Skip to main content Skip to footer

Fraud

OBSI’s approach to fraud complaints

Fraud is one of the most common banking issues we investigate, and a growing concern in the investment sector as well. Fraud is unfortunately increasing in both OBSI cases and in Canada generally.

People who have been defrauded are victims of a crime and have often lost significant sums of money. When cases come to OBSI, we will examine the circumstances to determine if it is fair and reasonable for the bank or investment firm to be held responsible for the consumer’s losses.

When consumers tell us they have been a victim of fraud, the type of fraud that has taken place typically falls into one of two categories: fraudulent transactions that were not authorized by the consumer and transactions that the consumer authorized (scams).

1. Fraudulent transactions not authorized by the consumer

In these cases, consumers often say they had no knowledge of a transaction or series of transactions until, sometime later, they discover that it has taken place. They generally believe that the transaction should be reversed, or they should be reimbursed because:

  • Their debit or credit card was lost or stolen
  • Their account was compromised
  • Someone had stolen their information and was impersonating them

This type of fraud is most commonly associated with banking products where account access is protected by personal information and passwords, such as debit or credit cards, personal transaction accounts and electronic or wire transfers. It can also include fraudsters trading in online investing accounts using stolen personal information and passwords.

2. Transactions that the consumer authorized (scams)

When a consumer is the victim of a scam, they often say they knew about and authorized the transaction, but that the transaction should be reversed, or they should be reimbursed for their financial losses because:

  • They were tricked into sending funds (e.g., money or cryptocurrency) to a fraudulent recipient
  • The firm should have detected the fraud and provided more protection
  • The firm did not exercise the appropriate security measures to keep their funds safe

Scams are a common example of this type of fraud. Many consumers who have fallen victim to scams believe that because they have done nothing wrong, their bank or firm should reimburse their losses. The banking products most often impacted by scams are credit cards, electronic transfers, and wire transfers. Investment scams often involve cryptocurrency transfers.

Key issues in our investigation

When investigating fraud cases, we will speak to the consumer and firm and review all available evidence to understand the circumstances of the case as well as to determine whether to recommend that a transaction should be reversed, or compensation should be paid. We consider the rules that apply, how the transaction happened, and how the consumer and firm responded.

The rules that apply

In each case, we will consider the legal and regulatory rules that govern the liability of consumers and firms. These include:

  • Agreements between consumers and firms – For every financial services product, the consumer and firm have entered into an agreement that outlines the terms under which a financial product is provided. The most common examples are:
    • Account-opening agreements: The terms of most account agreements say that accountholders are responsible for the activity in their accounts. This means that consumers are generally responsible for the transactions they authorize to anyone for any reason.
    • Cardholder agreements: Cardholder agreements usually say that cardholders are responsible for the transactions made using their card, with some exceptions.

There are some situations where a consumer may not be responsible for the transactions in their account, for example, where a consumer was a victim of theft or has taken all reasonable precautions to protect their account from fraud or unauthorized use.   

  • Time limits – The terms of use associated with an account or product will specify the timeframe for reporting fraudulent transactions. Consumers who have not notified their firm within the proper time limits may be held responsible for their financial losses. Most agreements provide for a 30-day period, beginning when the consumer’s monthly statement is issued.
  • Federal law – The Bank Act and its regulations contain some consumer protection provisions that apply to credit card customers of federally regulated banks. Most importantly, this includes limits on consumer liability when a card is lost or stolen.
  • Provincial consumer protection laws – Many provinces in Canada have laws in place to protect consumers when using their credit cards. The law that applies in each province is different - the rules that apply will depend on where the cardholder lives. Consumer protection laws deal with a variety of issues, such as limitations on consumer liability for lost or stolen cards, and protection for the right to a refund for certain transactions such as those entered into by phone or internet where the consumer never receives the product or is defrauded by a merchant. These rules apply even if they are inconsistent with the cardholder agreement between the consumer and the card issuer, but they usually require consumers to follow very specific procedures.

How the transaction happened

During our investigation, we will review the facts of the case to determine whether there is evidence of fraud. This involves establishing whether and how the transaction was authorized, and the conditions under which the account was accessed, such as whether a PIN or two-factor authentication was used in the transaction.

How the consumer and firm responded

We will consider whether the consumer acted reasonably and complied with their own obligations under their agreement with their firm. For example, we will consider whether the consumer:

  • Took reasonable precautions to protect their account and personal information
  • Followed the conditions and terms of use in their account-opening or cardholder agreement
  • Reviewed their statements and reported unknown transactions within a timely manner
  • Authorized a transaction after receiving a warning of fraud from the firm

We will also consider whether the firm acted reasonably and complied with their legal obligations and their agreement with the consumer. For example, we will consider whether the firm:

  • Complied with any applicable federal and provincial laws
  • Followed their internal procedures and policies
  • Responded appropriately to any report of a lost or stolen card
  • Acted reasonably considering the circumstances of the transaction, considering what it reasonably should have known, and whether it had the opportunity to prevent the fraud from impacting the consumer

Our recommendations

We will recommend compensation for fraud when we believe that, based on the circumstances, it is reasonable for the firm to be held responsible for the consumer’s financial losses. These include losses that a consumer has incurred:

  • due to the firm’s errors or negligence
  • after a product (such as credit card) was cancelled
  • after a card was reported lost or stolen
  • if the firm was aware of risks to the consumer but did not act reasonably to address them

When we make a recommendation in fraud cases, it is usually for the full amount of the consumer’s financial losses, though we may recommend partial compensation if we find the consumer contributed to their own losses. If applicable, this may also include other fees or charges that have been incurred because of the disputed amount.

When we do not recommend compensation to the consumer, it is usually in situations such as:

  • Consumer failed to protect personal information – If the consumer has not adhered to their obligations in their account or cardholder agreement by sharing access to their account or not protecting their PIN, we will usually have no basis for a recommendation in the consumer’s favour.
  • Firm did not have the opportunity to warn or protect the consumer or acted reasonably – Consumers expect to be free to send their money to anyone they wish for any reason and financial institutions rarely interfere with this freedom or impose any limitations. Fraudsters know this and employ a wide range of tactics to trick people into sending them money through electronic transfers, wire transfers and cryptocurrency transfers because these products are commonly used to transfer large amounts of money and they can be difficult or impossible for firms to reverse. Unfortunately, when a consumer has authorized a transaction, firms usually do not have the opportunity to identify the fraud or prevent the consumer from falling victim to it.

In general, though people who have been defrauded are victims of a crime and have often lost significant sums of money, we cannot recommend compensation unless we believe that based on the circumstances it is reasonable for the firm to be held responsible for the consumer’s losses.

Related resources

Retired consumer targeted in text message scam

Investor loses nearly $400,000 in cryptocurrency scam

Bank customer is a victim of multiple incidents of fraud

This website uses cookies to enhance usability and provide you with a more personal experience. By using this website, you agree to our use of cookies as explained in our Privacy Policy.