Rose Conway-Walsh (Mayo, Sinn Fein) | Oireachtas source

That is where the ambiguity comes into it. I put an example to Mr. Palmer which I have put to other witnesses in a case I have been dealing with on push payments where a confirmation text from say Apple Pay came in at the same time as the person attempted to make the online purchase, essentially attaching their bank account to the fraudsters' Apple bank account. The sender then assumed the text was to confirm the purchase they approved. This allowed the fraudsters to begin making transfers out of the bank account without being prompted by the banking app each time for approval. In the space of one minute, they made initial payments of €50, €200, and €400. All told, the account was cleared out. My understanding of that is that there is a long-standing practice that banks monitor suspicious activity, as Mr. Palmer said, particularly on credit cards. However, in the case I have outlined, the Apple Pay account was opened for the first time and immediately began making the transfers that clearly looked suspicious, yet the bank took no action. The issue is at what point the banks get involved. What are the statutory rights of customers in terms of the banks protecting them from authorisation-based fraud?