Automated Exclusion and Legal Certainty in a Digitalised Financial Market

The judgment delivered by the Hordaland District Court on 29 September 2025 raises a fundamental legal issue at the intersection of digitalisation, the duty to contract and EEA law. The question is to what extent automated systems and technical pre-screening may replace the individual assessment required by law when access to basic payment services is concerned.

Formally, the case concerned the application of section 4-1 of the Norwegian Financial Contracts Act.^[1] Substantively, it addresses a broader challenge to legal certainty arising from automated exclusion, understood here as system-based denial of access without an individual assessment of the customer’s legal position.

The claimant, a Norwegian national lawfully resident in another EEA state, was refused access to a payment account offered through the bank’s fully digital banking concept. The refusal was not based on any individual circumstances relating to the customer, but on a predefined technical criterion linked to registered residence in the Norwegian National Population Register. Where the applicant was not registered as resident in Norway, the application process was automatically terminated.

The District Court held that this entailed that no individual assessment was carried out, contrary to the requirement laid down in section 4-1(1) of the Financial Contracts Act.^[2] In practice, the system design operated as an absolute legal condition, established through technology and internal routines rather than by statute or regulation.

The Court first examined whether the account in question constituted “payment services on standard terms” within the meaning of section 4-1(1). Relying on the preparatory works, the Court emphasised that the assessment must relate to the specific service offered, not to the bank’s overall product portfolio.^[3]

The Court further noted that section 4-1 implements Directive 2014/92/EU on the comparability of fees related to payment accounts, payment account switching and access to payment accounts with basic features.^[4] Articles 16 and 17 of the Directive secure consumers’ access to a payment account with basic features. The fact that the account was offered exclusively through a fully digital solution did not alter its character as an ordinary payment account in a predominantly cashless market.

The central issue was whether the bank had legitimate grounds for refusing the application, cf section 4-1(1). The Court stressed that this requirement must be interpreted restrictively, in line with the preparatory works.^[5] The assessment must also be carried out in conformity with Norway’s obligations under EEA law, pursuant to the presumption principle as consistently applied by the Supreme Court.^[6]

Of particular importance was the Court’s reliance on Article 15 of the Payment Accounts Directive, which establishes an explicit prohibition against discrimination based on nationality or place of residence for consumers lawfully resident in an EEA state. On this basis, the Court concluded that a categorical refusal based solely on residence in another EEA state is incompatible with the Directive and therefore cannot constitute legitimate grounds under section 4-1 of the Financial Contracts Act.

The Court’s interpretation is consistent with concerns expressed by the European Commission regarding the practical implementation of Article 15, including persistent barriers to cross-border access to payment accounts in digital onboarding processes.^[7]

The judgment may be viewed in a broader context relating to digital infrastructure and legal certainty. Legal scholarship has highlighted how private actors’ technical and organisational choices may, in practice, acquire normative effect by determining who is able to participate in digital private and public services. A recurring feature of such cases is that standardisation and efficiency are achieved at the expense of individual assessment and legal reviewability.

The District Court’s judgment clarifies that system design cannot establish de facto exceptions to statutory rights. Where the legal framework requires an individual assessment, whether under section 4-1 of the Financial Contracts Act, anti-money-laundering legislation or EEA non-discrimination rules, this requirement cannot be eliminated through automated processes or business models.

The case was argued before the Hordaland District Court by the undersigned counsel on behalf of the claimant. The judgment is final. In my view, it provides a clear legal point of departure for further consideration of the relationship between digitalisation and legal certainty, and sets a firm boundary for the extent to which financial institutions may automate decisions that, by law, require an individual assessment.

^{[1] Financial Contracts Act (finansavtaleloven) § 4-1(1).
[2] Hordaland District Court, judgment 29 September 2025, case no 24-186995TVI-THRD/TBER.
[3] Proposition to the Storting No 92 LS (2019–2020) paras 26.5 and 26.6; specific comments to s 4-1 at 375.
[4] Directive 2014/92/EU of the European Parliament and of the Council of 23 July 2014 [2014] OJ L257/214.
[5] Proposition No 92 LS (2019–2020) 374–375.
[6]  HR-2000-49-B (Finanger I).
[7] European Commission, Report on the application of Directive 2014/92/EU, COM(2023) 249 final, section 3.1.}