A court in Antwerp has ordered Belgian banks to immediately reimburse victims of phishing for the financial damages they suffered [1, 2].
This ruling shifts the financial burden of cybercrime from the individual consumer to the financial institution. By establishing that banks are liable for these losses, the decision aims to strengthen consumer protection against increasingly sophisticated digital fraud [1, 4].
The decision was handed down by the Antwerp kortgedingrechter, a short-term injunction court [1, 2]. The court found that banks must compensate victims promptly to ensure consumers are not left to bear the brunt of security failures [1, 4].
The case involved a couple aged 90 and 93 [5]. The court's determination that banks are responsible for the losses marks a departure from previous industry practices where banks often resisted payment.
Legal experts suggest the ruling creates a precedent for other fraud cases. Anna Laura Claeys, an attorney, said all phishing victims can now go to court and demand to be reimbursed [3].
While some reports suggest banks already had obligations to compensate victims, the Antwerp ruling specifically emphasizes the requirement for immediate reimbursement [2, 3]. A judge said this decision will have significant consequences [2].
“Banks are liable for phishing-related losses and must compensate victims promptly.”
This ruling represents a significant legal shift in liability for cybercrime in Belgium. By mandating immediate reimbursement, the court is treating phishing not as a result of individual negligence, but as a systemic risk that financial institutions are best equipped to manage and mitigate. This may force banks to implement more rigorous security protocols to avoid frequent payouts.
