New York Attorney General Letitia James has initiated a lawsuit against Citibank, citing the bank’s inadequate response to protecting its customers from online fraud and its refusal to reimburse those who suffered financial losses due to unauthorized transactions.
The lawsuit accuses Citibank of violating the Electronic Fund Transfer Act (EFTA), which requires financial institutions to refund customers for losses incurred through unauthorized electronic transactions. This legal requirement is akin to the protections offered to victims of credit or debit card fraud under similar circumstances.
According to Bleeping Computer, the investigation led by Attorney General James into Citibank’s security protocols revealed several flaws. Notably, the bank’s systems were ineffective in identifying and responding to warning signs of fraudulent activity, such as logins from unfamiliar devices or locations, or changes in user banking details. The bank also reportedly failed to adequately monitor and prevent the consolidation of funds from various accounts into a single one, facilitating the rapid movement of stolen money by fraudsters.
Customers reporting fraudulent activities to Citibank experienced significant delays, which provided scammers with additional time to transfer funds out of their reach. Furthermore, Citibank representatives are alleged to have misled customers by assuring them of the safety of their funds and promising reimbursement, without taking prompt action to resolve the issues.
The lawsuit seeks to put an end to Citibank’s alleged deceptive practices and aims to secure compensation for victims who were denied reimbursement over the past six years, in addition to demanding penalties and disgorgement. This legal challenge follows Attorney General James’s previous efforts to encourage major banks to eliminate overdraft fees for consumer accounts.
In response to the allegations, Citibank has defended its practices, stating its adherence to relevant laws and regulations concerning wire transfers. The bank emphasized to Bleeping Computer its commitment to preventing and addressing threats to its clients and highlighted its ongoing investment in fraud prevention technologies to enhance the security of client accounts against evolving cyber threats.