Wednesday, June 24, 2026

Valyrian News Network

Understanding, Automated

Justice Finance

Belgian Banks Ordered to Compensate Phishing Victims

Valyrian News Network 4 min read

Belgian Banks Ordered to Compensate Phishing Victims in Landmark Ruling

A landmark decision by the Antwerp Enterprise Court has ordered a Belgian bank to immediately compensate a nonagenarian couple who lost nearly €50,000 to a phishing scam, in a ruling that legal experts say will transform consumer protection in digital banking across Belgium.

The court ruled on May 26 that banks must reimburse phishing victims first and can only later pursue legal action to recover the money if they can prove gross negligence on the part of the client, as reported by RTBF. The decision effectively reverses the traditional power dynamic between banks and their customers, placing the burden of proof squarely on financial institutions.

The Case

On January 23, 2026, a couple aged 90 and 93 from the province of Antwerp received a phone call from someone impersonating a bank employee. The scammers convinced them to make two transfers totaling €49,958 to an unknown account in Portugal. When the couple demanded reimbursement, their bank refused, arguing that the clients had committed gross negligence by authorizing the transactions themselves using their debit card, digipass, PIN codes, and SMS verification codes.

The couple filed an urgent summary proceeding against their bank. The Antwerp Enterprise Court ruled in their favor, ordering the bank to immediately repay the full amount plus legal interest from the date of the theft and court costs.

A Reversal of Burden of Proof

The ruling is based on European jurisprudence under the Payment Services Directive (PSD2), which establishes that banks must immediately reimburse unauthorized transactions. The innovation lies in the court’s interpretation: banks must pay first and dispute later.

According to HLN, which broke the story, the court stated that a mere suspicion of gross negligence does not exempt the bank from immediate repayment. The legislator deliberately chose to place the risk of litigation on the bank, not the victim.

Geert Lenssens, a banking law specialist and attorney, described the ruling as “baanbrekend” (groundbreaking) in comments to HLN. “This decision will pull tens of thousands of similar dossiers out of the impasse,” Lenssens said. “This ruling is a serious slap on the wrist for the banking sector, because banks do everything they can to avoid paying. It involves millions of euros.”

Speaking to VRT NWS, Lenssens estimated that genuine gross negligence accounts for only about 1% of all phishing cases. “A gross fault is different from a mistake: if you enter or give away your code due to a scam, that is not a gross fault,” he explained.

Political Pressure Mounts

The ruling comes amid escalating political pressure on the banking sector. Belgian Minister for Consumer Protection Rob Beenders (Vooruit) has been pushing for greater transparency and accountability from banks on how they handle phishing reimbursement claims.

“The summary judge rightly states that banks apply the rules in a way that is not only contrary to national and EU legislation, but also results in victims systematically being placed in a position that makes it more difficult to assert their rights,” Beenders told HLN. The minister is scheduled to meet with banks on June 4 to discuss their action plan.

Banking Sector Response

Febelfin, the Belgian Banking Federation, maintains that the legislation only addresses bank liability in cases of unauthorized transactions. “When a client is a victim of phishing, the bank opens an investigation and examines the concrete circumstances of the case very carefully. If no gross negligence can be attributed to the client, they are reimbursed,” said Charline Gorez, Febelfin spokesperson, in comments to RTBF.

The federation notes that other court decisions have gone in the opposite direction and that the sector is working with the minister on a centralized fraud reporting number and an action plan.

Unintended Consequences?

Not all experts welcome the ruling unconditionally. Charles Cuvelliez, a cybersecurity professor at ULB, warned that immediate reimbursement could create moral hazard. “First, customers will no longer be careful,” he told RTBF. “By banking on immediate reimbursement of a scam case, there is a risk that fraudsters will pose as victims. They wait for immediate reimbursement, empty the accounts, and disappear.”

What This Means Going Forward

Legal experts expect a wave of summary proceedings as lawyers across Belgium use this precedent. Audrey Despontin, a banking law attorney with dozens of similar cases, told RTBF: “I will personally use this Antwerp court decision in the cases I defend.”

The ruling is technically provisional and subject to appeal, but its immediate impact is expected to be substantial. The broader question of whether the European Court of Justice’s Advocate General will rule on the issue of immediate reimbursement remains pending, which could have implications across the EU.

For now, the message from the Belgian courts is clear: when it comes to phishing, banks must pay first and ask questions later.