What kind of scientific research dominate in the field of The development of online banking?
Please, provide your suggestions for a question, problem or research thesis in the issues: The development of online banking.
Please reply.
I invite you to the discussion
Best wishes
Dear Friends and Colleagues of RG
Is the question of cybercrime currently the key topic of the development of online e-banking?
Is the security of information transfer on the Internet, the issue of cybercrime are currently one of the most important topics in the issue of the development of online e-banking?
Is the question of the security of information transfer on the Internet, the issue of cybercrime in the development of online mobile banking and electronic banking risk management are currently one of the most important topics in the development of online e-banking?
In my opinion, the issue of the security of information transfer on the Internet, the issue of cybercrime in the development of online mobile banking and electronic banking risk management are currently one of the most important topics in the topic of the possibility of developing online electronic banking.
Do you agree with my opinion on this matter?
Please reply
I invite you to the discussion
Thank you very much
Best wishes
Dear Friends and Colleagues of RG
What kind of scientific research dominate in the field of The development of online banking?
Is the issue of security of information transfer on the Internet, the issue of cybercrime in the development of online mobile banking and electronic banking risk management are currently one of the most important topics in this field? Please, provide your suggestions for a question, problem or research thesis in the issues: The development of online banking. Please reply. I invite you to the discussion Best wishes
Dear Friends and Colleagues of RG
Is the question of cybercrime currently the key topic of the development of online e-banking?
Is the security of information transfer on the Internet, the issue of cybercrime are currently one of the most important topics in the issue of the development of online e-banking?
Is the question of the security of information transfer on the Internet, the issue of cybercrime in the development of online mobile banking and electronic banking risk management are currently one of the most important topics in the development of online e-banking?
In my opinion, the issue of the security of information transfer on the Internet, the issue of cybercrime in the development of online mobile banking and electronic banking risk management are currently one of the most important topics in the topic of the possibility of developing online electronic banking.
Do you agree with my opinion on this matter?
Please reply
I invite you to the discussion
Thank you very much
Best wishes
The research may focus on the technical solutions to the challenges of security and fraud instances as well as handling cross border transactions. Blockchain technology may be applied.
The challenge of balancing between Ease of access v/s Security
There it goes a little work i've published in a E-Review -E-DICTUM-, and i'm now translating for you, if it'd be useful:
OH IF THE CUSTOMER HAD NOT CRACKED!…. [CLAIM FOR DAMAGES AND REIMBURSEMENT FOR EXECUTION OF ORDER FALSIFIED TRANSFER. RESPONSIBILITY OF THE BANK OF THE DESTINATION ACCOUNT]
I.- THE FACTS OF THE CASE. II. - THE MATERIAL LAW APPLICABLE TO THE COMPLAINT. II.1.- Identification of the nature of the legal relationship, as a factor determining the applicable law: a case of civil extractontractual wrongdoing [Tort Law]. II.2.- Structure of the operation of transfer, location of damage and determination of the applicable substantive law. II.3.- The special rules on liability of payment service providers and the general regime of civil liability. III. - DETERMINATION OF JURISDICTION.
TEXT
I.- THE FACTS OF THE CASE. A computer "hacker", former employee of a Spanish services company, directed a bank in a North African country, in which the aforementioned company –former- employer was operating, a counterfeit transfer order. The Bank in question –Transfer Bank-, ignored and should not have known that the order was false, since the Transfer Order was falsified as to the Subject recipient of the funds, since the "hacker" –who knew the keywords of his old Company - he simply used a true keyword, but that identified another subject: the Account Holder [the Service Company, which we will call "A"]. And, being in that justified ignorance - that the order was false-, the Bank began to process it, carrying out the corresponding debit or charge note in the Account of origin, for the purpose of carrying out the corresponding payment note in the Destination Account.
Since the Receiving or Destination Account was opened in a different bank, the Transferring Bank could not –by logical and legal impossibility- carry out all legal and material or technical acts leading to the final payment in the said destination account. Quite the contrary, this possibility was available only to a second bank-bank, where the aforementioned account of destination of the funds was opened. That bank, which we shall call the receiving or receiving bank - was a bank located in a Central European State ["State H"], which was an EU Member State. Well; it happened that an employee of the said Bank of "State H", agreed to give final course to the transfer order, although it could easily have appreciated –surely it did- that the transfer order indicated a destination account supposedly opened in the name of "A", when, in fact, it was in the name of a different subject, which we will call "B", which is why the employee of that receiving bank should have refused to make the accounting credit, as would be expected from the due diligence of the banks. But this bank employee made the wrong payment.
The remote causal link, where the basis and origin of the transfer would reside, was a service provision operation that Enterprise "A" had carried out in the North African country where the Bank was located, so its reason or ground -"causa" [art. 1274 to 1277, Spanish Civil Code]- would have been the satisfaction of the price of these services and therefore –- the payment of a debt of money, real and effective; solutive act that should have been carried out exclusively for the benefit of the Company "A" - Spanish company in the form of a commercial company with legal personality and domicile in Spanish territory - in an account opened in its name in Spain.
II. - THE MATERIAL LAW APPLICABLE TO THE COMPLAINT.
II.1.- Identification of the nature of the legal relationship, as a factor for the determination of the applicable law: case of civil extracontractual wrongdoing [Tort].
Since there was no direct and concrete legal-binding relationship between the Spanish company "A", and the Central European Bank of "State H", it would be difficult to admit that they mediated between both credit and debt relationships, so it seems obvious that non-contractual civil liability - aquiliana - would have to be used to claim reimbursement of the falsified –and unduly made- transfer, and the payment of the damage caused. The reason lies in the type of operation that had been carried out: a transfer of credit; more precisely a "external" transfer; a transfer that falls through subjective plurality, objective and causal, to the point of representing the paradigm of the extent to which it can be justified -in some cases - to stop talking about a bank "contract", and to prefer to speak of a bank "transaction" or "operation". Because –in effect- it is not possible to speak of bank contract of transfer of funds, when they exist, not two, but more parties; where such ultraplurality of parties is not covered by a single plurilateral legal business–as plurilateral contracts, with a structure similar to the Company Contract- neither participating in a single contractual legal relationship, similarly pluripersonal, but having more than two Parties, there are also –- more than two contractual relationships, in which not all subjects are involved, but only some of them in each of those relationships.
For bank transfers of funds can be of various types and can be classified according to different criteria or factors. Thus, e.g. a classification is that which takes as double reference the number of subjects and the number of accounts involved in the operation. Thus, there are transfers of:
1. subjective-minimum personal structure: they only consist of two Parties: the Bank and the payer, which is -at the same time- and where only two accounts belonging to the same holder are involved. In this case, in Spain we speak of a "Traspaso", which is that mode of Transfer in which the payer instructs the Bank to transfer an account from the payer… to another, as well belonging to the same payer.
2. Others have a simple subjective-personal structure: in them only takes place the intervention or participation of three People: the payer, the Beneficiary –which are two different persons - and the bank, and in them are involved two current accounts belonging: one, to the payer, and the other, to the Beneficiary.
3. Others present a complex subjective-personal structure; in fact, they show a growing complexity: they consist of three or four subjects: the payer, the Beneficiary –which may be the same person, or two different persons -and, no longer one, but at least –- two, or more, banking entities, and banking entities may be involved, not only two, but –- at least three current accounts belonging to –two of them - to the same or to different holders, and open different banks. In this case, the payer has an open account with his Bank and wishes to transfer funds to the account of the Beneficiary which is open in a bank other than the Bank of the payer - the Bank of the Beneficiary -, which raises the need to devise a system for the Second Bank - the Beneficiary Bank, where the current account of the funds is opened on behalf of the Beneficiary - to collaborate with the Bank of the payer. In this case there is talk of an "external" Transfer. Furthermore, external transfers of funds allow for subclassification, starting from the subjective-functional structure described; namely:
a) There is a "direct" external transfer… , which is the one in which the two banks involved are, in turn, linked by a correspondent relationship, which - in short - is just another bank current account… but in which both counterparties are banks.
b) There is an "indirect" external transfer… , which is the one in which the two banks involved do not have correspondent relationships; that is, they do not have any current bank account relationship with each other, so they have to rely on the collaboration of a third mediating entity, which - more than any other bank - is usually a "clearing house", or similar system, which - in turn - opens accounts to both involved banks, so that the original Transfer Order must be executed by giving successive orders, from the original Bank to the Clearing House, from the Clearing House to the Beneficiary Bank, and from this to the Beneficiary Account.
This criterion of classification and this plurality of assumptions can be clearly endorsed in art. 1, No 2, of Spanish Act No 16/2009 of 13 November on payment services. Thus, it is not surprising that the theory that has come closest to explaining the legal nature of the Bank Transfer of funds… is the Disaggregating Theory, which contemplates the Bank Transfer, considered "in toto", as a transaction or complex operation, which would encompass within itself different legal-negotiating elements from different provenance, and that the same could be applied to credit transfers, in general, that of that modality, so simple, which is called "Trapaso" [in Spanish].
Indeed: the Bank Transfer of funds operation can only be understood on the basis that, in so far as it involves a succession of accounting movements between two separate current bank accounts, it is impossible that it can be configured as a single contract, because the first empirical fact that reveals its phenomenological description is that it involves two different and independent, the one from the other, contractual banking account relationships. Consequently, the Transfer must differentiate between several phases or elements, constituting corresponding legal relations ; namely: 1) The relationship between the payer and the Beneficiary, and cause of transfer. 2) The bank current account agreement between the Bank and the Ordering Customer. 3) The contract providing the provision of cash to the aforementioned current account [deposit, loan, credit...]. 4) The legal act consisting of the "Transfer Order". 5) The act–at the moment, is not known whether legal or material- consisting of debiting in the first current account an amount equivalent to the amount determined in the Transfer Order. 6) The current account agreement between the Bank and the Customer receiving the transfer. And -7)- The legal act consisting of the accounting payment of the transferred sum, on the account of the Beneficiary.
The key to unveal the secrecy of the Bank Transfer is, rather, to know how each and every one of these elements is legally related. And, as I see it, this relationship can be approached in two ways or from two fully compatible points of view. First of all, it is necessary to refer to the relationship between Bank Transfer and Scriptural Currency . This means that some of the subjects involved in this combination of contractual relations… do not maintain any actual contractual relationship with each other, nor –accordingly - mediate between them the obligations arising from contracts which not exist between themselves.
The problem grows in complexity because of the presence of multiple foreign elements, which make the issue an external traffic relationship; a relationship of private property law, yes, but impregnated with the problem of internationality. Well, the traditional instrument of private international law - domestic production - to solve the problems of commercial procurement between operators from different States has been the Conflict Rule. And although this is a path full of difficulties and inadequacies, which has been criticized, having come to assert that the Conflict System "survives because nothing less has been found"; because -of the possible alternatives: the absolute "contempt" for the internationality of the relationship, with exclusive application of the national law of the judge, or the elaboration of an internal body of material rules, applicable only when a contractual relationship presents foreign elements-, the least bad is the Conflict Rule: a "compromise solution" which is what, for the time being, the conflict between national sovereignty and respect for the legal situation of foreigners has been resolved, we cannot but resort to the provisions –in this respect- in the Regulation (EC) No 864/2007 of the European Parliament and of the Council of 11 July 2007 on the law applicable to tort obligations ("Rome II").
According to the art. 1º, nº 1 of the "Rome II", said Regulation will apply to the torts obligations in civil and commercial matters, in situations that involve a conflict of laws. For his part, art. 2º, nº 1, Rome II, establishes that, for the purposes of this Regulation - Regulation [Rome II], "damage" shall mean all consequences resulting from a harmful event, unjust enrichment, business management or fault "in contrahendo", This Regulation shall also apply to any tort obligation which may arise. It also disposes that any reference in this Regulation to: a) an event giving rise to damage from occurring, including events which may result in any damage, and b) the damage, to include any damage that may occur.
II.2.- Structure of the operation of transfer, location of damage and determination of the applicable substantive law.
It is therefore obvious that if an employee of a banking entity, to whom an order for the carrying of a electronic funds transfer is issued, to make an accounting payment in a current account, allegedly owned by a particular subject –"A"-, it notes that the account is, in fact, not opened in the name of the Company "A", but of a different subject –"B"-, and –nevertheless - credited to that account, can certainly cause harm to the first of subjects –"A"-, by their conduct; conduct and damage which would obviously be included in the scope of Rome II - a Community normative instrument which is fully and directly applicable in all EU Member States. – as in the case of the Kingdom of Spain and as it was the case of which we have identified as "State H"-, whose object and content are aimed at establishing a regime of harmonization of the rules of conflict, in matters of –among otrher things- international relations consisting of tortious liability –including fault "in contrahendo" - and quasicontratcs of unjust enrichment. The fundamental Rule for this purpose is contained in art. 4º, which is a clearly general precept, that–unlike later - does not contemplate specific cases of civil liability, such as –p.e.- product liability, or that arising from acts of unfair competition, but which provides for tortious civil liability –In particular, the case of counterfeiting of bank transfer orders, dealt with negligently- by employees of the target or destination bank, could be included.
Well, Article 4 thereof states:
"1. Unless otherwise provided in this Regulation, the law applicable to an extracontractual obligation arising from a harmful act is that of the country where the damage occurs, irrespective of the country where the event causing the damage occurred and whatever the country or countries in which the indirect consequences of the event in question occurred.
2. However, where the person alleged to be liable and the injured person is habitually resident in the same country at the time of the injury, the law of that country shall apply.
3. If it appears from all the circumstances that the harmful event has manifestly closer links with a country other than that indicated in the paragraphs 1 or 2, the law of that other country shall apply. A manifestly closer link with another country could be based on an existing relationship between the parties, such as a contract, which is closely linked to the harmful event in question"
Such wording -no doubt- raises some questions, since several circumstances have to be taken into account:
1. The origin of the facts is in a counterfeit transfer order, that a hacker directs a Bank of the North African country
2. The Bank of the North African country, which neither knows nor needs to know as there is no negligence on its part - that the order was false, begins to follow it up, which assumes that it debits to the original account…
3. … to be credited to the destination account…
4.… but since that Account is located in another bank, the Bank of the North African country can no longer carry out all legal and material or technical acts leading to the completion of the transfer, with the final ticket in the destination account.
5. This possibility shall be to carry out all legal and material or technical acts leading to the completion of the transfer, with the final payment in the aforementioned Account - only applicable to the second–- Bank, where that account is open.
6. That Bank is the Bank of State Y, which means, inter alia - that it has its place of business in the territory of Y, which is an EU Member State.
7. An employee of that State "Y" Bank and who accedes to the transfer order could have certainly appreciated – - that the transfer order indicated a perfectly identified destination account, supposedly opened in the name of "A", but that same account –opened in your bank- was, in fact, in the name of a different subject: "B".
8.… Consequently, the employee of that State "Y" Bank who accedes to the transfer order should have rejected it, and should have refrained from making the payment, as is expected of the due diligence of the banking institutions.
9. However, to the contrary, the employee who grants the transfer order, took care of it and made the wrong payment.
10. In fact, the Transfer Order was falsified as to the Subject to whom the funds were intended, which should have been "A", in an account opened in his name in Spain, so "A" –a Spanish company in the form of a commercial company with legal personality and domicile in Spanish territory, where it has its organisation, assets and bank accounts-, suffered damage as the funds did not reach Spain, with what was deprived of that sum [64.000 €?]
Well, does this mean that the damage occurred in Spain? Or, on the contrary, that "A" should be –in Spain - deprived of the availability of that sum should be considered as a "country… where there are [some] indirect consequences of the act in question", it being considered that the damage was suffered in "State H"?
On the other hand, the same art. 4º, Rome II, adds -"in fine", - that "if it appears from all the circumstances that the harmful event has manifestly closer links with another country than that indicated in paragraphs 1 or 2, the law of that other country shall apply. A manifestly closer link with another country could be based on an existing relationship between the parties, such as a contract, which is closely linked to the harmful event in question". Well, the problem here would be whether or not it can be considered that "State H" has "manifestly closer links with the harmful act".
It is true that the condition that there was "an existing relationship between the parties, such as a contract, which is closely linked to the harmful event in question" is not fulfilled, since it is obvious that "A" –the injured party was not the holder of the account in which the payment was made, in the receiving bank, neither maintains current or deposit accounts, nor has it carried out active credit operations with that bank, nor has it carried out neutral transactions, has not obtained investment services, etc., from that Bank. But the reference that art makes. 4th, 3rd, Rome II is simply "ad exemplum", and therefore - should be considered as "numerus Apertus", not closed.
And, in this respect, I have the following doubt: since a bank transfer of funds is not a unique –- but a complex transaction between potentially diverse subjects, but nevertheless aimed at a single purpose –the displacement of funds-, could "the harmful event be considered to have manifestly closer links with" the "State H"? Personally, I don’t think so.
Therefore, the most plausible conclusion is that the material law applicable to the case was Spanish law. Based on this conclusion, art. 15, Rome II provides that the law applicable to the tort obligation under this Regulation –in this case, Spanish law- regulates, in particular: a) the basis and scope of liability, including the identification of persons who may be held responsible for their own acts; b) the grounds for exoneration, as well as any limitation and sharing of responsibility; c) the existence, nature and assessment of the damage or compensation claimed; d) within the limits of the powers conferred on the court by its procedural law, the measures that a court may take to ensure the prevention, cessation and reparation of damage… f) persons entitled to reparation for personal injury; g) liability for acts of third parties and h) the manner in which obligations are extinguished, as well as the rules of limitation and revocation, including those relating to the initiation, interruption and suspension of limitation and expiry periods.
All without prejudice to what disposes art, 16, Rome II, entitled "Police Laws", which contains a very classic rule in conflicting international law: "The provisions of this Regulation shall not affect the application of the provisions of the law of the forum in situations where they are mandatory, irrespective of the law applicable to the tort obligation".
Art. 2, No 1, para. 10 of Spanish Act No 16/2009, of 13 November, on payment services, defines the "user of payment services" as a natural or legal person making use of payment services, either as payer, beneficiary or both, and–in turn - Art himself. Second, number one, Apdo. 8 of the same Law No 16/2009 defines the concept of "beneficiary" as a natural or legal person who is the intended recipient of the funds which have been the subject of a payment transaction. Since –also- the successive Apdo. 11, of Art. 2º, nº 1 of the same Law 16/2009 defines the concept of "Consumer", it is immediately perceived that one can be "beneficiary" and therefore –- "user of payment services" even if the subject in question does not have the status of consumer, because they are different concepts and do not even have a gender/species relationship.
If art 44, No 1 of Law No 16/2009 -"incorrect unique identifiers"-, which is located within Section 3.ª "Responsibility", of Cap. IIIº, Tit. IVº provides that "when a payment order is executed in accordance with the unique identifier, it shall be considered correctly executed in relation to the beneficiary specified in that identifier", this should not lead us to believe that the counterfeiting of the transfer order would lead to the irresponsibility of the destiny or recipient bank in respect to the Beneficiary –and I say "beneficiary", within the meaning of the Act, and not in the sense in which this term is used, when talking about the personal elements of payment banking operations-, because the problem is that the cited "Unique identifier", as defined by the repeatedly cited art. 2º, nº 1, para. 21 of the same Act No 16/2009; that is: "a combination of letters, numbers or signs specified by the payment service provider to the user of such services, which the latter must provide in order to unambiguously identify the other payment service user, to your payment account in a payment transaction or to both", should have been identified the Company "A"; that is: the Spanish company that provided services and that was entitled to receive its remuneration by means of transfer, so that –- the recipient or receiving bank, entity of "State H" holder of the current account to which the fake or counterfeit transfer was directed, would have verified that the Identifier –excuse the redundancy- accurately and exclusively identified our subject –Enterprise "A"-, and not to a different subject –"B"-. Consequently, the event which took place was not the case referred to in Art. 44, No 1, but a different case.
In fact, art. 44, No 2, itself, which establishes that "if the unique identifier provided by the payment service user shoukd be incorrect, the supplier shall not be responsible for the failure to execute or for the defective execution of the payment transaction", reveals that if the supplier is not responsible "for the failure to perform or for the defective execution of the payment transaction"… that's because there may be two different situations:
1. That the incorrectness of the unique payment identifier is patently incorrect; that the incorrectness is obvious and perceptible, or should have been warned using the appropriate level of care.
2. That the unique payment identifier is apparently correct; when the incorrectness of the identifier is imperceptible, but the referred identifier is materially false or erroneous.
In the first case, the Provider cannot be responsible for the failure to perform… because –simply- he cannot proceed with the transfer. If the Identifier, which was supposed to identify the Company "A", turns out that the person whom it identifies as the recipient of the Funds Account is another different subject, the Provider –in this case was the Bank of "State H"- should not have acted on the order and made the payment on the account in which it did so. Had he acted correctly, he would not have made the Pass… and if –had not done so- someone had tried to claim for non-execution of the order, the Bank of "State H" –as did other banks: one from Poland and one from Austria- would have had all the legitimacy to oppose and consider itself fully free of liability.
On the contrary, when the Unique Payment Identifier is apparently correct; when its incorrectness or falsehood is imperceptible, it is obvious that - in its ignorance - the Bank receiving the Order –the Bank of "State H"- have acted on the order and have credited the account in which it was made… not knowing that he should not have done so, considering himself to be either obliged to carry out such an accounting note - and if –had made such an improper accounting note - someone had tried to claim for defective execution of the order, the Bank of "State H" would have all the legitimacy to oppose and consider itself fully free from liability, because the falsehood was undetectable. No one could claim compensation for damages. However, in spite of everything referred, art. 44, No 2, para. 2 of Spanish Act No 16/2009 provides that, "however, the payer’s payment service provider shall make reasonable efforts to recover the funds from the payment transaction". That is to say that even if the Bank did not incur responsibility, the Law imposes a duty on it: to make reasonable efforts to recover the funds; a duty whose failure could lead to liability, whose contractual or extracontractual status would be questionable.
In the present case, two different banking entities appeared: the Transferring Bank –the Bank of the North African country- which receives the original transfer order, having to proceed to another bank… and who immediately suffers deceit on the part of the "hacker", and the Bank of the "State H" which is the one who improperly carries out the consummation of the movement of funds, acting on the transfer order transmitted by the transferring bank. Consequently, two banks have participated in the counterfeit transaction… and Spanish Act No 16/2009 speaks of the "liability of the payment service provider", obliging us to analyze who he is; who assumes the quality of "payment service provider", and therefore, person obliged to indemnify damages. The answer to this question must be based on the definition provided by art. 2, No 1, Apdo. 9 of the same Act No 16/2009, which defines the concept of "payment service provider", referring to it or applying it –sic- to "public bodies, undertakings and entities authorised to provide payment services in Spain or any other Member State of the European Union, whether or not they benefit from the derogations provided for in Article 26 of Directive 2007/64/EC of the European Parliament and of the Council of 13 November 2007 on payment services in the internal market, amending Directives 97/7/EC, 2002/65/EC and 2006/48/EC and repealing Directive 97/5/EC, as well as those of third countries, which are professionally engaged in the provision of payment services". Note that the subjective or personal reference does not give rise to any problems –two banking institutions may have perfect place in the subjective/personal scope of this definition, such as companies … authorised to provide payment services in Spain or any other Member State of the European Union, as well as those from third countries"-, which shows that the axis or fulcrum of the definition focuses on the fact that "they are professionally engaged in the provision of payment services". Again, it is necessary to analyse what "payment services" are, in this case for the purpose of establishing which of the two banks provided them; whether the first one, the second one or both, and–in particular - whether they can be considered to have been provided by the Bank of the "State H". The answer to this question must be based on another definition provided by Art. 2, No 1, Apdo. 3 of Law No 16/2009, which defines what "payment services" are - uses a direct referral technique: "any of the commercial activities referred to in Article 1.2 of this Law", and –in turn - art. 1º, nº 2 of Law 16/2009 indicates that they are payment services:
a) Services that allow cash to be entered into a payment account and all acts or operations necessary for the management of the payment account.
b) Services that allow the withdrawal of cash from a payment account and all transactions necessary for the management of the payment account itself.
c) The execution of payment transactions, through a payment account with the payment service provider of the user or other payment service provider:
1.º Execution of direct debits, including non recurrent direct debits,
2.º Execution of payment transactions by payment card or similar device,
3.º Execution of transfers, including permanent orders.
d) The execution of payment transactions when funds are covered by a credit line open to a payment service user:
1.º Execution of direct debits, including non recurrent direct debits,
2.º Execution of payment transactions by payment card or similar device,
3.º Execution of transfers, including permanent orders.
e) Issuing and acquiring payment instruments.
f) Sending money.
g) The execution of payment transactions in which the consent of the payer to execute a payment transaction by means of telecommunication devices is transmitted, and payment is made through the operator of the network or telecommunication or computer system, which acts only as an intermediary between the payment service user and the provider of goods and services.
Well the Bank of "State H" participated, at the very least, by providing several of the above services, since it executed "payment transactions", that is, in accordance with art. Second, number one, para. 5 of Act No 16/2009 - actions, initiated by the payer or the beneficiary, consisting of "locating, transferring or withdrawing funds", irrespective of any underlying obligations between the two, that –having been carried out by means of a transfer - both may have accommodations in the case of "c)", as in the case of "g)". Because, in fact, through the channelling of funds, the Bank of "State H" executed payment transactions, as –initially- placed funds in the recipient or destination banking account –an account to which, however, the funds should not have been drawn-, and–in all likelihood- either via the transfer of funds, either by allowing the withdrawal of cash from the payment account where the transferred amounts arrived, the Bank of "State H" executed –- payment transactions again; this time in the reverse sense, as it has already transferred, ora allowed to withdraw those funds, the "hacker" who committed the forgery in the original order of transfer. Therefore, at the time of these transactions, the Bank of "State H" or recipient bank - may have incurred the type of liability provided for in the extensive art. 45, No 1, para. 1 of Spanish Act No 16/2009, which is entitled "No execution or defective execution" and provides as follows:
"1. In the case of payment orders initiated by the payer, your payment service provider shall be liable to the payment service provider for the correct execution of the payment transaction until such time as its amount is credited to the payee’s payment service provider’s account. After this payment, the payee’s payment service provider shall be responsible to the payee for the correct execution of the…operation".
II.3.- Special rules on liability of payment service providers and the general regime of civil liability.
Although it is considered with a minimum of attention, it can be seen immediately that the meaning of art. 45, No 1, para. 1º of Act No 16/2009 is that of a norm of distribution of the period of responsibility; a similar norm –saving the differences- to certain rules on the liability of the carrier of goods, attributing liability for damage to cargo… depending on the period of time in which these goods are under its control. Well, in a sense, the rule of art. 45, No 1, serves a similar purpose: on the basis that responsibility for payment transfers and transactions should be attributed to the banking entity which, having a stake in the movement or flow of funds, they have it only in a segment of the transfer process, which is closely related to –and it becomes fully understandable - with the typology of various funds transfer types that takes as point -double point, actually- of reference the factors of number of subjects and accounts involved in the operation, remembering that the one that raises problems, in our case, was a bank transfer of complex subjective-personnel structure, consisting of three or four subjects or Parties: the Payer, the Beneficiary –who appeared to be the same person, when the truth is that they were two different persons [in concealing this fact consisted of the object of the forgery]-, and no longer one, but two banking entities, being involved, not only two, but at least three current accounts belonging to two of them - to the same or to different holders, and opened in different banks, as in foreign transfers the payer has an open account with his Bank and wishes to transfer funds to the account of the Beneficiary which, for its part, is opened in a bank other than the Bank of the payer - the Bank of the Beneficiary -, which raises the need for some system for the Second Bank - the Beneficiary Bank, where the current account of the funds is opened on behalf of the Beneficiary - to collaborate with the Bank of the payer. In this case they call it an "external" transfer. From this point on, it could be discussed whether it was a "direct" external transfer… or an "indirect" external transfer, depending on whether the two banks involved were themselves linked - or not - by a correspondent relationship, which - in short - is just another bank current account… but in which both bank accounts are banks.
In the light of the above, it should be added - that, actually, art. 45, nº 1, is not –per se- a rule of law -let's say- "substantive" on civil liability; it does not allow comparison –unless in a very indirect way - with rules such as the arts. 1101 ff. and 1902 ff. of the Spanish Civil Code, which establish the rule that whoever damages another, by fault or negligence, must compensate for the damage caused. Art. 45, No 1, of Spanish Act 16/2009 says nothing about this: it merely states at what point an event may occur which establishes the liability of the payer’s payment service provider… and at what point an event may occur that determines the civil liability of the payee service provider, and does so by adopting the model or on the basis of the model of "direct" external Transfer. Consequently, the payer’s payment service provider may be liable from the time the Payment Order is given to him, until the moment he makes the payment to the correspondent current account opened with the Payment Service Provider of the Beneficiary, and the latter –that is, the Payment Service Provider of the Beneficiary- may incur liability, from the time the payment was made to the correspondent current account which it has opened with the Paying Service Provider of the payer, until such time as he himself makes the final note, which consumes or fully accomplishes the flow of the funds; in the beneficiary’s account. That is to say: in this case, if the Bank transferent or Bank of origin –the Bank of the North African country- acted on the order, paying the current account –correspondent call- which linked him or which it kept open with the Bank of destination or recipient –the Bank of "State H"-, from that time on –which was indeed produced or occurred- the period of responsibility of the recipient or receiver or destination bank of "State H" - as payment service provider of the Beneficiary would commence. But I insist - this does not yet determine that he actually incurred civil liability.
Secondly, the same article, art. 45, No 1, now in its paras. 2º, 3º and 4º- establishes the following:
"In the case of payment transactions not executed or improperly executed, when the payment service provider of the payer is liable in accordance with the provisions of the previous paragraph, return the amount of the transaction to the payer without undue delay and, where appropriate, restore the balance of the payment account to the situation it would have been in if the defective payment transaction had not taken place.
Where the responsible in accordance with the first subparagraph of this Article is the payee’s payment service provider, the latter shall immediately make available to the payee the amount corresponding to the payment transaction, paying, where appropriate, the corresponding amount to the payee’s account.
In any event, where a payment order from the payer is not executed or is improperly executed, the payer’s payment service provider shall seek to ascertain immediately, on request and irrespective of its responsibility under this paragraph, the data relating to the payment transaction and shall notify the payer of the results…"
Once again, the provision follows the same pattern and pursues the same objectives as in No. 1, para. 1; indeed: the paras. 2º, 3º and 4º constitute something like the forecast of the effects of that so called "responsibility"… as allocated to, and distributed between, each of the two different payment service providers: whenever the liability lies with the payer’s payment service provider –because the event giving rise to liability has taken place during the stage or segment of time for which he was responsible -, a duty of restitution or reimbursement, which –could ultimately be regarded as a form of indemnity obligation by way of replacement, is typically imposed on him:
"... shall return without undue delay to the payer the amount corresponding to the transaction and shall, where appropriate, restore the balance of the payment account to the situation it would have been in if the defective payment transaction had not taken place".
If, on the contrary, the liability lies with the Payment Service Provider of the Beneficiary –because the event giving rise to liability has taken place during the stage or segment of time in which it was responsible- a duty to pay, which –- could also be considered as another case of indemnity obligation by way of replenishment, is typically imposed on him:
"He shall immediately make available to the payee the amount corresponding to the payment transaction by paying, where appropriate, the corresponding amount to the payee’s account".
The Spanish Civil Code, which provides for compensation for tort amages (art. 1902) and for compensation of contractual damages (art. 1101), but does not regulate the various forms by which reparation may be granted, has been overtaken by the 1995 Spanish Penal Code; recast text adopted by Organic Act No 10/1995 - which specifies in its art. 110 the different ways or means of redressing damage in civil liability arising from an offence (art. 109 TRCPen./1995):
"The liability established in the preceding article includes:
1º Restitution.
2º The repair of the damage.
3º Compensation of material and moral damages";
... a plurality of remedies or reparations of damages that also seems to be known in spanish administrative legislation, as -at the time- revealed the old Spanish Act No 30/1992 of 26.11.1992 on the Legal Regime of Public Administrations and the Common Administrative Procedure . Traditionally, three different forms of performance of the obligation to make reparation have been recognized:
a) Specific reparation or "in natura", in the sense of fixing the damaged thing or by replacing it with an equal one.
b) Compensation for equivalent, by the payment of the amount of money corresponding to the damage suffered;
c) Reparation in kind, by the delivery of goods, the value of which is equivalent to the damage suffered.
All of them serve the purpose of restoring the victim to the state prior to the occurrence of the damage, as recognized by the Jurisprudence of our Courts and legal literature, which agree that any of the above forms of reparation are covered by the terms "redress" in art. 1902, Civ.C and "compensation of damages" of art. 1101, Civ.C. In fact, when the damage consists in the deprivation of a certain amount of money… what more obvious way of repairing the damage than by restoring, reimbursing or –in general- handing over to the injured person… the same amount of money that was taken from him?
Moreover, in both cases –and irrespective of liability - the payer’s payment service provider may be subject to duties of making inquiries.
The art 45, No 2 of Spanish Act 16/2009 deals with the case of payment orders initiated by or through the payee, which explains –once again- which enters a stage or segment in which control of the transaction is in the hands of the payment service provider of the -aforementioned- beneficiary. It shall be Him, as provided for in art. 45, No 2, para. 1, who shall be responsible -and liable- for the correct transmission of the payment order to the payer’s payment service provider. In such cases, where the transaction is not executed or is executed in a defective manner, for reasons attributable to him, the payee’s payment service provider shall immediately reiterate the payment order to the payer’s payment service provider.
Then, art. 45, No 2, para. 2º contains a rule whose wording is somewhat confusing, not so much by the wording –that in itself is very clear - as by the context. The paragraph in question states that:
"In addition, the payee’s payment service provider shall be liable to the payee for managing the payment transaction. In particular, it shall ensure that, once the amount corresponding to the payment transaction has been paid into its account, such an amount is available to the beneficiary immediately after the payment has been made".
Considering these words out of any other context, it seems obvious that –is available and I am going to allow myself a literary interpretation, rather than a literal or a partial or limited paraphrase of the statutory wording- that "the payment service provider of the payee shall be liable to the payee for the management of the payment transaction [from] after the payment transaction has been paid into his account [until] such amount is disposition of the beneficiary immediately after the payment", and it seems obvious that this is done because this is what is already meant by art. 45, No 1, para. 1º… Well, it is actually only part of it; it is only a consequence that could have been drawn from what is stated in art. 45, No 1, para. 1º, "in fine", because here the key is to interpret what they mean or what the words "once the amount corresponding to the payment transaction has been paid into his account". Which one is that account? Whom replaces the possessive pronoun "his"? To the Beneficiary –the Beneficiary Account-, or to the Paying Service Provider [The Corresponding Bank Account, which binds the two payment service providers; the two banks]? It seems more plausible to think that it refers to the Beneficiary’s current account, therefore, what is meant is that the Beneficiary’s Bank –as payment service provider of the latter- is responsible for the immediate availability of the Beneficiary’s account balance, once the funds have arrived in the Beneficiary Account: once the note has been produced in the Beneficiary’s Current Account Credit.
But all this makes sense when analyzed in the light of the adverb "In addition", which begins the paragraph, and suggests that all is added to what establishes art. 45, No 2, para. 1: the rule in para. 2º is involved in the regulation of liability in the event of payment orders initiated by or through the payee, when the payment service provider of the –aforesaid- payee is responsible for the correct transmission of the payment order to the payer’s payment service provider. In such cases, where the transaction is not executed or is executed in a defective manner, for reasons attributable to it, the payee’s payment service provider shall immediately reiterate the payment order to the payer’s payment service provider. We are faced with the case of "debit" bank transfers, which are those in which the sense of the transfer order and the sense of the flow or movement of funds are opposite; the origin and destination of the statement of intent calling for the transfer and the provenance and destination of the funds… run in the opposite direction. In these transfers, the initiative of the transaction, which is summarised in the Transfer Order by a subject who is not the holder of the account from which the funds are transferred… but the account holder of the amount transferred, because the very same Principal -"payer"- instructing the Transferring Bank to debit funds is - at the same time - the "Beneficiary", holder of the same account towards which the flow of funds is directed. This fact –that the Ordering Subject; that the subject instructing the Transferring Bank to debit funds is, at the same time, the "Beneficiary" of the transfer itself- explains that, in this case the Payment Service Provider of the Beneficiary, acting as –and on behalf - of whom issues the Order [benefiting-ordering] is legally responsible for the correct transmission of the payment order to the payer’s payment service provider, with the consequence that, when –in the circumstances referred to [debit transfers]- the transaction is not executed or is executed in a defective manner, for reasons attributable to the Payment Service Provider of the payee –acting as payer - the Supplier shall immediately reiterate the payment order to the payer’s payment service provider.
Finally, following the same basic assumption of debit transfers, the penultimate paragraph of Article 2. 45, prevents, in the case of payment orders initiated by or through the Beneficiary, in which, as provided for in the above two paragraphs, the Payment Service Provider of the Beneficiary is not liable, the liability to the payer for payment transactions not executed or improperly executed shall be borne by the payer’s payment service provider, which is confusing and may give rise to contradictory interpretations… because we must not forget that, in this case, "Principal" -"payer"- is - at the same time - the "Beneficiary", so -in theory- references to "Payer" or "Principal" and to "Payer or Principal payment services Provider" could -simultaneously- hide or cover a reference to the Beneficiary and its own Payment Service Provider, or even cross-or mixed references. In my opinion, the key lies once again - in considering that we are dealing with one of those rules for the distribution of the period of responsibility, analogous to the rules on the carrier’s liability, attributing liability for damage and damage to cargo… depending on the time period in which such goods are under their control, so what comes to be said is that, when - as provided for in the previous two paragraphs of art. 45,- the payment service provider of the Beneficiary is not liable, the liability to the payer for unperformed or improperly executed payment transactions shall be borne by the payer’s payment service provider… not as an exhaustive proclamation of that responsibility, as in the case of the arts. 1101 and 1902, of Spanish CivC.-, but as a reference to that we are referring to the chronological-functional segment of responsibility of the Provider of Services of Payment of the Ordainer… which has to be responsible and liable to the same payer, although it might be wiser to say that it is, not the payer… but the Holder of movement of funds origin Account.
In any event, in such cases, the payer’s payment service provider shall return to the payer –that is: return the originator account holder - as appropriate and without undue delay, the amount corresponding to the unexecuted payment transaction –this is difficult to understand: how could be that "not executed"… if the funds came out of that account? If this were not the case, there would be no point in talking about "returning" those funds - or flawed execution and resetting the balance of the payment account to the situation it would have been in if the transaction had not taken place. This is a logical culmination of the whole provision: once again we are establishing, not so much rules on the obligation of civil liability… but rules on the chronological-functional distribution of such liability, since if one is not responsible nor liable for the Payment service providers... it will be, logically, because it is the other who must take responsibility.
Moreover, in the last paragraph, we find again a rule similar to that which provided that –irrespective of liability - the payer’s payment service provider could be subjected to duties of inquiry: also now -and irrespective of responsibility - there may be duties of inquiry. But in this case, it is the Payment Service Provider of the Beneficiary who is affected or who falls to.
In any event, where a payment order from the payee is not executed or is improperly executed, the payee’s payment service provider shall seek to ascertain immediately, on request and irrespective of its responsibility under this paragraph, the data relating to the payment transaction and shall notify the beneficiary of the results.
Now, all these reflections come from the fact that –as already indicated - according to art. 15, Rome II, the law applicable to the tort obligation under this Regulation –in this case, Spanish law- regulates, in particular: a) the basis and scope of liability, including the identification of persons who may be held responsible for their own acts.
Well, Act No 16/2009 on payment services is a Spanish law; it forms part of the Spanish legal system -art. 1º, Spanish CivC.- so it would be a national applicable rule, which would provide provisions on the "scope of responsibility", and it does so -You will already have been able to appreciate its interest in distributing responsibility, between participants in each payment transaction-, but the "fundamentals" of liability remain to be analysed; and about that, Spanish Act No 16/2009 says hardly anything: once again it is necessary to insist –even to satiety- that these norms do not allow comparison with precepts such as arts. 1101 or 1902, Spanish CivC. or 252, Spanish Comercial Code 1885, which is likely to be applicable in this area because it is known that payment transactions usually consist of or are based on commission contracts or elements of the Commercial Mandate. These arts. 44 ff. of Spanish Act No 16/2009 do not contain a proclamation comparable to that of art. 1101, CivC., nor to that of art. 1902, CivC. Nor do they contain provisions which - in any way - construe, develop or supplement these precepts, as –p.e. - those of the arts. 1104 and 1105:
"The fault or negligence of the debtor consists in the omission of that diligence that demands the nature of the obligation and corresponds to the circumstances of the persons, of the time and of the place.
"Where the obligation does not express the diligence to be exercised in the performance of the obligation, the obligation of a good parent [the Roman Law "bonus pater familias"] shall be required" [art. 1104]
or
"Apart from the cases expressly mentioned in the law, and in which the obligation so declares, no one shall be held responsible for those events which could not have been foreseen, or which would have been unavoidable, "[art. 1105]
Nor will we find in them anything that reminds us of –except in a somewhat indirect way- the contents of the arts. 1107 and 1108 CC:
"The damages to which the debtor is liable in good faith are those foreseen or which could have been foreseen at the time of the creation of the obligation and which are necessary consequences of its failure to perform. In the event of intentional commission, the debtor shall be liable to all who are known to result from the failure to perform the obligation" [art. 1107]"
and
"If the obligation consists in the payment of an amount of money, and the debtor is in delay, the compensation of damages, without agreement to the contrary, shall consist in the payment of the agreed interest, and in the absence of an agreement, in the legal interest"
I quote, now, these rules –formally referring to the so called civil liability "in contract"- because the precepts referred to the so called tortious civil liability, aquilian or for damages to third parties liability [Torts], are much less precise in this respect… But they’re not as precise as the others because–ultimately- they don’t need to be: despite the formal separation carried out by the Spanish Civil Legislator of 1889, between the articles referring to the so called contractual civil liability and the precepts referring to the so called extracontractual -tort- civil liability, or for damages to third parties, both deal with an institution which has the same and unique legal nature: Civil Liability, which is identical except in aspects, say, peripheral; accidental, not relevant to the substance of the figure - in both cases: liability for damage is one and the same thing, whether or not the harmful wrongdoing involved the breach of a particular obligation, between the damaged creditor–whose legitimate negative and positive interests are injured- and the defaulting debtor, , as if the harmful wrongful act consisted in the pure causation of an injury in breach of the general principle of "neminem lædere", without the preexistence of any specific "inter partes" obligation being breached.
It is exactly the same: for example, the module of diligence/negligence, in the field of contractual and tortious liability is the same: the "the fault or negligence of the debtor consists in the omission of that diligence which requires the nature of the obligation and corresponds to the circumstances of the persons, of the time and of the place". And so on. These are the rules of the applicable national law –"lex delicti" - which determine the "basis" of liability.
Of course, as –again according to art. 15, Rome II - the law applicable to the tort obligation under this Regulation –in this case, Spanish law- regulates, in particular, c) the existence, the nature and assessment of the damage or compensation claimed, we will have to apply another provision of the Payment Services Act: I refer to art. 46 of Law No 16/2009, entitled "additional compensation", which provides that:
"Without prejudice to any additional compensation that may be determined in accordance with the rules applicable to the contract concluded between the user and his supplier, each payment service provider shall be liable to its respective user for all costs which, in accordance with Article 45, are its responsibility, as well as any interest that could have been applied to the user as a result of the failure to perform or the defective execution of operations".
How should we interpret all this? Why they refer to "additional compensation"? The reason probably lies in the peculiarity of these damages consisting basically of not receiving funds or a partial or inopportune -late– payment or payment under different conditions than expected.
In principle, since Liability –understood as a very characteristic type of obligation- can be satisfied by means of repair or replacement "in natura", understood as a fix of the damaged thing or replacement by another equal, which, in the final analysis - would appear to coincide 100 per cent with the equivalent compensation by providing the amount of money corresponding to the damage suffered, one might think that once the Beneficiary has received the full amount to be remitted or transferred, and that it was not due to circumstances that could potentially trigger the liability of any of the payment service providers, the compensation –understood as an action and effect of compensating for something, to someone- has been fully completed, so it would no longer be appropriate to require any kind of additional indemnity benefit. But this would be a mistake.
Actually , we cannot be carried away by the "optical" illusion of thinking that the repair or replacement "in natura", understood as arrangement of the damaged thing or replacement by another equal, is 100 per cent in line with the equivalent compensation, by providing the amount of money corresponding to the damage suffered: in reality they are two very different things, and even when it is a matter of merely paying sums money there is still no full coincidence, so that the compensation by equivalent, by giving the amount of money corresponding to the damage suffered… may be greater than the mere restitution of –"in natura"- money that did not reach its proper recipient, as there may be subsequent, subsequent or subsequent damage, resulting from the temporary unavailability of the funds, which would not be compensated or repaired simply by restitution, reimbursement or payment of the original amount. It seems as if art. 46 of spanish Act nº 16/2009, in the final analysis, would be making an implicit reference to the provisions of the arts. 1106 and 1107 Spanish CivC:
"Compensation for damages comprises not only the value of the loss suffered, but also the value of the gain lost by the creditor, with the exception of the provisions of the following articles"
and
"Damages to which the debtor is liable in good faith are those foreseen or which may have been foreseen at the time of the creation of the obligation and which are a necessary consequence of its failure to perform. In the event of intentional commission, the debtor shall be liable to all who are known to result from the failure to perform the obligation" [art. 1107]"
To add –likewise- that in addition to having to compensate for these emerging damages and loss of profits, "each payment service provider shall be liable to its respective user for all costs which, in accordance with Article 45, are its responsibility, as well as any interest that could have been applied to the user as a result of the failure to perform or the defective execution of operations". Again, the article is based on the system of attribution of economic costs, depending on the chronological-functional segment of responsibility, in relationship -now- to the expenses that may be incurred for each respective payment service provider, in accordance with the art. 45.
However, the provisions on civil liability contained in spanish Act Nº 16/2009 do not, I believe, derogate from or replace the provisions of the General Law of Civil Liability [Tort Law]. Perhaps for this reason, arts. 44 ff. of spanish Act Nº 16/2009 adopt a perspective and establish rules that do not seem to have a clear parallel in the articles of Spanish CivC./1889. It could be said that, "prima facie", liability for payment services not performed or performed incorrectly is causally related –that is, is distributed- according to those chronological segments in the same way -as it was said - the liability of carriers of goods. But "distribution" or attribution of responsibility is not enough: civil liability is –in a legal sense - a source of obligations based on the general principles of "pacta sunt servanda" and "alterum non lædere"; a source of obligations "ex Damno natæ", the assumption of which in fact consists –substantially - in conduct causing harm to another. For this reason, it is absolutely essential to have a clear idea of the "Tatbestand"; of the structure of the assumption of fact, generator of these peculiar obligations, where the following subjective, objective and functionnal elements must be present:
a) Human conduct: an action or omission, which –in its case- may infringe either directly on a specific legal obligation, or the general duty of "alterum non lædere"
b) harmful: the conduct causes harm to another subject,
c) Unlegal: the damage, in itself, tends to be illegitimate, either because it governs the principle "alterum non lædere", and any injury to the legitimate interests of a subject is –"per se"- legal, or because the principle has been infringed "pacta sunt servanda"
d) having a cause/effect relationship, between conduct and damage
e) … and under conditions of capacity-responsibility to the Responsible or Debtor: either because he observed behaviour below the general or special care standards, or because –having created a situation of risk that was beneficial to him- the Law considers it to be fair and equitable to attribute responsibility and liability to him, regardless of his psychological attitude.
These requirements must also be met in the case of civil liability for damage caused by the management of transactions subject to payment services. In principle, therefore, the guilt of the Subject-Agent must exist, because -in principle - we are in the presence of a subjective responsibility, which is deduced from art. 48 of Spanish Act nº 16/2998 entitled "absence of liability":
"The liability established under Chapters II and III of this Title shall not apply in the event of exceptional and unforeseeable circumstances beyond the control of the party claiming these circumstances, the consequences of which would have been unavoidable despite all efforts to the contrary, or in the event that a payment service provider is subject to other legal obligations".
Then if the liability established under Chapters II and III of this Title does not apply in the case of "exceptional and unforeseeable circumstances beyond the control of the party claiming these circumstances, the consequences of which would have been unavoidable despite all efforts to the contrary, or in the event that a payment service provider is subject to other legal obligations", then -through a simple "a contrario sensu" construction exercise- when We met "normal and foreseeable circumstances within the scope of control of the party claiming to invoke these circumstances, the consequences of which would have been avoidable by engaging all efforts to the contrary", the payment service provider giving rise to the harmful event and therefore to the damage… -because it is within the sphere of proper and reasonable control- would be obliged to compensate for such damage, as it is considered to be either proven or alleged - the guilt of the Subject-Agent, whether it is its own… or the people for whom he must answer.
In this sense, since the aforementioned art. 15, Rome II provides that the applicable national law covers -g)- liability for acts of third parties - there is no reason why the provisions of art should not be applied here. 1903, in Spanish CivC:
"The obligation imposed by the preceding article is enforceable not only by the acts or omissions of the article itself, but also by the persons to whom it is to be answered. …
... They are equally so [liable] the owners or directors of an establishment or company regarding the damages caused by their dependents in the service of the branches in which they were employed, or in occasion of their functions. ...
...The liability covered by this article shall cease when the persons mentioned therein prove that they used all the diligence of a good parent to prevent harm".
Well; at this point, it is evident that the Bank of the recipient –Bank of the "State H" - which proceeded to the false order of transfer; rather, to the order of transfer vitiated of error by the falsification committed by the hacker, knowing or warning that –evidently- the Unique Identifier referred to a checking account that was not in the company’s name "A", it acted as a provider of "A" Payment Services, and as a Beneficiary –because to be considered a "beneficiary" you only need to be the "natural or legal person who is the intended recipient of the funds that have been the subject of a payment transaction"; nothing is said about being a contracting, creditor, debtor, or any other condition: to be the intended "addressee". The first thing to be "consignee" - is a term not strictly legal, which seems to be used only in the context of contracts such as transport and some other time. Of course, it does not imply or presuppose the need to meet any legal quality of being a party to a business or contract or an existing legal relationship.
Anyway, it’s art. 29 of Law No 16/2009, under the title "Notification of unauthorized transactions or incorrectly executed payment transactions", provides that:
"1. When the payment service user becomes aware that an unauthorised or improperly executed payment transaction has taken place, he shall promptly inform the payment service provider of the transaction; in order to be able to obtain rectification from it.
2. Except in cases where the payment service provider has not provided or made accessible to the user the information relating to the payment transaction, the communication referred to in the preceding paragraph shall take place within a maximum period of 13 months from the date of debit or payment.
Where the user is not a consumer, the parties may agree on a shorter period other than that referred to in the preceding paragraph".
But although the precept no longer speaks of the "Beneficiary", but speaks of the "User", there is no problem because this second is a broader term… which includes the first, then every beneficiary is, therefore, user of the payment services.
III. - DETERMINATION OF THE COMPETENT JURISDICTION.
Finally, there remains "the another" fundamental problem in conflictual international law: the competent jurisdiction; a subject that art. 15, Rome II… does not mention: says -certainly- that the applicable Law to tort obligations under this Regulation -in this case, the Spanish Law- regulates in particular: "d) within the limits of the powers conferred on the court by its procedural law, the measures that a court may take to ensure the prevention, cessation and reparation of damage…". But this is something quite different to establish that the "lex contractus" determines the "lex fori" or that both must coincide. This art. 15, ROME II, does not say. Quite the contrary, in the Preamble to Rome II, No (6) says –does not "establishes" nor "provides", but simply "says", because we are not in the article- that "the proper functioning of the internal market requires, in order to promote the predictability of the outcome of disputes, legal certainty and the free circulation of judicial decisions which the rules of conflicts of laws in force in the Member States designate the same national law irrespective of the country of the court to which the dispute" and that "independently of the country of the court to which the dispute has been brought" already gives us notice that jurisdictional and procedural matters are alien to Rome II, but the problem does resolve it for us -indirectly, but very explicitly - the same Preamble, whose Nº (7) provides that: "The scope and provisions of this Regulation should ensure consistency with Council Regulation (EC) No 44/2001 of 22 December 2000 on judicial jurisdiction, the recognition and enforcement of judgments in civil and commercial matters (Brussels I), and with the instruments dealing with the law applicable to contractual obligations". Then there is another EU regulation that deals with jurisdictional and procedural issues: Regulation (EC) Nº 44/2001 of the Council of 22.12.2000 on jurisdiction, recognition and enforcement of judgments in civil and commercial matters, better known as the "Brussels I Regulation", where art. 5, numbers 3 and 4 provided as follows: that persons domiciled in one Member State could be sued in another Member State:
"…3) In criminal or other cases, before the court of the place where the harmful act occurred or might occur.
4) In the case of actions for damages or actions for restitution based on an act giving rise to criminal proceedings, before the court hearing the proceedings in so far as, in accordance with its law, that court may hear the civil action…"
Consequently, if we admit that the place of the damage is Spain… then there are solid grounds to conclude that the Hungarian Bank can be sued in Spain. However, account must be taken of the provisions of art. 26, Brussels I:
"1. Where a person domiciled in a Member State is sued before a court in another Member State and fails to appear, that court shall declare itself incompetent ex officio if its jurisdiction is not based on the provisions of this Regulation.
2. This court shall be obliged to stay proceedings until it is established that the defendant has been able to receive the statement of claim or equivalent document in sufficient time to defend himself or that any action has been taken to that purpose.
3. Article 19 of Council Regulation (EC) No 1348/2000 of 29 March 2000 on the notification and transfer in the Member States of judicial and extrajudicial documents in civil or commercial matters(10) shall apply instead of paragraph 2 if the statement of claim or equivalent document is to be sent from one Member State to another pursuant to that Regulation.
4. Where Regulation (EC) Nº 1348/2000 does not apply, Article 15 of the Hague Convention of 15 November 1965 shall apply, concerning the notification or transfer abroad of judicial and extrajudicial documents in civil or commercial matters if the statement of claim or equivalent document is to be sent pursuant to that Convention"
"Brussels I" is currently repealed by art. 80 of Council Regulation (EU) Nº 1215/2012 of 12.12.2012 on jurisdiction, recognition and enforcement of judgments in civil and commercial matters, which provides that: "Regulation (EC) No 44/2001 is hereby repealed. References to the repealed Regulation shall be construed as references to this Regulation and in accordance with the table of correspondence set out in Annex III"
The fact is that this new Regulation is a recasting regulation, rather than amending it as such; which also carries them out - so that the text of former art. 2, paras. 3 and 4 is now the content of the arts. 5th and 7th Regulation (EU) No 1215/2012, which seems to lead to the same result: since Spain is the State in which the damage is caused… it is possible to sue the Hungarian Bank, before the courts of the Spanish Jurisdiction. All this, of course, unless there is a bilateral agreement with "State H", which provides otherwise. In any event, we must recall that, in accordance with art. 15, Rome II, the national law applicable to civil wrongdoing includes the regulation of -h) - the mode of extinguishment of obligations, as well as the rules of limitation and revocation, including those relating to the initiation, interruption and suspension of the periods of such limitation and revocation.
ALL THESE QUESTIONS AND SOLUTIONS ROSE FROM A COUNTERFEIT ELECTRONIC FUNDS TRANSFER
The above question inspired me to the following considerations:
Will all banks change into electronic branches in the future and only online mobile banking will develop?
Please reply
I invite you to the discussion
Thank you very much
Best wishes
- Badges
- Science topic
- Similar topics
- Computer Science
- Research Topics