Reg E Unauthorized Transactions Liability

Answered by:

Question:

A consumer customer had 76 WEB/ACH unauthorized transactions occur between July 8, 2014, and July 27, 2015, totaling $74,143. The bank was able to return the most current 60 day transactions to the originating bank. The transactions were performed by the customer's secretary to pay her personal bills. What is the remaining liability to the bank?

Answer:

Start by making sure that you have passed along to your customer the credit you obtained by returning the most recent 60 days' transactions.

There is no "statute of limitations" on the consumer's right to claim an EFT was not authorized. For transactions that appear on statements provided more than 60 days before the claim was received, the bank does not have to comply with the error resolution timing and notice (or provisional credit) requirements under section 1005.11 of Regulation E. However, the bank does have to comply with section 1005.6.

Under 1005.6, the consumer is responsible for unauthorized EFTs occurring more than 60 days after the delivery of the account statement showing the first unauthorized ACH EFT (UEFT). The first UEFT was on July 8, 2014. Determine when the statement was provided that showed that UEFT, and determine the date that is 60 calendar days later. Call it the consumer liability date. Any UEFTs occurring after the consumer liability date are the consumer's responsibility. The bank should refund any UEFTs occurring from July 8, 2014, through the consumer liability date.

For example, assume that the July 8, 2014 UEFT appears on the July 25, 2014, statement, sent (mailed) on July 25, 2014. Count 60 days from July 25, bringing you to September 23, 2014. Any of the UEFTs occurring on or before 9/23/14 will be subject to reimbursement to the consumer. Anything after 9/23/14 will not.

Answer:

Follow-up note by John Burnett: Because the question indicated that the customer was a consumer, my earlier response was based on Regulation E. However, the question went on to say that the customer's secretary was making the transactions to pay her personal bills. That raises the possibility that the account in question could have been a business account. If that had been the case, and assuming the financial institution had not made Regulation E disclosures to the customer that may be considered contractual obligations under state law, Regulation E would not have applied to the account and the claim at all. In that case, the bank's deposit contract with the customer would have controlled.