Bank Fraud: French Supreme Court Broadens the Scope of “Gross Negligence” by Bank Customers
Cass. com., 4 mars 2026, n° 24-19.588
A bank customer was contacted by an individual who, through caller ID spoofing, displayed the official telephone number of the customer’s bank branch and falsely claimed to be a bank adviser. The caller instructed the customer to log into the bank’s mobile application in order to cancel allegedly fraudulent transactions. After following these instructions, the customer unknowingly authorised several fraudulent debits from his account.
The customer instituted proceedings against the bank seeking compensation. Both the trial court and the court of appeal held the bank liable, finding that the customer had not acted with gross negligence within the meaning of Articles L.133-16 and L.133-19 of the French Monetary and Financial Code.
The French Supreme Court overturned that decision and ruled in favour of the bank. It held that the customer had failed to pay sufficient attention to the bank’s authentication messages, which expressly referred to “payment validation transactions” and should therefore have alerted him to the suspicious nature of the instructions given by the purported bank adviser.
Key takeaway: even where fraud is committed through caller ID spoofing, a victim may still be found to have acted with gross negligence if the fraudulent nature of the transaction could reasonably have been detected from the authentication message sent through the bank’s application. In this case, the customer had received a message clearly requesting confirmation of an online payment, which was inconsistent with the alleged adviser’s explanation that the operation was intended to cancel fraudulent transactions.
Practical implication: although fraud schemes are becoming increasingly sophisticated, customers are still expected to exercise a high degree of vigilance when authorizing banking transactions.
Read our LinkedIn post on the subject here.