Individuals and corporate organisations own and operate bank accounts for several reasons, some of which are to reduce the risk of carrying bulk cash and to seamlessly engage in high volume of transactions across different platforms, without touching money through the instrumentality of using banking services, among others.
This and others have led to several complaints about unauthorised transactions carried out on customers’ accounts with many banks inability to handle such cases professionally. This led to customers getting frustrated with the banking system. This results in filing of cases in courts by aggrieved customers, who seek redress over alleged “pilfering” of depositors’ funds.
Analysts say to secure funds in banks is a joint responsibility of the account holder and the bank. While the account owner has to safeguard data from third party to avert unauthorised withdrawal, the bank is obligated to ensure that customers’ accounts are not exposed to third parties.
The Economic and Financial Crimes Commission (EFCC) had recently reported that two bankers, Agbo John Agama and Edoh Steve were in January 11, 2023, convicted and sentenced to three years imprisonment by Justice Mojisola Olajuwon of the Federal High Court, Abuja, for conspiracy, aiding and abetting fraud to the tune of N9.4 million.
The convicts were prosecuted on one count charge by the Makurdi zonal command of the EFCC. The charge reads: “That you, Agbo John Agama “M” and you Edoh Oga Steve “M” while being employees of Access Bank Plc Makurdi Branch and others now at large, on or about the 8th day of January, 2021 at Makurdi, Benue State of Nigeria within the jurisdiction of this Honourable Court, used an unauthorised access device to wit: a primed ATM Card on Account No. 30041040648 being operated by one Mejuru Chibueze Gospel with Access Bank resulting a loss of N9,400,000 only to him, thereby committed an offence, contrary to Section 33(2)(b) of Cybercrime (Prohibition, Prevention, etc) Act, 2015 and punishable under the same section of the Act “
According to a director of external linkages in one of the new-generation banks, the best way any bank can secure depositors’ money is to engage a top-notch security platform that is difficult to breach.
He argued that in most instances, customers compromise their data without knowing. He added that issues of giving data to relatives, drivers and even exposure of security pins during transactions at Automated Teller Machines (ATM) are harmful.
To a Senior Advocate of Nigeria (SAN), Terkura Pepe, banks owe customers a duty of care to keep the funds deposited safe at all times, adding that withdrawals are only upon a customer’s mandate or authorisation in the agreed manner.
The SAN stressed that allowing any unauthorised withdrawal renders a banker liable for negligence and for breach of contract.
“It is a failure on the part of any bank that allows customers’ funds to be withdrawn unauthorised,” he stated.
Another lawyer, Akintayo Balogun said that the bank is more liable to its customers, to ensure the security of the funds in its custody.
He said: “The Cybercrime (Prohibition, Prevention Act (2015) provides that where a security breach occurs, the proof of negligence lies on the customer; to prove that the financial institution in question could have done more to safeguard its information integrity.
“In the case of The Nigeria Advertising Service Ltd. v. United Bank for Africa Ltd (1965) 1.L.L.R 84 (Nigeria), the court held that, where there were forgeries, which were not due to a customer’s negligence, it is the duty of the Banker to credit the account of such a customer whose cheques had been forged.
“Furthermore, section 37(3) of the same Act provides that a financial institution that makes an unauthorised debit on a customer’s account shall, upon written notification by the customer, provide clear legal authorisation for such debit to the customer or reverse such debit within 72 hours and any financial institution that fails to reverse such debit within 72 hours commits an offence and is liable on conviction to restitution of the debit and a fine of N5 million.
He added that Section 20 of the Cybercrimes Act provides that “any person authorised by any financial institution and charged with the responsibility of using computer or other electronic devices for financial transactions such as posting of debit and credit, issuance of electronic instructions as they relate to sending of electronic debit and credit messages or charged with the duty of confirmation of electronic fund transfer, unlawfully with the intent to defraud, issues false electronic, or verbal messages commits an offence and is liable on conviction to imprisonment for a term of seven years.”
The lawyer, therefore, said the bank has more obligations to protect depositors’ funds. According to him, the duty that lies on the bank is more and enormous, requiring that they take greater steps in ensuring the security of the account.
“A bank must always communicate with its customers to ensure that transactions are authorised by them and with their consent. The Cybercrime (Prohibition, prevention Act (2015) has several provisions, particularly Section 37 that mandates the bankers to do all within its powers to protect the account of their customers.
