BRAZIL Law and Practice Contributed by: Eduardo Castro, Pedro Nasi and Gabriel Libanori, Machado, Meyer, Sendacz e Opice
prevent unauthorised transactions. Where those con - trols prove deficient, the institution may be required to reimburse the customer for the resulting financial losses. Conversely, when the fraud results from a customer voluntarily providing their account details or other sensitive information to a third party, typically through social engineering schemes – and where the author - ised institution can demonstrate that it maintained all required internal controls, security measures and monitoring mechanisms, the institution is generally not held responsible for reimbursing the customer’s losses. In such cases, courts have understood that the institution fulfilled its regulatory obligations and that the proximate cause of the loss was the customer’s disclosure of sensitive data rather than a failure of the institution’s systems or procedures.
115 CHAMBERS.COM
Powered by FlippingBook