>"Identity theft" is just a clever name for "fraud" that shifts the responsibility away from the bank.
Indeed. Here's an analogy I like using (warning: ethical argument follows, not a legal advice).
Say, you give your car keys to a valet to park, along with the fee.
You come back to find no car. The valet informs you that they already gave away the vehicle to a homeless person that "kinda looked like you, man" because they asked for it.
You never get your car back.
Now, I personally think it is very fair to hold the company that employed the valet 100% liable for the damages.
The business of operating valet parking comes with certain obligations, one of which is to keep your vehicle safe, and return it to you and only to you. If they can't do that, they shouldn't be in that business. It's not your problem that the valet got high and fulfilled an authorized request. They owe you a vehicle.
Same with a bank. Allowing unauthorized (meaning: unauthorized by you) access to your account is the failure of a bank to do its job and fulfill its obligations to you.
For that, the bank is fully liable. The damages that the thief thus caused to the bank should not be your concern.
------
TL;DR: a thief is guilty for stealing from the bank. The bank is guilty for letting someone else access your account. Both are 100% liable - for different things.
Indeed. Here's an analogy I like using (warning: ethical argument follows, not a legal advice).
Say, you give your car keys to a valet to park, along with the fee.
You come back to find no car. The valet informs you that they already gave away the vehicle to a homeless person that "kinda looked like you, man" because they asked for it.
You never get your car back.
Now, I personally think it is very fair to hold the company that employed the valet 100% liable for the damages.
The business of operating valet parking comes with certain obligations, one of which is to keep your vehicle safe, and return it to you and only to you. If they can't do that, they shouldn't be in that business. It's not your problem that the valet got high and fulfilled an authorized request. They owe you a vehicle.
Same with a bank. Allowing unauthorized (meaning: unauthorized by you) access to your account is the failure of a bank to do its job and fulfill its obligations to you.
For that, the bank is fully liable. The damages that the thief thus caused to the bank should not be your concern.
------
TL;DR: a thief is guilty for stealing from the bank. The bank is guilty for letting someone else access your account. Both are 100% liable - for different things.