Pallabh Bhowmick v. Ombudsman, Reserve Bank of India

Raj PagariyaCase Summary

Liability of the bank in a case involving refund fraud by asking the victim to install an app

Pallabh Bhowmick v. Ombudsman, Reserve Bank of India
(2022) 5 GLT 292 : AIR 2023 (NOC 420) 164 : (2023) 4 Gau LR 366
In the High Court of Gauhati
WP(C) 1900/2022
Before Justice Suman Shyam
Decided on September 30, 2022

Relevancy of the Case: Liability of the bank in a case involving refund fraud by asking the victim to install an app

Relevant Facts of the Case

  • The petitioner purchased a garment online from Louis Phillipe’s store. He wanted to exchange the product for a refund.
  • The fourth respondent pretended to be the company’s customer care manager. He asked the petitioner to download a mobile app to avail of the refund of ₹4,000. The petitioner downloaded the said mobile app.
  • Shortly afterwards, a sum of ₹94,204 was siphoned off from the petitioner’s bank account in three separate online transactions.
  • The petitioner informed the second respondent, State Bank of India, about these three transactions and requested to cancel them.
  • Moreover, Louise Philippe later sent an email stating the hacking of their customer database. This resulted in the present fraud.

Prominent Arguments by the Advocates

  • The petitioner, appearing in person, argued that he sought all possible methods to redress the matter. He did not share any OTP, MPIN, or passwords with the fraudster, thus absolving him of liability. He further relied on Clauses 9 and 10 of the 2017 RBI Guidelines on this subject matter.
  • The second respondent’s counsel submitted that the petitioner was negligent in sharing personal data with the fraudster. Hence, the bank was not liable to pay the damages. The counsel relied on Clause 7 of the same circular.

Opinion of the Bench

  • The petitioner was not negligent, as the bank could not establish that the petitioner shared any OTP/MPIN with the fraudster. The bank did not bother to file an FIR, request a chargeback, or make a complaint to the cyber cell.
  • The online transactions were not authorised. Louis Philippe is equally responsible for data breach, resulting in fraud.

Final Decision

  • The court disposed of the writ petition and directed the second respondent, SBI, to transfer the siphoned money back to the petitioner’s account.

Nikita D’Lima, an undergraduate student at NMIMS School of Law, Navi Mumbai, and Risha Thomre Rajani, an undergraduate student at NMIMS Kirit P. Mehta School of Law, Mumbai, prepared this case summary during their internship with The Cyber Blog India in May/June 2023.