Obligation of a bank to return 5 million dirhams to a customer

The Commercial Court in Dubai decided to oblige a local bank to pay about five million dirhams to a customer with it, after confirming the responsibility of one of its employees for penetrating the victim’s account, and embezzling the amount, after extracting a “lost replacement” chip from the customer’s phone, and using it to access his account through the banking application , And make transfers, taking advantage of his knowledge as a dormant account.

The case papers stated that the victim had opened a savings account with the bank in 2015. His balance reached four million and 677 thousand dirhams in 2016, but he was surprised in 2017 that the account was closed, after its balance decreased to zero.

Investigations into the incident revealed that an employee of the bank, who works in the credit card sales department, entered the customer’s account several times. And in light of his penetration of the account, he was subjected to a fraudulent operation, which ended in the embezzlement of the entire balance. Accordingly, the court held that there was a mistake by the bank, which was the failure to take the necessary supervision and supervision measures to prevent fraud, as a result of which it withdrew the funds from its bank account.

The pillars of the bank’s responsibility were completed, from error, damage and a causal relationship, and it became obligated to return the amount withdrawn from the customer’s account, while compensating him 100 thousand dirhams for the damage he caused.

Ghassan Al Dayeh, the agent of the client’s defense, said that the victim was residing in the country, then left to settle abroad, and left his savings account, but was surprised upon his return that the account was closed, and it was completely empty. Of money, and went a long way in the criminal court, until he filed a civil lawsuit, which ended with a ruling for him after confirming the bank’s responsibility for stealing the money.

He added that extracting a SIM card "lost replacement" in the name of the account holder is not possible without penetrating his account from within the bank, and leaking his data to another party, it is more likely that he was the one who extracted the SIM card through one of the two phone service providers, and used it to log into the account via the Internet, and change Password, account liquidation.

He stressed that the ruling reflects the need to review the procedures of some banks related to protecting the balances of their customers, and not to evade liability if these accounts are compromised.