualify for safe harbor to avoid liability for fraudulent transfers—at least in terms of in-person transfers. In sum, the Eleventh Circuit made clear that, in order to successfully apply for safe harbor in light of fraudulent transfers, a bank must show it employed adequate security procedures, those procedures were commercially reasonable, and the procedures were complied with in good faith.
For another recent case evaluating the commercial reasonableness of a bank’s security practices see Patco Constr. Co., Inc. v. People’s United Bank, 684 F.3d 197 (1st Cir. 2012).