My Reg E Officer wanted me to reach out to get some thoughts on a fraud case and similar situations.

Customer willingly provides information to fraudster over the phone. Fraudster sets up Zelle using the customer's account and transfers out $800. When receiving the fraud email from Zelle, the customer clicked "Yes" to approve the transfers. This was all less than $1000 they got our customer for, but should we be approving a Reg E credit for this as the customer not only provided their banking information but approved the transfer to a third party?

Secondly, we are seeing alot more P2P fraud with Zelle, Venmo, CashApp, aside from the usual Playstation and Xbox disputes. Any advice on handling P2P payment fraud?

As far as this scenario, "Customer willingly provides information to fraudster over the phone." along with "the customer clicked "Yes" to approve the transfers", that seals the deal and it was authorized.

Perfect. Thanks!

Some estimates put fraud rates on P2P payments in the range of 10-100 basis points of all transaction dollars. That's significantly higher than the estimates of 7-20 basis points for credit cards. When you combine high fraud rates with the rapid growth of P2P payments, that's a exponential increase in risk. A 35 basis point loss rate means $1 Billion in annual losses.

Customer education is key, but hard to execute effectively. Getting clients to quit using P2P payments with strangers would eliminate a lot of fraud. Another practice customers should avoid are using P2P services to purchase products.You can also encourage clients to double- and triple-check username, address, and phone number of the recipient before sending, and to enable the PIN capabilities on their P2P app.

On the bank side, here are some things that will help reduce fraud:

• Customer education
• Implement daily limits and transaction size limits
• Use fraud scores to detect suspicious payments
• Use digital identity tools, such as device ID
• Use transaction monitoring rules

Robust transaction monitoring will detect some potential fraud types by identifying transactions outside of normal account patterns. This would include a low activity account suddenly engaging to P2P transfers; unusually high dollar transfers, especially to a new recipient; and a change in contact number/method followed by payments originated from a new device or to a new payee.

Thanks for that, InFairness. I want to mention a personal gripe about one P2P service (that shall not be named) that allows users to share their joy at making a payment by notifying either everyone using the service or all their contacts who use the service that they have made a payment (amount isn't mentioned), to whom the payment was made and any "memo" (e.g., "for GS cookies"). There is a "private" choice that restricts the sharing of that information to the sender and recipient, but I get a dozen or so notifications each month that one of my contacts has paid someone for something, since "private" isn't the default choice upon signing up for the service.

It seems to me that this "oversharing" can set someone up as a scam target.

John,

That particular app and its settings are a pet peeve of mine too.