Let’s explore the case of Ross v Nedbank Ltd [2024] ZAGPJHC 1146.
A heist in broad daylight: the fraud that stole a dream property
Picture this: a bustling, sunlit morning in Johannesburg. Mr and Mrs Ross are excitedly preparing for the day—today, they’ll close on their dream property, a slice of luxury nestled in the upscale Waterkloof View Estate. The deal’s been months in the making, emails flying back and forth between lawyers, estate agents, and bankers. Everything seems perfect…until it isn’t.
A perfectly timed email and a sudden disappearance
Enter an email—unassuming yet pivotal. Mrs Ross opens it. It’s from their attorney’s assistant, or so it seems, with banking instructions for transferring the payment. Her heart pounds as she hits “send”, transferring R2.8 million. Another click, another transfer. The deal is done. But hours later, her phone rings. It’s her daughter, a legal assistant at the firm handling their transfer. Her voice is laced with concern and confusion. “Mum, the funds didn’t come through. Our trust account…it’s empty.”
The air shifts, a dark cloud brewing over what should have been a joyous moment. The money’s gone, vanished like a ghost in a high-stakes heist. The R2.8 million, meant for the secure hands of their conveyancer, has slipped away, landing in the account of a stranger: Joseph Nkomane. His account, barely active, is suddenly brimming with cash. Mrs Ross’s mind races. Who is this man? Why is he holding their dream hostage?
The search for answers and the call to Nedbank
A frantic search ensues. Calls are made, bank managers questioned. Nedbank, the behemoth banking institution, is called to account. Surely, Nedbank should have known, right? After all, Nkomane’s “Pay as You Use” account, barely touched before, suddenly erupts with deposits. His profile raises every possible red flag—no job, no income, no stable address. Mrs Ross’s lawyers craft their claim with precision, alleging that the bank has been negligent, that their failure to flag these transactions as suspicious enabled the fraud.
The legal battle: does FICA create a duty?
But Nedbank isn’t backing down. Their legal team enters the courtroom, polished and formidable, ready to argue. Their defence? FICA—the Financial Intelligence Centre Act. They argue that while they have duties under FICA, these duties don’t extend to third-party victims like the Rosses. FICA, they say, was designed to fight money laundering and terror financing—not to protect individuals in cases of email fraud. The Rosses, Nedbank insists, should have done their own due diligence. The bank can’t be expected to “babysit” every account with unusual activity; they manage millions of transactions daily.
The verdict that shocked the industry
As the courtroom buzzes, the judge, Moosajee AJ, leans in, ready to pass down the verdict that will send ripples through the legal and financial worlds. The judgment? A bombshell. The plaintiffs’ claim is dismissed. Nedbank, the court rules, did not owe the Rosses a duty of care in this instance. FICA, it seems, does not turn banks into guardians against third-party fraud.
Mrs Ross feels the weight of the loss, a mix of disbelief and resignation settling over her. She’s reminded that in the cut-throat world of finance and property, one wrong move—or one carefully orchestrated scam—can cost you everything. And Nedbank? They walk away from the court triumphant, leaving a legal precedent in their wake: banks may hold your money, but they aren’t responsible for every fraudulent twist and turn.
This isn’t just a story about a property deal gone wrong; it’s a wake-up call for anyone who trusts the system too much. In the world of cyber fraud and high-stakes real estate, even the best-laid plans can go dangerously astray.
What the case means for our clients
The Ross v Nedbank case highlights that clients bear significant responsibility for verifying financial transactions, especially with cyber fraud risks like email compromise. Banks, while regulated under FICA, are not liable for third-party losses from such fraud. This ruling stresses the importance of proactive security measures, like multi factor authentication and direct verification of payment details. Given legal gaps in digital fraud protection, clients should consider comprehensive risk management, including consulting cybersecurity and legal experts, to safeguard their transactions.
Where ITLawCo comes in: protecting what matters most
But where does that leave us, really? In a world where cyber-fraudsters stay two steps ahead, where even the sharpest legal minds and the strongest financial institutions can’t always prevent a meticulously orchestrated scam, who do you turn to?
This is where ITLawCo steps in, ready to do more than merely protect your assets—we’re here to anticipate, counter, and stay vigilant against the very risks that cases like Ross v Nedbank bring to light. At ITLawCo, we’re not just legal experts; we’re strategists on the front lines of cybersecurity, compliance, and risk management. We understand the digital footprint of a deal, the legal and technical safeguards that should surround every financial transaction.
Our team knows how to work with banks, financial institutions, and businesses to ensure that risks are mitigated proactively. Through contract reviews, robust cyber-risk assessments, and customised fraud prevention frameworks, we help businesses and individuals create safeguards that go beyond regulatory duties, keeping assets secure from even the most cunning cyber threats.
So, whether you’re closing a property deal, running an online business, or managing a complex digital portfolio, ITLawCo offers the expertise to protect your future—and the foresight to keep you one step ahead in an increasingly uncertain world. Contact us today.
Read more about the case here.