Out-Law / Your Daily Need-To-Know

Out-Law News 4 min. read

Judge endorses world-wide freezing order against 'persons unknown'


Businesses that are defrauded of assets by cyber criminals can obtain court orders to prevent their funds from being dispersed around the world even where the identities of the perpetrators and the actual recipients of the funds are not known, according to a landmark ruling in the UK.

The High Court in London said world-wide freezing orders (WFO) should be available to victims of cyber fraud in cases where they are pursuing claims against 'persons unknown'. The High Court's ruling was issued in July, but has only recently been published.

The judgment highlights the "claimant friendly nature" of England and Wales as a jurisdiction for bringing fraud claims, civil fraud and asset recovery specialist Alan Sheeley of Pinsent Masons, the law firm behind Out-Law.com, said.

Sheeley also said that he was greatly encouraged to see His Honour Judge David  Waksman QC's modern approach which the judge said "reflects the need for the procedural armoury of the Court to be sufficient to meet the challenges posed by the modern electronic methods of communication and of doing business".

HHJ Waksman's invitation to victims of fraud to cite his judgment in future cases is also to be welcomed, Sheeley said. The judge clearly accepts that his judgment is "an extension of the present law" of freezing injunctions, he said.

The High Court's ruling came in a case which concerned a cyber fraud carried out on a UK company last year.

CMOC Sales & Marketing (CMOC) lost more than $8 million from its bank accounts following a scam carried out by cyber criminals. Hackers broke into a company director's email account and sent payment instructions to CMOC's bank, Bank of China.

The fraudulent payment instructions resembled the genuine payment instructions that CMOC would send to the bank and included scanned signatures by the company's banking signatories, which included the company director whose email account was hacked. The fraudsters disguised the fraud by redirecting the director's emails and impersonating the director in email responses to his colleagues when they queried the transactions.

The money stolen was distributed across the world into accounts with 50 banks in 19 different jurisdictions. CMOC lodged legal action before the High Court in October 2017. The company was granted a world-wide freezing order against 'persons unknown' on 23 October 2017 and a number of further disclosure orders were granted to allow CMOC to identify 31 people which the High Court has now ruled were involved in the fraud.

In the latest ruling, HHJ Waksman QC, who was sitting as a High Court judge in the case, said all 31 of the defendants were liable to pay CMOC damages, and that all but four of the defendants could be said to be in "knowing receipt" of money that was given to them in breach of trust. He also said that 11 defendants that "received money directly from CMOC" were liable for claims of unjust enrichment.

The judge said CMOC is entitled to receive repayment of the monies stolen at a compound interest of 2.5% per annum, and further ruled that the defendants are liable to pay all of the legal costs incurred by CMOC in "making good their claims, pursuing them and proving them" in the England and Wales and foreign courts as part of mitigation costs.

HHJ Waksman QC also opened up the possibility for businesses to apply for and obtain WFOs before the courts in England and Wales in cyber fraud cases where the identities of fraudsters and the recipients of illicit monies are unknown.

"On 23 October 2017, I concluded that there was at least a good arguable case that the court had jurisdiction to grant a WFO against persons unknown, but as it seems to me now, I can go further and say this jurisdiction is clearly established … that injunctive relief against persons unknown will be particularly apposite where the reason they are unknown is because of their activities as hackers, just as the perpetrators in this case were hackers," the judge said.

HHJ Waksman QC further confirmed that the High Court is open to the use of social media channels such as Facebook and WhatsApp, as well as data rooms, for serving legal claims against alleged perpetrators of cyber fraud.

Alan Sheeley said: "The ruling of HHJ Waksman QC signals the culmination of his ground breaking step of issuing the first known WFO against persons unknown in October 2017."

"The courts will take innovative steps to secure redress for claimants who have clearly been defrauded, even where there are issues identifying the defendants. HHJ Waksman QC’s concluding remarks are a significant step in opening up the unknown persons jurisdiction and establishing it as a tool in the courts’ arsenal to freeze assets of those who cannot be identified but have perpetrated a fraud," he said.

The ruling was also welcomed by litigator Bill Geiringer of Pinsent Masons.

"The court’s development of the unknown persons jurisdiction is especially important given the current climate of cyber crime," Geiringer said. "The complexity by which cyber fraud can be undertaken and the sophistication in the way the fraudsters can conceal themselves means the courts must be proactive in developing innovative ways of addressing this issue."

"Claimants should not be deterred from pursuing a claim or interim relief even where the defendants are unknown and difficult to identify. This is particularly so given HHJ Waksman QC’s positive remarks regarding the increasing use of novel methods of service, such as by social media or data room," he said.

Sheeley said that the case demonstrates the need to instruct specialist civil fraud lawyers as soon as a company becomes aware of a fraud and especially when email hijacking is involved and there is an international dimension.

"This case evidences how quickly money can be transferred around the world," he said. "Without obtaining the WFO no recovery would have been made."

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.