HARVEY BARTLE, III, District Judge.
This case involves the effort of a law firm to recover money from its bank which it alleges a computer hacker stole from the law firm's bank account by deceiving a law firm shareholder.
Plaintiffs Gary L. Bragg, Esq. ("Bragg"), Alvin M. Staffin, Esq. ("Staffin") and the law firm of O'Neill, Bragg, and Staffin, P.C. ("OBS") have sued defendants Bank of America Corporation and Bank of America, N.A. ("Bank of America") for breach of several written agreements plaintiffs had with Bank of America. Plaintiffs also allege violations of the Pennsylvania Commercial Code, 13 Pa. Cons. Stat. Ann. § 4A211, and a federal regulation related to electronic fund transfers, 12 C.F.R. § 205.17(d)(5). Finally, the complaint contains two counts of negligence.
Before the court is the motion of Bank of America to dismiss the first amended complaint for failure to state a claim for relief under Rule 12(b)(6) of the Federal Rules of Civil Procedure.
When deciding a Rule 12(b)(6) motion, the court must accept as true all factual allegations in the complaint and draw all inferences in the light most favorable to the plaintiffs.
The following factual allegations from plaintiffs' detailed amended complaint are taken as true for present purposes. OBS is a law firm based in Warminster, Pennsylvania that provides real estate and corporate legal services. Bragg is a shareholder and president of OBS while Staffin is a shareholder and vice president of OBS.
In compliance with Pennsylvania law, OBS maintains with Bank of America an Interest on Lawyers' Trust Account ("IOLTA") for the receipt and management of client funds. Within its one IOLTA, OBS designated numerous subaccounts to identify funds by client.
In 2017 Bragg, on behalf of OBS, provided legal counsel to an entity known as Eagle Funding with respect to loan transactions with a borrower, Midtown Resources. In connection with that work, Bragg created an IOLTA subaccount numbered 728 and titled "Eagle Funding Midtown Loan."
Sometime on or before December 6, 2017, a computer hacker working on behalf of an entity called Cochen International Ltd. ("Cochen") surreptitiously gained access to Bragg's email account. The hacker created email correspondence, which appeared to originate from Bragg's email address and was directed to Staffin. The correspondence demonstrated knowledge of the Eagle Funding loan to Midtown. The hacker, posing as Bragg, requested that Staffin send a wire for $580,000 on behalf of Eagle Funding to a Bank of China investment account in Hong Kong that was allegedly owned by Midtown Resources. The emails, which were attached as an exhibit to the first amended complaint, read in relevant part:
At the time of these emails, Bragg was in Seattle, Washington. Staffin thus believed that Eagle Funding required a transfer in a time-sensitive manner and that Bragg was unable to execute the transfer while travelling on the west coast. Staffin was further convinced of the emails' authenticity based on the hacker's familiarity with the Eagle Funding representation and the IOLTA subaccount number, along with the use of Staffin's nickname, Mel.
At 5:22 p.m. that day, December 6, Staffin contacted Bank of America via telephone to initiate a wire transfer request for $580,000 from the Eagle Funding IOLTA subaccount, as requested by the hacker. At the time of the wire request, the Eagle Funding IOLTA subaccount had only a balance of approximately $1,900. At 5:50 p.m., Bank of America called Staffin to validate the wire request. Staffin provided a personal identification number ("PIN") for the account and confirmed the wire instructions. Thereafter at 5:52 p.m. on December 6, Bank of America issued a wire confirmation report stating that the $580,000 had been withdrawn from plaintiffs' IOLTA.
Shortly thereafter, Staffin telephoned Bragg to discuss the transfer. Bragg explained that he had not received a transfer request from Eagle Funding and had not sent the email instructing Staffin to make the transfer. Realizing that OBS had been victimized by a computer hacker, Staffin contacted Bank of America at 7:07 p.m. that evening to request that the transfer be stopped. An employee of Bank of America informed Staffin that the Bank could not stop the transfer until the funds were actually received by the Bank of China. The employee suggested that Staffin submit a wire recall request to the Bank of China. Because the Eagle Funding subaccount contained only $1,900, the employee also expressed surprise that the transfer request had not been flagged as suspicious by Bank of America's risk department.
At the same time, Bragg called Bank of America's check fraud claims team and spoke with an employee on that team. The employee informed Bragg and Staffin, who was then conferenced into the call, that "he could request the funds back, but the client would need to check their [sic] account the next day to see if the attempt was successful. If unsuccessful, the client may call the Money Movement team between 8a-8p ET." During this time, the online report for the Eagle Funding IOLTA subaccount indicated that the transfer was "processing."
In the meantime, the wire transfer for the full $580,000 was received by the Bank of China at 5:00 a.m. Philadelphia time on December 7, 2017. Because the money in the Eagle Funding subaccount was insufficient to fund the transfer, Bank of America had withdrawn funds to cover the transfer from other subaccounts of plaintiffs' IOLTA and thus had withdrawn funds of other clients of OBS.
At 8:35 a.m. on December 7, 2017, Staffin contacted Bank of America to initiate a wire recall request from the Bank of China. Staffin also spoke with a member of Bank of America's fraud monitoring team, who confirmed the wire recall request and informed Staffin that he would receive updates on the status of that request from a Bank of America representative. In addition, Staffin reported the wire fraud to the Federal Bureau of Investigation.
Later on December 7, the hacker, again posing as Bragg, contacted Staffin in attempt to secure another wire transfer of $980,000 from the Eagle Funding account to the Bank of China. After Staffin offered to call to discuss the request, the hacker broke off further communications.
On December 8, 2017, Bragg electronically transmitted a letter to the president and chief executive officer of Bank of America in which he documented the wire fraud and requested restoration of the $580,000 withdrawn from the OBS IOLTA subaccounts. That same day, the Bank of China responded that it could only recall the wire pursuant to an order from a Hong Kong court and suggested that the case be reported to the Hong Kong police. Bragg filed a cybercrime report with the Hong Kong police two days later, on December 10, 2017.
On December 20, 2017, plaintiffs retained a Hong Kong-based law firm in an attempt to recover the stolen funds. On December 28, 2017, that firm secured an order from the High Court of the Hong Kong Special Administrative Region freezing the hacker's account at Bank of China, which at that time contained $23,497.32. The order also required further disclosure of the transactions in the hacker's account by January 5, 2018, which resulted in the garnishment from the account of $83,509.21. After paying attorneys' fees and costs, plaintiffs recovered $58,730.11 from the hacker's account. Plaintiffs also secured judgments against two recipients of the fraudulently-transferred funds, Cochen, YKY Limited and Extrade Electronic (HK) Limited, for $21,120 and $35,130 respectively. Garnishment proceedings for those judgments are ongoing.
In Count I of the amended complaint, plaintiffs allege that Bank of America breached plaintiffs' 2002 Escrow Control Account Agreement with Summit Bancorp. As stated above, Summit was absorbed by Bank of America sometime in 2004. At oral argument on defendants' motion to dismiss, counsel for plaintiffs conceded that the Escrow Control Account Agreement, which was issued over a decade ago by a predecessor to Bank of America, is no longer applicable to plaintiffs' accounts. Accordingly, the motion to dismiss will be granted as to Count I of the amended complaint.
Plaintiffs aver in Count II of the amended complaint a breach of contract claim against Bank of America based on the parties' Deposit Agreement and Disclosures, which states:
Plaintiffs assert that Bank of America violated this portion of the "Stop Payment Order" provision when Staffin orally requested that the Bank stop payment twice on December 6, 2017 and once in writing on December 8, 2017. Plaintiffs maintain they had a legal right to stop payment because the transfer order resulted from fraud.
It is undisputed that Staffin made the first stop payment request at 7:07 p.m., over an hour after the wire was received and confirmed by Bank of America. Plaintiffs ignore the crucial section of the Deposit Agreement and Disclosures, which provides:
(emphasis added). Thus, a request to cancel made after a wire is received by Bank of America is not a "valid and timely stop payment order," and plaintiffs had no legal right to stop payment. This more specific provision regarding cancellation or amendment controls over the general "Stop Payment Order" provision.
Plaintiffs also assert that Bank of America violated the Deposit Agreement and Disclosures when defendants swept subaccounts containing the funds of unrelated clients in order to pay the wire at issue. Specifically, plaintiffs point to the following provisions of the Deposit Agreement and Disclosures:
Plaintiffs also cite the following contractual provision, which states in relevant part:
Under this overdraft language, it is clear that there was no breach of the Deposit Agreement and Disclosures. Bank of America had the discretion to pay the wire request and to overdraw plaintiffs' IOLTA, or to decline the wire request without payment.
While plaintiffs may have used subaccounts for record-keeping purposes, there is nothing in the Deposit Agreement and Disclosures that precluded the Bank from taking funds deposited within the account merely because subaccounts were used by plaintiffs to keep track of the funds of each client. The only provision of the Deposit Agreement and Disclosures to address subaccounts states:
(emphasis added). This single provision of the agreement to address subaccounts supports defendants' position that funds could be taken from other subaccounts to fund an overdraft and that subaccounts are otherwise subject to the same overdraft provisions as accounts in general. Plaintiffs cite no contractual language or statute to the contrary.
As stated above, the Deposit Agreement and Disclosures provides that Bank of America, at its discretion and without notice to the customer, may pay an item and overdraw an account. The Agreement does not provide an exception to this general rule on overdrafts for subaccounts, which after all are part of one single account. "When a contract does not provide for a contingency, it is not ambiguous; rather, it is silent, and the court may not read into the contract something it does not contain and thus make a new contract for the parties."
Accordingly, the motion of Bank of America to dismiss Count II of the amended complaint will be granted.
In Count III of the amended complaint, plaintiffs assert breach of their Telephone Wire Transfer Agreement with Bank of America. Plaintiffs cite the following language:
In addition, appended to the Telephone Wire Transfer Agreement is a "Procedures Guide and Additional Terms for Wire Transfer Clients," which outlines procedures which must be undertaken to cancel a wire transfer:
Plaintiffs contend that Bank of America violated this provision by failing to make a reasonable effort to act on their request to cancel the wire transfer. Instead, according to the amended complaint, an employee of Bank of America informed Staffin that the wire could not be cancelled at all and that plaintiffs' only recourse was to contact the Wire Transfer team the following morning to request that the transfer be recalled after it was received by the Bank of China. Plaintiffs argue that this information was patently incorrect and that the opposite was true because the Bank of China stated that the wire could be cancelled at any point until it processed the transfer.
Plaintiffs' position contradicts the clear and unambiguous language of the Telephone Wire Transfer Agreement, which states that Bank of America has no obligation to cancel or amend a telephone wire request after it is received. It further provides that the Bank "ha[s] no obligation to cancel or amend any telephone or draw wire transfer request after we receive it" and that plaintiffs agree "to indemnify [the Bank] against and hold [the Bank] harmless from any and all liabilities" in connection with any failure to cancel or amend. Here, there is no dispute that Bank of America received the wire instructions from Staffin and that the wire was confirmed by the Bank at 5:52 p.m. Staffin did not attempt to cancel the wire until 7:07 p.m., over an hour after the wire was requested and confirmed.
Accordingly, there is no breach of the Telephone Wire Transfer Agreement. The motion of Bank of America to dismiss Count III of the amended complaint will be granted.
We turn next to plaintiffs' claim under the Pennsylvania Commercial Code ("PCC"), 13 Pa. Cons. Stat. Ann. § 4A211, in Count V of the amended complaint.
The PCC further defines "sender" as "[t]he person giving the instruction to the receiving bank," that is, Staffin. 13 Pa. Cons. Stat. Ann. § 4A103. The "receiving bank" is "[t]he bank to which the sender's instruction is addressed," that is, Bank of America.
Plaintiffs assert that their cancellation was effective because the payment order was issued "because of a mistake by a sender in the funds transfer which resulted in the issuance of a payment order . . . that orders payment to a beneficiary not entitled to receive payment from the originator."
We reject plaintiffs' interpretation of § 4A211(c)(2)(ii). The PCC begins with a clear presumption that cancellation or amendment of a payment order is not effective after a payment order has been accepted. We again note that plaintiffs concede in their amended complaint that the attempted cancellation occurred after Bank of America had accepted Staffin's payment order.
In interpreting Article 4A of the PCC, we are guided by its purpose as set forth in the commentary prepared by the National Conference of Commissioners on Uniform State Laws and to which the Pennsylvania Supreme Court has given substantial weight
The PCC provides that generally "the rights and obligations of a party to a funds transfer may be varied by agreement." 13 Pa. Cons. Stat. Ann. § 4A501(a). It also provides that "[a] receiving bank is not the agent of the sender or beneficiary of the payment order it accepts or of any other party to the funds transfer, and the bank owes no duty to any party to the funds transfer except as provided in this division or by express agreement."
While the PCC rule limiting cancellation after receipt to situations where the bank has explicitly agreed or where a funds-transfer system rule permits cancellation may at times lead to harsh results, as is the case here, it ultimately serves the greater good by facilitating commercial transactions involving large sums of money. Interpreting § 4A211(c) in this manner helps to allocate responsibility and risk, rather than permitting cancellation after receipt merely due to a mistake by the sender that could be neither known nor anticipated by the bank before it sent the wire instructions to the beneficiary.
We therefore will grant the motion of defendants to dismiss plaintiffs' claim under § 4A211(c)(2)(ii) of the PCC in Count V of the amended complaint.
Plaintiffs further allege in Count VI of the amended complaint that defendants violated § 4A211(e) of the PCC, which states:
13 Pa. Cons. Stat. Ann. § 4A211(e). Counsel for plaintiffs conceded at oral argument that this provision of the PCC does not apply because the payment order at issue was never effectively canceled.
We will dismiss plaintiffs' claim under § 4A211(e) of the PCC in Count VI of the amended complaint.
In Count VII of the amended complaint plaintiffs aver violation of a regulation promulgated by the Board of Governors of the Federal Reserve System on banks and banking. Specifically, plaintiffs assert that Bank of America violated 12 C.F.R. § 205.17(d)(5), known as "Regulation E," which implements the Electronic Fund Transfer Act, 15 U.S.C. §§ 1693 et seq. That portion of the regulation provides:
12 C.F.R. § 205.17(d)(5). Plaintiffs maintain that the sweeping of its IOLTA subaccounts by Bank of America violated this regulation because it failed to disclose that it offered such "service that transfers funds from another account of the consumer held at the institution to cover overdrafts."
By its own terms, Regulation E applies only to accounts "established primarily for personal, family, or household purposes." 12 C.F.R. § 205.2(b)(1);
Regulation E does not apply here and Count VII will be dismissed.
In Counts VIII and IX of the amended complaint, plaintiffs aver claims against Bank of America for negligence per se and negligence respectively. Like plaintiffs' other causes of action, these claims stem from defendants' failure to cancel the wire and the sweeping by Bank of America of plaintiffs' IOLTA subaccounts to fund the wire transfer. Plaintiffs assert that these acts and omissions violated Bank of America's duty to act in good faith and to exercise ordinary care when dealing with its customers.
Plaintiffs' negligence per se claim is based on defendants' alleged breach of the provisions of the PCC and Regulation E set forth in Counts V through VII of the amended complaint. As discussed above, we find no violation of the PCC or Regulation E by Bank of America. Plaintiffs simply have not stated a negligence per se claim in Count VIII on which relief can be granted.
Plaintiffs plead a claim for negligence in Count IX of the amended complaint. Under Pennsylvania law, "[i]t is well established that the legal relationship between a financial institution and its depositors is based on contract, and that the contract terms are contained in the signature cards and deposit agreements."
In
In
The Pennsylvania Supreme Court concluded that plaintiffs' negligence claim was not barred under the gist of the action doctrine. It reasoned that plaintiffs' claim was not based on the parties' insurance contract, which merely required the insurer to pay up to $5,000 for the costs of removing mold, testing air, and incidental increased living expenses.
Here, in contrast, plaintiffs' negligence claim is based on the same allegations as plaintiffs' breach of contract claims, that is, Bank of America's failure to cancel the wire and its sweeping of plaintiffs' IOLTA subaccounts to fund the wire transfer. Any duty Bank of America owed to plaintiffs was a contractual duty based on the agreements between the parties, not a duty based on social policy. Thus, plaintiffs may not recast their breach of contract claims against Bank of America as a tort-based claim.
Similarly, Pennsylvania's economic loss doctrine "provides that no cause of action exists for negligence that results solely in economic damages unaccompanied by physical or property damage."
The negligence claims of plaintiffs in Counts VIII and IX of the amended complaint will be dismissed.
What is alleged to have happened to the law firm here is indeed unfortunate. The computer hacker, of course, is the real culprit but is not a party to this lawsuit. For the reasons stated above, as between the law firm and the bank, the law firm must bear the loss based on the facts set forth in the amended complaint. Accordingly, the motion of Bank of America to dismiss the amended complaint will be granted.
