Portuguese 
English 
Spanish 
4 min of reading 
0 comments 
2024 Ruling Rekindles Discussion on How Far Banks Should Be Responsible for Digital Fraud Amid the Rise of Social Engineering and Protective Decisions.
A recent decision by the 3rd Panel of the Superior Court of Justice (STJ) reignited the debate over bank liability for electronic fraud. In September 2024, the court restored the compensation of R$ 143,000 to a customer who was a victim of the “fake central” scam, in which criminals posed as bank representatives and induced the customer to authorize fraudulent transfers.
The ruling was seen as a milestone in the protection of digital consumers, but also generated criticism from experts in financial law. For many legal professionals, although the STJ acted with good intentions, the decision may cause legal uncertainty, as it broadens banks’ liability without defining clear technical criteria.
Historic Ruling Exposes Flaws and Gaps
The ruling from the 3rd Panel, published in October 2024, acknowledged that the transactions were outside the customer’s usual patterns. This would demonstrate failure in the security mechanisms of financial institutions. However, the prevailing opinion was criticized for treating indications as sufficient evidence without requiring technical reports, security logs, or independent digital forensics.
-
The noise law will no longer be in effect at 10 PM starting in June with a new rule valid during the 2026 World Cup.
-
The Chamber opens a debate on driver’s licenses at 16 years old as part of a reform that includes around 270 proposals to change the Brazilian Traffic Code and may redesign rules for licensing, enforcement, and circulation in the country.
-
The new Civil Code could revolutionize marriages in Brazil with “express divorce” and changes that could exclude spouses from inheritance.
-
Banco do Brasil sues famous influencer for million-dollar debt and intensifies debate on delinquency, risks of seizure, and direct impact on Gkay’s credibility.
According to digital law experts, the court transformed a duty of means into a duty of result. It was required that the bank prevent fraud regardless of user conduct. This interpretation, according to jurists, exceeds what is provided in Article 14 of the Consumer Protection Code. The provision anticipates strict liability, but also legal exclusions, such as the victim’s exclusive fault or acts of third parties.
Timeline of Divergent Decisions
In 2017, in the ruling of Special Appeal No. 1.633.785, the STJ understood that the bank should not compensate when the operations occurred with original card and password. The court acknowledged the exclusive fault of the consumer. In 2022, second-instance courts adopted intermediate decisions. They condemned institutions when proven failures existed and exempted them when the customer consented to the transactions.
In 2024, the judgments of REsp 2.222.059 and REsp 2.229.519 showed a more protective trend. They reaffirmed the idea that the risk of fraud should be borne by the financial system. This shift has been referred to by experts as “empathy jurisprudence.” It aims to protect consumers but weakens the predictability of court decisions.
Economic Risks and Negative Incentives
Economists and legal experts consulted in October 2024 warned of the side effects of the ruling. It may encourage new lawsuits and increase the operational costs for banks. With each ruling lacking a solid technical basis, the risk of opportunistic behavior rises. Clients may claim fraud without concrete evidence, expecting automatic reimbursement.
This phenomenon, known as moral hazard, creates harmful incentives. Consumers become lax in their security precautions. Financial institutions, on the other hand, begin to spend more on legal defense and financial provisions. Additionally, the lack of defined technical criteria hinders the creation of uniform regulatory policies, making the system more expensive and unstable.
Balance Between Protection and Legal Certainty
According to attorney Rafael Moreira, a professor of Consumer Law, “the STJ was right to protect the victim, but wrong not to define technical criteria for that protection.” Meanwhile, economist Carla Nogueira, a financial regulation consultant, warns that the absence of mandatory forensics could create a domino effect of lawsuits. This pressures credit costs and reduces confidence in the banking system.
According to studies by the Getulio Vargas Foundation (FGV), decisions based solely on assumptions generate serious distortions. “It is necessary to differentiate technical failures from scams induced by social engineering,” explained researcher Eduardo Ferraz in a statement published in November 2024.
A Fair and Predictable Model for the Future
Experts advocate that future decisions require robust technical evidence and consider contributory fault when the client acts imprudently. Additionally, the Central Bank and the National Justice Council should create technical and forensic standards to ensure security and uniformity in analyses.
The 3rd Panel’s decision of the STJ represents a step forward in the protection of digital consumers. However, it also opens a new frontier of legal uncertainty. In light of this, the question remains: how to protect victims of scams without turning banks into insurers of digital recklessness?
Seja o primeiro a reagir!