Friday, April 17, 2009

A bank’s liability for loss of assets deposited for safe-keeping is a little-known aspect of the law, no doubt because such loss occurs only in exceptional circumstances.
Yet since the hiring of a safety-deposit box for safe-keeping of valuable assets by customers of a bank is common in South Africa, familiarity with the relevant laws is advisable.
The issue was considered in ABSA Bank Ltd v Fouche 2003 (1) SA 176 (SCA).
Ms Fouche entered into a safety-deposit box agreement with ABSA in terms of which she deposited jewellery for safe-keeping at an ABSA branch in Pretoria. ABSA exempted itself from loss by theft and Ms Fouche undertook to insure the jewellery. 
Subsequently, the branch was burgled and various assets, including Ms Fouche’s jewellery, were stolen. Ms Fouche sued ABSA for recovery of the value of the jewellery.
The High Court held that ABSA was liable. There had been a non-disclosure of the relevant facts by ABSA which amounted to fraudulent misrepresentation.
ABSA appealed to the Supreme Court of Appeals (SCA). Inexplicably, by the time the matter came before the SCA, Ms Fouche had conceded that ABSA was not liable on the agreement – despite the High Court’s ruling.
The parties agreed that the issue to be decided by the SCA was whether ABSA’s conduct amounted to fraudulent non-disclosure; one that had induced Ms Fouche to enter into the agreement.
Applying the general test of ‘legal convictions of the community” in order to establish wrongfulness, four of the SCA’s five judges upheld the appeal.   
During the hearing, the following were proved and accepted by the SCA:
a. ABSA undertook in terms of the agreement to exercise reasonable care for the security of the safety-deposit box;
b. The branch lacked a motion sensor device connected to an alarm system;
c. No guard was employed to watch over the branch at night;
d. Other branches of ABSA had the two foregoing security features;
e. The safe was too heavy to move without heavy equipment;
f. The safe was not kept in a strong room but in an open plan area visible from outside the building;
g. Access to the safe was not impeded by any barriers, rendering it easily accessible from inside;
h. The burglars broke into the building at night and used an angle-grinder to open the safe.
It is difficult to fault the majority decision, given that the parties had agreed the appeal should be argued and decided on whether ABSA’s conduct in (b) and (c) above constituted fraudulent non-disclosure that induced Ms Fouche to enter into the contract.
The SCA had to decide whether ABSA was obliged to disclose (b) and (c); that it ought to have considered (b) and (c) as crucial information to be disclosed to Ms Fouche and that Ms Fouche would not have entered into the agreement had she known of (b) and (c).
Interestingly, the outcome may have been different had Ms Fouche sued ABSA for negligence in terms of the agreement in that ABSA failed to comply with its undertaking in (a) above. Since(a) to (h) were proved and accepted by the court, it would have been difficult for the SCA to find that ABSA was not negligent.
The SCA considered that the test for establishing wrongfulness in pre-contractual arrangement settings was the same as that applied in non-contractual non-disclosure. In both instances, one uses the legal convictions of the community as the touchstone.
Notwithstanding the SCA’s ruling in Ms Fouche’s case, one should consider the community’s prevailing legal convictions about the security that banks must provide in safety-deposit box contracts.
There is little room for doubt that those - sectors of our community that deal with the banks on a daily basis believe their assets and deposits are safe and secure. The community expects the banks to provide security of an international standard.
Employing security guards, installing motion sensors and alarm systems linked to a security controlled-room could hardly be said to be beyond the affordability of any bank. Similar precautions exist in buildings occupied by companies not in the business of caring for assets or money on behalf of customers.
Indeed, it can be argued that the banks ought to provide security well in excess of the required minimal security measures.
To accept lesser standards of security systems from the banks would erode the community’s firmly held beliefs and expectations.
Hence, the courts should, on policy consideration, hold the banks liable where their security systems fall short of  international standards. 
If the banks cannot be held liable for failure to provide adequate security system – as indicated in the Fouche case – one wonders if they could ever be considered responsible for loss in cases of computer-assisted hacking.

Dennis Sibuyi is a senior associate at commercial law firm Bowman Gilfillan