Legal remedies for victims of investment scams: the decision in Hamblin v World First

13 May 2022

Introduction

The case of Hamblin v World First 2020 EWHC 2383 (Comm), decided by His Honour Judge Pelling QC, “the Judge”, in the London Circuit Commercial Court, is topical because it represents a claim made by the victim of a scam, Mr Hamblin, to recover his losses not directly from the fraudsters as the direct beneficiaries of the scam, but from the payment service provider, here World First,  the company that received the monies from Mr Hamblin into an account set up by the fraudsters, and which, acting on instructions from those fraudsters,  arranged for the onward payment of those monies. No allegation of dishonesty was made against the payment service provider nor was it suggested that the payment service provider had actual knowledge of the scam.

The case is of interest because it involves a novel approach to bringing a claim designed to overcome the difficulty that Mr Hamblin was not a direct customer of the payment service provider. But an important qualification is that the case involved the refusal of an application made   by the payment service provider to strike out the claim; the Judge  decided only that the claims made by Mr Hamblin were reasonably arguable and, save in one respect, the Judge did not make any definitive legal rulings. Nor did the Judge make any factual findings, the case proceeding on the assumption that the facts pleaded in the Particulars of Claim were true.

However the case has received attention from commentators on banking law and the author of this article, who appeared as Counsel for  Mr Hamblin, believes that the arguments put forward on the Claimant’s behalf are correct

Factual background

Mr Hamblin was the victim of a foreign exchange scam. He thought he was investing in an organisation known as CEX Markets engaged in foreign exchange dealing, encouraged by the promise of good but not exorbitant gains. The fraud was elaborate and persisted for over a year. The fraudsters set up a website enabling Mr Hamblin to log on to ascertain on a daily basis the extent to which his “investment” had supposedly increased in value. Mr Hamblin was able to speak by telephone with a representative of the fraudsters – whom he never met – and was able to email someone claiming to be an administrative assistant within CEX Markets.

Sadly there came a time when Mr Hamblin discovered that he could no longer log on to the website and when his emails to the administrative assistant of CEX Markets went unanswered. The sham existence of CEX Markets came to an end and the fraud was exposed. He had lost all his investment.

A Norwich Pharmacal application yielded information about how the fraud had been perpetrated as set out in the judgment of the Judge. In short, the fraud involved using the identity documents of an another member of the public who had himself been a victim of scam, who can be referred to as Z. Z had  provided genuine money laundering documentation at the behest of  fraudsters involved in the  other scam in which Z had himself previously been defrauded. 

The fraudsters then incorporated a company at Companies House and named Z as sole shareholder. The fraudsters chose a company name that was very similar to the name of another legitimate payment service provider. This practice of setting up companies with misleading names is a common modus operandi of fraudsters engaged in this type of activity, and the company set up with the misleading name, which was registered at Companies House, is referred to as the “clone company” (named Moorwand NL Ltd in the Hamblin case).

The fraudsters then opened an account with the payment service provider in the name of the clone company;  Z was identified on the application form to open the account as the sole director of the clone company. The money laundering documentation previously provided by Z  as part of the earlier scam were utilised by the fraudsters to satisfy the money laundering checks carried out by the payment service provider.   Needless to say Z had no knowledge of the use to which his documents were being put and had no knowledge of the setting up of the clone company.

Once the account was set up with the payment service provider, Mr Hamblin was directed by the fraudsters to pay his “investment” into this account and the fraudsters then gave instructions by email to the payment service provider for payments to be made out of the account. The fraudsters had acquired an email address that bore similarities to the name of the clone company. It is a sad fact that it is too easy to acquire an email address that gives a misleading impression of a connection with a different legitimate entity.

It was on the basis of these assumed facts, which were not admitted by the payment service provider, that the strike out application was decided.

No direct relationship

An initial obstacle to a claim by someone in the position of Mr Hamblin is that there was never at any stage any direct contractual relationship between Mr Hamblin and the payment service provider.  In other words, Mr Hamblin was not the account holder enabling the  payment service provider to argue that, in far as a duty of care existed, known as the Quincecare duty of care (after the case of Barclays Bank v Quincecare 1992 4 All ER 363 in which such a duty of care was first recognised), then it was not owed by the payment service provider to Mr Hamblin but to the clone company as customer.

The line of argument that a payment service provider owes no duty of care to any third party other than the customer, has been reinforced by the recent decision of the Isle of Man High Court, Staff of Government , Appeal Division, in the case of Royal Bank of Scotland International Ltd v JP SPC 4, 9th March 2020. That case involved a scheme for the provision of litigation funding by way of loans to solicitors. The monies received from investors were paid into and out of a client account opened by a company controlled by alleged fraudsters. Unfortunately the fraudsters, on the basis of the assumed facts, misappropriated certain of the monies and the investors, on the basis of their beneficial entitlement to the monies in the client account, alleged that the Bank owed them a direct Quincecare duty of care. The Staff of Government,  Appeal Division,  struck out the claim made by the investors on the basis that the Bank owed no duty to any third party, here the beneficiary entitled to the monies in the client account, notwithstanding that the Bank was well aware that the account in question was a client account and was also aware of the identity of the claimant as the party beneficially entitled to the monies in the account.

This decision has been appealed to the Judicial Committee of the Privy Council and the judgment of that Court is awaited shortly. However it may be a significant feature of that case that the company that opened the account, the company controlled by the fraudsters, was not made a party to the proceedings.

Likewise, in relation to the obligations owed by a payment service provider pursuant to the Payment Service Regulations 2017, the Regulations confer certain rights as against the payment service provider in favour of the “payer”, defined in regulation 2(1) by reference to the person who “holds the account” in question. This definition arguably does not extend to the person beneficially entitled to the monies in  a client account but by whom the account has not been opened.

The approach adopted in the Hamblin case

The solution to this difficulty adopted in the Hamblin case was for Mr Hamblin to bring a derivative claim seeking to stand in the shoes of the clone company in the name of which the account was opened. The Judge in his judgment held that it was reasonably arguable that Mr Hamblin was entitled to bring such a derivative action.

The first stage of the analysis was to argue that the monies held in the relevant account in the name of the clone company were held on trust for Mr Hamblin, a trust that arose at the time when Mr Hamblin was duped into paying the money into the account. The existence of a trust was asserted on two bases. The first was on the basis that the scheme documents generated by the fraudulent CEX Markets scheme created on their true construction a Quistclose trust. The second basis was more fundamental, that a trust arose pursuant to the Court of Appeal decision in Halley v Law Society 2003 EWCA Civ 97 which provides that a trust arises in circumstances  and at the time when money is advanced under a contract that is fictitious. Mr Hamblin argued that the scheme by which he sought to invest in CEX Markets was precisely such a fictitious arrangement and the Judge  found that this was reasonably arguable.

The second stage of the analysis is to argue that Mr Hamblin is entitled to bring a derivative action. The normal rule is that only a trustee- here the clone company- can bring a claim to recover trust monies not a beneficiary. But the rule is not absolute and a beneficiary may bring a derivative claim in his or her own name where the trustee commits a breach of treats or in other special circumstances. The Judge  considered it reasonably arguable that the circumstances here were sufficiently special to allow Mr Hamblin to bring a derivative claim. it is a procedural requirement of a derivative action that the trustee should be joined as Defendant in the derivative action, which is why in the Hamblin case, the clone company was made Second Defendant.

The substantive remedy: want of authorisation

The first way of putting the claim on the part of Mr Hamblin was to argue that the payments made out of the account were never authorised and that therefore the account should be restored to the position it would have been in if the unauthorised payments had not been made. It has long been held at common law that a banker must reimburse a customer for unauthorised debits made from the account. This is because it is a fundamental aspect of the operation of the account that only withdrawals authorised by the customer should be debited to it. However in appropriate circumstances the customer may be estopped by his or her conduct from saying that he or she did not authorise the payments in question. Conduct giving rise to an estoppel in these circumstances  may include want of proper care on the part of the customer: Greenwood v Martins Bank 1933 AC 51.

On the assumed facts in the case of Hamblin, it appeared from a search undertaken at Companies House that there was never a director appointed to the clone company; accordingly there was never anyone in a position to authorise the payments out of the account and so the payments made out of the account were as a matter of law unauthorised and liable to be reimbursed by the payment service provider. Likewise, in circumstances when the only person appointed as a director had no knowledge of his or her appointment,  the purported instructions given by  the clone company by way of email from the fraudsters can also said to have been unauthorised by the clone company and therefore liable to be reimbursed by the payment service provider. The Judge  in the case of Hamblin found these contentions reasonably arguable so as to preclude striking out.

In fact a parallel obligation binding on the payment service provider to reimburse the payer for unauthorised payments is imposed by regulation  76 Payment Service Regulations 2017. These Regulations do not, unlike the position at common law, provide that want of care on the part of the customer is a bar to reimbursement. But the Regulations do contain a time limit within which a claim to reimbursement must be notified to the payment service provider, regulation 74, and this may prove to be an impediment in some cases.

The substantive remedy: breach of a duty of care

The other way in which Mr Hamblin put his claim before the Judge  was to argue that the payment service provider was in breach of the well-known Quincecare duty of care. The Quincecare duty is a duty not to give effect to a payment instruction without further investigation in circumstances in which the payment service provider has been put on inquiry as to the propriety of the payment instruction.

The Quincecare duty of care has been given fresh impetus by the recent decision of the Court of Appeal in Philipp v Barclays Bank UK plc 2002 EWCA Civ 318 in which it was argued unsuccessfully on the part of the Bank that the duty only applied in circumstances when the payment instruction was given by an agent of the customer (such as the director of a corporate customer) and did not apply at all in circumstances in which the customer gave the payment instruction directly, (as was the position in the Philipp case). Whilst this aspect of the Phillip claim is not of direct relevance to the Hamblin case, because the instruction given on behalf of the clone company, if authorised at all, must have been given by an agent of the clone company, the decision of the  Court of Appeal is of interest in that, at [76] of its judgment, it approved the statement that the Quincecare duty is in accordance with “sound policy” in that “in the fight to combat fraud, banks with the relevant reasonable grounds for belief should not sit back and do nothing”. The standard of care will be determined by reference to ordinary banking practice which will be a matter for expert evidence.

The only definitive ruling made by the Judge  in the Hamblin case was his decision that breach of  the Money Laundering Regulations (currently the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017) did not in itself give rise to a civil remedy in favour of Mr Hamblin. However the Judge  also found that the context provided by these Regulations was relevant to the standards expected of a reasonable banker and thus to the Quincecare duty of care. These Regulations will be of particular importance in a case where a scam account has been opened and operated by a payment service provider as in the Hamblin case.

Summary

In short, the Hamblin case may provide a basis by which a victim of a scam may make a claim directly against the payment service provider on the basis that the payments made out of the relevant account by the payment service provider were either made without authorisation, or were made in breach of the Quincecare duty of care. The legal arguments, accepted by the Judge  as being reasonably arguable in the Hamblin case, await definitive determination following a trial as opposed to summary application. However a review of case law in this area suggests that this type of claim does not often proceed to a full trial.

                                                                                                Alexander Hill-Smith

            New Square Chambers

            Lincoln’s Inn

            10 May 2022

 

 

 

 

 

 

 

                                                                                       

Contributors

Alexander Hill-Smith