Wire Transfer Fraud: Recovering Your Money and Who Is Liable

A fraudulent wire can sometimes be recalled or reversed, but only if it is caught quickly, because once the recipient withdraws the funds the money is usually gone. As soon as fraud is suspected, the sending bank can issue a SWIFT or Fedwire recall request to the receiving bank asking it to return the funds or freeze the account, and this works best within hours of the transfer. Domestic transfers caught fast have a better chance than international ones, which can move beyond reach quickly. There is no guarantee, because the recipient may have already moved the money to secondary accounts, but a prompt wire recall request combined with a fast IC3 report gives the strongest realistic chance of getting funds back.

The recall window is measured in hours. Bank fraud recovery efforts succeed far more often when the wire is reported before the funds are withdrawn.

To intercept a fraudulent wire, counsel must immediately trigger the FBI's Financial Fraud Kill Chain (FFKC) through the Internet Crime Complaint Center, and it is a stringently triaged federal intervention, not an automatic right. Qualifying for a Kill Chain freeze generally depends on several conditions: the loss typically must be substantial, the wire must still be in domestic or international transit to a holding account, the sending bank should simultaneously initiate a formal SWIFT or Fedwire recall, and the report should reach IC3 within a short period after the transfer. The specific dollar threshold and timing requirements are set by the FBI and can change, so they should be confirmed at the time, but the consistent principle is that delay is fatal: once funds reach secondary "mule" accounts and scatter, they fall beyond the reach of federal administrative freezes.

Fast federal reporting can freeze funds. Cyber fraud involving wire transfers should be reported to IC3 as quickly as possible to preserve the Kill Chain option.

Business email compromise, also called business email fraud, is a scheme in which a fraudster gains access to or spoofs a business email account and uses it to send fraudulent wire instructions that appear to come from a trusted source. The criminal might impersonate a company executive directing an urgent transfer, a vendor sending a "new" bank account for payment, or an attorney or title company in a transaction. Because the email looks legitimate and often references real details, employees wire funds believing the request is genuine. BEC is one of the costliest forms of wire transfer fraud, and because the victim authorized the transfer, recovery and liability questions under UCC Article 4A can be complex, making fast reporting and careful verification essential.

BEC exploits trusted email channels. Account takeover fraud frequently enables business email compromise by giving criminals access to real accounts.

Real estate wire fraud targets the large sums moving through a home purchase, with criminals intercepting closing communications and sending the buyer fake wire instructions for the down payment or closing funds. The fraudster, often after hacking a real estate agent's, title company's, or attorney's email, sends an email that looks like it comes from the closing party, directing the buyer to wire funds to the criminal's account, sometimes with a last-minute "change" in instructions. Buyers can lose their entire down payment this way. Liability may be disputed among the buyer, the title or escrow company, and the agent, depending on who was hacked and who was negligent, which makes these cases legally complex.

Closing funds are a prime target. Real estate fraud through diverted wire instructions can cost a buyer an entire down payment.

Whether a bank is liable depends largely on whether the customer authorized the transfer and whether agreed security procedures were followed, and in many commercial cases the bank is not liable for a wire the customer instructed. Under UCC § 4A-202, if a business authorizes a payment order, even while deceived by a fraudster in a business email compromise, the law generally treats the order as "authorized," and the loss can shift to the customer. A bank may bear loss, however, if it failed to offer or follow a commercially reasonable security procedure under UCC § 4A-202 and § 4A-203, such as an agreed dual-authorization protocol, or was otherwise negligent. Because these determinations turn on the account agreement and Article 4A, bank responsibility should be evaluated carefully rather than assumed.

Bank liability is governed by Article 4A. Consumer fraud litigation can assess whether a bank's security procedures shift or retain liability for a fraudulent wire.

Regulation E, which implements the Electronic Fund Transfer Act and protects consumers for many electronic transfers like debit and ACH, expressly excludes traditional bank wire transfers under 12 C.F.R. § 1005.3(c)(3), leaving a significant protection gap. This surprises many victims, who assume the consumer protections that limit liability for unauthorized debit or card transactions also cover wires. They generally do not. Fedwire and ordinary bank-to-bank wires fall outside Regulation E, so a consumer who wires money to a fraudster usually cannot rely on Regulation E's reimbursement rules. Recovery instead depends on speed, the specific facts, theories like unjust enrichment against the recipient, and, for commercial transfers, the allocation of loss under UCC Article 4A.

The consumer-protection gap is significant. Bank impersonation scams exploit the fact that wire transfers lack the automatic protections of card or debit transactions.

A victim can often sue to recover wire transfer fraud losses, though whether the suit leads to actual recovery depends on finding the money or a solvent responsible party. Claims may target the fraudster directly, the person or business that received the funds, on theories like unjust enrichment or constructive trust if the money can be traced, or a negligent third party whose compromised systems or failure to verify enabled the fraud. The practical challenge is that fraudsters are often hidden or judgment-proof and funds may be gone, so the realistic targets are frequently the recipient of traceable funds or a negligent party. An early assessment of who can be sued and whether funds remain recoverable is essential.

Recovery suits target funds or fault. Property fraud litigation and similar claims can pursue recipients of fraudulently transferred funds.

A temporary restraining order under Rule 65 can freeze a recipient's account before the money disappears, which is often the difference between recovery and total loss. A victim may seek an emergency TRO and a preliminary injunction to stop a recipient from moving or spending traceable funds, paired with expedited discovery and asset-tracing tools to follow the money through accounts. These remedies require fast action and proof that the funds are identifiable and at risk of dissipation. Where money has moved internationally, additional steps and cross-border cooperation may be needed. Because these tools are time-sensitive and procedurally demanding, pursuing them promptly, alongside the bank recall and IC3 report, gives the best chance of preserving what can still be recovered.

Emergency orders can preserve funds. A preliminary injunction or TRO can stop a recipient from dissipating traceable stolen funds.

A business hit by business email compromise or vendor wire fraud should move on two tracks at once: immediate recovery efforts and an assessment of liability and prevention. On recovery, request a wire recall from the bank for a SWIFT or Fedwire return, report to IC3 to preserve the Kill Chain option, notify the receiving bank, and preserve all communications. On liability, determine whose email or systems were compromised, whether the business or a vendor failed to verify a change in instructions, and what the bank agreement and UCC § 4A-202 require, since these shape who bears the loss. The business should also tighten its verification procedures, such as callback confirmation of any change in wire instructions, to prevent repeat losses. Acting on both tracks quickly gives the best chance to recover funds and limit exposure.

A two-track response protects the business. Cybercrime and digital fraud losses require simultaneous recovery and liability assessment.

Wire transfer fraud, as a victim experiences it, focuses on recovering money and allocating loss, while criminal "wire fraud" refers to the federal offense of using wire communications to execute a scheme to defraud, prosecuted by the government. The same scheme can involve both: the fraudster who tricked a victim into wiring money may be committing federal wire fraud under 18 U.S.C. § 1343, while the victim's concern is civil recovery and liability. For a victim, the practical priorities are speed, reporting, wire fraud recovery, and sorting out who bears the loss, rather than the criminal prosecution, which is handled by authorities.

Understanding this distinction helps a victim focus on the steps that protect their money.

The civil and criminal sides are distinct. Wire fraud as a federal crime under 18 U.S.C. § 1343 is prosecuted by the government, separate from a victim's civil recovery efforts.

It may be possible, but recovery depends heavily on how fast you act. If you report the fraud immediately, your bank can initiate a wire recall, a SWIFT or Fedwire request asking the receiving bank to return or freeze the funds, and the FBI's Recovery Asset Team can sometimes freeze the money through the Financial Fraud Kill Chain when a qualifying transfer is reported to IC3 quickly. Wire fraud recovery is more likely for transfers caught before the recipient withdraws or scatters the funds into secondary "mule" accounts, and harder once money is moved or sent abroad. There is no guarantee, but acting within hours, calling your bank, notifying the receiving bank, and reporting to IC3, gives the best realistic chance of getting funds back.

Act immediately. Call your bank and request a wire recall, asking it to initiate a SWIFT or Fedwire recall and to contact the receiving bank to freeze the account before the funds are withdrawn. Report the fraud to the FBI's Internet Crime Complaint Center (IC3) as soon as possible, so its Recovery Asset Team may try to freeze the funds through the Financial Fraud Kill Chain. File a police report, and preserve every email, wire instruction, and confirmation related to the transfer, since these prove the fraud and support recovery. Time is the single most important factor, so these steps should happen within hours, not days, because once the recipient withdraws or moves the money, getting it back becomes much harder.

Often not, if you authorized the transfer, though it depends on the facts. Under UCC § 4A-202, which governs commercial wires, if you authorized the payment order, even while being deceived, the loss frequently falls on you rather than the bank. A bank may share liability if it failed to offer or follow a commercially reasonable security procedure under UCC § 4A-202 and § 4A-203, such as an agreed dual-authorization step, or if it was otherwise negligent. Importantly, consumer protections under Regulation E, which limit liability for unauthorized debit and card transactions, expressly exclude wire transfers under 12 C.F.R. § 1005.3(c)(3). Because bank liability turns on the account agreement, Article 4A, and what happened, it should be evaluated for the specific situation rather than assumed.

Business email compromise (BEC), also called business email fraud, is a scheme in which a fraudster hacks or spoofs an email account to send fraudulent wire instructions that appear to come from a trusted source, such as a company executive, a vendor, or an attorney in a transaction. Because the email looks legitimate and often references real details, the recipient wires money believing the request is genuine. BEC is one of the most costly forms of wire transfer fraud. Since the victim usually authorizes the transfer based on the deceptive email, the order is often treated as "authorized" under UCC Article 4A, which complicates recovery, so fast reporting and strong verification procedures, like confirming any change of wire instructions by a known phone number, are essential to preventing and responding to BEC.

Liability for diverted closing funds is fact-specific and often disputed, turning on whose email was compromised and who was negligent. Real estate wire fraud typically involves a criminal hacking a real estate agent's, title company's, or attorney's email and sending the buyer fake wire instructions, sometimes as a last-minute change. Depending on the facts, responsibility may be argued among the buyer, the title or escrow company, the agent, and the criminal, based on who was hacked, who failed to verify the instructions, and what duties each party owed, often analyzed under state negligence and tort law. Because buyers can lose an entire down payment and the responsibility is contested, these cases usually require a careful analysis of how the fraud occurred and who could have prevented it.

Yes, you may be able to sue, though whether a suit produces actual recovery depends on finding the funds or a solvent responsible party. You might sue the fraudster directly, the recipient of the funds under theories like unjust enrichment or a constructive trust if the money can be traced, or a negligent third party whose compromised systems or failure to verify enabled the fraud. Courts can also grant a Rule 65 temporary restraining order or injunction to preserve traceable funds and allow asset tracing. The practical challenge is that fraudsters are often hidden and funds may be gone, so the realistic targets are frequently recipients of traceable money or negligent parties. An early assessment of who can be sued and whether funds remain recoverable is essential.