1. Core Legal Position in Singapore

In Singapore, liability for electronic payment fraud usually depends on:

(A) Authorised vs unauthorised transactions

• If customer authorised (even under deception) → customer often bears loss.
• If truly unauthorised (e.g., hacked or forged instructions) → bank may be liable unless protected by contract.

(B) Contractual allocation of risk

Banks often rely on:

• “Good faith reliance on instructions”
• “Customer bears risk of electronic communications”
• Exclusion clauses limiting bank liability

(C) Duty of care / negligence

Banks may be liable if:

• They fail to detect obvious fraud
• They breach reasonable banking standards

2. Key Singapore Case Laws (Electronic Payment Fraud Liability)

1. Major Shipping & Trading Inc v Standard Chartered Bank (2018) SGHC 4

• Fraudster sent payment instructions via compromised email.
• Bank executed transfers.
• Court held:
  • Bank not liable due to contractual clauses shifting risk to customer
  • Bank entitled to rely on instructions in good faith

📌 Principle:

Customers bear loss where bank acts under apparent authority and contract protects bank.
 

2. Poh Chiak Ow v United Overseas Bank (2020) SGHC 275

• Customer claimed bank relationship manager misled him into remitting funds (fraud/scam context).
• Issues: negligence, misrepresentation, vicarious liability.
• Court examined whether bank breached duty of care.

📌 Principle:

• Bank liability may arise if employee misconduct is proven.
• But burden is high; must show breach or fraudulent inducement attributable to bank.

3. Jiang Ou v EFG Bank AG (2011) SGHC 149

• Employee executed unauthorised fraudulent transactions.
• Customer did not receive proper confirmation.
• Court held:
  • Bank liable for losses
  • “Conclusive evidence clauses” did not protect bank in fraud situations

📌 Principle:

Banks cannot rely on contractual clauses to escape liability for internal fraud or unauthorised transactions.
 

4. Credit Agricole v PPT Energy Trading (SICC 2022)

• Fraud alleged in letters of credit context.
• Court applied strict fraud exception test.

📌 Principle:

• Bank only refuses payment if dishonest fraud is clearly proven
• Mere suspicion or irregularity is insufficient

5. Winson Oil Trading v OCBC / Standard Chartered (Court of Appeal 2024)

• Fraud exception in banking instruments clarified.
• Court held:
  • Recklessness = fraud in financial fraud contexts
  • Banks justified in refusing payment where fraud proven

📌 Principle:

Courts take a strict but unified approach to fraud in electronic and documentary payment systems.
 

6. Skandinaviska Enskilda Banken v Asia Pacific Breweries (Case commentary line of authority)

• Concerned unauthorised employee transactions and bank liability
• Courts analysed:
  • apparent authority
  • vicarious liability of banks for employee fraud

📌 Principle:

• Banks may be liable where employees act within apparent authority or system failures occur
   

7. OCBC phishing scam cases (industry practice + MAS context)

• Thousands of customers lost money in phishing scams.
• Banks sometimes made goodwill reimbursements, not legal liability admissions.

📌 Principle:

• Customer liability often depends on:
  • sharing OTPs/passwords
  • failure to exercise security precautions
• MAS framework recognises shared responsibility model

3. Legal Principles Derived from Case Law

(1) Strong contractual protection for banks

Courts often uphold clauses that:

• allow banks to rely on electronic instructions
• shift fraud risk to customers

(2) High threshold for proving bank negligence

Customer must show:

• obvious red flags ignored, OR
• breach of banking standard of care

(3) Fraud exception is narrow but strict

• Fraud must be clear, dishonest, or reckless
• Banks are protected unless fraud is proven strongly

(4) Employee fraud can shift liability to bank

• If fraud is internal or system-based → bank likely liable

(5) Customer conduct matters heavily

• Sharing OTPs/passwords often leads to customer bearing loss
• Courts treat this as “authorised transaction by conduct”

4. Overall Conclusion

Singapore courts adopt a balanced but bank-protective approach:

• Banks are protected by contract and strict fraud standards
• Customers bear loss where they authorise payments or compromise security
• Banks become liable mainly in cases of internal fraud, negligence, or failure of systems