After the bank accounts of a California-based Escrow firm were drained a whopping $1.5 million through a cyberheist, the firm closed shop. The company is now suing its former bank for the lost money.
The First Foundation Bank is being accused by Efficient Service through its state appointed receiver that its security systems were nowhere near secure at the time of the cyberheist. The now defunct Efficient Services Escrow firm is based in Huntington Beach. It argues that the bank acted almost maliciously when it processed the future determining international fraudulent wire transfers. Three fraudulent transfers siphoned off $1,558,439 and were done between December 2012 and February 2013.
There is an increasing number of lawsuits against banks seeking to hold them responsible for the losses which arise when cybercriminals take over customers’ accounts. The $1.5M suit which was filed in the Superior Court in Orange County is just one of the many lawsuits. In U.S, customers are largely regarded to be at no fault if a hacker penetrates their bank account and manages to steal.
However, the customer must report of the hacking early enough. Small businesses are now being targeted by hackers mainly because they are unaware of such legal provision. They are also surprisingly unaware of the huge risks involved when they are using online banking.
The Huntington Beach based company cyberheist started on December 2012 when $432,215 was transferred from its accounts to a bank in Moscow. This was followed by two more transfers amounting to $1.1M to northern Heilongjiang Province of China.
In 2011, Heilongjiang Province which is found on the northern side of China bordering Russia was at the centre of an FBI cyberheist investigation. According to the FBI, cybercriminals had in the previous year alone stolen around $20 million from small and medium sized companies. The funds were stolen through wire transfer and sent to Chinese economic and trade based companies.
Through the efforts of Efficient Services and the First Foundation Bank, the money transferred to the Russian bank was recovered. The trail of the $1.1 in China had however long gone cold. The law in California requires that hacked companies report the theft of funds immediately they discover the theft. Once Efficient receivers reported of the theft incidences, the California Department of Corporations demanded that the firm locates the stolen funds within three days.
After a haggling effort to locate the stolen funds, it became apparent to Efficient that the money was long gone. This consequently led the closure of the company by the state. A staff force of 9 was rendered jobless due to the closure of the company.
After Efficient Escrow Company was declared bankrupt, its appointed receiver lawyer sued First Foundation Bank on December 6. In the lawsuit, the company wanted to recover the stolen $1.1M on behalf of its former customers. In the suit, the company argues that the bank’s security systems were ‘commercially unreasonable’. It further alleges that the bank didn’t act in good faith when processing the fraudulent international transfers on ‘behalf’ of the company.
The Uniform Commercial Code (UCC) which is applied by most of the states across U.S strives to manage how wire transfers are done. It states that once a payment order has been received by a bank in good faith in addition to any written agreement with the customer and in compliance with the security procedure, the bank can proceed on to execute the payment order in the name of the customer. Whether the payment order was authorized or not, the bank while acting in good faith and following standard security procedure which is commercially viable should proceed on with the transaction.
However, with the current trend, the Efficient Escrow Company is highly unlikely to win this case. Most commercial businesses rarely win in cases they have sued banks to recover monies stolen by cybercriminals.