Opinion
03 Civ. 4795 (SAS).
April 15, 2008
For Plaintiffs:, Luis A. Romero, Esq., Richard J. Montelione, Esq., Lopez Romero Montelione, P.C., New York, NY.
For Defendant: Christopher M. Houlihan, Esq., Matthew M. Riordan, Esq., Putney, Twombly, Hall Hirson LLP, New York, NY.
OPINION AND ORDER
I. INTRODUCTION
Arnoldo Braga Filho ("Braga") and his wife, Elisabeth Alves Da Silva ("Da Silva") (together, "Plaintiffs"), Brazilian citizens, bring this action against Interaudi Bank, formerly known as Bank Audi (USA) (the "Bank" or "Defendant"), seeking reimbursement of approximately $950,000 for seventeen allegedly unauthorized wire transfers from plaintiffs' account at the Bank. Plaintiffs have moved for summary judgment and defendant has cross-moved for partial summary judgment, together asking this Court to decide (1) whether plaintiffs and the Bank agreed to a security procedure for validating wire transfers, and (2) if so, whether the Bank's security procedure was commercially reasonable within the meaning of Section 4-A-202(2) of the New York Uniform Commercial Code ("New York UCC").
In moving for summary judgment on the issue of commercial reasonableness, defendant concedes that whether it complied with its procedure is a material question of fact not capable of resolution on this motion. By contrast, if granted, plaintiffs' motion for summary judgment would dispose of the case. Hence, plaintiffs' motion is for complete summary judgment and defendant's is for partial summary judgment.
II. BACKGROUND
The facts necessary for resolution of these motions are few and undisputed and are taken from the parties' affidavits and statements pursuant to Local Rule 56.1.
At all times relevant to this litigation plaintiffs resided in Brazil. On October 1, 1999, during a visit to New York City, plaintiffs opened an account ("Plaintiffs' Account") at the Bank's headquarters. During that visit, plaintiffs signed an agreement titled "Telecommunications Instructions Authorization/Indemnification." The Telecommunications Authorization provides, inter alia, that the Bank was authorized "to accept and immediately act upon instructions from [the customer] via telephone, telegram, telefacsimile, untested telex, electronic mail, or any other means of telecommunications." The Telecommunications Authorization further provides that the Bank would "select security procedures for accepting instructions that are commercially reasonable for [the Bank]." Plaintiffs neither requested nor were offered a different security procedure.
See 3/21/04 Deposition of Braga ("Braga Dep.") at 13, Ex. I to Declaration of Matthew Riordan, Attorney for defendant ("Riordan Dec."); Ex. 1 to 3/12/08 Appendix to Plaintiffs' Contentions of Undisputed Facts ("P1. Appx.").
See Plaintiffs' Local Rule 56.1 Statement ("P1. 56.1") ¶ 23; Defendant's Local Rule 56.1 Statement ("Def. 56.1") ¶ 7.
See Def. 56.1 ¶ 8; Telecommunications Instructions Authorization/Indemnification ("Telecommunications Authorization"), Ex. A to 3/11/08 Affidavit of Maryann Seery, Vice President at the Bank's New York City headquarters ("Seery Aff.") ¶ 11.
Telecommunications Authorization.
Id.
See Braga Dep. at 92-94.
A document titled "Funds Transfer Policy and Procedures" contained the Bank's procedures concerning wire transfers for the relevant time period. The Funds Transfer Procedures is an internal document that customers do not receive. It provides that customers may initiate funds transfers through various means, including via e-mail and fax, and includes the following instructions:
See Funds Transfer Policy and Procedures ("Funds Transfer Procedures"), Seery Aff. ¶ 14, Ex. B; Ex. 16 to P1. Appx.
See P1. 56.1 ¶ 18.
See Funds Transfer Procedures.
For All Transfer Requests
1. Verify the signature contained in the written request against the signature card on file or the provided identification and initial the documentation in the reserved area to confirm this step.
2. Confirm the account has sufficient funds to cover the transaction, plus applicable fees, and initial the documentation in the reserved area to confirm this step.
3. Obtain the approval signature of an account officer (preferably, the officer assigned to the account). Transfer requests of $10,000 or more require the approval signature of 2 account officers.
4. Forward all transfer requests to the Paying and Receiving Department for transmission.
Id.
For requests made by e-mail or fax, the Funds Transfer Procedures further instructs:
Funds transfer requests received via e-mail or fax transmission may be made only be accountholders who have signed the Telecommunications Instructions and Indemnity Agreement.
E-mail and fax transfer requests must be confirmed with the customer prior to completion as follows:
1. The transfer request cannot be forwarded to Paying and Receiving for transmission until the customer has been called at the telephone number on file in the Bank's computer system (or the customer calls the bank) to confirm the transfer request. Initial the documentation in the reserved area to confirm this step.
2. When contacted, the customer should provide answers to questions designed to ensure the security of the customer's account, including but not limited to, mother's maiden name, identification number and last deposit made.
3. The confirmation telephone call must be recorded and the date and time of the call should be noted on the transfer request documentation.
Id.
When plaintiffs opened their account, they gave the Bank Braga's then — current home telephone number and an unidentified cell phone number that may have been Braga's former work number. At that time, plaintiffs also signed an agreement authorizing the Bank to "hold" their mail. The "hold" meant that plaintiffs would not receive bank statements as well as other promotional or advisory materials. Hold mail arrangements are a common banking practice in Latin America.
See Braga Dep. at 84, 87-88.
See 8/17/04 Deposition of Sergio Jalil, Vice President of the Bank ("Jalil Dep."), at 39, Ex. 2 to P1. Appx.; Braga Dep. at 87-88.
See Braga Dep. at 87-88.
See Jalil Dep. at 39.
Plaintiffs opened their account at the Bank's New York headquarters as a result of the promotional efforts of the Bank's "representative" branch in Sao Paolo, Brazil. The Bank's Sao Paolo representative office's purpose is to engage in promotional activity directing potential customers to the Bank's New York or Miami branches. In September 1999, when plaintiffs contacted the Bank's Sao Paolo office, they met with Salem Nasser, the manager of that office, who then notified the New York office that plaintiffs planned to open an account there. Braga was originally referred to the Sao Paolo office by Charbel Nicholas and Johnny Hajjar, who both knew Nasser. Nicholas and Hajjar were "money exchangers," meaning that they converted Brazilian currency to dollars.
See id.
See id.
See id. at 15, 34-36.
See id. at 34-35; P1. 56.1 ¶ 5.
See Jalil Dep. at 102-06; P1. 56.1 ¶ 5.
Braga, a lawyer, earned the money that was deposited in Plaintiffs' Account during 1992-1997. At that time, he was employed as a parliamentary assistant in Brazil's House of Representatives. The money came from Braga's work as a sales representative for Georges Kamonn, a professor of engineering. Under the terms of Braga's contract with Kamonn, Braga was to be paid a percentage of the gross amount of port equipment sales from manufacturers to companies connected to Brazil's Ministry of Transportation. The contract required Braga to deposit the money in bank accounts in either New York or Miami. The contract was rescinded in 1997 when Braga was nominated to become a legal consultant to Brazil's Ministry of Transportation.
See Braga Dep. at 17-19, 42.
See id. at 37-54.
See id.
See id. at 53-54.
See id. at 46-48.
Braga was not paid for the work he did for Kamonn until 1999 and 2000. In total, he received approximately $1.7 million. Kamonn paid Braga in cash, and Braga subsequently delivered this money, also in cash, to Hajjar and Nicholas. Hajjar also maintained an account at the Bank in New York, and, after receiving the cash from Braga, deposited the money into his account at the Bank before transferring the funds into the Plaintiffs' Account. Hajjar deposited the approximately $1.7 million into Plaintiffs' Account through fifteen separate transfers.
See id. at 45.
See id. at 52-53.
See id. at 29-34, 56-57, 105.
See id. at 111.
See id. at 105, 107. See also P1. 56.1 ¶ 21.
From the date Plaintiffs' Account was opened on October 1, 1999, until February 13, 2001, no withdrawals were made. However, from February 13, 2001 to August 6, 2001, amounts ranging from $18,425 to $95,000 were transferred out of Plaintiffs' Account by wire transfer. The seventeen transfers totaled $950,925. All of the transfers were initiated by faxes received by the Bank on or prior to the date of each transfer. Braga was never notified in writing about these transfers and the Bank never called him to confirm them.
See P1. 56.1 ¶ 23.
See id. ¶ 24.
See id. ¶ 29; Fax Transfer Requests, Exs. 10 and 11 to P1. Appx.
See P1. 56.1 ¶¶ 26-27.
Before August 2001, Braga called the Bank on one or two occasions to check on the account. When Braga called the Bank on August 13, 2001, the woman he spoke to informed him that she had spoken with Braga many times, and that he was not Braga. Braga was subsequently told that transfers had been made out of Plaintiffs' Account, to another account in his name located at the ABN Amro Bank in Montevideo, Uruguay. At his deposition, Braga stated that on August 20, 2001, he went to the ABN Amro Bank in Uruguay and discovered that Hajjar had opened the account in his name using a false identity card identifying him as Braga. Braga also stated that Hajjar and Nicholas have disappeared.
See Braga Dep. at 112.
See id. at 124.
See id. at 121-28.
See id. at 128, 192-95.
See id. at 164-65.
Plaintiffs have brought this action asserting that these transfers were unauthorized and that the Bank should reimburse them for the lost $950,000. Plaintiffs and defendant have cross-moved for summary judgment on the two issues discussed earlier.
III. APPLICABLE LAW
A. Summary Judgment Standard
Summary judgment is appropriate "if the pleadings, the discovery and disclosure materials on file, and any affidavits show that there is no genuine issue as to any material fact and that the movant is entitled to judgment as a matter of law." The burden of demonstrating the absence of any genuine dispute as to a material fact initially rests with the moving party. The burden then shifts to the non-moving party to "set out specific facts showing a genuine issue for trial." In determining whether there is a genuine issue as to any material fact, "[t]he evidence of the non-movant is to be believed, and all justifiable inferences are to be drawn in [its] favor." When faced with cross-motions for summary judgment, "[t]he court must rule on each party's motion on an individual and separate basis, determining, for each side, whether a judgment may be entered in accordance with the Rule 56 standard." B. New York UCC Section 4-A-202
Fed.R.Civ.P. 56(c). See also Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 247 (1986); Celotex Corp. v. Catrett, 477 U.S. 317, 322 (1986).
See Adickes v. S.H. Kress Co., 398 U.S. 144, 157 (1970); Grady v. Affiliated Cent., Inc., 130 F.3d 553, 559 (2d Cir. 1997).
Anderson, 477 U.S. at 255.
Wright, Miller, and Kane, Federal Practice Procedure § 2720.
The parties agree that New York law governs this transaction. Accordingly, the Court applies New York law. In New York, funds transfers such as the ones at issue in this case are governed by Article 4-A and Section 4-A-202 of the New York UCC. Section 4-A-202(2) provides that when a customer has agreed to a bank's security procedure, the customer will bear the risk of loss if the security procedure was "commercially reasonable" and if the bank followed that procedure. Section 4-A-202(3) defines commercial reasonableness and states that it is a question of law. Section 4-A-201 establishes that a "security procedure" is used to verify the customer's identity and detect communication errors.
See, e.g., Krumme v. WestPoint Stevens Inc., 238 F.3d 133, 138 (2d Cir. 2000) (citations omitted).
Section 4-A-202(2) of the NY UCC provides:
If a bank and its customer have agreed that the authenticity of payment orders issued to the bank in the name of the customer as sender will be verified pursuant to a security procedure, a payment order received by the receiving bank is effective as the order of the customer, whether or not authorized, if (a) the security procedure is a commercially reasonable method of providing security against unauthorized payment orders, and (b) the bank proves that it accepted the payment order in good faith and in compliance with the security procedure and any written agreement or instruction of the customer restricting acceptance of payment orders issued in the name of the customer. The bank is not required to follow an instruction that violates a written agreement with the customer or notice of which is not received at a time and in a manner affording the bank a reasonable opportunity to act on it before the payment order is accepted.
In relevant part, Section 4-A-202(3) of the NY UCC provides:
Commercial reasonableness of a security procedure is a question of law to be determined by considering the wishes of the customer expressed to the bank, the circumstances of the customer known to the bank, including the size, type, and frequency of payment orders normally issued by the customer to the bank, alternative security procedures offered to the customer, and security procedures in general use by customers and receiving banks similarly situated.
Section 4-A-201 of the NY UCC provides:
"Security procedure" means a procedure established by agreement of a customer and a receiving bank for the purpose of (1) verifying that a payment order or communication amending or cancelling a payment order is that of the customer, or (2) detecting error in the transmission or the content of the payment order or communication. A security procedure may require the use of algorithms or other codes, identifying words or numbers, encryption, callback procedures, or similar security devices. Comparison of a signature on a payment order or communication with an authorized specimen signature of the customer is not by itself a security procedure.
In Regatos v. North Fork Bank, which also concerned allegedly unauthorized wire transfers from a Brazilian citizen's bank account in New York, I held that the bank's security procedures were commercially reasonable as a matter of law. In Regatos, the parties agreed to a security procedure that had "three elements: a signed order, a confirmatory phone call (always between [the plaintiff] and [his contact at the bank]), and a signature comparison."
Although comparison of a signature on a payment order to a signature card on file is not by itself a security procedure, see N.Y. U.C.C. § 4-A-201, the signature comparison coupled with the other elements of the security procedure render it commercially reasonable. In particular, the use of a confirmatory phone call placed to the same Sao Paulo representative, who presumably could recognize [plaintiff's] voice, sufficiently ensured that payment orders faxed by [the plaintiff] were in fact authorized by him. Despite the absence of other procedural safeguards such as telephone logs, recorded conversations and passwords, I find the security procedure followed by the Sao Paulo office, coupled with the signature comparison done at the New York office, to be commercially reasonable.
See 257 F. Supp. 2d 632, 646 (S.D.N.Y. 2003), aff'd, 431 F.3d 394 (2d Cir. 2005).
Id.
Id.
IV. DISCUSSION
A. The Parties Agreed on a Security Procedure
By signing the Telecommunications Authorization, the purpose of which was to authorize the Bank to accept and authenticate wire transfer requests, plaintiffs authorized the Bank to "select security procedures for accepting instructions that are commercially reasonable for [the Bank]." Although plaintiffs argue on this motion that their signatures do not demonstrate that they agreed to the Bank's security procedures, their argument is without merit.
Telecommunications Authorization.
Plaintiffs contend that because the Telecommunications Authorization allows the Bank unilaterally to choose a "commercially reasonable" security procedure, it cannot be binding. While plaintiffs may be correct that a bank may not establish commercial reasonableness — a question of law for the Court — simply by stating that its procedures are commercially reasonable, they are incorrect in arguing that the provision allowing the Bank to choose security procedures means plaintiffs did not agree to those procedures. By signing the Telecommunications Authorization, an "explicit agreement," plaintiffs agreed to the Bank's security procedures, so long as they are found to be commercially reasonable. It does not matter that plaintiffs did not know what the Bank's security procedures were because Section 4-A of the New York UCC compels banks to use commercially reasonable procedures. Indeed, a bank that chooses unreasonable procedures does so at its own peril.
Cf. Regatos, 257 F. Supp. 2d at 646.
N.Y. U.C.C. § 4-A-201 cmt. ("The definition of security procedure limits the term to a procedure `established by agreement of a customer and a receiving bank.' The term does not apply to procedures that the receiving bank may follow unilaterally in processing payment orders.").
See Regatos v. North Fork Bank, 5 N.Y.3d 395, 402 (2005) ("[T]he policy behind article 4-A encourages banks to adopt appropriate security procedures. Only when a commercially reasonable security procedure is in place (or has been offered to the customer) may the bank disclaim its liability for unauthorized transfers (UCC 4-A-202).").
B. The Bank's Security Procedures Were Commercially Reasonable
Plaintiffs barely contest the commercial reasonableness of the Bank's security procedures. The Bank's Funds Transfer Procedures required that transfer requests made via fax could only be initiated after completion of three steps in addition to the mandatory signature comparison and other checks required for all transfers. First, fax requests had to be confirmed by telephone call to the customer. Second, the customer had to answer security questions, such as mother's maiden name, or identification number and last deposit made. Finally, the call had to be logged and recorded.
These procedures are similar to the ones I considered in Regatos. The most important difference is that in Regatos the parties' course of performance established that the confirmatory phone call would be made only between the plaintiff and a single previously-identified bank agent. Here, no such restriction was in place and none arose through any course of dealing. In Regatos, I found that using the same representative was advantageous because the representative "presumably could recognize [plaintiff's] voice." However, in Regatos there were no challenge questions and no telephone logs as there were here.
See 257 F. Supp. 2d at 646.
Id.
I now find that the required challenge questions and telephone logs make up for the loss of the voice-recognition procedure used in Regatos. Accordingly, I find that the Bank's procedures were commercially reasonable. Although plaintiffs argue that the confirmatory callback process would have been more secure had it required the Bank to initiate the call and required the customer to know a password or code, it is far from clear that even these stricter security procedures would have made a difference. Whoever made these requests had access to all the necessary information, and even became so convincing an imposter that when the real Braga called he was told he was not Braga. Clearly, once the first transfer went through, the only safeguard left was Braga's own monitoring of the account, which meant that the unauthorized transfers were not discovered until six months after they began.
See N.Y. U.C.C. § 4-A-203 cmt. 4 ("A security procedure is not commercially unreasonable simply because another procedure might have been better or because the judge deciding the question would have opted for a more stringent procedure. The standard is not whether the security procedure is the best available. Rather it is whether the procedure is reasonable for the particular customer and the particular bank, which is a lower standard.").
V. CONCLUSION
For the foregoing reasons, plaintiffs' motion for summary judgment is denied and defendant's motion for partial summary judgment is granted. A trial has been scheduled in Courtroom 15C for April 28, 2008. The Clerk of the Court is directed to close these motions (nos. 24 and 27 on the docket sheet.) The parties are directed to appear at a conference in Courtroom 15C on April 22, 2008 at 2 p.m.
SO ORDERED: