Maryland Legal Alert for Financial Services

In This Issue

FRAUDULENT WIRE INSTRUCTION SCHEMES CONTINUE

CONSIDER THE DURATION OF CONFIDENTIALITY AGREEMENTS

REGULATORS CONTINUE TO SCRUTINIZE "JUNK FEES"

Fraudulent Wire Instruction Schemes Continue

We continue to hear from many financial institution clients of situations where their customers have been instructed to send vendor payments or funds for real estate closings to fraudsters.

The typical scheme involves a customer unknowingly clicking on a link in a phishing email prior to an upcoming transaction or before making a vendor payment. The fraudster’s link contains malware that permits the fraudster to gain access to the customer’s email account, then the fraudster monitors the customer’s email traffic to identify situations where the customer may be initiating a funds transfer. Once the fraudster identifies a pending payment, the fraudster sends the customer an email informing them that “wire instructions have changed” just before the transaction date. The email appears to originate from the intended payee in the transaction and the customer tells its financial institution to process a wire transfer to the fraudster’s account following the last-minute wire instructions.

Once the funds have been transferred, the customer then hears from the intended payee that funds have not been received and the customer scrambles to have its financial institution contact the receiving financial institution in an attempt to pull back the wired funds. Unfortunately, the fraudster has usually already moved funds from the receiving financial institution.

Who is at fault in a situation like this? Customers often try to blame their financial institution, but usually the sending financial institution has done nothing more than follow the instructions of its customer. Under Article 4A of the Uniform Commercial Code (UCC), a sending financial institution generally isn’t responsible for wire transfers in situations like this if sent following agreed to commercially reasonable security procedures.

An interesting recent case from the United States District Court in the Western District of Pennsylvania highlights why it’s important for sending financial institutions to be careful what they do after a situation like this is brought to their attention. The case involved a customer sending a wire transfer in connection with the purchase of real property. The customer fell victim to a phishing scam like noted above and received last-minute wire instructions from a fraudster. The customer instructed his bank to wire over $143,000 following the fraudster’s wire instructions. Luckily, the customer learned of the misdirected wire transfer before consummating the related real estate transaction. He contacted his bank and asked his bank to freeze his account and attempt to recover the funds that had been sent to the receiving financial institution.  

Almost two weeks after notifying his bank, the customer’s account was credited in the amount of the wire transfer. The customer asked about the credit and was informed by his bank that the amount credited was the amount it was able to recover. Relying on that communication, the customer then proceeded to complete the related real estate transaction. Shortly after sending the purchase price to the correct account, a hold of just over $70,000 was placed on the customer’s account. The customer repeatedly attempted to get more information about the hold from his bank, but his bank apparently ignored him and then debited just over $70,000 from the account.

The customer sued the bank under a number of theories, including breach of contract, promissory estoppel, violations of UCC Article 4A provisions, and violations of Pennsylvania’s unfair trade practices provisions. The court dismissed most of the claims and held in favor of the bank, including dismissal of the UCC claims, as the wire transfer at issue was authorized by the customer and the bank followed the agreed to commercially reasonable security procedures. But the bank’s post-notice behavior caused the court to allow the customer’s breach of contract claims to proceed. Because the bank credited the full amount of the wire transfer and then informed the customer that this amount had been recovered before he proceeded with the related real estate transaction, the court refused to dismiss the breach of contract claim.

This case serves as a reminder that financial institutions must carefully consider in what ways and how promptly they respond to customers in addition to the actions they take following notice of a misdirected wire transfer.

For questions concerning this topic, please contact Christopher R. Rahl.

CONTACT CHRISTOPHER R. RAHL | 410-576-4222

Back to In This Issue.

Consider the Duration of Confidentiality Agreements

Be mindful of the duration of confidentiality and nondisclosure obligations in agreements. Most states, including Maryland, do not require any time limitation. Some courts, such as in Virginia and Florida, have held that confidentiality obligations may need a limited duration so as not to be anticompetitive.  

In any negotiation, there may be conflicting goals. In some instances, the parties may agree that a specific duration is long enough to require an obligation of confidentiality. In other situations, the theory may be that there is no way to know how long certain information will remain valuable if not disclosed, so the duration should be perpetual.  

If one party wants a time limitation, or if the governing law is a restrictive state, an agreement may need to address trade secrets and other confidential information separately to protect the longevity of a trade secret. Even courts that require a temporal limitation do not apply the restriction to trade secrets, although they do apply the limitation rule to other information a company prefers to keep confidential.  

Agreements with perpetual confidentiality requirements should be clear to avoid applying the law of a state that requires time limitations.

In any state, if the nondisclosure obligations are to be perpetual, it is helpful to keep that obligation reasonable, and thus not anticompetitive. A common method of achieving this is to include standard exceptions for information that should no longer be treated as confidential, such as information that is already known, subsequently becomes publicly known, is provided by a third party, or is independently created or discovered. These exceptions could be read as shortening the duration of a confidentiality obligation because they identify a moment in time at which the non-disclosure obligation ceases.  

For more IP and tech insights, check out our “IP Tech Knowledgy” posts here.

CONTACT  NED T. HIMMELRICH | 410-576-4171

Back to In This Issue.

Regulators Continue to Scrutinize "Junk Fees"

In recent weeks, federal regulators have signaled their continued commitment to combating so-called “junk fees”, which have been characterized as unnecessary, unavoidable, or surprise charges to the consumer.

On October 20, 2022, the Federal Trade Commission (FTC) issued an Advanced Notice of Proposed Rulemaking seeking comment as it explores a rule targeting of “junk fees”. The FTC seeks comment on the harms associated with junk fees, including, (i) unnecessary charges for worthless, free or fake products or services, (ii) unavoidable charges imposed on captive consumers, and (iii) surprise charges that secretly increase the purchase price. The FTC noted it is exploring a junk fee rule so that it will have the authority to seek penalties against first-time violators or the ability to obtain redress for consumers in instances in which fees violate the FTC’s prohibition on unfair or deceptive practices.

On October 26, 2022, the Consumer Financial Protection Bureau (CFPB) issued guidance addressing junk fees imposed by banks in connection with deposit account activities. Specifically, the CFPB clarified that banks that charge surprise overdraft fees or indiscriminate depositor fees likely violate the prohibition against unfair acts or practices. Surprise overdraft fees include scenarios when a bank displays that a customer has sufficient available funds to complete a debit card purchase at the time of the transaction, but the consumer is later charged an overdraft fee due to intervening transactions. Indiscriminate surprise depositor fees concern fees assessed to consumers when they attempt to deposit a check that bounces, as the consumer often has no knowledge or control over whether the check will clear.

Practice Point: As regulators continue to appear laser-focused on junk fees across different areas of the industry, financial services providers should be particularly mindful about the fees and charges they assess to consumers.

If you have questions about this topic, please contact Bryan M. Mull.

CONTACT BRYAN M. MULL| 410-576-4227

Back to In This Issue.