Background of the Case
In 2009, the High Court made a landmark ruling in a case where a customer (Mr. Shah) claimed that his bank (HSBC) declined to process transactions while the consent under Proceeds of Crime Act 2002 (POCA) was pending with the serious Organized Crime Agency (SOCA). This is the latest case in a series of court rulings in favour of banks. Consequently, customers will now face an uphill task in disputing the decision of bank to make a suspicious activity report (SAR). Nonetheless, this case lends credence to the hypothetical prospect of a customer taking legal action against a bank for its failure to take reasonable caution in making a SAR to SOCA (Smith 2011).
The Shah and Another v HSBC Private Bank (UK) LTD (2009) EWHC (QB) case was initiated by Mr. Shah, a customer of HSBC. The bank alleged that the funds in their account were proceeds of criminal activities. HSBC sought permission from SOCA, on several occasions, to transfer the funds out of the account. As a result, the bank delayed to transfer the funds as it awaited approval from SOCA. The complainant was also notified by the bank that his instructions would not be implemented immediately pending approval from SOCA. Consequently Mr. Shah was accused by Zimbabwe authorities for engaging in money laundering in UK. Mr. Shah’s assets and investments were then seized leading to a loss of $300 million (Smith 2011).
The Shah and Another v HSBC Private Bank (UK) LTD (2009) EWHC (QB) is among a series of litigations in which customers (whose funds transfer requests have been declined or delayed) have initiated legal proceedings against their banks for contravention of the bank mandate. In numerous instances, customers have failed to get a favourable ruling in such litigations. For example, the K LTD V NAT WEST BANK LLTD (2007) 1 WLR 311 adopted a low threshold test for money laundering suspicion (Smith 2011).
Mr. Shah sought to challenge the application of K LTD V NAT WEST BANK LLTD (2007) 1 WLR 311 case in two main ways. First, he argued that if the money in the account was actually not proceeds from money laundering activities, then it would have been legal for HSBC to comply with his instructions. Consequently, it was asserted that the contractual rights of the customer could not have been delayed by misdemeanor. Second, Mr. Shah challenged the K Limited v National Westminster Bank plc suspicion test by asserting that any suspicion must be rational and not mechanical or self-induced. However, the judge dismissed this argument as an unwarranted gloss on K Limited and POCA. The judge explained that:
To be a suspicion rather than a mere feeling of unease it must be thought to be based on possible facts, but the sufficiency of those possible facts as a grounding for the suspicion is irrelevant, unless good faith is in issue (Smith 2009).
The consequences of bank’s suspicion
The High Court ruling in the Shah and Another v HSBC Private Bank (UK) LTD (2009) EWHC (QB) case has far-reaching implications for customers who take legal actions against banks. Financial institutions stand to benefit from this ruling because it underpins the message that the court will not lend credence to any proof submitted that the bank was unjustly suspicious. Nonetheless, the employment of a low suspicion threshold lends weight to the importance of banks ensuring that their staffs are sufficiently trained so that they can swiftly pick up red flags and alleviate the risk of legal proceedings against the bank for not reporting suspicious transactions. With respect to mechanical suspicion, the court ruled that if a suspicion was produced by a computer programme and not by staff, then it would not qualify as an admissible suspicion for the purposes of POCA. The significance of this ruling is that banks must properly assess any red flags raised by an automated monitoring system before they submit them to SOCA (Smith 2009).
A similar comparison can be made with K LTD V NAT WEST BANK LLTD (2007) 1 WLR 311 where the customer agreed to procure cell phones for £235,000 and sell them later for £215,000 (which means that he would lose £20,000). However, he expected to make profit by reclaiming VAT since these products were to be exported. Nevertheless, the bank declined to adhere to his instructions to pay the purchase price. The customer then sought court orders to compel the bank pay the required amount as per his instructions. However, the bank’s lawyers argued that the Revenue and Customs failed to grant authorization although the bank had submitted a disclosure. As a result, the bank could not pay the stated sum. On the other hand, the claimant argued that the disclosure did not qualify as an admissible proof since the bank was suspicious of the transaction yet it failed to name the staff member who raised the suspicion. The court ruled against the claimant since it was deemed illegal for the bank to carry out the customer’s instructions without prior authorization (Longmore 2010).
Another good illustration relates to Joachimson v Swiss Bank (1921) case in which the judge describes the association between the bank and its customers as one that entails commitments from both sides and entails a number of conditions. For example, the bank assumes the responsibility of receiving money and cheques on behalf of its customers. The money and cheques collected by the bank must not be kept in trust (on behalf of the customer), but the bank borrows them and promise to release them when needed. The promise includes an agreement to repay the amount (or part of it) against the customer’s written order. In addition, the customer assumes reasonable caution when carrying out his/her written instruction to avoid misleading the bank (Kilonzo 2007, p. 325).
Another salient issue raised in this case relates to the manner in which financial institutions make their reports. Mr. Shah claimed that the bank had an implicit contractual responsibility to take rational case in making SARs as soon as possible. The High Court’s decision in Shah’s case implies that banks must ensure that their anti-money laundering staffs have sufficient resources to detect suspicion transactions. If they fail to do so, it may result in delays in the manner in which they handle SARs/transactions. It might also increase the risk of a legal proceeding by the customer even in situations where it was correct that the issue be submitted to SOCA. As a matter of fact, the FSA (in its Financial Risk Outlook 2009) stated that:
At a time when banks may be under pressure to cut costs, they need to guard against the risk that risk management and control functions could suffer. This applies not just to management of financial risks, but also to …managing risks of fraud and financial crime (Smith2009).
The court also declined the argument by Mr. Shah that the bank should have asked for advance permission to future fund transfers. The judge argued that it was hard for HSBC to seek and acquire permission to transfer the funds until the details of the transactions are established. This ruling is quite helpful since banks experience difficulties in convincing SOCA to grant general approval with respect to operation of an account. The message conveyed by the judge suggests that customers will have a limited leeway to protest about which transactions the bank report. What’s more, if a SAR is made, the bank may be under a legal obligation to handle it swiftly and efficiently (Smith 2011).
The common law duty of Secrecy
Financial institutions are protected from breach of confidentially claims by section 338[4] of POCA. Mr. Shah asserted that since the funds in the account were not proceeds from money laundering activities, HSBC would not have breached any law by processing the transfers without consent from SOCA. The claimant asserted further that SARs did not qualify as authorized disclosures within the framework of s.338 and not protected by s.338 [4]. Nonetheless, the judge ruled that the disclosures were done under s.338, asserting that “that is how POCA works”. The judge stated that HSBC was unable to discern whether the funds in the account were proceeds of money laundering activities at the time of making a SAR. The significance of this ruling is that banks must adhere to s.338 to ensure customer confidentiality (Smith 2011).
The obligation to keep some information secret emerges from the situations where the information was obtained or communicated. The Tournier v National Provincial & Union Bank of England is one of the cases where a court was requested to assess the scope and existence of the bank’s duty of secrecy. Tournier held an overdrawn account at National Provincial & Union Bank of England. Tournier’s failure to repay the amount as per the agreement compelled the bank manager to seek Tournier’s contact information from his employer.
During discussions, the manager disclosed (to Tournier’s employer) that Tournier refused to refund the overdrawn amount as promised and had instead approved cheques for a bookmaker. As a result, Tournier’s contract of employment was terminated and he sued the bank for breach of confidentiality. Although the court ruled in favour of the bank, Tournier appealed the decision and obtained a favourable ruling. The Court of Appeal ruled that banks must adhere to a strict duty of secrecy in all issues related to their customers’ information, account transactions as well as securities and guarantees (Dechent 2009, p.28).
Nonetheless, the appeal judges held diverse opinions about the precise scope of duty of secrecy. For instance, Lord Atkins argued that the duty encloses information gathered from other sources apart from the account of the customer. Some exceptions to the duty of secrecy were nonetheless established.
For example, it did not apply in the following situations: when confidential information was revealed under compulsion of law; disclosure was done to protect the bank’s interests; disclosure was done in the in interest of the public; and the customer consented to the disclosure. Although it is commonly perceived that the bank’s duty of confidentiality is a required to protect confidential information of the bank’s customers, it does not safeguard interests of other groups, such as providers of securities. As a result, such providers are left vulnerable to the principle of caveat emptor. Their only course of actions depends on their ability to appeal to the four exceptions mentioned above (Dechent 2009, p. 29).
Public interest immunity
The identity and confidentiality of those who report SARs has been a persistent issue for reporting institutions. In some instances, disclosing information related to reporting staff members can compromise their safety especially in cases that deal with dangerous crimes. What’s more, the likelihood that the identity of the reporting staff might be revealed can have an adverse effect on the efficiency of reporting system on money laundering activities. While bank employees are legally bided by the statutory law to raise red flags on suspicious transactions, they might be unwilling to do so especially if they are not granted anonymity.
In other cases (with dissimilar set of facts), it might be relevant to disclose identities of the reporting staff. However, the ruling made in the Shah and Another v HSBC Private Bank (UK) LTD (2009) EWHC (QB) case does not offer any blanket security for financial institutions. The arguments by the claimant in this case were somewhat weak and the threshold for suspicion (which the bank will require to demonstrate that it triumphed in making its SARs) is low. However, the situation might be different if there was some positive proof of bad faith. The information on the identity of the reporting staff might then weaken HSBC’s case. As a result, HSBC would be compelled to rely on PII arguments to oppose disclosure (Smith 2011).
In addition, the Shah v HSBC case can be used as an apt example to stress the importance of banks setting up suitable systems within their organizations to ensure that any suspicious transactions that result in SARs are appropriately documented before they are submitted to SOCA. Having an aptly evidenced audit trail of suspicious money laundering transactions will enable the bank to establish the authenticity and rationality of the reported suspicion. In addition, the bank will be able to reduce the possibility of the reporting staff members being summoned to provide evidence of the suspicious transaction in person and thereby disclosing their identity (Smith 2011).
Dilemma for Banks
The UK Anti-Money Laundering (AML) system embodies an extraordinary and exceptional intrusion by the state in contractual relationships. It is matchless in assuming performance of contractual commitments and renders them automatically unlawful without legal interventions. It is against this backdrop that those adversely affected by the suspension of contractual arrangements will be upset. Following the recent Court of Appeal ruling in Shah v HSBC case, the only available recourse for the aggrieved parties was through a judicial review to dispute the actions of SOCA. Nonetheless, the ruling in Shah v HSBC has created new avenues which can be exploited by the aggrieved customers to seek compensation if they fall victims of suspicious activity reports to SOCA (Marshall 2010, p. 287).
However, it is ironical since the limited prospects currently offered with regard to the matter of a SAR under Shah v HSBC have situated banks under the anti-money laundering system initiated by the Proceeds of Crime Act 2002 that creates legal risks. Concerns have emerged among financial institutions about the dilemma of not performing transactions for fear of executing a money laundering offense while not notifying the customer that this was being done. The outstanding difference between the UK anti-money laundering system and the United State’s system under USA Patriotic Act [2001] and Bank Secrecy Act [1970] is that once the red flag is raised in UK (as demonstrated by a report to SOCA), it becomes automatically unlawful for both the bank and customers to carry out the transaction. What’s more, their private commitments are suspended (Marshall 2010, p. 288).
When the new anti-money laundering system was established in 2003, the sensible advice offered by lawyers was “if in doubt, report it.” A similar cautious advice is given in the United States for banks that are affected by the stipulations enclosed within the Bank Secrecy Act and USA Patriotic Act. In light of the ruling made in the Shah and Another v HSBC Private Bank (UK) LTD (2009) EWHC (QB) case, the same advice is rendered irrelevant in the English law. The unpleasant position that now faces banks is a dilemma of whether to report suspicious transactions and face a claim for contract infringement or opt not to report and face criminal suit for not reporting money laundering transactions as soon as possible (Marshall 2010, p. 289).
References
Dechent, S 2009, ‘Liability for Misleading or Deceptive Conduct in the Banking Industry’, The Finance Industry, vol. 11, pp. 27-33.
Kilonzo, K 2007, ‘An Analysis of the Legal Challenges posed by Electronic Banking’, Kenyan Law Review, vol.1, pp. 323-341.
Longmore, A 2010, England and Wales Court of Appeal (Civil Division) Decisions. Web.
Marshall, P 2010, ‘Does Shah v HSBC Private Bank make the anti-money laundering consent regime unworkable?’, Butterworths Journal of International Banking and Financial Law, pp. 287-290.
Smith, H 2011, Shah v HSBC: Court of Appeal rules that identity of employees making money laundering reports can be redacted when disclosing documents in litigation. Web.
Smith, H 2009, Shah v HSBC : what duties do banks owe their customers when making SARs?. Web.