On 25 June 2026, the Court of Appeal of England and Wales is scheduled to hear the appeal in the Hamblin & Anor v Moorwand Ltd & Anor [2025] EWHC 817 (Ch).
The case deserves attention far beyond the United Kingdom. It raises a question that is central to modern online fraud:
When victim funds are received through a company or wallet controlled by fraudsters and then paid away by a payment services provider, can the provider still describe itself as a passive processor — or does it have a duty to stop and verify the authority behind the payment instructions?
For victims of authorised push payment fraud, online investment fraud and payment-infrastructure enabled financial crime, the answer may matter enormously.
The basic facts
Mr and Mrs Hamblin were victims of an authorised push payment fraud. They were induced to transfer approximately GBP 160,000 to an electronic wallet account held with Moorwand Ltd, a FCA-authorized EMI in the high-risk payments sector well known to many scam victims. The account was held in the name of RND Global Ltd.
The company was allegedly used as part of the fraud structure. Its director had reportedly also been the victim of identity fraud. The funds paid by the Hamblins were then paid away from the RND account following instructions given by the fraudster or a person purporting to act for RND.
The direct problem for the victims was obvious: their own bank had executed their payment instruction. Under the UK Supreme Court’s decision in Philipp v Barclays Bank UK plc, a bank is generally not required to second-guess a clear payment instruction given directly by its own customer, even where that customer has been deceived by fraudsters.
Hamblin therefore tested a different route.
Instead of suing only as victims in their own right, the Hamblins pursued a derivative claim on behalf of RND, the company whose account had been debited. Their argument was not simply that they had been defrauded. Their argument was that Moorwand had paid away money from its customer’s account in circumstances where it should have questioned whether the payment instructions were genuinely authorised.
Why the High Court decision matters
The High Court accepted that Moorwand was “on inquiry”. In plain terms, that means the payment services provider had enough warning signs to trigger a duty to pause and verify whether the payment instructions were actually authorised by its customer.
The court focused on the authority problem. If an agent is acting fraudulently against the company, that agent has no actual authority. A payment provider may normally rely on apparent authority. But that protection can fall away where the provider has notice of circumstances suggesting that the agent may be acting without proper authority.
That is the legally important shift.
The case is not simply about whether a fraud victim can sue a payment provider because money was lost. It is about whether a payment provider may be liable to restore an account balance where it debited its customer’s account on instructions that should not have been treated as safe.
This distinction matters. A claim to restore the account is not the same as a conventional damages claim for the victim’s loss. It is closer to a claim that the account should never have been debited in the first place.
The red Flags
The decision is particularly relevant because the warning signs were not purely theoretical. They included issues at the onboarding stage and inconsistencies between the company’s stated business and the outgoing payments.
According to legal commentaries on the case, RND was presented as a marketing consultancy, while the account activity involved payments inconsistent with that stated business purpose, including payments connected with Bitcoin and luxury goods. Commentaries also refer to documentation concerns at onboarding, including documents that appeared suspicious.
This is precisely where payment infrastructure becomes legally sensitive.
Financial institutions and payment providers often argue that they are merely executing instructions. But that argument becomes weaker where the provider has account-opening concerns, unclear beneficial control, unusual transaction patterns and outgoing payments that do not match the declared business profile.
Why the pending appeal is important
Moorwand has been granted permission to appeal. The Court of Appeal hearing is scheduled for 25 June 2026.
The appeal matters because the High Court decision, if upheld, may strengthen an important route for fraud victims: claims against receiving payment providers or electronic money institutions where victim funds are routed through shell companies, electronic wallets or merchant structures and then rapidly dissipated.
If the Court of Appeal upholds the High Court’s reasoning, the decision could become a serious litigation risk for payment providers that ignore authority-related red flags.
If the Court of Appeal narrows the decision, it may still leave a powerful but fact-specific route for cases involving extreme onboarding failures, identity fraud, shell companies and clearly inconsistent payment behaviour.
If the Court of Appeal overturns the decision, the result would expose a major protection gap: victims may be blocked from suing their own sending bank under Philipp, while receiving PSPs and account providers may still avoid liability even where they facilitated the dissipation of funds through suspicious corporate accounts.
EFRI’s view
The Hamblin v Moorwand appeal should not be treated as a technical banking-law dispute. It is part of a broader legal and regulatory battle over responsibility for payment infrastructure used in financial crime.
Victims should not be left to carry the evidentiary and financial burden alone while payment providers, banks and electronic-money institutions describe themselves as passive intermediaries.
Where financial infrastructure providers see red flags concerning identity, authority, corporate purpose, transaction behaviour and downstream recipients, they should not be allowed to hide behind formal instructions without further inquiry.
The Court of Appeal now has an opportunity to clarify whether the law will treat payment infrastructure as a passive pipe — or as a regulated gatekeeping system with real consequences when obvious warning signs are ignored.
For victims of online fraud, that distinction is not theoretical. It is often the difference between a traceable recovery route and a dead end.
