The Phenomenon of Online Scams and the Liability of the Credit Institution

Discovering that your personal or business bank account has been unlawfully drained is a traumatic experience that generates anxiety and uncertainty. In an increasingly digitized world, phenomena such as phishing, smishing (SMS scams), and unauthorized access to home banking systems are unfortunately commonplace in Milan and throughout Italy. As a lawyer specializing in compensation for damages and banking law, Avv. Marco Bianucci deeply understands the sensitivity of these situations, which often affect the liquidity necessary for the daily management of businesses and families.

Although banks invest in security systems, fraudulent techniques evolve rapidly. However, it is crucial to know that the legislator has provided specific protections for account holders. Current legislation imposes strict custody and oversight obligations on credit institutions. When these measures fail, and the customer suffers financial damage due to a cyber intrusion, the conditions are often met to request reimbursement of the stolen funds, invoking the bank's contractual liability.

The Regulatory Framework: Burden of Proof and Gross Negligence

The reference regulation for payment services, stemming from the European PSD2 directive, establishes a fundamental principle: in case of unauthorized transactions, the liability, by presumption, falls on the payment service provider (the bank). This means that the credit institution is obliged to immediately refund the payer the amount of the unauthorized transaction, restoring the account to the state it would have been in had the transaction not occurred.

To evade this compensation obligation, the bank bears a very heavy burden of proof. It must demonstrate not only that the transaction was authenticated, recorded, and accounted for correctly, but it must prove the user's intent or gross negligence. The customer's mere imprudence, such as clicking on a deceptive link in a moment of distraction, does not automatically constitute gross negligence that would exclude compensation. Case law, including that of the Court of Milan and the Banking and Financial Arbitrator, tends to protect account holders, requiring the bank to prove it has adopted all appropriate security measures, such as strong two-factor authentication (SCA), to prevent unauthorized access.

The Bianucci Law Firm's Approach to Recovering Funds

Avv. Marco Bianucci, a lawyer specializing in banking litigation in Milan, handles online scam cases with an analytical and rigorous method. Each case begins with a detailed analysis of how the fraud occurred. It is essential to examine the communications exchanged (SMS, emails), transaction times, and the promptness of the report. The Bianucci Law Firm assesses whether the intermediary's security systems functioned correctly or if there were breaches that allowed fraudsters to operate undisturbed, perhaps bypassing blocks or amount limits.

The defense strategy is divided into several phases. Initially, a formal complaint is filed with the credit institution, arguing from a legal standpoint the failure to adopt necessary security measures and contesting any accusation of negligence made against the customer. If the bank denies reimbursement, the firm assesses the advisability of appealing to the Banking and Financial Arbitrator (ABF), an often effective and economical out-of-court dispute resolution mechanism, or proceeding with ordinary judicial action. The objective of Avv. Marco Bianucci is always to achieve the best possible outcome for the client, aiming for the full recovery of unduly misappropriated funds.

Frequently Asked Questions

Is the bank always obliged to refund money stolen online?

The bank is obliged to refund if it cannot prove that the customer acted with intent (intentionally) or gross negligence. If the institution does not prove that the customer committed gross negligence in safeguarding their credentials, reimbursement is due according to current legislation.

What is meant by gross negligence of the account holder?

Gross negligence is a behavior of extraordinary imprudence that goes beyond simple carelessness. For example, voluntarily providing one's device codes to third parties or writing them on the ATM card. However, being deceived by a highly sophisticated phishing email (that appears identical to the bank's) is often not considered gross negligence by recent case law.

What are the first steps to take after discovering a scam?

It is crucial to act immediately: block cards and access codes by contacting the bank, file a report with the Postal Police or Carabinieri describing what happened, and immediately send a registered letter or certified email (PEC) to the bank disavowing the transactions. Subsequently, it is advisable to contact a lawyer to manage the reimbursement request.

How long does it take to get compensation?

The timelines vary depending on the procedure. If the bank accepts the initial complaint, reimbursement can occur within a few weeks. If it is necessary to appeal to the Banking and Financial Arbitrator, the procedure can take several months. Litigation in court takes longer, but is sometimes necessary for large sums or complex cases.

Request an Assessment of Your Case in Milan

If your company or personal account has been subjected to unauthorized access or online scams, do not resign yourself to losing your money. Timely and competent legal intervention can make the difference in recovering the funds. Contact the Bianucci Law Firm at via Alberto da Giussano 26 in Milan to schedule a consultation. Avv. Marco Bianucci will examine the documentation and provide you with a clear overview of the possible actions against the credit institution.