Credit and Recredit After ACH Funds Recovered

How should a credit union as the Receiving Depository Financial Institution (RDFI) handle a situation when the credit union recovers unauthorized ACH debits from the OriginatingDFI (ODFI) through the breach of warranty process? An example may help to clarify the question. A consumer-member disputes a series of ACH debits posted their account over the last several months as unauthorized, but the member is late in providing notice. The credit union recredits the member for the initial unauthorized ACH debits plus those that occur within 60 days of the statement being made on which the first unauthorized debit appear. The member is liable for the unauthorized debits after the 60 days until notice is provided to the credit union. The credit union is able to return the most recent unauthorized debits that occur in the last 60 days. In an attempt to recover the remaining funds, the credit union sends a notice to the ODFI requesting the member’s authorization and if the ODFI is unable provide the authorization, requests permission to initiate a late return. The ODFI is unable to provide the authorization, so it grants permission to process a late return. The credit union has now recovered the full amount of the unauthorized ACH debits claimed by the member. Can the credit union retain the amount that it recredited to the member (i.e., the credit union’s liability)? For the remaining funds recovered, should the credit union recredit the member? It seems to me that the credit union should recredit the member based on the concept of unjust enrichment.