Make a complaint
Home chevron-big Guides & cases chevron-big Case notes chevron-big Cards - 64757 chevron-big

Bank failed to prove lack of reasonable care when entering PIN

Categories:
Cards and PINs, Fraud & scams,
Summary:
Marcel visited several bars while overseas on a business trip. He was carrying a wallet containing two credit cards, one of which had been issued through his bank. At the last bar he visited, he paid for his drinks with his non-bank card. It seems someone in the bar watched him enter his PIN and then pickpocketed his wallet. The thief correctly guessed that Marcel used the same PIN for both cards and spent $30,000 on the bank card. The bank told him it would not compensate him because it believed he had disclosed his PIN and therefore contributed to the loss.
Published:
December 2020

Our investigation

Under the Code of Banking Practice, banks must compensate customers for fraudulent and unauthorised transactions on their card unless customers have breached the terms and conditions of their card or failed to take reasonable steps to protect their banking details, such as their PIN.

The card’s terms and conditions did not prohibit the use of the same PIN for different cards (something many banks do, in fact, prohibit). We concluded Marcel did not breach the card’s terms and conditions on that score.

We did not agree with the bank that Marcel had breached the card’s terms and conditions by “disclosing” his PIN. Marcel was observed entering his PIN without his knowledge. This did not amount to disclosure. Instead, the bank should have considered whether Marcel had taken reasonable care to prevent anyone observing him when he was entering his PIN.

In our view, the available information indicated he had taken reasonable care when entering his PIN.

Outcome

The bank offered to reimburse Marcel for all unauthorised transactions, plus all interest that had accrued on the debt. He accepted the offer.

Print this page

Latest Case Notes

November 2024

Mistaken payments /

Bank not liable for $35,000 customer accidentally sent to wrong person

In November 2022, Petra made a payment of $10,000 intended for her son’s company account to another …

Read full case note

November 2024

Closing accounts /

Bank’s closure of customer’s accounts based on flawed assessment of her behaviour

In May 2023, Poppy had trouble opening a term investment because branch and contact centre staff gav…

Read full case note

November 2024

Fraud & scams /

Elderly scam victim’s string of payments should have aroused bank’s suspicions

In 2021, Alice, an 84-year-old pensioner, received a Facebook message from a friend of a friend reco…

Read full case note