New York sues Citi for refusing to reimburse victims of online fraud

Rick Steves

Attorney General James argues that under the Electronic Fund Transfer Act (EFTA), Citi should reimburse victims of online fraud, similar to electronic credit or debit card fraud.

New York Attorney General Letitia James has filed a lawsuit against Citi for not adequately protecting customers from electronic fraud and refusing to reimburse victims.

The suit claims that Citi’s weak online security measures have led to unauthorized account access. Consequently, New Yorkers have suffered significant financial losses, with some losing their life savings.

“Banks are supposed to be the safest place to keep money”

NY Attorney General James said: “Banks are supposed to be the safest place to keep money, yet Citi’s negligence has allowed scammers to steal millions of dollars from hardworking people. Many New Yorkers rely on online banking to pay bills or save for big milestones, and if a bank cannot secure its customers’ accounts, they are failing in their most basic duty. There is no excuse for Citi’s failure to protect and prevent millions of dollars from being stolen from customers’ accounts and my office will not write off illegal behavior from big banks.”

The lawsuit details multiple instances of fraud. In one case, a New Yorker lost $40,000 from her retirement savings after a phishing attempt. Despite reporting the suspicious activity, Citi denied her fraud claim. In another case, a customer lost $35,000 when a scammer manipulated her accounts, and Citi failed to verify the transactions adequately.

The Office of the Attorney General (OAG) found Citi’s response to fraud alerts inadequate. The bank’s systems failed to detect unusual activities, such as access from new locations or devices, and large fund transfers. Citi also did not report fraudulent activities to law enforcement promptly. Additionally, Citi’s customer service was criticized for long hold times and misinformation, further enabling ongoing scams.

Citi should reimburse victims of online fraud, says Letitia James

Attorney General James argues that under the Electronic Fund Transfer Act (EFTA), Citi should reimburse victims of online fraud, similar to electronic credit or debit card fraud. However, Citi allegedly exploited a loophole in these laws to deny consumer reimbursement claims. The lawsuit seeks restitution for victims over the past six years, as well as penalties and disgorgement.

This legal action is part of Attorney General James’s broader efforts to hold financial institutions accountable. Recently, she urged federal agencies to ensure national banks cooperate with state investigations and called for eliminating overdraft fees at major banks.

Citi says banks are not required to make clients whole

A spokesperson for the bank commented, “Citi closely follows all laws and regulations related to wire transfers and works extremely hard to prevent threats from affecting our clients and to assist them in recovering losses when possible.

“Banks are not required to make clients whole when those clients follow criminals’ instructions and banks can see no indication the clients are being deceived. However, given the industry-wide surge in wire fraud during the last several years, we’ve taken proactive steps to safeguard our clients’ accounts with leading security protocols, intuitive fraud prevention tools, clear insights about the latest scams, and driving client awareness and education. Our actions have reduced client wire fraud losses significantly, and we remain committed to investing in fraud prevention measures to help our clients secure their accounts against emerging threats.”

NY AG claims Citi bullies customers into signing forms

On the plaintiff’s side, NY AG is arguing that Citibank bullies customers into signing forms that admit the customer authorized the funds transfer, even if they were hacked, thus boxing the customer into the narrow rules of the UCC’s article 4A-204.

Under that law liability is clear, if a bank follows a valid security procedure before executing the funds transfer it has no liability or duty to reimburse the customer.

If a bank didn’t follow a security procedure such as validating a customer’s ID via user/pass log in, pin number, ID in person and the customer says they didn’t authorize the wire transfer the law is clear and a customer must be reimbursed by its bank plus daily interest.

  • Read this next

    Institutional FX

    Intercontinental Exchange reinvents voice trading with ICE Voice

    “For the first time, ICE’s users will have a single, integrated platform for chat and voice that matches both traders’ need for always-on, instantaneous connectivity with other traders, and firms’ desire for easy-to-access and use records that help them meet their record retention requirements.”


    Duco launches EMIR-compliant transaction reporting eligibility validator

    “With Duco’s transaction reporting eligibility validator, customers can run independent checks whenever they want, get results in minutes, and access a clear audit trail. The solution provides insights at a field-by-field level so clients can see specific issues, discuss, and show ESMA they are considering discrepancies at a deep level.”

    Digital Assets

    Bybit’s trading volume near all-time high ahead of Bitcoin halving

    “Now, we’re seeing large inflows and smart money is moving fast. With the Bitcoin halving just around the corner, Bitcoin is proving itself as an institutional asset, a hedge against economic uncertainty, and a vote for financial freedom.”

    Digital Assets

    Morgan Stanley to add spot bitcoin ETFs

    Morgan Stanley is reportedly considering adding spot bitcoin ETF products to its brokerage platform. This move comes after the Securities and Exchange Commission (SEC) approved the investment vehicle in January.

    Digital Assets

    Hong Kong ends license applications for crypto exchanges

    Hong Kong has officially ceased accepting license applications from cryptocurrency exchanges as of February 29, signaling a stringent regulatory shift.


    Volt secures EMI license, expands payment solutions in UK

    Volt has successfully obtained an Electronic Money Institution (EMI) license from the UK’s Financial Conduct Authority (FCA).

    Retail FX

    ASIC bankrupts finfluencer Tyson Scholz over stock tips

    The Australian Securities and Investments Commission (ASIC) has effectively bankrupted Tyson Robert Scholz, the figure behind “Black Wolf Pit.” The action marks a significant crackdown on so-called ‘finfluencers’ and individuals providing unlicensed financial services.

    Digital Assets

    Green Bitcoin Presale Raises $1M as Bitcoin Approaches its ATH

    The eco-friendly crypto project Green Bitcoin has seen its limited-time presale phase cross $1 million in funding. With an innovative gamified staking model and energy-efficient foundation, Green Bitcoin offers token holders a way to stake their tokens and generate yield.


    Introducing QuickNode Streams: Elevating Blockchain Data Management

    Discover QuickNode’s Latest Innovation: Streamlining Blockchain Data Streaming for Enhanced Efficiency and Accessibility. Explore the Future of Blockchain Technology with Streams.