IBA Compliance Connection

Your go to source for compliance!

Under Regulation E, would it be considered an unauthorized transaction if a consumer is fraudulently induced to send an electronic payment — as opposed to when a consumer is induced to a provide a fraudster with their account information or access device?

by

admin

No, we do not believe that an electronic payment initiated by a consumer — even if fraudulently induced — would be considered an unauthorized transaction under Regulation E.

An “unauthorized electronic fund transfer” is defined as “an electronic fund transfer from a consumer’s account initiated by a person other than the consumer without actual authority to initiate the transfer and from which the consumer receives no benefit.”

The Official Interpretations for Regulation E provide that in cases where an electronic fund transfer is initiated by a person who obtained a consumer’s “access device” (such as their card or code) through fraud, the transaction is considered unauthorized. The Official Interpretations also provide that an electronic fund transfer at an ATM is unauthorized if a consumer is induced by force to initiate the transfer, but there are no exceptions noted for consumers who are induced by fraud to initiate a transfer.

For resources related to our guidance, please see:

  • Regulation E, 12 CFR 1005.2(m) (“‘Unauthorized electronic fund transfer’ means an electronic fund transfer from a consumer’s account initiated by a person other than the consumer without actual authority to initiate the transfer and from which the consumer receives no benefit.”)
  • Regulation E, Official Interpretations, Paragraph 2(m), comment 3 (“An unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery.”)
  • CFPB, Electronic Fund Transfers FAQs — Error Resolution: Unauthorized EFTs, Question 5 (December 13, 2021) (“A third party fraudulently induces a consumer into sharing account access information that is used to initiate an EFT from the consumer’s account. Does the transfer meet Regulation E’s definition of an unauthorized EFT? Yes . . . an unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery. Similarly, when a consumer is fraudulently induced into sharing account access information with a third party, and a third party uses that information to make an EFT from the consumer’s account, the transfer is an unauthorized EFT under Regulation E.”)
  • Regulation E, 12 CFR 1005.2(a)(1) (“‘Access device’ means a card, code, or other means of access to a consumer's account, or any combination thereof, that may be used by the consumer to initiate electronic fund transfers.”)
  • Regulation E, Official Interpretations, Paragraph 2(m), comment 4 (“An EFT at an ATM is an unauthorized transfer if the consumer has been induced by force to initiate the transfer.”)