New York Attorney General Letitia James sued Citi in federal court Tuesday, alleging the bank fails to protect customers from fraud and refuses to reimburse victims.
“Banks are supposed to be the safest place to keep money, yet Citi’s negligence has allowed scammers to steal millions of dollars from hardworking people,” James said in a statement. “Many New Yorkers rely on online banking to pay bills or save for big milestones, and if a bank cannot secure its customers’ accounts, they are failing in their most basic duty.”
James cites a case in which a Citi customer, in October 2021, received a text message appearing to be from the bank, instructing her to log onto a website or call her local branch. The customer clicked the link in the message and later called her branch to report the activity. The customer alleges Citi told her not to worry about it.
But within three days, she said, she realized a scammer had changed her banking password, enrolled in online wire transfers, transferred $70,000 from her savings to her checking account, and electronically pushed a $40,000 wire transfer. Such transfers were inconsistent with the customer’s account history, James argued. The customer stayed in touch with the bank and submitted affidavits, but her fraud claim was ultimately denied, James said.
Particularly, James asserted, Citi is required by the Electronic Fund Transfer Act to reimburse victims of fraud because the bank makes wire transfers available to consumers online and through mobile banking apps.
“Banks are not required to make customers whole when those customers follow criminals’ instructions and banks can see no indication the customers are being deceived,” Citi said in a statement Tuesday seen by CNBC.
The bank said it has “taken proactive steps” to buffer accounts with “leading security protocols, intuitive fraud prevention tools [and] clear insights about the latest scams.”
“Our actions have reduced client wire fraud losses significantly, and we remain committed to investing in fraud prevention measures to help our clients secure their accounts against emerging threats,” the bank said. A spokesman added that Citi has followed all laws and regulations related to wire transfers, according to CNBC.
James wants a judge to order Citi to document all denied customer claims from the past six years that were tied to unauthorized payment orders and debit authorizations. She also wants the bank to reimburse victims, pay a $5,000 fine for each instance in which it violated the law and adopt enhanced anti-fraud defenses.
“My office will not write off illegal behavior from big banks,” James said Tuesday.
James was one of 21 attorneys general who last month urged the Office of the Comptroller of the Currency and the Consumer Financial Protection Bureau to push banks to cooperate with state agencies.
Sen. Elizabeth Warren, D-MA, for one, chastised big-bank CEOs who testified on Capitol Hill in 2022, claiming most were less than forthcoming in giving the Senate Banking Committee data detailing how many customers had submitted claims related to transfers through the platform Zelle.
Zelle reimbursed 47% of the amount customers reported in fraud in 2021 and the first half of 2022, Warren found.
Consumer Financial Protection Bureau Director Rohit Chopra in June told lawmakers in a separate hearing that financial institutions are not working fast enough to implement ways to make consumers whole after they fall victim to peer-to-peer payments scams.