Financial institutions are growing concerned that the law may be starting to recognize a limited fiduciary duty obligating them to keep confidential the information supplied by prospective borrowers. Consider the bank customer who has identified an exciting new business opportunity to pursue — perhaps a company to purchase. Financing is necessary to make this dream a reality. The prospective borrower supplies all pertinent information required when applying for the bank loan, but is ultimately turned down. While the prospective borrower pursues alternative financing sources, the bank officer uses the confidential information supplied by the customer to purchase the company to make a fabulous profit. Are such bad facts creating bad law for financial institutions?
The law generally categorizes business relationships as either arm’s-length or fiduciary. Traditionally, the business conducted between lenders and borrowers is considered to be done at arm’s length. But a fiduciary relationship may arise when a bank officer directly profits from the confidential information supplied from the bank’s customers.
A fiduciary relationship is defined as one “between two persons when one of them is under a duty to act for or to give advice for the benefit of another upon matters within the scope of the relation.” A fiduciary duty requires a party to place the interests of the other before his own. But the relationship between creditor and debtor, like the one between a bank and its customer, rarely gives rise to such a duty. Some states, such as Ohio and Louisiana, have even codified this principle in their statutes. Courts have traditionally declined to impose such a duty on banks in dealing with their customers based on the adversarial nature of the parties’ relationship. In typical bank transactions, the lender and the borrower sit at opposite sides of the negotiating table because the parties are acting in their own best interest. The customer seeks to borrow the most amount of money at the lowest possible interest rate, while the bank seeks to maximize its earning potential by charging the highest possible interest rates or fees that the market will allow. Consequently, it would be anomalous to require a bank to subordinate its own interest to the interests of its customer.
But despite this general principle, a substantial majority of courts have imposed a limited fiduciary duty on banks where “special circumstances” arise or where there is a “special relationship” between the parties. One such circumstance is when a customer discloses confidential information to the bank, typically communicated to a loan officer, that is subsequently used in a manner inconsistent with the customer’s pecuniary interests. Absent the self-dealing, the communication of confidential information does not create a fiduciary relationship. Courts typically do not impose a fiduciary duty on a bank anytime it receives confidential information from a prospective customer. After all, virtually every transaction between a bank and a customer will require some degree of disclosure of confidential information incidental to the request for an extension of credit.
This does not mean that banks are shielded from liability whenever a dispute over confidential information arises with a customer. Again, this is especially true where the bank receives some benefit from the customer’s communication of confidential information. Depending on the extent of the bank’s benefit and the egregiousness of its conduct, courts may hold a bank liable for misusing confidential information, or in some cases for failing to disclose certain information to the customer that is relevant to the transaction.
As one court explained:
If a person applies for a loan, and in connection with that application discloses his purpose to avail of a bargain which he had not as yet closed by contract, and of which the lender had not previously heard, the courts, whether of law or equity, would afford some form of adequate relief in case the applicant was forestalled in his project by the lender.
In some cases, liability is the result of the court’s imposition of a fiduciary duty on the bank and a subsequent finding of a breach of that duty, while in other cases, liability is premised upon fraud or a breach of confidentiality. Stated differently, even though a fiduciary relationship may not be found in every one of these cases, the bank is nevertheless held liable for its improper use of such information. Regardless of the type of liability imposed, there is a common theme in all of these cases: the bank is guilty of self-dealing. Somehow the bank benefits, either directly or indirectly, to the detriment of the customer from the latter’s disclosure of confidential information, or from the bank’s withholding of material information that is pertinent to the customer.
A claim for breach of fiduciary duty involving the misuse of confidential information may arise in three different contexts: (1) where the bank fails to disclose confidential information to its customer that is relevant to the transaction and that benefits the bank to the detriment of the customer; (2) where the bank or one of its agents uses confidential information communicated by the customer to secure an advantage in a separate transaction; and (3) where the customer’s confidential information is disclosed to a third party, resulting in pecuniary loss or other damage.
Failure to Disclose Information to the Bank’s Customer.
Under certain circumstances, a bank could be subject to liability for failing to disclose information to the customer upon which the customer would rely in deciding whether to enter into the transaction. The typical setting involves a customer who shares confidential information with the bank, and the bank in turn advises the customer to take a specific course of action but withholds information that the bank stands to benefit from the recommended course of action.
In these cases, the customer is usually pressured to enter into a transaction that ultimately benefits the bank, and the bank uses inaccurate information, or fraudulently conceals relevant information, to achieve this objective. Thus, these cases seem to involve two components: some type of fraudulent conduct on the part of the bank, and some degree of benefit accruing to the bank of which the customer is unaware.
For instance, in Barnett Bank of West Florida v. Hooper, a bank’s loan officer told one of its customers that Hosner Investments, another of the bank’s customers, was financially sound. The officer then encouraged the customer to borrow $90,000 from the bank and place it with Hosner Investments as a tax shelter investment. But the officer failed to mention that the bank knew that Hosner Investments was involved in a “check kiting” scheme and that its account was substantially overdrawn. The court held that the special circumstances in this case created a fiduciary relationship between the customer and the bank, and the bank’s failure to disclose this pertinent information constituted a breach of that fiduciary duty. The court reasoned that “where a bank having actual knowledge of fraud being perpetrated upon a customer, enters into a transaction with that customer in furtherance of the fraud,” it could be held accountable for the resulting loss to the customer. Thus, the fraudulent conduct was the bank’s withholding of information about the company’s check kiting scheme, and the benefit was that the bank received its own loan proceeds check from the company.
Similarly, in Central States Stamping Co. v. Terminal Equipment Co., a prospective purchaser sought to purchase machinery from a customer of the bank and called the customer’s bank to verify the company’s financial condition. The bank informed the purchaser that the company was undercapitalized but failed to mention the company’s prior default on two separate loans from the bank. Immediately after the purchaser made a large down payment, the company went out of business. The court held that the bank was liable for fraudulent concealment. Specifically, the fraudulent conduct was based on the notion that once a bank officer voluntarily provided information to the purchaser regarding the company’s creditworthiness, the officer also had a duty to disclose the information pertaining to the company’s financial instability. The bank benefited by its fraudulent conduct because the down payment on the machinery was used by the company to reduce its debt to the bank.
And most recently, in Sallee v. Fort Knox Nat’l Bank, N.A., the bank actively encouraged one of its customers to finance the purchase of a floundering laundromat business from another of the bank’s customers. In inducing the transaction, the bank’s loan officer told the purchasing debtors that the appraised value of the business was $725,000 but did not disclose two earlier appraisals that showed a value of $469,000 and $647,000, respectively. When the loans went into default, the debtors alleged that the bank fraudulently induced them to purchase the over-valued laundromat. The court first examined the parties’ relationship and held that no fiduciary duty was owed by the bank. Nevertheless, the bank was found liable under a fraud theory. The court reasoned that where a party to a contract knows that the other is relying on him to furnish all material facts, the duty is on that party to refrain from concealing such facts. In this case, the bank acted fraudulently by failing to disclose the prior appraisals, which would have raised the question of the validity of the final appraisal. And unbeknownst to the customer, the bank received a benefit from the transaction because the sale of the laundromat would help the bank by closing on a nonperforming loan that was undersecured, and also because the business would sell for more than what it was worth.
These cases requiring the bank to disclose material information pertaining to the transaction all involved egregious conduct on the part of the bank or the bank’s agent. As the Sallee case demonstrates, a bank may be held liable even in the absence of a fiduciary relationship. But the good news for banks is that this duty-to-disclose rule does not arise in ordinary bank transactions. So long as a bank does not encourage its customer to rely upon deceitful advice while concealing its self-interest in promoting the transaction involved, the duty to disclose will not arise.
For example, in United Jersey Bank v. Kensey, one of the bank’s customers sought to reduce the substantial debt he owed to the bank, so he sold several properties to the purchasers, who financed the purchase through the same bank. The bank conducted an internal appraisal, which indicated that the value of the properties was substantially less than the actual selling price and mortgage amounts. Rejecting the purchasers’ allegation of fraud, the court held that the bank did not have a duty to disclose the internal appraisal of the properties. This is so because “[t]he law ‘imposes no duty on banks to disclose to the borrower the manner in which the lender internally analyzes and underwrites a loan.’” Because the underlying information was readily accessible to the borrower, the bank was under no duty to disclose the actual value of the properties.
Whether a bank must disclose confidential information to its customer concerning the transaction largely depends upon the motive for the bank’s conduct. Just like any other business enterprise, banks typically seek to maximize earnings. As such, a bank is not required to place the borrower’s interest ahead of its own interest by disclosing either its own confidential information or the confidential information of an existing customer when entering into the transaction with the borrower. Rather, such a duty arises only when the bank acts fraudulently so that the circumstances would justify the bank’s disclosure of information.
Misusing a Customer’s Confidential Information for the Bank’s Own Benefit
A second context in which a claim for breach of fiduciary duty involving the misuse of a customer’s confidential information may arise is the scenario where the customer discloses information to the bank or an agent of the bank only to discover that this information was subsequently used by the bank or its agent in direct competition with the customer. While there are few cases in this area, courts are beginning to look at this issue with greater frequency. Two lines of cases are emerging, depending on who misuses the information—the bank or the bank’s agent.
Misuse of Confidential Information By the Bank
If a bank misuses a customer’s confidential information to advance its own interest to the customer’s detriment, then the imposition of liability to the bank will largely depend on whether the customer trusted the bank to keep the information confidential. This principle holds equally true in instances where the bank’s agent misuses the information but with the bank’s knowledge or with the intent of advancing the interests of the bank. In such instances, there is even a greater likelihood of liability if the bank has a policy statement concerning confidentiality and conflict of interest that was blatantly violated, or if the bank had no official policy at all for safeguarding customer information – in effect, the proverbial double-edged sword.
In Dolton v. Capitol Federal Savings and Loan Association, a real estate developer sought to finance the purchase of property through the lender. Upon learning about the property from the developer, the lender denied the developer the loan, and the lender’s subsidiary subsequently purchased the property from the owner. In examining the breach of fiduciary duty issue, the court reiterated the general rule that no per se fiduciary relationship exists between a borrower and lender, but also acknowledged that one may exist “where there is a repose of trust by the customer along with an acceptance or invitation” on the part of the lender. Thus, the critical factors in this case were whether the customer trusted the lender to hold information regarding the intended purchase of the real estate confidential, and whether the lender accepted or invited that trust. The court stated that if a fiduciary relationship did exist, then the lender had a duty to refrain from entering into transactions that are antagonistic to its customer, because “a fiduciary has an obligation not to disclose or otherwise misuse confidential information.” The court held that the long-term business relationship between the parties could have reasonably induced the customer to relax the diligence he or she might have otherwise used in dealing with the bank.
In Dolton, the bank directly benefited from the misuse of its customer’s confidential information. In Boling v. Tennessee State Bank, however, the benefit to the bank was far more indirect to a point that there was no benefit at all, but the bank was still held liable for its loan officer’s fraudulent conduct. There, the borrowers discussed with the bank’s president their need for a loan. The borrowers informed the president that they were interested in using the proceeds of the loan to bid on the sale of a hotel. One of the members of the bank’s board of directors was also a member of an investment group that was competing with the borrowers in their bid for the hotel. The director used the information in the loan file to prepare his own bid on behalf of the investment group, which ultimately prevailed. In finding the bank liable, the court held that the borrowers had expended considerable money in ensuring that their personal information given to the bank would not be disclosed to or used by a competitor. Additionally, the court found that the bank violated its confidentiality and conflict of interest policy statement when it allowed the director to misuse the borrowers’ confidential information to further its own interests.
Thus, the Boling case shows that a bank may be held liable even if a customer’s confidential information was used exclusively to advance the interests of a loan officer’s personal gain. The bank was aware of the loan officer’s antagonistic interests and did not prevent the officer from misusing the customer’s information pursuant to the bank’s policy statement, ultimately costing the bank over $250,000 in damages.
Misuse By the Employee With No Knowledge or Benefit on the Part of the Bank
On a brighter note for banks, a recent case by the Supreme Court of Ohio held that a bank was not responsible for its loan officer’s misuse of confidential information where the bank had no knowledge of such misuse. The case is Groob v. KeyBank, and there, the prospective customer approached the bank about acquiring a loan to purchase a company. After the prospective customer provided the bank’s loan officer with a financial summary of the company along with a draft of an asset-purchase agreement, the officer told him that the bank was not interested in providing financing. Less than a week later, the bank officer, her husband, and another bank customer purchased the company. The loan officer was found liable for intentionally interfering with the prospective customer’s business relations, but the court refused to impute the loan officer’s liability to the bank.
The borrower in Groob urged the court to impose a fiduciary duty on the bank by virtue of receiving confidential information from a prospective customer. However, the court distinguished between the duty of confidentiality and a fiduciary duty, in that only the latter creates an obligation to act in the best interests of the customer. Since the borrower and the loan officer were dealing at arm’s length whereby each party was looking out for its own best interests, no such duty arose. The court also distinguished a factually similar Missouri case where a confidential relationship was found to exist. In the Missouri case, only the employee was named as a party and not the bank itself.
Finally, the court refused to find the bank liable under a vicarious liability theory. Under Ohio law, because the loan officer’s tort was intentional, the bank should only be found liable under a vicarious liability theory if the loan officer’s conduct was intended to promote the bank’s business. Because the bank did not receive any benefit as a result of the loan officer’s misuse of the confidential information, and further was found not to have any knowledge of the loan officer’s misuse, the bank ultimately was able to escape a finding of liability.
Disclosing a Customer’s Confidential Information to a Third Party.
A third context in which a claim for breach of fiduciary duty involving the misuse of a customer’s confidential information involves disclosure of confidential information to a third party. In this scenario, the bank receives confidential information from a prospective borrower, and instead of using that information for its own direct benefit, it communicates that information to a third party who subsequently benefits from knowledge of such information to the detriment of the prospective borrower.
The Supreme Court of Kentucky dealt with a similar scenario in Steelvest, Inc. v. Scansteel Service Center, Inc. There, after loaning money to a corporation, the bank was approached by an officer of the corporation who sought a commercial loan from the bank for his own benefit. The officer informed the bank that he intended to use the funds from the loan to form his own corporation that would compete with the borrowing corporation. The bank granted the loan, and the borrowing corporation eventually went bankrupt, in part because of the increased competition from the officer’s corporation. The Supreme Court of Kentucky held that the bank may have breached a fiduciary duty by lending funds to the officer with the knowledge that such funds could be detrimental to an existing customer—the borrowing corporation.
The Steelvest holding suggests that banks owe a fiduciary obligation to their customers with respect to confidential information received and used in the process of granting a commercial loan to those customers. At the very least, the case stands for the proposition that a bank may not use the customer’s confidential information as a basis for granting a loan to a competing enterprise.
It should be noted, however, that a bank’s mere receipt and internal use of confidential information in making financial decisions does not create a fiduciary relationship. In ADT Operations, Inc. v. Chase Manhattan Bank, the Supreme Court of New York addressed the extent of a bank’s liability for communicating confidential information to a third party. In that case, the borrower sued the bank for assisting another customer with its hostile takeover by communicating the borrower’s confidential information to the acquiring company. The borrower claimed that it provided the information to the bank under the express understanding that it would remain confidential and that it would only be used by the bank for purposes of providing financial advice to the borrower. The parties even signed a confidentiality agreement to that effect. Upon discovering that the bank intended to finance the hostile takeover, the borrower alleged the bank breached its fiduciary duty as well as the confidentiality agreement. In addressing these claims, the Court held:
Although . . . a bank’s mere receipt and internal use of confidential information in making its financing decision does not create a fiduciary duty, courts have imposed that an actionable “misuse” of such information might occur where the bank communicates it directly or indirectly to the acquiring company.
Thus, the bank was held liable even though the court did not find a fiduciary relationship existed between the parties. Whether a fiduciary duty is breached or some other type of actionable misuse occurs, the principle seems to be the same. In both scenarios, the bank indirectly benefits from the borrower’s confidential information because it uses that information in deciding whether to finance a competing enterprise.
But a bank is not found liable in every instance in which it deals with two customers on a related matter where confidential information is involved. For instance, in American Medicorp, Inc. v. Continental Illinois National Bank, a borrower sued its bank for making a loan to an existing customer that desired to take over the control of the borrower’s business. The court found in favor of the bank where there was no evidence of disclosure of the borrower’s confidential information to the existing customer. The fact that some of the bank’s loan officers, who were responsible for making the loan, “obtained, saw, touched, and to some extent used and interchanged information” from the bank’s files did not amount to actionable misuse of the borrower’s confidential information. The court ultimately found that the borrower was unable to prove that the bank used any of the borrower’s confidential information when deciding to make the loan to the existing customer.
Collectively, the cases in this area show that the critical issue is whether a bank used its borrower’s confidential information as part of the basis to grant a loan to a different customer who may have interests adverse to the first customer. Similarly, a bank may be liable for disclosing a customer’s confidential information to a third party to the detriment of the customer. In some jurisdictions, this conduct would amount to a breach of fiduciary duty. But in every jurisdiction, it would amount to some type of actionable misuse of such information.
The scarcity of cases in this area, when considering the high volume of deals closed by financial institutions in a given year, suggests exposure to fiduciary duty claims is relatively low.
To minimize the risk of exposure, banks may want to consider the following:
- Adopt an all-or-nothing approach to the sharing of relevant information with the customer. When a prospective customer asks about the creditworthiness of an existing customer, the bank should either decline to give any information, or obtain appropriate consents and disclose all the information available regarding the inquiry.
- Avoid actively encouraging the customer to rely upon the bank’s advice. If a bank does induce the customer to rely upon it for advice, then it should not conceal its self-interest in promoting the transaction involved.
- Refrain from entering into transactions with a prospective customer that would be in furtherance of fraud being perpetrated by an existing customer. If a bank has knowledge of the fraud, then it will be held liable for entering into a transaction with a customer in furtherance of the fraud.
- Avoid misusing a customer’s confidential information to advance the bank’s own interests at the detriment of the customer. If a bank has knowledge of an agent misusing such information for the agent’s own benefit or for the benefit of the bank, it must make reasonable efforts to prevent any potential harm to the customer.
- Adopt an official policy for safeguarding customer information and take reasonable measures to monitor general compliance with the policy.
- Avoid using a borrower’s confidential information as part of the basis to grant a loan to a different customer who may have interests adverse to the first customer.
- Refrain from disclosing a customer’s confidential information to a third party who may have interests adverse to an existing customer.
 See Cecil J. Hunt, II, The Price of Trust: An Examination of Fiduciary Duty and the Lender-Borrower Relationship, 29 Wake Forest L. Rev. 719, 736 (1994); Groob v. KeyBank, 108 Ohio St. 3d 348, 843 N.E.2d 1170, 2006-Ohio-1189, at ¶17 (2006).
 Restatement of the Law 2d, Torts, § 874 cmt. a (1979).
 Sallee v. Fort Knox Nat’l Bank, N.A., 286 F.3d 878, 891 (6th Cir. 2002). Whether the relationship between the parties is one that creates a fiduciary duty is a question of law. Gliko v. Permann, 331 Mont. 112, 130 P.3d 155, 2006-MT-30, at ¶16 (2006).
 United Jersey Bank v. Kensey, 306 N.J. Super. 540, 552, 704 A.2d 38 (1997).
 La. R.S. § 6:1124 (1991) (“[n]o financial institution or officer or employee thereof shall be deemed or implied to . . . have a fiduciary obligation or responsibility to its customers.”); O.R.C. § 1109.15(D) (“the relationship between a bank and its obligor, with respect to any extension of credit, is that of a creditor and debtor, and creates no fiduciary duty or other relationship between the parties.”).
 United Jersey Bank, 306 N.J. Super. at 553.
 Hunt, supra note 1, at 736.
 ADT Operations, Inc. v. Chase Manhattan Bank, N.A., 662 N.Y.S.2d 190, 195, 173 Misc. 2d 959 (1997).
 See Groob v. KeyBank, 108 Ohio St. 3d 348, 843 N.E.2d 1170, 2006-Ohio-1189, at ¶24. (2006), see also Deborah A. DeMott, Breach of Fiduciary Duty: On Justifiable Expectations of Loyalty and Their Consequences, 47 Duke Law School Working Paper Services 36 (2006), available at http://lsr.nellco.org/duke/fs/papers/47.
 ADT Operations,, 662 N.Y.S.2d at 195.
 M.L. Stewart & Co. v. Marcus, 207 N.Y.S. 685, 692, 124 Misc. 86 (1924).
 See, e.g., Sallee v. Fort Knox Nat’l Bank, N.A., 286 F.3d 878, 892 (6th Cir. 2002) (a fiduciary relationship, but holding bank liable for fraudulently failing to reveal negative appraisal to the customer and inducing the execution of a release of all claims against the bank); ADT Operations, Inc., 662 N.Y.S.2d at 196 (finding that while the bank’s use of the customer’s confidential information did not create a fiduciary duty, it did constitute an actionable misuse).
 See, e.g., Barrett v. Bank of America, 183 Cal. App. 3d 1362, 1369 (1986). In Barrett, the borrower shared unfavorable confidential information about its struggling business and sought the bank officer’s advice on various methods of improving the company’s financial situation. The loan officer suggested that the borrower consummate a merger of the business but withheld information that the bank stood to significantly benefit from this merger. The court found sufficient evidence supporting the borrower’s constructive fraud and breach of fiduciary duty claims based on the parties’ close relationship, the borrower’s disclosure of confidential financial information, and the fact that the bank “stood to benefit from the merger.” Id.
 Barnett Bank of West Florida v. Hooper, 498 So. 2d 923 (Fla. 1986).
 Central States Stamping Co. v. Terminal Equip. Co., 727 F.2d 1405 (6th Cir. 1984).
 Sallee v. Fort Knox Nat’l Bank, N.A., 286 F.3d 878 (6th Cir. 2002).
 Id. at 893-94. The court’s reasoning was based on the general proposition that banks do not generally owe a fiduciary duty to their customers. According to the court, this case did not present “special circumstances” that would create a fiduciary relationship because the parties never agreed that the bank would be acting in the interest of the customer. Id. at 893.
 Id. at 888.
 United Jersey Bank v. Kensey, 306 N.J. Super. 540, 556, 704 A.2d 38. (1997).
 See Dolton v. Capitol Federal Savings & Loan Assn., 642 P.2d 21, 23-24 (Colo. 1981) (finding a genuine issue of material fact as to the existence of a fiduciary relationship between the customer and the bank).
 See, e.g., Boling v. Tennessee State Bank, 890 S.W.2d 32 (Tenn. 1994).
 See, e.g., Dolton, 642 P.2d at 23-24.
 See, e.g.,Boling, 890 S.W.2d at 36-37.
 See Groob v. KeyBank, 108 Ohio St. 3d 348, 843 N.E.2d 1170, 2006-Ohio-1189, at ¶29 (2006) (distinguishing the circumstances of the present case from an Oklahoma case on grounds that the bank in the latter case did not have a policy for safeguarding customer information, and so the finding of liability was more justified in that instance).
 Dolton v. Capitol Federal Savings & Loan Assn., 642 P.2d 21 (Colo. 1981).
Id. at 24. The court noted that “banks present a constant invitation to intending borrowers, and thus subject themselves to whatever implication or obligation is to be drawn from the fact.” Id. (quoting M.L. Stewart & Co. v. Marcus, 207 N.Y.S. 685, 124 Misc. 86 (1924)).
Id. at 24.
 Boling v. Tennessee State Bank, 890 S.W.2d 32 (Tenn. 1994).
 Groob, 108 Ohio St. 3d 348, 843 N.E.2d 1170, 2006-Ohio-1189,at ¶¶42-58.
 Steelvest, Inc. v. Scansteel Service Center, Inc., 807 S.W.2d 476 (Ky. 1991).
 Hunt, supra note 1, at 762.
 ADT Operations, Inc. v. Chase Manhattan Bank, 662 N.Y.S.2d 190, 195, 173 Misc. 2d 959 (1997).
 American Medicorp, Inc. v. Continental Illinois Nat’l Bank, 475 F. Supp. 5 (N.D. Ill. 1977).