The ruling handed down by the Court of Appeal of Grenoble on 9 September 2025 (No. 24/00638) is a major confirmation of the jurisprudential balance between the duty of prudence of the client, even when a victim of fraud, and the persistent duty of vigilance of the banking institution. Fully confirming the judgment rendered by the Tribunal judiciaire de Grenoble on 18 December 2023, this decision, involving the Caisse d’Epargne et de Prevoyance Rhone Alpes (CE), clearly sets out the criteria for establishing the banker’s liability even when the payment orders were expressly authorized by the user.
The dispute concerned the recovery of financial loss of 234,906 EUR resulting from 43 fraudulent wire transfers made by Mr. [N] between January and August 2021.
I. The applicable liability regime
The Court of Appeal of Grenoble didactically recalled the applicable regime in this type of dispute.
If the transactions are considered “unauthorized” or “improperly executed,” the liability of the payment service provider (PSP), the company CE, can only be sought on the specific basis of Articles L.133-18 to L.133-24 of the Code monetaire et financier (CMF). The bank logically defended itself on these provisions by insisting on its role as a mere payment service provider, without any duty of advice, information, or warning. It maintained that it was obligated to execute Mr. [N]’s orders on pain of incurring its own liability.
However, as the Court of Cassation reaffirmed (Cass. com., 12 June 2025, No. 24-10.168; Cass. com., 12 June 2025, No. 24-13.697), the banks’ duty of vigilance based on ordinary law remains applicable when the special regime for payment transactions does not allow the bank’s liability to be engaged, particularly when the transactions are considered authorized. It was precisely on this basis that the debate before the Court of Appeal took place.
II. The duty of vigilance
The main argument raised by Caisse d’Epargne was based on the principle of non-interference (principe de non-immixtion), according to which the banker must not interfere with the client’s affairs, even if they engage in an inopportune or dangerous act, or one likely to lead to their ruin. Moreover, Mr. [N] had authorized the transactions, including by using the SECUR PASS strong authentication device to add beneficiaries and by physically going to the branch to make a transfer, thus attesting to his willingness to act.
Nevertheless, the Court confirms that the principle of non-interference necessarily operates in conjunction with the banker’s duty of vigilance. The bank’s liability, although it is not subject to a duty of advice in this context, must be assessed solely in relation to the exercise of this duty of vigilance.
Assessment of intellectual anomalies
The duty of vigilance requires the banker to act as “a sufficiently prudent and diligent banker faced with manifestly litigious abnormal facts.” The verification must ensure that the transaction is not manifestly irregular or unusual in the client’s practice.
The assessment is made according to precise jurisprudential criteria defining the intellectual anomaly (anomalie intellectuelle):
- The amount of the transactions;
- Their frequency;
- The destination of the funds;
- The client’s profile.
III. Evidence of the breach and flagrant anomalies
In this case, the Grenoble Court identified flagrant intellectual anomalies that should have alerted Caisse d’Epargne:
- Multiplicity and Amount: Mr. [N] made 43 wire transfers to third-party accounts in less than eight months (between 23 January 2021 and 10 August 2021). The total amount of 234,906 EUR represented 70% of Mr. [N]’s assets.
- Destruction of Savings: A particularly striking fact was the closure, on 25 June 2021, of his Plan Epargne Logement (PEL) (home savings plan), opened in 2013, and the transfer of the entire balance (66,173.34 EUR) to another account. Additionally, the liquidation of a life insurance policy and stolen checks were noted.
- Implausibility of the Motive: The email sent by Mr. [N] to his adviser on 10 May 2021 explained that the funds were intended to release sums linked to the inheritance of a certain Mr. [Y] deceased in Burkina Faso. The Court held the objective pursued by Mr. [N], as it appeared from this email, to be of manifest implausibility.
By failing to intervene in the face of this situation, the company CE breached its duty of vigilance and thus incurred its liability.
IV. Apportionment of liability: a 70/30 split
Despite the bank’s fault, the Court confirmed the apportionment of liability established by the Tribunal judiciaire de Grenoble.
The client’s fault (30%)
The Court characterized Mr. [N]’s behavior as imprudent and irresponsible. The client had responded to the email of an unknown person on the basis of an “absolutely dubious promise of sharing an inheritance opened abroad.”
Mr. [N] attempted to argue that his age (73 years at the date of the events), his widowhood, and his retirement justified greater vigilance from the bank. However, the Court expressly rejected this argument, holding that these three elements could not be relied upon to justify a vulnerability not established at the time of the events.
The banker’s fault (70%)
The 70% (Bank) / 30% (Client) split was retained because Mr. [N]’s behavior was not the exclusive cause of his loss.
The determining factor was that as soon as the bank reported the situation to Mr. [N]’s son (in August 2021), the transfers immediately ceased. The Court inferred that earlier intervention by the bank could have prevented a significant portion of the fraud.
The company CE was therefore ordered to pay Mr. [N] the sum of 149,580.13 EUR in compensation for his financial loss.
Rejection of moral damages
The Court also confirmed the rejection of Mr. [N]’s claim for moral damages. Indeed, in the absence of a specific demonstration of moral harm and given that the financial loss had been compensated taking into account the client’s contributory fault, this claim was not upheld.
Frequently Asked Questions (FAQ) – Wire Transfer Fraud and Bank’s Duty of Vigilance
This FAQ is addressed to persons who have been victims of wire transfer fraud that they themselves authorized.
What is the applicable legal regime if I have been a victim of wire transfer fraud?
The applicable liability regime is that of payment services law, namely Articles L.133-18 et seq. of the Code monetaire et financier (CMF). This regime is exclusive and takes precedence over ordinary civil law (Article 1231-1 of the Civil Code).
Can my bank be held liable if I authorized the transfers and used strong authentication (e.g. SECUR PASS)?
Yes. The fact of having authorized the transactions and used strong authentication or having physically gone to the branch does not relieve the bank of its duty of vigilance. The bank’s liability is assessed solely in relation to this duty.
What is an “intellectual anomaly” characterizing the bank’s breach?
It is a situation that should have alerted a prudent and diligent banker. The criteria include:
- The unusual frequency or multiplicity of transfers (such as the 43 transfers made by Mr. [N]).
- The significance of the amount of the transactions, particularly if they represent a significant portion of the client’s assets (70% in this case).
- The implausibility of the purpose or destination of the funds (such as the dubious foreign inheritance story mentioned in the client’s email).
Does the principle of non-interference allow the bank to ignore signs of fraud?
No. The bank is bound by the principle of non-interference, which prevents it from interfering in its clients’ affairs, even if those acts are inopportune. However, this principle necessarily operates in conjunction with the duty of vigilance, which requires verification that the transaction is not manifestly irregular or unusual.
Can my age or personal situation (retirement, widowhood) exempt me from liability?
No. In this decision, the Court of Appeal expressly held that age (73 years), widowhood, or retirement status are not sufficient, on their own, to justify a vulnerability not established at the time of the events and to relieve the client of their share of liability.
Why is liability often shared and how is the percentage justified?
Liability is shared when the client’s imprudent behavior (having responded to the fraud) is not considered the exclusive cause of the loss. The sharing is justified if it can be demonstrated that earlier intervention by the bank, even in the face of an authorized transaction, could have halted or limited the loss. In this case, the split was set at 70% for the bank and 30% for the client.
