For banks operating in Florida (or other jurisdictions with similar provisions regarding security procedures for payment orders), the Eleventh Circuit has recently issued an opinion that may call into question the validity of existing security procedures and the corresponding applicability of the safe-harbor risk shifting provision of Fla. Stat. §670.202.

In Chavez v. Mercantil CommerceBank, N.A., No. 11-15804 (11th Cir. Nov. 27, 2012) Plaintiff Chavez filed suit seeking recovery of funds fraudulently transferred from his account with Mercantil to a third party. Under §670.202(2), banks are relieved from liability for fraudulent payment orders if the bank follows established (and agreed upon) security procedures in good faith and the procedure is considered commercially reasonable. While Mercantil succeeded in asserting §670.202(2) as an affirmative defense on the district court level, the Eleventh Circuit reversed – finding that the established security procedure did not meet the standards articulated by Fla. Stat. §607.201. According to the Eleventh Circuit, the established procedure agreed upon by Mercantil and Chavez – delivery to the bank of a written payment order containing the proper signatures by an authorized representative, and, in the event of delivery via electronic means, a telephone call back by the bank to identify the identity of the representative – did not meet the requirements of §670.201, which at a minimum expressly states that “the comparison of a signature or the communication with an authorized specimen signature is not by itself a security procedure.”

The Eleventh Circuit’s analysis and interpretation of Fla. Stat. §§607.201 – 670.202 may prove helpful in evaluating the existing security measures of financial institutions facing similar obligations and ensure the applicability of safe-harbor provisions that prove to greatly limit risk and liability.