The United States Court of Appeals for the Eleventh Circuit issued an opinion addressing a bank’s obligations to adhere to an agreed upon security procedure prior to a funds transfer. Plaintiff filed suit against defendant to recover monies transferred, in an allegedly fraudulent payment order, to an individual in a foreign country on the grounds that defendant failed to comply with the agreed-upon security procedure. The lower court granted judgment for defendant based upon language in the governing funds transfer agreement between it and plaintiff which set forth a specific security procedure for authenticating requests for funds transfer. The funds transfer agreement between defendant and plaintiff contained language that the bank “may use…any other means to verify any payment order or related transaction.
Interpreting Florida’s analog to Article 4A of the UCC, which governs practices for transfers of customer funds upon electronic or written orders, in the event of a fraudulent or unauthorized transfer, the Eleventh Circuit rejected the lower court’s interpretation of the “may use…any other means” language. Noting that such language did not modify or supplant the steps called for by the security procedure itself, the Court held that the language did not amount to “an agreement by [plaintiff] that the bank had the power, at its sole discretion, to select any security procedure as long as the procedure was commercially reasonable.” Moreover, the Court dismissed the bank’s argument that the agreed-upon procedure, was in fact a “security procedure” under Florida law, which, along with Article 4A of the UCC, creates a safe harbor against liability for fraudulent transfers where a bank can demonstrate that it adhered to a pre-agreed verification process prior to completing the transaction.
While limited on its face to a question of Florida law, the reasoning behind the Eleventh Circuit’s ruling is likely of broader import in that it adopts a strict and narrow interpretation of the terms of a fund transfer agreement, holding that a bank cannot rely on the loss-shifting provisions of Article 4A unless it adheres strictly to the security procedures set forth in the agreement. The opinion thus weighs against arguments commonly made by bank defendants in support of loss-shifting where they may have failed to adhere strictly to the defined security procedures but nonetheless applied commercially reasonable means of authenticating a funds transfer request.