Susana Zamora

Wednesday, 1 October 2025, 16:37

Spain’s BBVA bank has been ordered to compensate a customer 5,977 euros for failing to fulfil its responsibilities and take all the possible steps to prevent the client from being scammed.

The incident dates back to June 2023, when the woman received a series of calls and text messages through which people posing as bank employees were warning her that someone was trying to usurp her account and get her money. The scammers asked her to make two transfers of the money in her account to another account of the same ownership and bank.

Once she realised it could be a scam, she called the bank to have the transfers reversed, but the bank assistants told her that it could not be done. She kept trying and sent several emails to BBVA stating that she had been the victim of a scam.

Three days later, she reported the incident to the National Police. She explained that the fraud had happened while she was making online purchases. At some point, she received an SMS text message, “which seemed to be from the bank”, telling her that her card had been blocked for security reasons. A link that redirected her to the bank’s website was attached to the text message. Shortly afterwards, she received a phone call, supposedly from the bank, informing her that an attempt had been made to charge 5,900 euros to her account. That call confirmed her worst suspicions.

Finally, a court in Murcia has sentenced BBVA to repay the scam victim the amount of 5,977 euros, plus legal interest from the date of the charge. The ruling states that there was no serious negligence on the part of the customer and that the bank failed to fulfil its obligations “by not putting in place all the measures to avoid suspected fraud”.

Breach of contract

Therefore, the ruling establishes that there has been a breach of the contract signed between the bank and the customer, who did not receive the services outlined in the agreement. According to the court, the bank was responsible “for the incorrect execution of the operations carried out against the plaintiff’s account”. It has been declared that, although the customer could have been aware of the fraud, there are factors that made it plausible for her to believe that it was the real bank contacting her. The operation seemed sufficiently authentic, having been carried out by the fraudsters with great diligence.

The ruling cites the doctrine of the Supreme Court (STS 571/2025, 9 April), for a case of fraud by usurpation of passwords and withdrawal of funds, which establishes that in the case of unauthorised payment transactions “the payment service provider must immediately return the amount of the transaction to the payer”, unless fraud or serious negligence on the part of the user is proven. According to the court, it was clear that the true intentions of the account holder were not to move the money.

On the other hand, the judge also found deficiencies in the bank’s control systems. “It is not acceptable that transfers are made to current accounts with beneficiaries who are different from the account holder, allowing the account holder to easily dispose of the money; these practices must be eradicated to avoid such frauds.”

The ruling also highlights the lack of effective response to the affected party’s requests to block the transactions on the day of the events. This judgement can still be appealed before the Murcia provincial court.