Who is responsible for fraudulent card transactions: new position of the Court of Appeal

The issue of liability for unauthorized transactions with bank cards remains one of the most acute in banking disputes. Should a client pay money if he claims to have become a victim of fraud? The answer to this question was provided by the Court of Appeal in case No. 756/9671/24.

The essence of the dispute

The bank applied to the court with a demand to collect the debt under the credit agreement. Part of this debt arose as a result of transactions that the client denied – in particular, expenses abroad in retail chains and at gas stations.

The court of first instance partially sided with the client, recognizing that the disputed transactions were not proven to be authorized. However, the appeal radically changed the approach.

Key position of the court

The Court of Appeal formulated an important legal conclusion:

if transactions are carried out using a card and entering a PIN code – the client is liable.

The court emphasized that:

using a card with physical presentation and entering a PIN code indicates proper identification;
in this case, the user is presumed to be responsible;
it is the client who must prove that the transactions were fraudulent.
When the client may be exempted from liability

The court outlined the exceptions when the bank must prove the legitimacy of the transactions:

if the card was not physically presented;
if there was no electronic identification (for example, without a PIN code or confirmation).

In this case, such circumstances were not established.

Why the first instance decision was overturned

The Court of Appeal pointed to a number of shortcomings in the first instance decision:

the results of the international payment system check were not taken into account;
the account statement was not examined;
the bank’s evidence was not properly assessed;
the explanations and materials of law enforcement agencies were not taken into account.

As a result, the decision was overturned, and the bank’s claim was fully satisfied.

Conclusions for card users

This case forms an important practice:

using a PIN code is actually equated to confirming a transaction;
a simple denial is not enough – evidence of fraud is needed;
the responsibility for keeping the card and PIN code safe lies with the client.
What does this mean for practice

Case law is moving towards increasing the responsibility of payment instrument users. For lawyers, this is a signal: in disputes with banks, proving the fact of unauthorized access, and not just denying transactions, is becoming key.