SAFLII Note: Certain personal/private details of parties or witnesses have been redacted from this document
in compliance with the law and SAFLII Policy
THE SUPREME COURT OF APPEAL OF SOUTH AFRICA
JUDGMENT
Not Reportable
Case no: 421/2023
In the matter between:
EDWARD NATHAN SONNENBERG INC. APPELLANT
and
JUDITH MARY HAWARDEN RESPONDENT
Neutral citation: Edward Nathan Sonnenberg Inc v Hawarden (Case no 421/23)
[2024] ZASCA 90 (10 June 2024)
Coram: Ponnan, Dambuza and Goosen JJA and Tlaletsi and Dawood AJJA
Heard: 8 May 2024
Delivered: This judgment was handed down electronically by circulation to the
parties’ representatives by email; publication on the Supreme Court of Appeal
website and released to SAFLII. The time and date for hand -down is deemed to be
11h00 on 10 June 2024.
Summary: Delictual claim – claim for pure economic loss caused by omission –
wrongfulness – risk of indeterminate liability – vulnerability to risk – plaintiff could
reasonably have taken steps to protect against the risk.
2
ORDER
On appeal from: Gauteng Division of the High Court, Johannesburg (Mudau J,
sitting as court of first instance):
1 The appeal is upheld with costs , such costs to include the costs of two
counsel where so employed.
2 The order of the high court is set aside and substituted with the following
order:
‘The Plaintiff’s claim is dismissed with costs, such costs to include the costs of
two counsel where so employed.’
JUDGMENT
Dawood AJA (Ponnan, Dambuza and Goosen JJA and Tlaletsi AJA
concurring):
[1] The appellant, Edward Nathan Sonnenberg Inc. (ENS), appeals against the
whole judgment and order of the Gauteng Division of the High Court, Johannesburg,
per Mudau J (the high court). The high court allowed the delictual claim for pure
economic loss by the respondent, Ms Hawarden, in the sum of R5.5 million against
ENS, based on an omission. The appeal is with the leave of the high court.
Background
[2] Ms Hawarden purchased a property from the Davidge Pitts Family Trust (the
trust) for the sum of R6 million on 23 May 2019. Pam Golding Properties (Pty) Ltd
(PGP), the estate agent mandated by the seller to market the property , sent Ms
Hawarden an email on 23 May 2019 at 09h15 , congratulating her on the purchase
and asking her to deposit R500 000 into its trust account. The email contained a
3
notice that warned Ms Hawarden of the ever -present risk of cybercrime, and advised
her to call Mr Lukhele of the agency to verify their banking details. Further warnings
pertaining to email hacking , phishing and cyber scams appeared in the attached
letter containing the banking details of PGP, which was dated 6 September 2016.
[3] Ms Hawarden effected payment of the deposit into the trust account of PGP
on 23 May 2019. Prior to doing so , she verified the banking details of PGP
telephonically, with Mr Prince Lukhele of PGP, on the same day at 09h15. On 24
May 2019 , PGP emailed ENS, the Trust’s appointed conveyancers , in which Ms
Hawarden was copied. It confirmed receipt of the deposit and attached a copy of the
signed agreement. ENS advised PGP, in response, that Ms Ambaram would attend
to preparing the documentation for submission to the deeds office , to effect the
transfer and registration of the property into the name of Ms Hawarden. Once again
Ms Hawarden was copied.
[4] On 20 August 2019 at 13h24 , an email was sent by Eftyhia Maninakis (Ms
Maninakis), a secretary in the property division of ENS, to Ms Hawarden with an
attached letter setting out the necessary guarantee requirements (actual letter
containing the correct banking details of ENS). Unbeknown to both Ms Maninakis
and Ms Hawarden that letter was intercepted by a cyber criminal, who had , some
days prior thereto, gained access to Ms Hawarden’s email account. On 21 August
2019 at 09h02, Ms Hawarden received an email purporting to be from Ms Maninakis
with email address e[…] , inter alia setting out the guarantee requirements and
furnishing Ms Hawarden with ENS ’ banking details (fraudulent letter containing
banking details of the fraudsters) . In response to this letter , Ms Hawarden
telephoned Ms Maninakis on 21 August 2019 , to discuss the letter and asked
whether, if the bank was unable to furnish the guarantees by 3 September 2019, she
whether, if the bank was unable to furnish the guarantees by 3 September 2019, she
could elect to transfer the outstanding amount directly to ENS. Ms Maninakis
confirmed that this could be done and stated that she would email two more
documents to Ms Hawarden, namely a letter to Standard Bank with guarantee
requirements and a docum ent from FNB providing the bank account details of ENS
for purposes of a direct transfer of the balance of the purchase price to ENS.
4
[5] Ms Maninakis sent to Ms Hawarden an email at 16h18 on 21 August 2019
with attachments including the guarantee requirements and the banking details of
ENS on an FNB letterhead as well as a letter from FNB warning of the dangers of
cyber crime and fraud . This email was not received by Ms Hawarden. Instead, later
that day at 16h39, Ms Hawarden received an email from e[…] that appeared to be a
follow-up to her conversation with Ms Maninakis earlier that day. Ms Hawarden failed
to notice that the word africa in Ms Manin akis’ email had been changed to afirc a.
She was unaware at that stage, and only subsequently learnt , that the email
purporting to have issued from Ms Maninakis had been manipulated , the banking
details of ENS altered and the warning letter from FNB had been removed.
[6] On 22 August 2019 , at 09h57, Ms Hawarden sent an email to Ms Maninakis
indicating that she would be going to her bank , Standard Bank, for assistance, which
she did later that day . She was assigned to Ms Sinethemba Shabalala (Ms
Shabalala) a n employee of Standard Bank. Ms Hawarden discussed with her the
option of furnishing a guarantee versus an electronic transfer to ENS. Ms Shabalala
informed Ms Hawarden that it would take 14 working days to furnish a guarantee.
Whilst at Standard Bank, Ms Hawarden called Ms Maninakis to discuss the issue of
interest that she would earn on any deposit made into ENS ’ trust account. Ms
Maninakis was not available. In response to her call, she was telephoned by Mr
Arshad Carrim, a senior associate in the ENS real estate department, who advised
her that the interest offered by ENS was less than that offered by Standard Bank’s
money market.
[7] Subsequently, and whilst she was still at the bank, Ms Maninakis called Ms
Hawarden. Ms Hawarden confirmed that she had the emails sent to her reflecting the
banking details of ENS. She subsequently effected a transfer into what she believed
banking details of ENS. She subsequently effected a transfer into what she believed
was the ENS bank account. She did this with the help of Ms Shabalala , using the
latter’s computer. In effecting the payment, she used the banking details provided in
the fraudulent email and transferred the mon ies into th e fraudster’s FNB bank
account, in the belief that she was making a payment into the banking account of
ENS. She did not make telephonic contact with ENS, after making her election to
pay by way of an electronic fund transfer (EFT), and prior to transferring the funds.
5
[8] Ms Hawarden thereafter on 22 August 2019 at 12h55 sen t Ms Maninakis
proof of payment. This email as well was intercepted and altered. Instead, at 17h57
an email purporting to have issued from Ms Hawarden was sent to Ms Maninakis
enclosing proof of payment into ENS’ bank account and stating that the payment
should reflect between 24 to 48 hours. This was a fraudulent email.
[9] Ms Hawarden was sent an email by Ms Maninakis on 23 August 2019 at
14h52, which thanked her for the deposit and attached an investment mandate that
contained several warnings about business email compromise ( BEC) and the
precautions to be taken against BEC. Ms Hawarden had already made payment by
this time, but the fraud had not yet been discovered , and this letter was not received
by her on that day. She received instead an investment letter on 26 August 2019
from the fraudster in which the words ‘I will advise when the same is reflected in our
trust account’ had been removed. Ms Hawarden’s money was withdrawn in the
period between the payment by EFT and her becoming aware of the fraud. The
beneficiary bank, namely FNB, was unable to retrieve the misappropriated funds.
[10] On 26 August 2019 at 11h12, Ms Maninakis received a letter purportedly from
Ms Hawarden stating inter alia that the monies had not left the account and required
authorisation, which she was going to go to the bank to sort out. This letter was not
sent by Ms Hawarden but by the fraudster. On 26 August 2019 at 13h27, an email
was sent by Ms Hawarden to Ms Maninakis using the @afirca email address with the
signed mandate letter which was also not received by Ms Maninakis.
[11] On 28 August 2019 at 12h38 , Ms Maninakis sent an email to Ms Hawarden
advising that ENS has not received payment. Ms Maninakis received an email on 2 8
August 2019 at 16h26 purportedly from Ms Hawarden claiming that the previous
transfer had been returned to her account and that she would have to redo the
transfer had been returned to her account and that she would have to redo the
transfer. This was also a fraudulent email designed to delay the detection of the
fraud and allow sufficient time for the withdrawal of the funds. The fraud was only
discovered on 29 August 2019.
Pleadings
6
[12] Ms Hawarden instituted action against ENS for the recovery of the R5.5
million. She claimed inter alia that ENS and its authorised employees or
representatives, who interacted with her during August 2019 in regard to the property
transaction, owed her a legal duty to:
(a) Exercise that degree of skill and care by a reasonable conveyancer , who
specialised in the preparation of deeds documents, to advise her that it was safer to
secure the balance of the purchase price by way of a bank guarantee issued in
favour of the seller in accordance with the offer to purchase. Ms Hawarden also
pleaded that ENS had a legal duty t o warn her of the danger of BEC and the
increase in BEC type fraud.
(b) Alert Ms Hawarden to t he fact that criminal syndicates may attempt to induce
her to make payments due to ENS into bank accounts , which do not belong to the
firm and are controlled by criminals.
(c) Advise Ms Hawarden that these frauds are typically perpetrated using emails
or letters that appear to be materially identical to letters or emails that may be
received by her from ENS.
(d) Warn Ms Hawarden to take proper care in checking that any email received in
connection with the transaction indeed emanated from ENS.
(e) Warn Ms Hawarden, before making any payments to ENS , to ensure that she
verified that the account into which payment will be made is a legitimate bank
account of ENS.
(f) Advise Ms Hawarden that if she was not certain about the correctness of the
bank account, she may contact ENS and request to speak to the person attending to
her matter, who will assist in confirming the correct bank details.
(g) Refrain from using email as a means of communicating banking details in
instances where banking transactions of high value were to be performed, and rather
use the easily available services of hand delivery of the relevant documents.
(h) Implement adequate security measures such as password protection of
emails and or attachments thereto.
emails and or attachments thereto.
(i) Load the ENS Trust account as a public beneficiary in the FNB and Standard
Bank online banking systems , so that the bank account does not require
transmission by the medium of an unprotected and unsafe form of communication.
7
(j) Use secure portals where users need to log in by means of two or multi -factor
authentication for access, thus avoiding transmission of sensitive information by way
of email.
[13] Ms Hawarden pleaded further that the reasonableness of imposing a legal
duty on ENS and to hold it liable for the damages suffered by her in breach thereof is
supported by the following considerations of public and legal policy in accordance
with constitutional norms. That ENS is a large sophisticated firm of attorneys
compared to Ms Hawarden , who is an elderly divorced pensioner without the
knowledge, experience or resources to protect herself against sophisticated
cybercrime of which she had no knowledge or experience. BEC has gained notoriety
and is well known amongst members of the legal fraternity, ENS would or should
have been fully aware of and taken practical steps to minimise the risk of BEC and
protect its clients and others like Ms Hawarden when exposed to the risk of BEC,
especially where banking transactions of high value are involved.
[14] ENS pleaded that: the seller had appointed ENS to effect registration and
transfer of the property; and, the balance of the purchase price had to be paid to the
seller’s conveyancing attorneys by a bank guarantee in favour of the seller or other
acceptable undertaking. It denied further knowledge of the allegations and averred
that if correspondence that had been sent or received was fraudulently intercepted,
altered and forwarded to Ms Hawarden, then unbeknown to it a hacker had gained
access to Ms Hawarden ’s email account and interposed himself or herself between
Ms Hawarden and those to whom she sent and from whom she received email
messages, thereby altering her incoming and outgoing messages and their
attachments.
[15] ENS specifically denied that Ms Maninakis or Mr Carr im had a legal duty to
advise Ms Hawarden on the payment, which she made from and with the help of her
advise Ms Hawarden on the payment, which she made from and with the help of her
own bank. ENS denied that its conduct was either wrongful or negligent and in the
alternative pleaded contributory negligence.
Issue for determination
8
[16] It is not necessary to consider all of the requirements (that had been placed in
issue by ENS ) for Ms Hawarden to succeed in her delictual claim against ENS. I
shall confine myself to whether or not Ms Hawarden has in particular established the
wrongfulness element for a delictual claim arising out of an omission causing pure
economic loss.
Wrongfulness
[17] Ms Hawarden’s claim was one for pure economic loss caused by an alleged
wrongful omission. In Home Talk, it was stated that:
‘The first principle of the law of delict, as Harms JA pointed out in Telematrix, is that everyone has to
bear the loss that he or she suffers. And, in contrast to instances of physical harm, conduct causing
pure economic loss is not prima facie wrongful. Accordingly, a plaintiff suing for the recovery of pure
economic loss, is in no position to rely on an inference of wrongfulness flowing from an allegation of
physical damage to property (or injury to person) , because “the negligent causation of pure economic
loss is prima facie not wrongful in the delictual sense and does not give rise to liability for damages
unless policy considerations require that the plaintiff should be recompensed by the defendant for the
loss suffered”.’ 1
[18] This principle was further emphasised in Halomisa Investment Holdings: 2
‘. . . As a general rule our law does not allow for the recovery of pure economic loss. In
Country Cloud Trading CC v MEC, Department of Infrastructure Development , the
Constitutional Court said the following:
“. . . There is no general right not to be caused pure economic loss. S o our law is generally
reluctant to recognise pure economic loss claims, especially where it would constitute an
extension of the law of delict . . .”
Wrongfulness is an element of delictual liability. The test for wrongfulness was set out in Le
Roux and Others v Dey as follows:
“[I]n the context of the law of delict: (a) the criterion of wrongfulness ultimately depends on a
judicial determination of whether – assuming all the other elements of delictual liability to be
present – it would be reasonable to impose liability on a defendant for the damages flowing
from specific conduct; and (b) the judicial determination of that reasonableness would in turn
depend on considerations of public and legal policy and in accordance with constitutional
norms.
1 Home Talk Development (Pty) Ltd and Others v Ekurhuleni Metropolitan Municipality [2017] ZASCA
77; [2017] 3 All SA 382 (SCA); 2018 (1) SA 391 (SCA) para 1. (Citations omitted).
2 Halomisa Investments Holdings (RF) Ltd and Another v Kirkins & Others [2020] ZASCA 83; [2020] 3
All SA 650 (SCA); 2020 (5) SA 419 (SCA) para 58, 62 and 63. (Citations omitted).
9
The test for wrongfulness should not be confused with the fault requirement. The test
assumes that the defendant acted negligently or wilfully and asks whether, in the light
thereof, liability should follow”.’ (Citations omitted).
[19] These principles apply to Ms Hawarden’s claim. Our law does not generally
hold persons liable in delict for loss cause d to others by omission. . In Hawekwa,3
Brand JA stated as follows:
‘The principle regarding wrongful omissions have been formulated by this court on a number
of occasions in the recent past. These principles proceed from the premise that negligent
conduct which manifests itself in the form of a positive act causing physical harm to the
property or person of another is prima facie wrongful. By contrast, negligent conduct in the
form of an omission is not regarded as prima facie wrongful. Its wrongfulness depends on
the existence of a legal duty. The imposition of this legal duty is a matter for judicial
determination, involving criteria of public and legal policy consistent with constitutional
norms.
In the result, a negligent omission causing loss will only be regarded as wrongful and
therefore actionable if public or legal policy considerations require that such omissions, if
negligent, should attract legal liability for the resulting damages.. . .’ (Citations omitted).
[20] The issue of wrongfulness in th is matter needs to be considered having
regard to the following: That Ms Hawarden was not a client of ENS at the relevant
time and there was no contractual relationship between Ms Hawarden and ENS. Her
loss occurred at a time when there was no attorney-client relationship between them.
Ms Hawarden suffered loss, not as a result of any filing in the ENS system, but
because hackers had infiltrated her email account and fraudulently diverted her
payment meant for ENS into their own account. The interference that caused the
loss was as a result of her email account having been compromised . Ms Hawarden
loss was as a result of her email account having been compromised . Ms Hawarden
had been warned in the PGP letter about this very risk. In that instance she heeded
the warning and verified the account details. She, however, failed to do so three
months later in respect of ENS and was unable to explain her failure in that regard. It
would have been fairly easy for Ms Hawarden to have avoided the risk of which PG P
had warned her. As she did with Mr Lukhele of PG P earlier, she could have verified
3 Hawekwa Youth Camp and Another v Byrne [2009] ZASCA 156; [2010] 2 All SA 312 (SCA) ; 2010
(6) SA 83 (SCA) para 22. See also Cape Town City v Carelse [2020] ZASCA 117; [2020] 4 All SA 613
(SCA); 2021 (1) SA 355 (SCA) para 37.
10
ENS’ bank account details with either Ms Maninakis or Carrim, when she spoke to
them whilst at the bank. Both of them would no doubt have taken comfort from the
fact that she was at her bank ( Ms Hawarden banked at that very branch of Standard
Bank) and in professional hands. It was open to Ms Hawarden, who had enlisted the
assistance of Ms Shabalala, to assist her in verifying ENS’ bank details. She could
not explain why she did not do so. Ms Hawarden thus had ample means to protect
herself. Moreover, any warning by ENS of the risk of BEC would have been
meaningless, in the circumstances of this case, because by that time the cyber
criminal was already embedded in Ms Hawarden’s email account , consequently the
risk had already materialised.
[21] In this case, a finding that ENS’ failure to warn Ms Hawarden attracts liability
would have profound implications not just for the attorneys ’ profession, but all
creditors who send their bank details by email to their debtors. The ratio of the high
court judgment that all creditors in the position of ENS owe a legal duty to their
debtors to protect them from the possibility of their accounts being hacked is
untenable. The effect of the judgment of the high court is to require creditors to
protect their debtors against the risk of interception of their payments. The high court
should have declined to extend liability in this case because of the real danger of
indeterminate liability.
[22] In Country Cloud , 4 the Constitutional Court recognised the risk of
indeterminate liability as the main policy consideration that militates against the
recognition and liability for pure economic loss:
'In addition, if claims for pure economic loss are too -freely recognised, there is the risk of
"liability in an indeterminate amount for an indeterminate time to an indeterminate class."
Pure economic losses, unlike losses resulting from physical harm to the person or property –
Pure economic losses, unlike losses resulting from physical harm to the person or property –
“are not subject to the law of physics and can spread widely and unpredictably, for example,
where people react to incorrect information in a news report , or where the malfunction of an
electricity network causes shut -downs, expenses and losses of profits to busine sses that
depend on electricity”.’
4 Country Cloud Trading CC v MEC, Department of Infrastructure Development, Gauteng [2014]
ZACC 28; 2015 (1) SA 1 (CC); 2014 (12) BCLR 1397 (CC) para 24. (Citations omitted).
11
[23] In Country Cloud,5 the Constitutional Court identified ‘vulnerability to risk’ as
an important criterion for the determination of wrongfulness in claims for pure
economic loss. It held:
'It is settled that where a plaintiff has taken, or could reasonably have taken, steps to protect
itself from or to avoid loss suffered, this is an important factor counting against a finding of
wrongfulness in pure economic loss cases. In these circumstances, the plaintiff is not
“vulnerable to risk” and, so it is reasoned , there is no pressing need for the law of delict to
step in to protect the plaintiff against loss.'
[24] In Cape Empowerment Trust,6 Brand JA held:
'…What is now well established in our law is that a finding of non -vulnerability on the part of
the plaintiff is an important indicator against the imposition of delictual liability on the
defendant...In many cases there will be no sound reason for imposing a duty on the
defendant to protect the plaintiff from economic loss where it was reasonably open to the
plaintiff to take steps to protect itself. The vulnerability of the plaintiff to harm from the
defendant's conduct is therefore ordinarily a prerequisite to imposing a duty. If the plaintiff
has taken or could have taken steps to protect itself from the defendant’s conduct and was
not induced by the defendant's conduct from taking such steps, there is no reason why the
law should step in and impose a duty on the defendant to protect the plaintiff from the risk of
pure economic loss.'
[25] The court held in Two Oceans ,7 that the criteria of vulnerability to risk will
ordinarily only be satisfied 'where the plaintiff could not reasonably have avoided the
risk by other means . . . '. It is evident in this case that Ms Hawarden could
reasonably have avoided the risk by either asking Mr Carr im or Ms Maninakis to
verify the account details of ENS. Ms Hawarden had previously been made aware by
verify the account details of ENS. Ms Hawarden had previously been made aware by
PGP of the need to verify banking details and the risks of BEC fraud. She could also
have had her bank verify the banking details of ENS . She enlisted the help of her
bank to make the payment. She did so at the desk and on the computer of Ms
Shabalala. It would have been easy in those circumstances to have had her assist in
5 Country Cloud Trading CC v MEC, Department of Infrastructure Development, Gauteng [2014]
ZACC 28; 2015 (1) SA 1 (CC); 2014 (12) BCLR 1397 (CC) para 51. (Citations omitted).
6 Cape Empowerment Trust Limited v Fisher Hoffman Sithole [2013] ZASCA 16; [2013] 2 All SA 629
(SCA); 2013 (5) SA 183 (SCA) para 28 (Citations omitted).
7 Trustees for the Time Being of Two Oceans Aquarium Trust v Kantey & Templer (Pty) Ltd [2005]
ZASCA 109; [2007] 1 All SA 240 (SCA); 2006 (3) SA 138 (SCA) para 23.
12
verifying the bank details of ENS . There was thus more than sufficient protection
available to Ms Hawarden.
[26] In all of this, sight must not be lost as well of the fact that after weighing up
her options she elected , whilst at the bank , to forego a bank guarantee for a cash
transfer. As she had ample means available to her, she must in the circumstances
take responsibility for her failure to protect herself against a known risk. There can
thus be no reason to shift responsibility for her loss to ENS. It follows that Ms
Hawarden ought to have failed before the high court. Consequently, the appeal must
succeed.
[27] In the circumstances the following order is made:
1 The appeal is upheld with costs , such costs to include the costs of two
counsel where so employed.
2 The order of the high court is set aside and substituted with the following
order:
‘The Plaintiff’s claim is dismissed with costs, such costs to include the costs of
two counsel where so employed.’
________________________
F B A DAWOOD
ACTING JUDGE OF APPEAL
13
Appearances
For appellant: W Trengove SC (with R Ismail)
Instructed by: Clyde & Co, Johannesburg
Mayet & Associates, Bloemfontein.
For respondent: C.H.J Badenhorst SC (with M.D
Williams)
Instructed by: Werksmans Inc, Johannesburg
Matsepes Inc, Bloemfontein.