James Paul 
While data leaks are constantly exploding in France, a slight legislative change may cost the victims of banking scams dearly. Because banks will be able to assert a stronger defense against their stolen customers.
“” Negligence »»
From now on, the victims of phishing or spoofing can no longer refer to the civil code, that is to say common law which governs relations between individuals and contracts, to obtain a sharing of responsibility with their bank. They are limited to the only monetary and financial code, resulting from a 2007 European directive. Although generally favorable, It allows banks to refuse any refund in the event of ” negligence ».
This follows a request from Banque Populaire Alsace-Lorraine-Champagne, reports The worldthis having argued that the regime of the monetary and financial code is considered to be ” exclusive application ». And this is a notable difference.
For example, If you are deceived by a phishing attempt and you click on the link, you can be found guilty of serious negligencewhich will prevent you from requesting sharing of responsibility with the bank, it may refuse any reimbursement if it proves your negligence. Until then, even if you had committed serious negligence, as responding to a fraudulent email, you could still obtain a sharing of responsibility by invoking the Civil Code.
Beware of false advisers
Same story in case of spoofing, which corresponds to the usurpation of electronic identity. Previously, if you were trapped by a false banking advisor, this was generally not considered serious negligence. But now, and you’ve probably noticed it, banks regularly warn their customers about the various types of scams. They indicate, for example, that they never ask for secret code by phone.
Thus, if you communicate your confidential information to a malicious person anyway, you may be deemed imprudent and lose all recourse to sharing responsibility.
Shorter
In the event of a fraudulent transfer where the IBAN has been modified, the responsibility depends on the moment when the modification took place. If your computer has been hacked and the IBAN modified before you did not send the order to your bank, it is not required to reimburse you because it considers having executed your instructions correctly.
On the other hand, if the fraudulent modification took place after your sending, in the banking systems, the establishment must reimburse you in full. Note that an improvement is scheduled for October 2025: banks will have to check the concordance between IBAN and the identity of the recipient account holder, which will strengthen protection against this type of fraud.
The change of scheme also modifies the deadline to file a complaint in the event of a fraudulent operation: while it was five years within the framework of the Civil Code, it increases to thirteen months maximum after the flow.
- Now, victims of banking scams can no longer invoke the Civil Code, but only the Monetary and Financial Code.
- It is more favorable to banks, because they may refuse a refund in the event of “ negligence »Of the customer.
- This may concern click on a phishing link, or give your identifiers to a false banking advisor.
By: Bitdefender
