Operation of Account Agreement, An Overview: March 20 2020

Introduction 

The operation of account agreement is the written agreement between the member and  the credit union (CU) or bank. Account agreements both codify and override (in certain  key areas) the statutory and common law rules relating to the banking relationship. For  example, among other things, at common law, a bank is obliged to know the signature  of its client and is not allowed to debit an account in respect of a cheque bearing a  forged signature. Ever! At common law, a member has no obligation to check his/her  account statements for errors or unauthorized transactions. In both these examples,  account agreements override the common law and impose strict verification  requirements on CU members which are subject to specific time deadlines.  

But this is only a portion of what modern account agreements cover. While the content  of these agreements varies, more recent agreements generally tend to allocate  relatively more of the risk of loss to the members, and away from the CU. They also  provide CUs with the tools they need to manage their businesses in a modern economic  system: they allow CU to collect debts more easily, to investigate frauds, to freeze, and  to close accounts where necessary, to stay onside with respect to privacy legislation,  and more. In any case where there is a dispute with the member, or a question arising  out of the business relationship, the first thing that a CU should do is to review the  relevant account agreement.  

I frequently find that I am asked for advice (by bank or CU people) as to how to respond  to a particular retail banking situation, only to find that a complete answer is available  within the agreement. I infer from this that many CU employees are not fully familiar  with the scope of the account agreement and/or are not completely comfortable with  relying on the terms of such agreement to deny a member’s request for reimbursement  (among other things). I also find that agreements often cannot be located for a particular  member or are very old and do not have the updated terms which can be helpful for  many issues that come up over and over.  

 History

 Written account agreements have been around in Canada for a very long time: at least since the late 1800’s.The earliest agreements provided for simple verification terms: namely, the standard requirement that a member promptly review, at the end of the month, his/her monthly account statement and advise the CU or bank within 30 days (of receipt of, or date of mailing of the statement) of any errors, failing which the member had no further recourse. The courts generally enforced such contractual terms, but not always (but more on this below). These early agreements provided that if the member did indeed provide timely notice, the CU or bank would generally replenish the account in respect of the relevant item.

More recently (the last 20 years or so), agreements have become much more comprehensive and “tighter”, so  as to place much more of the risk of loss onto the member or bank client. New wording has been added over  time to remove ambiguities as to how certain issues (between member and CU) were to be resolved. In  addition, account agreements have been adapted to reflect services which are now available in the banking  industry but which were not available in the past; for example, online banking, remote funds transfer instructions  (received by email or fax) and bank cards. Moreover, with the advent of online banking, many banks or CUs  now set out their account agreements in online form, all of which makes it vastly easier to amend these  agreements from time to time.  

Contents of a Standard Agreement 

Everyone who works in retail banking should be familiar with the provisions in the standard account agreement  used by the particular institution. Each agreement can be different, of course, and a given CU may be using  various different versions of agreements depending on the age of the account(s). As such, for any given  account, it is necessary to review the relevant agreement to see what it says. Once you know what you are  looking for, this need not take very long! Here are some of the more important provisions contained in various  recent forms of account agreement.  

Verification: At common law, it is the responsibility of the bank or CU to act only upon the express authority of  the member. This means that if a cheque or instruction bears a forged signature, the bank or CU is  responsible, and the member is not. As noted above, the account agreement overrules this provision by  providing that the member is obliged to check the account statements at the end of each month and provide  timely written notice to the CU of any errors failing which all the transactions set out in the account statements  are deemed to be correct.  

Today, many agreements provide that in addition to the timely notification requirement, a member cannot  recover in respect of, say, a forged cheque, unless the member can demonstrate, for example, that the it had in  place certain systems and procedures for the detection and prevention of fraud, and that the theft was not  caused by an employee or agent of the member. Other recent agreements go further and provide that that  under no circumstances except in the event of the bank’s gross negligence would the bank be responsible for  any losses, even if identified by the member in a timely manner. Cyber losses may be treated differently; each  agreement needs to be reviewed on its own.

Limitation of Liability: In addition to the simple verification provisions, many agreements now contain more  comprehensive limitation of liability provisions which restrict (sometimes quite significantly) the ability of a  member or client to recover from the CU or bank in any circumstance. These provisions are sometimes found in  different places within the agreement and must be read “together” as a unit, in order to see how the agreement  has allocated risk.  

Notification re Online Banking Losses: Online banking losses have increased in recent years. Attack vectors  like malware, social engineering phishing efforts, and account take-overs have been major contributors to fraud  losses. Current iterations of account agreements generally contain an express provision that requires a member  

to provide prompt notification to the CU in the event of some kind of cyber loss, even if there is no claim for  reimbursement arising out of a specific incident. The reason for this, of course, is that this notification allows the  CU to take remedial and proactive steps to prevent future losses, arising out of earlier infections or incidents.  Thus, it is not uncommon to have an agreement provide that the CU will reimburse for online losses “where it  can be shown that you have been a victim of fraud, theft or have been coerced by force or intimidation, so long  as you report the incident to us immediately and cooperate and assist us fully in any investigation.” 

Here is an example of where this type of contractual provision might come into play. In July of 2019, a CU  member discovers that it has been the victim of fraud and that a virus had infected its computer system. The  member contacts a cyber security firm to investigate and assist. By August, the member believes the incident is  over and it takes no further steps. The member does not report the incident to the CU at any point. Three  months later, in November, the member’s online banking credentials are used, and fraudulent transactions are  made on the account. It is determined that the fraud in November is connected to the virus discovered in July.  

On these facts, it is entirely possible that the CU would be entitled to deny any claim for these November losses  on the basis that the member failed to provide notice of the July incident. Note that under the terms of the  agreement, it is not necessary for the CU to demonstrate that it would have prevented the loss if proper notice  had been provided. There are two lessons here: first, the member needs to be familiar with what its account  agreement says; and second, in connection with cybercrime and online losses, the member needs to err on the  side of communication. Of course, the CU can assist on both fronts by providing its members with ongoing  “information” bulletins and the like, so as to educate people in these areas.  

Chargebacks: Some years ago, I was involved in a case where a member acted (perhaps unwittingly) as a  “mule” for a fraudulent scheme. He agreed to deposit a cheque for roughly $30,000 to his account and then to  arrange for the transfer of $29,000 to a bank in Asia. He was told to keep $1,000 for his trouble. The cheque of  course was counterfeit, and the CU charged-back the $30K cheque, leaving an overdraft in the member’s  account. The member refused to cover the overdraft and the CU sued. The member’s lawyer argued (correctly)  that the (ancient!) written account agreement did not say anything about chargebacks, and he argued that in  these circumstances, the CU had no right to charge-back the value of the counterfeit. Surprisingly, the case law  was mixed as to whether there was a right at common law for a bank to charge-back a returned item! Modern  account agreements expressly provide for this right.  

Set-off of Debts: Many account agreements now expressly provide that in the event that a member has more  than one account, and one has a positive balance, while the other is overdrawn, the CU may, at its discretion,  transfer funds from the account with a positive balance, to the other account, so as to cover the overdraft.  Without such a provision, this action might not be permissible. 

Stop Payments (Countermands): Most agreements provide for written policies as to how countermands are to  work, what the CU requires in order to act on a countermand request, and what happens if cheque is cleared in  spite of valid countermand, or is cleared before the countermand instruction is received.  

The Right to Freeze an Account: A bank or CU probably has a common law right to freeze a member’s  account, without a court order, in connection with plausible allegations of fraud. However, such an aggressive  action can expose a CU to potential liability from the member. The failure to freeze in such circumstances could  give rise to exposure from the third-party claimant. Most recent account agreements now explicitly provide  cover for the bank or CU by stating the following: that a bank or CU may freeze or close a client’s account  without notice if required by law, if the bank receives a third party demand in respect of the account, or if at any  time the bank has reasonable grounds to believe that the client did or may have committed fraud, may have  used the account for any unlawful or improper purpose, or operated the account in a unsatisfactory manner, or  contrary to bank policies, etc.  

Assignment of Claims: When a bank or CU replenishes a member’s account in the event of a loss caused by  a third party, the CU, at common law, is entitled to “step into the shoes” of the member to claim over against the  third party. Most recent account agreements provide for the automatic assignment of such claims.  

Allocation of Risk for Online, Facsimile or Telephone Instructions: Many clients and members need to wire  funds from time to time and they prefer the convenience of doing so from their offices, rather than making the  trek down to the branch. Of course, fraudsters know this, and can sometimes try to steal money through the use  of fraudulent instructions. Account agreements allow for the giving of remote instructions, but generally provide  for some kind of procedure for doing so, and they generally allocate any risk of loss onto the member.  

The Right to Amend: Many recent agreements now contain provisions allowing for the periodic amendment of  the agreement. Often, amendments can be done via online banking, which greatly facilitates this process, for  banks and CUs.  

Enforceability  

An account agreement is no help to you if it is not enforceable. There has been a significant amount of litigation  in the past by members or bank customers who attempted to get around the terms of the account agreement.  Generally, there have been several categories of argument in such lawsuits: 

(i) that the agreement, and in particular, that the wording of the “exclusion of liability” provisions, was  ambiguous, or was not sufficiently broad to protect the bank or CU from its own (alleged)  negligence or carelessness. 

(ii) second, that the bank or CU did not provide a copy of the agreement to the member and so should  not be allowed to rely on the agreement; and  

 (iii) the agreement cannot be found and in the absence of written agreement, there is necessarily  uncertainty as to the terms of any agreement between the parties, such that the common law rules  should prevail. 

The first argument, item (i) above, has met with success in the past. The courts have provided a roadmap to the  banks as to how to make the agreements more enforceable, and the banks and CUs unions have responded (in  the last 20 years) with revised wording, which is much tighter and more difficult to get around. Of course, this  means that the CUs need to ensure that any older account agreements which still exist (for certain member  accounts) must be replaced with updated standard form agreements.  

The second argument (member did not receive the agreement) has also met with some success in the past. In  my experience, account applications in recent years generally contain an acknowledgment by the member,  beside the signature line, which specifies that the member received a copy of the account agreement wordings.  This is a helpful tool for lawyers defending the CUs! More recently, with online banking, the website can contain  a provision which states that so long as the member is using the online banking facilities, they acknowledge  receipt of and accept the enforceability of the applicable agreement. This too is very helpful in ensuring  enforceability.  

Finally, in some instances relating to older accounts, account agreements cannot be found. Generally speaking,  if an account agreement cannot be found, then a credit union would have a very difficult time enforcing the  terms of any agreement that ought to have been in place. There are ways to prove in court that a member must  have received the account agreement and so should be bound by it, but this is not an easy argument to make.  One way around this would be for the CU, if possible, to update to the current version of account agreement, as  needed, across its full membership, either by sending out updated account agreements by mail to the  membership or doing so, where available, by email.