Patco Construction company in Maine, USA lost nearly $589,000 after their bank failed to notify them that thieves put through six wire transfers.
Ocean Bank flagged these transactions as high risk (given that they didn’t match the timing, value and geographic location of Patco’s typical payment orders), but yet failed to notify Patco, allowing the bogus transfers to go through unchecked. The technology and systems were in place to flag high-risk transactions, but there was no follow-through which resulted in the online robbery.
Although Ocean Bank managed to claw back $243,000, to give to Patco, they still failed to repay them the rest of the money. Ocean Bank were then taken to court, and it was concluded by the judges that the bank’s “security system was commercially [un]reasonable”, violating Article 4A of the UCC.
Naked Security, who also reported on this feature said, “As the judges made clear, responsibility for strong security doesn’t reside only with financial institutions. Customers, be they individuals or businesses, must do their part.”