Question of the Week
Posted: Jun 9, 2022 | Author:
Cornerstone Compliance Team
Question: If a member is tricked into providing debit card
information to a 3rd party who then uses it to purchase items,
can we deny the claim under Reg E, since the member willingly provided the
access information?
Answer: No. To cite the CFPB’s December 2021 guidance:
“Regulation E defines an unauthorized EFT as an EFT from a consumer’s account initiated by a person other than the consumer without actual authority to initiate the transfer and from which the consumer receives no benefit. 12 CFR 1005.2(m). Comment 1005.2(m)-3 explains further that an unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery. Similarly, when a consumer is fraudulently induced into sharing account access information with a third party, and a third party uses that information to make an EFT from the consumer’s account, the transfer is an unauthorized EFT under Regulation E.”
It doesn’t even matter if the member was negligent in handing over the information:
Regulation E sets forth the conditions in which consumers may be held liable for unauthorized transfers, and its commentary expressly states that negligence by the consumer cannot be used as the basis for imposing greater liability than is permissible under Regulation E. 12 CFR 1005.6; Comment 6(b)-2.
We highly recommend that you educate your members as to safe uses of their access information, including debit card and deposit account numbers, and to report any unauthorized activity as soon as possible to minimize losses.
Subscribe
Sign up to the receive the weekly InfoSight eNewsletter email. Existing subscribers can manage their subscription.
