EGYPT Law and Practice Contributed by: Dina Kamel, Helal El Hossary, Omar Fouda and Kareem Hashem, Zaki Hashem
12.3 Responsibility for Losses A fintech service provider’s responsibility for customer losses is mainly civil, arising either in contract (breach of service terms) or in tort (a wrongful act causing harm), and is generally classified based on fault, damage and causation under the Civil Code (Law No 131 of 1948). Compensation may cover actual loss and missed gain where it is a natural consequence, but is subject to foreseeability limits absent fraud or gross negligence, may be reduced if the customer contributed to the loss and can be avoided where non-performance is due to a “foreign cause”. Agreed liquidated damages are permissible but courts may reduce excessive amounts, and exceeding the agreed amount requires proof of fraud or gross negligence. In addition, liability can be vicarious, meaning the regulated entity or principal may be responsible for losses caused by its employees, agents or outsourced providers acting within the scope of their assigned work. Where the relationship falls under the Consumer Protection Law, service providers owe statutory rem - edies for defects or deficiencies, and liability-limiting clauses are void. However, for CBE-licensed PSPs (under the Central Bank and Banking System Law), the Consumer Protection Law does not apply. Instead, the CBE customer protection and dispute framework applies – including the requirement for licensed enti - ties to ensure third parties comply, without relieving the licensed entity of responsibility for customer harm.
In regulated markets, the Capital Markets Law defines “fraud” as false or misleading disclosure of materials and corporate records, sham trades, recording arti - ficial prices or attempting to influence market prices by deceitful means. The Central Bank and Banking Sector Law governs banks and payment ecosystems (including in respect of licensing and sanctions). 12.2 Areas of Regulatory Focus The CBE’s focus in relation to banking and payment ecosystems is on: • impersonation inducing customers to disclose cre - dentials or “authorise” transfers (phishing, smish - ing, pharming and vishing); • credential theft and account takeover leading to misuse of card and e-payment data (executing fraudulent transactions); and • sector-level fraud governance and co-ordinated responses through the Fraud Combating Central Department and fraud awareness and training initiatives. Regarding NBFS, the FRA focuses heavily on onboard - ing and identity manipulation (eg, fake IDs and chang - es of mobile number ownership), requiring multifactor digital identity checks (including possession factors, biometrics and liveness indicators) and verification of the customer’s mobile number ownership. A second FRA priority is consumer finance monetisa - tion schemes and fraud-related defaults (eg, financing a device and then reselling it for cash without servic - ing the instalments or using a fake ID), reflected in measures to implement a ban list for entities practis - ing consumer finance cash-out and tighter controls around cash consumer finance (requiring proof of use and stronger traceability through digital records and e-payment rails).
233 CHAMBERS.COM
Powered by FlippingBook