Judgment From The Borgarting Court Of Appeal In One Of The Largest Fraud Cases In Norwegian History

On September 19, 2022, Borgarting Court of Appeal rendered a verdict in one of the largest fraud cases in Norwegian history. Hjort law firm assisted the Italian energy company Edison, which was victim to a comprehensive CEO fraud in 2019.

Following to the verdict of the Court of Appeal the result of Oslo District Court's judgement remains standing, and Danske Bank must pay NOK 39 million in compensatory damages and interest on late payments to Edison. Hjort's team in court consisted of lawyer and partner Nils Christian Langtvedt, together with lawyers Ole Iversen Johnstad Kalvø and Øivind K. Foss.

Case background

In the autumn of 2019, the Norwegian subsidiary of the Edison Group was targeted in a sophisticated CEO fraud. The subsidiary's managing director received an inquiry from fraudsters acting as the Group's Chief Executive Officer (CEO) in Italy. The fake CEO instructed the managing director of the Norwegian subsidiary to assist with the execution of payments as part of an acquisition the Group was in the process of completing.

Through manipulation of the managing director of the Norwegian company, the fraudsters managed to create a false belief that the payments had to be completed immediately and kept strictly confidential. Over the period of two weeks, the managing director of the Norwegian company was manipulated into making 13 payments from the company's account in Danske Bank to the fraudster's accounts. In total, the payments amounted to NOK 130 million, all of which went to newly incorporated companies in Hong Kong. Edison had not previously made any payments to Hong Kong.

In the spring of 2020, Edison filed a lawsuit against their bank in Norway, Danske Bank, seeking compensatory damages. On February 8, 2022, Oslo District Court concluded that Danske Bank should have stopped the payments and that the bank was liable for damages to Edison International. On April 19, 2023 Borgarting Court of Appeal concluded that the District Court's judgment was correct.

The court's assessment

The majority of the Court of Appeal found that the Bank has an obligation to have control measures to detect and prevent fraud. Without being able to justify why, Edison was exempt from the Bank's automated control system. When one of the payments was accidentally stopped in the automated control system, Danske Bank's subsequent manual control was deemed inadequate by the court's majority. Known indicators of CEO fraud were not followed up.

Furthermore, the court's majority also concluded that the Bank's failure to comply with obligations under the Anti-money Laundering Act was relevant when assessing the Bank's negligence. The court's majority found that the information registered when onboarding Edison as a customer was inadequate to fulfil the Bank's obligations under the anti-money laundering regulations. The Bank's follow-up of the transactions was also considered inadequate in light of the Bank's obligations under the Money Laundering Act.

When considering all relevant aspects the majority of the Appeal Court found that Danske Bank's conduct deviated from the control regime a bank must have in order to exercise its professional responsibilities in a prudent manner. If Danske Bank had fulfilled its professional responsibility diligently, the majority of the Court of Appeal found that the fraud would have been prevented. There was therefore a basis for Edison's claim for compensatory damages against the Bank. As a result of Edison's own conduct, the Bank's liability was reduced as compared to total amount transferred to the fraudsters and Danske Bank must pay compensatory damages and interest on late payment totaling NOK 39 million.

The verdict was rendered with dissent 2-1 and has been appealed.