National Australia Bank Ltd v Swed (No. 2)

Case

[2015] NSWSC 1322

18 September 2015

No judgment structure available for this case.

Supreme Court


New South Wales

  • Summary available
Medium Neutral Citation: National Australia Bank Ltd v Swed (No. 2) [2015] NSWSC 1322
Hearing dates:18, 19 & 20 November 2014, 17 December 2014 & 1 April 2015
Date of orders: 18 September 2015
Decision date: 18 September 2015
Jurisdiction:Common Law
Before: Davies J
Decision:

1. Judgment for the Defendant.
2. The Plaintiff is to pay the Defendant’s costs.

Catchwords: REAL PROPERTY – possession of land – mortgages – default – wife gains access to husband’s accounts – defalcations to satisfy wife’s gambling addiction – whether transactions authorised – whether husband complied with Banking Electronic Funds Transfer Code of Conduct – whether husband complied with bank’s Terms and Conditions – whether husband acted with “extreme carelessness”
Legislation Cited: Real Property Act 1900 (NSW)
Cases Cited: Tobin v Ezekiel [2012] NSWCA 285; (2012) 83 NSWLR 757
Category:Principal judgment
Parties: National Australia Bank Ltd (Plaintiff)
Joul Swed (Defendant)
Representation:

Counsel:
P Newton (Plaintiff)
R A Parsons (Defendant)

Solicitors:
Gadens Lawyers (Plaintiff)
V L Macri Lawyers (Defendant)
File Number(s):2012/37848

Judgment

  1. In these proceedings the Plaintiff seeks possession of the Defendant’s property at 00 XXXXX YYYYY, Heckenberg and a judgment for the amount said to be owing to the Bank. The proceedings arise out of a loan initially made to the Defendant on 9 February 2004. At that time the Bank advanced the sum of $400,000 to the Defendant. Of that sum $398,328.85 was paid to the New South Wales Land and Housing Corporation, the vendor to the Defendant of the property. That loan settled on 9 February 2004.

  2. On about 26 April 2006 that loan facility was restructured with a variable rate home loan facility to the Defendant for the same principal sum.

  3. On or about 4 February 2008 that restructured facility was itself restructured to become an NAB Choice Package Home Loan. Under this facility it was possible for the borrower to redraw money from the loan account from time to time.

  4. The Defendant also had an NAB Flexi Account known as a key card account with the Bank. That account was opened in about June 2004.

  5. The Defendant defaulted under the home loan by failing to make payments when due. A notice under s 57(2)(b) of the Real Property Act 1900 (NSW) was served on the Defendant on or about 1 November 2011. It required him to pay arrears at that date of $54,709.99 together with enforcement expenses of $697.72 making a total of $55,407.71. The Defendant did not make the payments.

  6. On 3 January 2012 the Plaintiff demanded the whole of the loan then outstanding on the basis of the failure to comply with the s 57(2)(b) notice. When that demand remained unmet the present proceedings commenced by the filing of a Statement of Claim on 2 February 2012.

  7. Although the Defendant engaged his present lawyers to act for him they simply served a Notice of Appearance on the Plaintiff’s solicitors, such Notice of Appearance being unsealed by the Court.

  8. On 17 April 2012 the Plaintiff’s solicitors sent a letter to the Defendant’s solicitors warning them that they intended to apply for default judgment on the basis of not having been served with a sealed copy of an Appearance and in the absence of a defence. Default judgment was then obtained on 23 May 2012. An eviction was scheduled to take place on 26 July 2012. On 25 July 2012 the Plaintiff’s solicitors received a letter from the Defendant’s solicitors saying that the Defendant had lodged a complaint with the Financial Ombudsman’s Service. The following day, the day when the eviction was due, the Defendant’s solicitors filed a Notice of Motion seeking a stay of the eviction. A stay was granted until 6 August 2012. It was subsequently extended, and on 7 September 2012 default judgment was set aside.

  9. The Defendant filed a Defence on 3 October 2012 where he admitted the loan agreement and the mortgage but denied that he was in default. He admitted to receiving the s 57(2)(b) notice.

  10. The Defendant filed a Cross-Claim on the same day as the Defence asserting that the Defendant had wrongly debited amounts other than mandated payments. The disputed transactions occurred between March 2008 and December 2009.

  11. Ultimately, after various investigations were carried out, the Defendant came to believe that his wife who resided with him, was responsible for having accessed his accounts through the telephone banking system, withdrawn the monies and used them for gambling purposes. The Defendant claimed to know nothing of his wife’s use of the accounts or the money.

  12. The principal issue in the case is whether the Defendant and his wife are to be believed that she obtained access to the accounts and misappropriated the funds without the Defendant’s knowledge. The second issue is whether the Defendant was in breach of the Telephone Banking Terms and Conditions that formed part of his arrangement with the Bank. The Bank asserts that he contravened the security arrangements in clauses 34.4 and 39.4 of those Terms and Conditions, that he acted with extreme carelessness in failing to protect his PIN and telephone banking password, or voluntarily disclosed them to his wife.

The telephone banking system and the debit card system

  1. Every NAB customer receives a National Identification Number (NIN). In the Terms and Conditions it is referred to as a NAB ID but I shall use the acronym NIN as the parties did during the hearing. The NIN is embossed on the back of the Keycard. If telephone banking is used, it is necessary to key in the NIN at the outset. Thereafter the user is required to enter a password. The password must be between 4 and 8 digits. The user then has a number of options such as ascertaining his or her account balance (Press 1), obtaining a transaction history (Press 2) or (as in this case) transferring or redrawing funds (Press 3). There were other options, irrelevant for present purposes.

  2. If the user pressed 3 to transfer or re-draw, the system then offered the following:

  1. select the “from” account by entering the account number using the telephone keypad;

  2. select the “to” account;

  3. enter the amount in dollars and cents;

  4. listen to the confirmation message, and if it is OK to transfer Press 1, to cancel Press 2;

  5. record the receipt number communicated by the automated recording.

  1. Mr Swed was registered for the NAB telephone banking business in 2008 with his NIN. At the time a password was allocated or selected by Mr Swed. The NAB telephone banking system was first used on 28 February 2008 by a user using Mr Swed’s NIN and password, and it was last used on 7 September 2010.

  2. Whenever a transfer or re-draw was effected the Bank forwarded a letter to the customer confirming that the transaction had taken place and noting the amount of money involved.

  3. At the time Mr Swed received his Keycard he would also have been allocated a Personal Identification Number (PIN). The PIN is specific to the card whereas the NIN is specific to the customer. The PIN Is sent in a separate envelope to the customer. The NIN is not relevant to the use of the Keycard at an ATM or otherwise. It is only needed to access telephone banking or to use internet banking. Only the PIN is relevant for the use of the card.

  4. It was common ground that, under the Terms and Conditions, both the telephone password and the PIN had to be kept secret by the holder thereof. In relation to the NIN, the Bank maintained, but Mr Swed denied, that there was an obligation to keep it secret. The matter turned on whether the NIN was an “authentication service” in the Terms and Conditions.

The Terms and Conditions

  1. The Bank is governed by an Electronic Funds Transfer Code of Conduct issued by ASIC. Although the Code was amended during relevant periods for these proceedings, the parties agreed that the provisions of the Code were relevantly identical.

  2. Clause 2.1 provides:

Account institutions will prepare for the users clear and unambiguous Terms and Conditions applicable to EFT transactions, which reflect the requirements of this Code. The Terms and Conditions are to include a warranty that the requirements of this Code will be complied with. The Terms and Conditions will not provide for or be effective to create liabilities and responsibilities of users, which exceed those set out in this Code.

  1. Part A of the Code applies to EFT transactions. Relevant provisions are these:

1.5   Interpretation

“code” means information:

The contents of which is known to the user and is intended to be known only to the user or only to the user and the account institution;

Which the account institution requires the user to keep secret; and

Which the user must provide (in any manner) to or through a device or electronic equipment in order to access an EFT account.

(A footnote to this definition relevantly provides:

A code:

Does include a code used to access a device eg. A PIN used to unlock a card or token even if the code is not used separately to access the electronic equipment.)

“device” means a physical device used with electronic equipment to access an EFT account, for example a card, token or biometric reader.

“Identifier” means information:

The content of which is known to the user but not only to the user and which the user is not required to keep secret; and

Which the user must provide (in any manner) to or through a device or electronic equipment in order to access an EFT account.

(A footnote to this definition reads as follows:

An identifier may be, for example, an account number, card number, card expiry date.)

D.   No account holder liability where it is clear that the user has not contributed to the loss

5.4   The account holder has no liability for losses resulting from unauthorised transactions where it is clear that the user has not contributed to such losses,

E.   Circumstances where the account holder is liable

5.5   Where sub-clauses 5.2, 5.3 and 5.4 do not apply, the account holder is liable for losses resulting from unauthorised transactions only as provided in paragraphs (a), (b) and (c).

(a)   Where the account institution can prove on the balance of probability that the user contributed to the losses through the user's fraud or the user's contravention of the requirements in sub-clause 5.6, the account holder is liable for the actual losses which occur before the account institution is notified that a device forming part of the access method has been misused, lost or stolen or that the security of the codes forming part of the access method has been breached, but is not liable for any of the following amounts:

(i) that portion of the losses incurred on any one day which exceed the applicable daily transaction Iimit(s);

(ii) that portion of the losses incurred in a period which exceeds any other periodic transaction limit(s) applicable to that period;

(iii) that portion of the total losses incurred on any account which exceeds the balance of that account (including any prearranged credit);

(iv) all losses incurred on any accounts which the account institution and the account holder had not agreed could be accessed using the access method.

Where an access method includes more than one code and the account institution proves that the user contravened the requirements of subclause 5.6 by voluntarily disclosing or by keeping a record of one or more codes but not all the codes in the access method, the account holder is liable under this paragraph only if the account institution also proves on the balance of probability that the user's contravention of sub-clause 5.6 was the dominant contributing cause of the losses.

(b)   Where the account institution can prove on the balance of probability that a user has contributed to losses resulting from unauthorised transactions by the user unreasonably delaying notification after becoming aware of the misuse, loss or theft of a device forming part of the access method, or that the security of all the codes forming part of the access method has been breached the account holder is liable for the actual losses which occur between when the user became aware (or should reasonably have become aware in the case of a lost or stolen device) and when the account institution was actually notified, but is not liable for any of the following amounts:

In determining whether an account institution has proved on the balance of probability that a user has contributed to losses under paragraph (a), all reasonable evidence must be considered, including all reasonable explanations for the transaction occurring.

The fact that the account has been accessed with the correct access method, while significant, will not of itself constitute proof on the balance of probability that the user has contributed to losses through the user's fraud or through the user contravening the requirements in sub-clause 5.6.

In determining whether a user has unreasonably delayed notification under paragraph 5.5(b), the effect on the user of any charges imposed by the account institution relating to the notification or the replacement of the access method    must be taken into account.

5.6 Where an access method utilises a code or codes, a user contravenes the requirements of this sub-clause if:

(a) the user voluntarily discloses one or more of the codes to anyone, including a family member or friend; or

(b)   where the access method also utilises a device, the user indicates one or more of the codes on the outside of the device, or keeps a record of one or more of the codes (without making any reasonable attempt to protect the security of the code records) on the one article, or on several articles, carried with the device or liable to loss or theft simultaneously with the device; or

(c)   where the access method comprises a code or codes without a device, the user keeps a record of all the codes (without making any reasonable attempt to protect the security of the code records) on the one article, or on several articles so that they are liable to loss or theft simultaneously;

(d)   where, after the adoption of this revised Code by the account institution, the account institution permits the user to select or change a code and, immediately before the user's selection or change of the code, specifically instructs the user not to select a numeric code which represents the user's birth date or an alphabetical code which is a recognisable part of the user's name and warns the user of the consequences of such a selection and the user selects such a numeric or alphabetical code; or

(e)   the user acts with extreme carelessness in failing to protect the security of all the codes.

A footnote to paragraph 5.6(e) says this:

“Extreme carelessness” means a degree of carelessness with the security of the codes which greatly exceeds what would normally be considered careless behaviour. For example, storing the user’s user name and password for internet banking in a diary or personal organiser or computer (not locked with a PIN) under the heading “Internet Banking codes”.

An access method may also include identifiers but the security of identifiers is irrelevant to liability under clause 5.5.) (emphasis added)

  1. Clause 20.3 of the Code provides:

Explanatory notes to provisions in this Code do not form part of the Code but may used to interpret the provisions of the Code.

  1. It was pursuant to this Code that the Terms and Conditions governing these transactions were prepared. A difficulty which emerged in the present case is that the Terms and Conditions use different terms from those in the Code. Resolving the second issue in the case (identified above at [12]) involves a determination of how each of the PIN, the NIN and the Keycard fitted within the various definitions in both the Code and the Terms and Conditions.

  2. The Bank relies on various provisions of the Terms and Conditions for personal transaction and savings products. These Terms and Conditions relevantly provide:

PART D: NAB Electronic Banking (Debit Cards) terms and conditions

34.1 Your responsibilities with respect to the card

You, agree:

(a)   to sign your card immediately on receipt;

(b)   to keep your card in a safe place, and provide reasonable protection for the card from theft;

34.2 General responsibility

The accountholder is generally responsible for all EFT transactions authorised by the use of the card and/or PIN and/or the card account details or undertaken by another person with your knowledge and/or consent. The accountholder's liability for any use not authorised by you may however be limited as provided below.

34.3   No Accountholder liability in some circumstances

The accountholder is not liable for losses:

(f)   resulting from unauthorised transactions where it is clear that you have not contributed to such losses.

34.4 Accountholder liability for unauthorised transactions

The accountholder is liable for losses resulting from unauthorised transactions as provided below:

(a)   where NAB can prove on the balance of probability that you contributed to the losses through your fraud or your contravention of the security requirements in clause 34.5, the accountholder is liable for the actual losses which occur before NAB is notified that the card has been misused, lost or stolen or that the security of the PIN has been breached; and

(b)   the accountholder is also liable where NAB can prove on the balance of probability that you contributed to losses resulting from unauthorised transactions because you unreasonably delayed notifying NAB after becoming aware of the misuse, loss or theft of the card, or that the security of the PIN has been breached. The accountholder will then be liable for the actual losses which occur between the time you became aware (or should reasonably have become aware in the case of a lost or stolen card) and when NAB was. actually notified.

34.5 Your responsibilities

(a)   Where NAB provides you with a PIN you must not:

(i)   voluntarily disclose your PIN to anyone including a family member or friend (unless your card is a Deposit Only Card);

(ii)   record your PIN on your card or on any article carried with the card or liable to loss or theft simultaneously with the card;

(iii)   act with extreme carelessness in failing to protect the security of your PIN.

35   EFT Code warranty

NAB warrants that it will comply with the requirements of the EFT Code for all EFT transactions on nominated accounts other than business EFT transactions.

38   Authorised user

38.5   Subject to clauses 38.6 and 39, you are liable for any use of your account or the service by an authorised user as if the account or the service had been used by you. You are also responsible for all instructions given in relation to your account using the service, which are authorised by the use of your password or the password of an authorised user, or undertaken by another person with the knowledge or consent of you or of an authorised user.

PART E: NAB Internet Banking and NAB Telephone Banking terms and conditions

39.2   When the accountholder is not liable

The accountholder is not liable for losses:

(b)   arising because the NAB ID, authentication service and/or password is forged, faulty, expired or cancelled;

(c)   that arise from personal EFT transactions which require the use of the authentication service and/or password and that occurred before the user received the authentication service and/or password;

(e)   resulting from unauthorised transactions occurring after notification to NAB that the security of the authentication service and/or password has been breached;

(f)   resulting from unauthorised transactions where it is clear that the user has not contributed to such losses.

39.3 When the accountholder is liable

The accountholder will be liable for losses resulting from unauthorised transactions as provided below:

(a)   where NAB can prove on the balance of probability that the user contributed to the losses through the user's fraud or contravention of the security requirements in clause 39.4, the accountholder is liable for the actual losses which occur before NAB is notified that the security of the authentication service and/or password has been breached; and

(b)   the accountholder is also liable where NAB can prove on the balance of probability that the user contributed to losses resulting from unauthorised transactions because the user unreasonably delayed notifying NAB after becoming aware that the security of the authentication service and/or password has been breached. The accountholder will then be liable for the actual losses which occur between the time the user became aware and when NAB was actually notified.

39.4 User's responsibilities under the EFT Code

(a)   Where NAB provides the user with an authentication-service and/or password the user must not:

(i)   voluntarily disclose the authentication service and/or password to anyone including a family member or friend, except when you are creating an authorised user;

(ii)   act with extreme carelessness in failing to protect the security of the authentication service and/or password; and

(iii)   record the password without making any reasonable attempt to protect the security of the password record on the 1 article or on several articles so that they are liable to loss or theft simultaneously.

44   EFT Code Warranty

NAB warrants that it will comply with th requirements of the EFT Code for all personal EFT transactions conducted via NAB Internet Banking and NAB Telephone Banking service(s).

Definitions and Interpretation

PART C

Meaning of words

The following definitions apply to Part C only. Other words used in Part C have the meaning as defined in other Parts of this booklet.

use’ in relation to a card means any physical use of the card, and any notification or use of the card number or any other identifying number or password issued by NAB in relation to the card or the account accessed by the card or to enable the card or the account to be used through an electronic banking facility, and the making of any payment to your account. Some examples of use of a card are:

PART D

Meaning of words

The following definitions apply to Part D only. Other words used in Part D have the meaning as defined in other Parts of this booklet.

'accountholder' means the person in whose name a nominated account is held.

‘cardholder’ means a person who has been issued a card or any other person who has been nominated by an accountholder to operate on a nominated account and who has been issued a card, or otherwise authorised by an accountholder to use an accountholder’s card or card account details.

'EFT transaction' means an electronic fund transfer to or from an account which is initiated through electronic equipment using a card, card account details or PIN (or a combination of 1 or more of them) to debit or credit a nominated account but does not include:

'electronic banking facility' means each banking facility available through the Internet or by telephone from NAB and any other electronic banking facility advised to you by NAB from time to time.

'PIN' means the Personal Identification Number allocated by NAB or personally selected by you.

'unauthorised transaction' means any EFT transaction where:

you claim that you did not engage in or have knowledge of or consent to the EFT transaction even though your card, card account derails and/or the correct PIN were used to generate the disputed EFT transaction; or

use’ has the same meaning as set out in the meaning of words for Part C.

‘you’ means a cardholder or an accountholder.

PART E

Meaning of words

The following definitions apply to Part E only. Other words in Part E have the meaning as defined in other Parts of this booklet.

'authentication service' means a device and/or mechanism issued by NAB designed for secure user authentication to access the service.

'electronic equipment' means any electronic equipment which may be used in conjunction with a card or card account details including but not limited to ATMs, ADMs, EFTPOS terminals, personal computers, telephones and mobile devices to carry out an EFT transaction.

'NAB ID' means a NAB Identification Number issued by NAB.

'password' means the password authorised by NAB for you or an authorised user to use to access the service.

'personal EFT transaction' means an electronic funds transfer to or from accounts using the service which is not a business EFT transaction.

‘unauthorised transaction' means any personal EFT transaction where you or an authorised user claim that you or an authorised user did not engage in or have knowledge of or consent to the personal EFT transaction even though your NAB ID and/or password or (if relevant) the authorised user's NAB ID and password were used to generate the disputed transaction.

'user' means you or an authorised user or either of these, as the context requires.

The operations on the accounts

  1. Mr Swed claimed to have limited English. That appears to have inhibited his own use of the telephone banking system without assistance although not his use of ATMs. He denied that he had ever given his password to Mrs Swed, to any of his children or to any other person. He denied that he had ever given his PIN to Mrs Swed, any of his children or to any other person.

  2. His account of how his wife was able to perpetrate the frauds on him is this. From time to time he would wish to ascertain the balance on his Home Loan account by means of the telephone banking system. He would ask his wife to ring the NAB’s number and press the prompts to the point where he was required to enter his password. She would then hand the phone to him to allow him to enter the password.

  3. Mr Swed’s evidence then disclosed that at the point when he understood he was hearing from the phone system automated voice what the balance owing on the account was, the phone would again be handed to him to hear that information.

  4. Mr Swed said, although he collected the mail from the mailbox at his house, he did not open it. He did not remember seeing letters with the NAB logo. On more than one occasion he had gone with a family member to the branch of the bank to complain that he had not been receiving bank statements for the Home Loan account.

  5. He had given instructions to the Bank that Mrs Swed was not authorised to provide instructions in relation to the account. This was because Mrs Swed’s gambling problem had caused financial losses for the family at an earlier time, perhaps around 2001. Her gambling was the reason the present family home was in Mr Swed’s name alone – the earlier property had been in joint names. Whilst Mr Swed thought that her problems were largely under control, the effect of his evidence was that he was not prepared to take any chances. He had put her name on a register to exclude her from gaming venues, he had told the Bank not to deal with her about the accounts and he had bought the property in his name alone. Nor would he disclose his banking password nor PIN to her.

  6. In relation to the Keycard Mr Swed gave evidence that he did not give his Keycard to Mrs Swed. When he used the ATMs he would not let Mrs Swed stand near him at the ATM. She was generally at least a metre and a half away from him.

  7. When Mr Swed first ascertained that the debit balance on the Home Loan account was at a much higher level than he believed it was, he went to the bank with his daughter Effie to find out what had happened. He thought at first that a bank officer, Long Hoang, whose name was apparently on the account, might have been responsible. When it was clear Mr Hoang was not involved, Mr Swed and Effie went to Liverpool police station to report the matter. Later, the police told him that it was Mrs Swed who had taken the money. She was never charged although that is scarcely surprising in a family situation where it does not appear anyone was pressing for her to be charged.

  8. From the time it was ascertained that Mrs Swed had taken the money, the whole dynamic within the family changed. Mrs Swed lived away from the family home for about six weeks. Since returning she and Mr Swed no longer shared a bed, and it seems that Mr Swed and their daughters do not speak to Mrs Swed. She said that on many occasions Mr Swed won’t even eat the food she cooks for him.

  9. Mrs Swed’s evidence was given under cover of a s 128 certificate that I gave to her at the outset of her evidence. She said that she had systematically transferred money from the Home Loan Account by using the telephone banking system. She said that Mr Swed would ask her to ring the Bank to find out what the balance on the Home Loan Account was. She would dial the Bank’s number and when it came time to enter the password she would pass the phone to Mr Swed. She said that when the phone was handed back to her the numbers representing the password were visible on the screen. She was able to remember those numbers by using letters connected with the keypad numbers. In that way she remembered that his password was SAM666.

  10. As far as the NIN was concerned, she knew it either because she had seen it on, and memorised it from, the Keycard, or she had memorised it from correspondence from the Bank.

  11. Mrs Swed’s main job involved shift work. She stole Mr Swed’s Keycard from his wallet or clothes when he was asleep or did not otherwise have his Keycard with him, and she would access the ATM with the Keycard. She knew his PIN because she had looked “from behind” his shoulder “sideways” when he used it himself at the ATM, and she saw the numbers he entered for his PIN and she remembered them. Mrs Swed’s evidence confirmed that Mr Swed never ever let her stand next to him.

  12. She then put the money through poker machines at a number of venues both hotels and clubs. Although she was subject to a three year ban from any gambling premises as a result of her earlier behaviour around 2001, that ban had expired by the time she commenced her defalcations in 2008.

  13. She said that Mr Swed had never given her either his password or his PIN. He had not given her his NIN but the evidence tended to suggest that he knew that she knew it because, on most accounts of the evidence, she was the person who entered the NIN when the telephone banking system was being used.

  14. Mrs Swed said that she intercepted the mail that came to the house to ensure that Mr Swed would not receive either the bank statements or the letters the Bank sent each time a transfer took place to the Keycard account. She said that she burnt those letters.

  15. When a letter finally arrived from Gadens saying that the home loan was in arrears Mrs Swed rang Gadens but was told that she would need an authorisation from Mr Swed for them to speak to her. Mrs Swed then prepared an authorisation and forged Mr Swed’s signature on it.

  16. The result of all of this was that Mr Swed was kept in the dark that the outstanding balance was constantly increasing. He thought, rather, that it was constantly decreasing.

  17. The evidence about all of these matters from Mr and Mrs Swed was not entirely consistent with the other’s evidence and Mrs Swed gave some inconsistent evidence herself about how she carried out her fraud. I shall return to that matter presently.

  18. Subject to the issue of whether the Bank has proved on the balance of probabilities that Mr Swed contributed to his losses by his acts and/or omissions, there seem to me to be only two realistic scenarios. The first is that Mr and Mrs Swed are, generally speaking, telling the truth, that is, that Mrs Swed systematically defrauded Mr Swed of the money in the Home Loan account and used it to feed her gambling habit and he knew nothing about it until 2010. The second is that Mr and Mrs Swed have conspired to provide an explanation for the Home Loan being in default and to avoid the property being re-possessed and a monetary judgment against Mr Swed.

  19. Of course, even if Mr and Mrs Swed are telling the truth, that does not mean the Bank would necessarily be unsuccessful. If the Bank can show, and the onus is on it, that Mr Swed either disclosed his password or PIN to Mrs Swed or that he acted with extreme carelessness either in relation to his password or his PIN that may mean the Bank would be successful. Certainly if it showed extreme carelessness in relation to both it would be successful. The Bank also said that it would be successful if Mr Swed disclosed his NIN or acted with extreme carelessness in relation to protecting it. In that case it would also need to show extreme carelessness with one or both of the password and PIN.

Issues

  1. The Plaintiff put forward a number of issues for determination in the case. Although these issues were not said to be agreed issues the Defendant responded to them in a manner that makes it appropriate to consider that they were agreed as issues in the case. They were these:

(1)   Did the Defendant keep the Keycard issued in a safe place as required by clause 34.1(d) of the Terms and Conditions?

(2)   Did the Defendant provide reasonable protection for the Keycard from theft as required by clause 34.1(b) of the Terms and Conditions?

(3)   Were the withdrawals made from automatic teller machines initiated through the use of the Keycard and PIN during the period from on or about 11 April 2008 to 29 December 2009 undertaken by Mrs Swed with the Defendant’s knowledge or consent?

(4)   If the answer is (3) is yes, is the Defendant liable for the withdrawals made from automatic teller machines initiated through the use of the Keycard and PIN during that period, in accordance with clause 34.2 of the Terms and Conditions?

(5)   If the answer to (3) is no, is it clear that the Defendant did not contribute to the unauthorised transactions initiated through the use of the Keycard and PIN at automatic teller machines, within the meaning of clause 34.3(f) of the Terms and Conditions?

(6)   Did the Defendant:

a)   Voluntarily disclose the PIN to anyone including Mrs Swed, in breach of clause 34.5(a)(i) of the Terms and Conditions?

(b)   Act with extreme carelessness (as defined in clause 17 of the End Notes to the Electronic Funds Transfer Code of Conduct, in breach of clause 34.5(a)(iii) of the Terms and Conditions?

(7)   If answer to (6)(a) and /or 6(b) is yes, is the Defendant liable for the losses resulting from the Unauthorised Transactions initiated through the use of the Keycard and PIN at ATMs, pursuant to clause 34.4(a) of the Terms and Conditions?

(8)   Did the Defendant select his password or was the password allocated by the Plaintiff to the Defendant?

(9)   Is it clear that the Defendant did not contribute to the unauthorised transactions relating to the Home Loan account, within the meaning of clause 39.2(f) of the Terms and Conditions?

(10)   Does the NIN fall within the meaning of the term “authentication service” as defined in Part E of the Terms and Conditions?

(11)   What does the term “authentication service” defined in those Terms and Conditions cover?

(12)   Did the Defendant:

(a)   voluntarily disclose:

(i)   the NIN, and/or

(ii)   the password,

to anyone including Mrs Swed, within the meaning of clause 39.4(a)(i) of the Terms and Conditions;

(b)   act with extreme carelessness (as defined) in failing to protect the NIN and/or the password, within the meaning of clause 39.4(a)(ii) of the Terms and Conditions?

(13)   If an answer to (12)(a) and/or (12(b) is yes, is the Defendant liable for the losses resulting from the unauthorised transactions relating to the Home Loan account pursuant to clause 39.3(a) of the Terms and Conditions?

Submissions

  1. The Plaintiff submitted that the evidence of Mr and Mrs Swed was not true, false, evasive or otherwise unsatisfactory. Counsel for the Plaintiff provided a schedule running to 25 pages of evidence to highlight why their evidence should not be accepted. The Plaintiff relied on what Campbell JA said in Tobin v Ezekiel [2012] NSWCA 285; (2012) 83 NSWLR 757 at [60] to submit that the lies told by Mr and Mrs Swed were told because they knew that the truth would not have assisted Mr Swed’s case. The truth was that Mr Swed voluntarily disclosed his NIN, password and PIN, all of which were authentication services, to Mrs Swed.

  2. The Plaintiff relied on cl 34.4(a) in relation to the ATM withdrawals and cl 39.3(a) in relation to the internet banking transactions. That involved the Bank proving on the balance of probabilities that the Defendant acted with extreme carelessness in failing to protect the security of his PIN and in failing to protect the security of his authentication service (which includes on the Bank’s case his NIN) and/or his password. The Bank put its case in the alternative. It said either the Defendant disclosed his PIN, password and NIN to Mrs Swed or he acted with extreme carelessness in a way that enabled her to find out each of those matters.

  3. The Defendant said that the issue turned only on the password and the PIN because the NIN did not fall within the definition of “authentication service”. That was because cl 39.2(b) in particular made a clear distinction between the NIN on the one hand and the authentication service on the other. The Defendant submitted that in that regard cl 39.4 only required the account holder relevantly to keep secret the password and cl 34.5, as the Defendant accepted, required the account holder to keep secret the PIN.

Assessment of witnesses

  1. It is necessary to assess the evidence of Mr and Mrs Swed in some detail because determination of the first issue entirely depends on whether they are to be believed. Their evidence is also relevant to the issue of “extreme carelessness”.

(a)   Mr Swed

  1. Mr Swed was not an entirely satisfactory witness. However, I do not think that he was assisted by the preparation of his case by the solicitors acting for him. For example, despite what was said about his limited ability with English, he purportedly swore four affidavits in English without there being any indication that the affidavits had been translated and/or read to him in Arabic. This was a matter I raised during the course of the hearing. What then happened was that the affidavits were re-sworn in identical form after they had been translated to him by an interpreter. No attention appeared to be paid to the fact that some of the information in them did not accord with Mr Swed’s understanding of what had happened or had been said to him as reported in those affidavits.

  2. In his affidavit of 20 December 2012 the Defendant said that he had a very limited command of written and spoken English and had no formal education in English. He said he learnt limited spoken English from television and in general social interaction. In a few other places he referred to his daughter and some other people providing interpreting assistance to him.

  3. He was born in 1957 in Syria and came to Australia in 1982. At the time of the first loan he had lived here for 22 years. In the loan application he described his occupation as project management of buildings where he had worked since 1995. The evidence disclosed that he had signed tax returns for himself and for a partnership said to have existed between himself and his wife.

  4. It was clear, for example, that he could understand more English than he cared to admit as was shown by the number of times he responded to questions before they could be interpreted. Although I was, therefore, inclined to the view that Mr Swed could speak and understand more English than he purported to do, I am now satisfied that his facility with English is extremely limited so that he needed to have some member of his family present when he dealt with tradesmen or bank officers, surprising as this may seem after the time he has resided and worked in this country. I note evidence from Mrs Swed, in this regard, that when he first tried to speak in English someone laughed at him, and since then he has been too embarrassed to try.

  5. I accept the evidence of his daughter Samira Trad concerning his abilities with English and also the more limited evidence in that regard of his other daughter Effie Swed. Although there is very little evidence about his education, my conclusion from having observed him in the witness box and from learning about the nature of any work he has performed, is that he is neither an educated nor a particularly intelligent or sophisticated man. I do not say that with any disrespect intended, but I mention it because I consider that it explains some of his otherwise unsatisfactory evidence. I do not think he understood some conceptually difficult questions and I started to wonder about the way some questions and answers were being interpreted because of some answers that he gave. Into that category I place the evidence about whether or not he opened the mail that came to the house and the evidence about his knowledge and understanding of the NIN.

  1. His relationship with his wife, as it had relevance to this case, was puzzling in some respects. If he is to be believed, she had caused him loss at an earlier time because of her gambling. He said he had forgiven her but not completely. That was the reason he had directed the bank not to deal with her on his behalf and was the reason he was not prepared to tell her his banking password nor give her his Keycard. It was the reason the property, the subject of this case, was in his name only unlike their previous matrimonial home.

  2. Yet his explanations for not having his daughters do his phone banking for him, except on odd occasions, were hard to understand. It may be that they were simply not available, by reasons of their jobs or school, when he needed to go to the bank or when he wanted to call the bank. When pressed a few times on why he did not get that assistance of his daughters instead of his wife he said that he did not know “that’s what happened”. The most extraordinary example of this was when he went to the bank with his wife and asked her to tell the bank officer (Ms Chi Nguyen) that he did not want his wife to be able to access his bank accounts. He admitted that he did not know what his wife actually said to Ms Nguyen. However, the eBOBS entry of 4 February 2008 tends to show that Mrs Swed told the bank officer what he had requested. I shall return to this presently.

  3. Other aspects of his evidence were unsatisfactory. When he was asked about his National Identification Number or his NIN (it was put both ways to him) he claimed not to know what that was and said he had not heard of it. However, in his affidavit first sworn on 20 December 2012 he said in paragraph 19(a):

I am advised by my wife and do verily believe that the NIN number and password were obtained by her in the following manner; - As previously stated I would regularly utilise telephone banking to ascertain the balance of my Home Loan. My wife would assist me by dialling the telephone banking number, and then to listen to the automated telephone service prompts. When it came time to enter the NIN and password she would pass the telephone to me. I would then enter the NIN and password and return the telephone to her. She would listen to further prompts and return the telephone to me and I would hear an amount. I believed that this amount was the remaining balance to payout the account. I am now aware that the amount I was listening to was the amount available to redraw. My wife has subsequently advised me that she was able to obtain the NIN and password by pressing the last number dialled function on the telephone.

  1. Further, he gave this evidence (T 92.16 -21):

Q. To complete this line of questioning. Sir when your wife assisted you with using the National Australia Bank telephone banking service, at a point she said to you words to this effect “What is your NIN”?

A. INTERPRETER: Yeah I would key in like this, I’ll give her back when I finish, she finishes these things and then she will hand it back to me, the phone.

and later (T 100.42 – 101.2):

Q. When your wife assisted you with making telephone transfers from your home loan account to your keycard account, did she ring the number of the National Australia Bank and at times ask you to enter into the phone your NIN and your password?

A. INTERPRETER: Yes.

Q. Is it the case that this is what may have occurred, that your wife simply said to you, "Joul what's your NIN and Joul what's your password?" and you told her that to enable her to make these redraws that you’ve referred to?

A. WITNESS: Never.

A. INTERPRETER: He said never.

  1. The impression I was left with was that Mr Swed did not really understand the concept of the NIN and confused it with the password as the above extract tends to make clear. Further, paragraph 19(a) of his affidavit (set out above) seemed to me to be an example of where he swore affidavits not fully understanding what was contained in them.

  2. The evidence concerning his tax returns was unsatisfactory. His personal tax returns and those of an apparent partnership with his wife for the tax years 2001 and 2002 were in evidence. They were all prepared by a tax agent, Farid Anissa of F Anissa & Associates of Wardell Road, Dulwich Hill. Both Mr and Mrs Swed denied any knowledge of Mr Anissa or any tax agent in Dulwich Hill. Yet Mr Swed accepted that the signatures on those tax returns were his.

  3. The only relevance of these tax returns was that they showed Mr and Mrs Swed in a partnership carrying out project management for house construction. In all probability the houses concerned were the properties in Speed Street, Liverpool. Mr Swed did not remember anything about such a partnership although he gave evidence about the building of the houses at Speed Street in the context of cross-examination about his ability with English. The thrust of the evidence was that his wife, and occasionally one of his daughters, was the go-between with the tradesmen because of Mr Swed’s limited English skills.

  4. I accept that, as the Plaintiff’s schedule shows, Mr Swed gave some evidence which was internally inconsistent and could, on one view, give rise to doubts about his honesty. Nevertheless, I am satisfied from a consideration of all of the evidence, including that of Mrs Swed (to whom I shall come) and his daughters that Mr Swed was telling the truth when he said that he did not give his banking password, nor his PIN to Mrs Swed or to anyone else. I am also satisfied that he did not give Mrs Swed his NIN but his evidence demonstrates that he probably knew that she knew it. Although the evidence given was somewhat contradictory, I am satisfied that it was Mrs Swed who entered the NIN whenever she accessed telephone banking, whether on Mr Swed’s behalf or when she did so without his knowledge and consent.

(b)   Mrs Swed

  1. I thought Mrs Swed, despite being an unsatisfactory witness in a number of respects, was an intelligent woman. She appeared to have a good deal of street-cunning that one might expect in an addict who needed to hide their addiction and consequent wrongdoing from others. The evidence clearly demonstrates that she had, and probably still has, a gambling addiction or, more specifically, an addiction to poker machines. The evidence, particularly from her daughters, satisfies me not only of her addiction to poker machines but also that the family has been riven since the defalcations from the home loan account were exposed.

  2. Although she was, at times, histrionic when giving her evidence, probably the product of her culture, I thought her remorse was genuine for the damage she recognised that she had done to her family and to her marriage. At times I thought her level of emotional distress caused her to become confused in her evidence.

  3. There is no doubt that she gave inconsistent evidence about the way she had managed to perpetrate the fraud. But the inconsistencies went only to the precise detail of her actions and not to the heart of her deceptions. The inconsistencies were best demonstrated by her account of what exactly she did when she accessed the telephone banking system at the behest of her husband so that he could ascertain the balance owing on the account.

  4. Her evidence was that on one occasion she waited until the voice on the system was about to say what the amount available for re-draw was and then she put the phone on loud speaker so that Mr Swed heard what he thought was the balance. In fact, on that particular occasion, Mr Swed picked up that the balance was $20,000 less than he was expecting. On all other occasions Mrs Swed would listen herself to the balances and would then write the amounts in the diary (Exhibit A). At first the figures were accurate, but thereafter Mrs Swed wrote down figures that suggested the loan was gradually being paid off. In that way, since that amount was diminishing as a result of her frauds, Mr Swed would think that the balance was being paid off. If she had let him hear the balance, he would realise that something was wrong because the balance of the indebtedness was in fact increasing.

  5. In cross-examination about this evidence she said that she used the loud speaker button in that way “once, twice, not, not many times” after 2008. However, at a later time in her cross-examination, and just after she had become so upset that it was necessary to take a break, she said that before 2008 (when she was being honest) she was putting the phone on speaker to let Mr Swed hear what the amount was that could be drawn down.

  6. Her evidence then continued:

Q. You have said that when you were using telephone banking in the presence of your husband, you put the phone on speaker when it told you what you're allowed to draw down, haven't you?

A. Yes I have said that, but that was before 2008.

Q. Before 2008, you were what you’ve described as being honest.

A. Yes. That's why I was putting it on speaker. I wasn’t scared of anything.

Q. Then why didn't you put the phone on speaker for the entire call?

A. Because then I wasn’t honest.

Q. I'm sorry, before 2008 you said you were honest.

A. Yes.

Q. If you placed the phone on speaker before 2008 why didn't you place the phone on speaker for the entire call?

A. I don't know. It wasn’t - he just wanted to hear the balance, no the prompts.

HIS HONOUR

Q. I thought you said earlier that after you'd heard the balance of the account, you then put the phone on speaker so that he would hear the redraw amount because that was closer to what he thought the balance should be.

A. That, that was not on speaker then. That was on his ear because it was too close together. It, it tells me what the redraw amount is and then it - sorry, it tells me what the balance of the loan is and then straight away - for instance it says, "The balance of your account is" and then redraw account straight away after it. So I'm, I'm right next to him. So I straight away I put it on his ear he can hear it and that's what I let him ear, was the redraw amount.

NEWTON

Q. You would only let him hear the redraw amount‑‑

A. Once, that happened once.

Q. ‑‑after 2008.

A. That was only once.

Q. And that was after 2008?

A. Yes.

Q. And when you did this after 2008, you let him hear the redraw amount by hitting the speaker button.

A. No.

Q. That was your evidence that you gave earlier today.

A. Well I probably misunderstood or I didn't explain it properly but never, ever - I did use the speaker button only prior to 2008 because I didn't care and I had it - from the time it tells me what the, the loan balance is and what, what the redraw amount is, so I didn't care. But after that, all I had to hear was - it was just on my ear, as soon as I heard that I put it on his ear and I think it only happened once. I honestly think only once.

Q. You're quite sure about that?

A. Yes.

Q. And it was after 2008?

A. It was after 2008.

Q. Let me read from the transcript at page 174, beginning at about line 12, the questions and answers that were asked and given in relation to this issue.

"Q. With the telephone banking, from time to time did you help Joul get an account balance by the telephone banking service of the NAB during the time you were gambling?

A. Yes.

Q. What happened when you did that? How did you handle that?

A. I just followed the prompts and he took the phone, again put in the password, gave me the phone and then I told him what the balance was. At one stage he wanted to hear the balance and I didn't - I put it on speaker but I didn't put it on - the balance was closely to - there's - the phone gives you two balances. One that is what you can draw down and one, what the actual loan is and I put it on speaker when it tells me what you're allowed to draw down cause that was closer to what he thought it would be, only it was 20,000 less."

A. Yes.

Q. Is that answer true?

A. I, I, I don't know. Honestly when I say that, when I say that to you, I don't - that, that is not what had happened. What had happened is what I said, is I put it on his ear and honestly I, I can't remember even how I did it. I really cannot remember how I did it but I swear to God that I did put it on his ear and say, "Look this is what the balance is." It was so quickly that I wanted him to forget about it, cause I didn't want him to find out what had happened.

Q. The evidence that I just read that you gave under oath‑‑

A. Yes.

Q. ‑‑is it true?

A. No. No, I - I'm not saying I'm lying, but I, I did check his balance. I swear to God I have not been lying about anything. What I'm saying is, it probably didn't happen exactly like that, exactly like that, I didn't put it on speaker, maybe I just put it on his ear but I just can't remember how I did it, but I swear to you he never knew about it, I did it and I let him that one time hear the redraw balance and I can't, I can't exactly remember if I put it - but I'm sure, I put it on his ear because it's too close. I'm sure I did that, I did it that way.

Q. If you're quite sure‑‑

A. Yeah.

Q. ‑‑you put it on his ear, why did you say earlier in evidence under oath, you put the phone on speaker?

A. Maybe to say that he heard it. I don't know why I said that. Maybe to say that he heard it. Maybe at the time I thought I put it on speaker but I - now, I remember, I swear I put it on his ear.

Q. Is your evidence now that you did not put the phone on speaker?

A. No, probably not. I, I don't know. I honestly - I don't know what I did. I know, know I put it on his ear, no I didn't put it on speaker.

Q. If it’s not true, why did you say it?

A. I don't know. I, I - do you think what I'm doing is fun? I don't know. I'm, I'm not - I don't know. I don't know.

Q. Not only is your evidence about putting the phone on speaker not true, you knew at the time you gave that evidence it was not true, didn't you?

A. No I did not. No I did not and I probably did not even mean that I put it on speaker. I just meant that I made him hear. I - probably that's what I meant. If you notice he - even here now, I'm saying things that I, I mean something else - it - most of the time. When you say to me after 2008 how many times did you - I said, I used to let him hear because I - you know, and then you say to me after 2008, then I say no, because I wasn’t scared before 2008. I've never been in court in my life and I'm nervous, I'm scared. I'm sorry your Honour. I really am. You're - and you're not - you're making it harder for me because I don't know what I'm saying. I - he did - he knew nothing about it as God is my witness. He knew nothing about it.

  1. Mrs Swed could not provide an explanation about why, when her husband wanted to check the account balance at a time when she was still being honest with him, she did not just show him the bank statements. Her explanation, that it was possibly the fault of Australia Post and that they weren’t getting all of their mail, sounded like a justification for not doing what was obvious.

  2. I do not think Mrs Swed always told the truth in her evidence. Certainly, parts of her evidence were quite unreliable as the above passage shows. Whether that is because Mrs Swed has spent so much time lying and deceiving her husband and family that truth does not come easily to her or because she can no longer remember what is true and what is not in relation to what she did, her evidence must be approached with considerable caution and reservation.

  3. I am entirely satisfied, however, that Mrs Swed embarked on a course of conduct which was designed to satisfy her gambling addiction, and that conduct involved the systematic deception of her husband in relation to the bank loan. The bank statements show clearly the location of the ATMs to which she usually resorted and that supports her evidence that she was withdrawing the money to feed her gambling habit. The evidence of the diary where she wrote the fictitious balances is corroborative of her evidence. The evidence of how her deception was uncovered (stealing her son’s insurance moneys) is further support for her evidence of what she was doing. The evidence of Mr Swed going with his daughter to the bank to complain of the absence of bank statements also tends to support Mrs Swed’s evidence that she was intercepting the correspondence from the Bank coming to the house.

  4. Her evidence that Mr Swed never provided her with his password or his Keycard is consistent with his evidence and that of their daughters. It is also supported by the undoubted evidence that Mr Swed had told the Bank that Mrs Swed had no authority to operate on his accounts.

  5. A significant document in that regard was what was described as a screen image from the Bank’s electronic record keeping system known as eBOBs. According to an internal report by an employee of the Bank, Mark Moroney, a narrative was added in respect of the Defendant’s accounts on 27 September 2005 in these terms:

Mrs Nancy Swed is to have no access to

these accounts under any circumstances

Please contact Mr Swed

  1. What was said to be an amendment (although there is no change to the text) was completed on 4 February 2008 by Chi Nguyen as follows:

MRS NANCY SWED IS TO HAVE NO ACCESS TO

THESE ACCOUNTS UNDER ANY CIRCUMSTANCES.

PLEASE CONTACT MR SWED

It may reasonably be inferred from the date of this entry, which coincides with the date of the final restructuring of the loan, that this instruction was reiterated by Mr Swed at that time.

  1. At some point a mobile phone number was added to the system after the words “Mr Swed” as follows:

- 0420xxxyyy

  1. There was then a further amendment by Chi Nguyen on 5 March 2008 and the narrative read after that amendment:

MRS NANCY SWED IS TO HAVE ACCESS TO

ACCOUNT AS PER CALL FROM MR SWED 5/3/08

0420 xxx yyy

  1. Mr Swed denied that he provided that authority to the Bank. The Bank did not call Ms Nguyen to give evidence about these entries nor of her dealings with Mr and Mrs Swed. If it was Mr Swed who authorised that last change to permit Mrs Swed to have access to the accounts I would have expected Ms Nguyen or someone else from the Bank to be called to say so. I am entitled to draw an inference that their evidence in that regard would not have assisted the Bank’s position. Accordingly, I accept Mr Swed’s evidence that he did not authorise that change. His evidence that he did not do so is entirely consistent with his behaviour after he discovered the defalcations. The likelihood is that it was Mrs Swed impersonating her husband as she had done when she rang to find out what his NIN was at a time when she said that she had forgotten it.

  2. The Plaintiff relied on admissions made by Mr Swed both as a result of his failure to contest the Notice to Admit Facts and by what was accepted on his behalf at the hearing of a Motion seeking leave to withdraw the deemed admissions. The end result was that the following matters were admitted from the Notice to Admit Facts:

1.   That on or about 1 February 2008, you received a letter from the plaintiff dated 1 February 2008, together with the attachments referred to in that letter, comprising of:

(a)   the Loan Facility Agreement Details dated 1 February 2008; and

(b)   the Facility Agreement General Terms dated April 2007,

(true copies of which are marked '"'A'' in the attachment to this notice).

2.   That the signature appearing under "signature of borrower" on page 9 of the Loan Facility Agreement Details dated 1 February 2008 (found in attachment "A" to this notice referred to above) is your signature.

3.   That on or about 1 February 2008, you received a copy of the Personal Transaction and Savings Products Terms and Conditions dated 8 October 2007 (marked "B" in the attachment to this notice).

4.   That on or about 24 May 2008, you received a copy of the Personal Transaction and Savings Products Terms and Conditions dated 24 May 2008 (marked "C" in the attachment to this notice).

5.   That on or about 25 June 2004 you received a Personal Identification Number (PIN) from the plaintiff in relation to the Key Card Account, account number [aa-bbb-cc dd].

  1. The following matters were accepted at the hearing of the Motion, as evidenced by a letter from the Bank’s solicitors to the Defendant’s solicitors:

We confirm that at the hearing, your client, by his counsel, conceded that the following documents and things were posted to and received at 000 XXXXX YYYYY, Heckenberg on or about the dates shown:

1.   The Personal Identification Number (PIN) in relation to the Key Card Account, account number [aa-bbb-ccdd], was sent and received on or about or about 25 June 2004.

2   Loan account statements in relation to the Home Loan Account, account number [xx-yyy-zzzz], were sent and received every 6 months during the period from February 2008 to February 2012 (duplicate copies of which are marked "D" and attached to the Notice to Admit Facts and Authenticity of Documents dated 27 March 2013).

3.   Loan account statements in relation to the Key Card Account, account number [aa-bbb-ccdd], were sent and received each month during the period from March 2008 to March 2011 (duplicate copies of which are marked "E" and attached to the Notice to Admit Facts and Authenticity of Documents dated 27 March 2013).

4.   Each of the letters, copies of which are at pages 69 to 218 of the Exhibit "AM-EX-2" to the affidavit of Anshul Malhotra sworn on 4 February 2013, were sent and received on or about the date of each letter.

  1. In any event, the evidence of Mrs Swed confirmed the documents that were accepted on Mr Swed’s behalf as having been received at the property. What, however, was not conceded by Mr Swed, and the contrary was asserted by Mrs Swed, was that any of the documents identified were actually seen by Mr Swed. Other evidence tends to confirm this, at least in relation to the loan account statements. Mr Swed’s evidence, supported by that of his daughter, was that he did not receive bank statements as he expected and for that reason went to the Bank on more than one occasion to find out why he had not received them. Because Mrs Swed intercepted the letters that were forwarded each time a draw down was made on the home loan account, Mr Swed had no idea that such letters should have been sent. Accordingly, he made no enquiry about those letters.

  2. Whilst I accept that the evidence of each of Mr and Mrs Swed was not entirely satisfactory I accept the general thrust of their evidence. That is to say, I accept that Mr Swed did not disclose his password nor his PIN to Mrs Swed at any time. A number of matters provide support for this. First, there is no doubt on the evidence of all of the members of the family that Mrs Swed had earlier had a gambling problem which caused the family financial loss. As a result Mr Swed took the steps I have mentioned to minimise the risk of further losses from her gambling. Although, as he said, he may have forgiven her, he was still wary of what she might do. Particularly for that reason he gave instructions to the Bank not to let her give any instructions with regard to the account nor was she permitted to operate on the account.

  3. Secondly, Mr Swed refused to give his daughters, whom he trusted entirely, his password or his PIN. If he would not do that, it makes no sense that he would have given his private information to Mrs Swed.

  4. Thirdly, when it was ascertained that there were problems with the balance on the account he did not initially confront Mrs Swed about the matter. That would have been the obvious response if he had given her his password and his PIN. Rather, he went to the Bank believing that the Bank officer who had the right to operate on the account had done something that brought about the increased debit balance. When it was ascertained that that was not the case he went with his daughter straight to the police to report the matter to them. The report was not that his wife had done anything but that someone had interfered with the account.

  5. Fourthly, Mr Swed acknowledged in his affidavit of 21 May 2014 that a number of drawdowns were for expenses that he knew and authorised. That tends to support his honesty.

  6. Fifthly, Mrs Swed’s conversations with the Bank’s solicitors Gadens (Exhibit 3) tend to show that she was intercepting the mail as she said, and that she was trying to fend off action by the Bank to prevent her fraud becoming exposed.

  7. Sixthly, Mr Swed was able to use, and did use, ATMs himself. He had no reason to give Mrs Swed his PIN for any reason associated with assistance he might need.

  8. Finally, if Mrs Swed had been given the password and PIN by Mr Swed it would make little sense for her to have come to Court to confess that she engaged in this systematic fraud unless there was a conspiracy with Mr Swed for the purpose of avoiding the Bank retaking possession of the property and pursuing Mr Swed to a monetary judgment. Whilst she was protected by the s 128 certificate she had already confessed to the fraud in circumstances that gave her no protection from prosecution.

  9. I do not accept that there is any such conspiracy. Such a conspiracy would have involved the daughters Samira and Effie who gave evidence in the case. Their evidence relevantly corroborated the evidence of Mr Swed and Mrs Swed in relation to what Mrs Swed has done. It is significant in my opinion that the decision to call Samira and Effie to give evidence was a decision made only after it became apparent from the evidence of Mr and Mrs Swed that they would need to be called. No statement or affidavit had ever been served by them because there was no intention of calling them. The need to call them arose from the evidence of their parents. I thought that they were honest witnesses doing their best to tell the truth, and in respect of most of their evidence I found it to be reliable.

Did Mr Swed act with “extreme carelessness”?

  1. The other issue which must be determined is whether Mr Swed acted with extreme carelessness with respect to his password and PIN. The preliminary issue which must be determined is whether his NIN was an authentication service so as to fall within cl 39.4.

  2. The Bank subscribed to the ASIC Electronic Funds Transfer Code of Conduct which was relevantly exhibit 5 in the proceedings. Clause 1.1(b) provided that Part A of the Code governs the rights and duties of account institutions and users including account holders. Clause 2.1 provided:

Account institutions will prepare for their users clear and unambiguous Terms and Conditions applicable to EFT transactions, which reflect the requirements of this Code. The Terms and Conditions are to include a warranty that the requirements of this Code will be complied with. The Terms and Conditions will not provide for or be effective to create liabilities and responsibilities of users, which exceed those set out in this Code.

  1. The Bank’s Terms and Conditions were prepared in compliance with that Code. There was a considerable overlap in the expression of obligations, rights and duties prescribed by the Code and those set out in the Terms and Conditions. However, as noted earlier, different terms or definitions are used in the Code from those used in the Terms and Conditions. In particular the Code refers to “code”, “identifier” and “device”, none of which terms are used in the Terms and Conditions. On the other hand “password” and “authentication service” used in the Terms and Conditions do not appear in the Code.

  2. An important term used in both the Code and the Terms and Conditions is the expression “extreme carelessness”. Those words are not defined in the Terms and Conditions. Clause 5.6(e) of the Code makes reference to the user acting “with extreme carelessness”. As noted earlier at [21] the sub-clause contains a reference to an foot note in the Code. I have there set out the meaning of “extreme carelessness” but it is appropriate to set it out again.

  3. The foot note says this:

“Extreme carelessness” means a degree of carelessness with the security of the codes which greatly exceeds what would normally be considered careless behaviour. For example, storing the user’s user name and password for Internet banking in a diary or personal organiser or computer (not locked with a PIN) under the heading “internet banking codes”.

An access method may also include identifiers but the security of identifiers is irrelevant to liability under clause 5.5.

  1. The definition of “identifiers” (also in [21] above) makes it clear that they are not required to be kept secret, and the last paragraph of the above quoted footnote reinforces that position. Further, footnote 9 says that an identifier may be, for example, an account number, card number, card expiry date.

  2. In the circumstances that the Bank was required to prepare Terms and Conditions which did not create liabilities and responsibilities that exceed those set out in the Code, the meaning given to “extreme carelessness” in the end note should be taken as the proper meaning of the expression when used in the Terms and Conditions.

  3. The definition of “authentication service” refers to a “device and/or mechanism”. “Device” is only defined in the Code, and it is a physical thing such as a card, token or biometric reader used with electronic equipment. The Terms and Conditions define “electronic equipment” that includes a telephone and an ATM used in conjunction with a card. “Mechanism” is nowhere defined, but any dictionary definition suggests a physical thing except as the word is used in a philosophical sense. On that basis it seems unlikely that a NIN would fall within “authentication service”. What a NIN most readily falls within is the definition of “identifier” in the Code.

  4. What more clearly suggests that a NIN does not fall within “authentication device” is cl 39.2(b) where three different things are identified, being (1) NAB ID (which is a NIN), (2) an authentication service, and (3) a password. Despite the separate identification of those matters, other clauses in Part E tend to connect authentication service and password as if they might sometimes, but not always, be one and the same – see clauses 39.2(c), (e) and (f), 39.3(a), (b), (c), 39.4(a) and 39(6). On the other hand clause 38 deals fairly exhaustively with NAB IDs, and the provisions contain no restriction such as cl 39.4 imposes in relation to “authentication service and/or password”.

  5. Finally, the NIN is written on the Keycard itself. The card is a debit card which can be used at EFTPOS facilities and at other electronic equipment (Clause 29). The card may therefore need to be handed to a merchant, for example. A card owner has an obligation to keep their card safe but is not under an obligation not to hand the card to another person. The obligation is not to disclose the PIN (Clause 34.5).

  6. On a proper construction of the Terms and Conditions and the Code the NIN is not an authentication device, and the person to whom the NIN is issued is not required to keep it a secret. The NIN is more properly described as an “Identifier” in the Code although that term is not to be found in the Terms and Conditions. An identifier is not required only to be known to the user.

  7. If I am wrong in determining that the NIN is not, as a matter of construction, an authentication device, I consider that the width of the definition of authentication device creates an obligation or responsibility which exceeds those set out in the Code contrary to clause 2.1 of the Code. That would mean that the obligations attached to an authentication device could not apply to a NIN.

  8. It is necessary next to determine if the Bank demonstrates that Mr Swed acted with extreme carelessness in relation to his password and his PIN.

  9. Since I have determined that Mr Swed did not tell Mrs Swed what his password or PIN were it is clear, and I so find, that Mrs Swed ascertained Mr Swed’s password by reading the numbers he entered on the phone used to access the telephone banking system. I accept, as I have noted already, that Mrs Swed gave inconsistent evidence about the detail of what happened when she rang telephone banking on Mr Swed’s behalf. However, the inconsistencies did not relate to her evidence of what happened at the time it became necessary for Mr Swed to enter his password.

  10. Mr Swed’s oral evidence was consistent also about the entry of the password. However, paragraph 19(a) of his affidavit of 20 December 2012 included the NIN with the password, to the effect that Mrs Swed handed him the phone to enter his both his NIN and his password (see [56] above). The Bank pointed to this evidence to contrast it with other evidence of Mr Swed’s, particularly his evidence where he claimed not to know what a NIN or a National Identification Number was. The Bank pointed to the fact that the affidavit of 20 December 2012 was reaffirmed during the trial when it was interpreted to him by an interpreter, and Mr Swed made no changes to what appeared in paragraph 19(a).

  11. In my opinion, what is contained in paragraph 19(a) is unreliable. I am convinced that Mr Swed has not properly understood what was contained in that paragraph. It contains some factually incorrect material, namely, that Mrs Swed was able to see the NIN and the password by pressing the “last number dialled” function, as the Bank accepted in its written submissions. Further Mr Swed’s evidence that he did not know what the NIN was showed genuine confusion about what was being asked about. The material in that paragraph conflicts with the oral evidence of both Mr Swed and Mrs Swed that the phone was handed to him to enter his password. I accept that oral evidence.

  12. I do not consider that by entering his password and handing the phone back to Mrs Swed Mr Swed acted with extreme carelessness. It was not even reasonable for him to have considered that if he did so Mrs Swed would see and remember the password numbers. The test is considerably higher than acting unreasonably in any event. The example given in the footnote to the Code of what might constitute extreme carelessness shows that what Mr Swed did was in a different category altogether. There was no evidence to show that Mr Swed knew that the numbers he entered would be visible to Mrs Swed when he handed the phone back to her, let alone that she would try, or be able, to remember it..

  13. In relation to his PIN Mr Swed gave evidence that if he used the ATM when Mrs Swed was with him he made her stand a metre or a metre and a half away so that she would not be able to see what he entered on the key pad. Mrs Swed’s evidence was that she was able to look around him to the side and see the number he entered. The Bank submitted that this evidence should not be accepted because the respective sizes of Mr and Mrs Swed would have made that impossible.

  14. All the evidence suggests that Mr Swed did what he could to keep both his password and his PIN secret from Mrs Swed in particular. There is no other evidence of how Mrs Swed could have obtained his PIN. Her evidence of how she managed to see it is not so fanciful that it cannot be believed. It is possible for persons to observe the entry of a PIN because of where the keypad is located. Mrs Swed is a clever woman and one who appears to have perfected deception in various guises to feed her gambling habit. I consider that her evidence of how she came to know Mr Swed’s PIN should be accepted.

  15. I do not consider, however, that this conclusion means that Mr Swed acted with extreme carelessness in relation to the entry of his PIN. Both his evidence and that of Mrs Swed was that he did what he could to prevent her being able to see what he was doing at the ATM. If he did not realise that she was closer than he thought, that cannot be characterised as extreme carelessness.

Conclusion

  1. It is appropriate to provide answers to the questions asked as issues in the case in the light of my reasons above:

(Q1)   Did the Defendant keep the Keycard issued in a safe place as required by clause 34.1(d) of the Terms and Conditions?

(A1)   There is no evidence to the contrary and the onus is on the Bank

(Q2)   Did the Defendant provide reasonable protection for the Keycard from theft as required by clause 34.1(b) of the Terms and Conditions?

(A2)   There is no evidence to the contrary and the onus is on the Bank.

(Q3)   Were the withdrawals made from automatic teller machines initiated through the use of the Keycard and PIN during the period from on or about 11 April 2008 to 29 December 2009 undertaken by Mrs Swed with the Defendant’s knowledge or consent?

(A3)   No except for those identified in the affidavit of 21 May 2014 of the Defendant.

(Q4)   If the answer is (3) is yes, is the Defendant liable for the withdrawals made from automatic teller machines initiated through the use of the Keycard and PIN during that period, in accordance with clause 34.2 of the Terms and Conditions?

(A4)   Not applicable.

(Q5)   If the answer to (3) is no, is it clear that the Defendant did not contribute to the unauthorised transactions initiated through the use of the Keycard and PIN at automatic teller machines, within the meaning of clause 34.3(f) of the Terms and Conditions?

(A5)   The Defendant did not contribute to the unauthorised transactions.

(Q6)   Did the Defendant:

a)   Voluntarily disclose the PIN to anyone including Mrs Swed, in breach of clause 34.5(a)(i) of the Terms and Conditions?

(A6(a))   No.

(b)   Act with extreme carelessness (as defined in clause 17 of the End Notes to the Electronic Funds Transfer Code of Conduct, in breach of clause 34.5(a)(iii) of the Terms and Conditions?

(A6(b))   No.

(Q7)   If answer to (6)(a) and /or 6(b) is yes, is the Defendant liable for the losses resulting from the Unauthorised Transactions initiated through the use of the Keycard and PIN at ATMs, pursuant to clause 34.4(a) of the Terms and Conditions?

(A7)   Not applicable.

(Q8)   Did the Defendant select his password or was the password allocated by the Plaintiff to the Defendant?

(A8)   The evidence did not make this clear but there is nothing to suggest that it was the choice of the password that enabled the defalcations.

(Q9)   Is it clear that the Defendant did not contribute to the unauthorised transactions relating to the Home Loan account, within the meaning of clause 39.2(f) of the Terms and Conditions?

(A9)   The Defendant did not contribute to the unauthorised transactions.

(Q10)   Does the NIN fall within the meaning of the term “authentication service” as defined in Part E of the Terms and Conditions?

(A10)   No.   

(Q11)   What does the term “authentication service” defined in those Terms and Conditions cover?

(A11)   The term “authentication service” would cover the password and the PIN but may refer to other things. It does not refer to the NIN.

(Q12)   Did the Defendant:

(a)   voluntarily disclose:

(i)   the NIN, and/or

(A 12(a)(i))   No.

(ii)   the password,

to anyone including Mrs Swed, within the meaning of clause 39.4(a)(i) of the Terms and Conditions;

(A 12(a)(ii))   No.

(b)   act with extreme carelessness (as defined) in failing to protect the NIN and/or the password, within the meaning of clause 39.4(a)(ii) of the Terms and Conditions?

(A 12(b))   No.

(Q13)   If an answer to (12)(a) and/or (12(b) is yes, is the Defendant liable for the losses resulting from the unauthorised transactions relating to the Home Loan account pursuant to clause 39.3(a) of the Terms and Conditions?

(A13) Not applicable.

  1. In the circumstances there should be a judgment for the Defendant.

**********

Decision last updated: 18 September 2015

Actions
Download as PDF Download as Word Document


Cases Citing This Decision

0

Cases Cited

1

Statutory Material Cited

1

Tobin v Ezekiel [2012] NSWCA 285
Tobin v Ezekiel [2012] NSWCA 285