Answer:
Start by basing your counting of the 60-day period from the date the statement was SENT (not when it was "cut") showing the earliest of the unauthorized EFTs. When you have determined the date that is 60 calendar days after that statement was sent, you reimburse the consumer for any of the unauthorized EFTs that occurred on or before that date. Any that occurred after that date are the consumer's responsibility.
The regulation was written without differentiating between the date a transaction was "authorized" and the date that it posts. So you won't find your answer in the rule itself. But consider that the rule is designed to make the consumer responsible for transactions that could have been prevented if the consumer had contacted the bank by the 60th day. If that's the day on which the consumer notifies the bank, any transaction that was initiated before the consumer contact can't be stopped, so I would suggest that looking at the authorization date, rather than the posting date to decide which party pays for the transaction is reasonable. Of course, since this is more protective of the consumer than using only the posting date, you'd be in safer territory if a court looked at your actions.
print
share