Alerts
Fraud exception to unauthorized electronic transfers under the Electronic Funds Transfer Act
May 30, 2024
Consumer fraud continues to rise with losses of nearly $2.7 billion dollars related to imposter scams having been reported in 2023.[1] With the prevalence of digital banking, consumers and banks alike faced increased exposure and must understand the liabilities that various regulatory schemes may impose when such scams occur.
One such example is the Electronic Fund Transfer Act (EFTA), passed in 1978, which was implemented to “provide a basic framework establishing the rights, liabilities and responsibilities of participants in electronic fund and remittance transfer systems.”[2]
EFTA, in part, regulates a consumer’s responsibility for unauthorized electronic transfers, capping a consumer’s liability for unauthorized transfers at the lesser of: $50.00 or the amount of money or value of property or services obtained in such unauthorized electronic fund transfer prior to the time the financial institution is notified of, or becomes aware of, circumstances which lead to the reasonable belief that an unauthorized electronic fund transfer involving the consumer’s account has been or may be effected.[3]
EFTA defines an “unauthorized electronic transfer,” in part, as:
“an electronic fund transfer from a consumer’s account initiated by a person other than the consumer without actual authority to initiate such transfer and from which the consumer receives no benefit, but the term does not include any electronic fund transfer (A) initiated by a person other than the consumer who was furnished with the card, code, or other means of access to such consumer’s account by such consumer, unless the consumer has notified the financial institution involved that the transfers by such other person are no longer authorized.”[4]
Pursuant to the plain language of EFTA, where a third party has been provided with access to the account by the consumer, electronic transfers initiated by the third party are considered to be authorized unless the consumer has notified the bank that third party no longer has authorization. The Board of Governors of the Federal Reserve System and the Consumer Financial Protection Bureau have both developed regulations to implement EFTA and similarly define “unauthorized electronic transfers.”[5]
The official interpretations proffered by both regulators, however, include an important carve-out for instances of fraud, which state: “an unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery.”[6]
The exception provides protection for consumers whose accounts are accessed through fraud or robbery and, in practice, has been found to apply even where the consumer voluntarily provided the third party with access to his or her account.
This is exemplified by the United States District Court for the Southern District of New York’s decision in Green v. Capital One.[7]
Green was a Capital One customer who attempted to transfer funds to his friend through the mobile payment application “Cash App,” a product of Square, Inc. (Square).[8] The friend received a notification that the transfer was completed, but did not receive access to the funds.[9] In an effort to resolve the matter, Green and his friend found a phone number online, which was allegedly affiliated with Cash App’s customer support team and together called to speak with a representative.[10] The number, however, belonged to a fraudster who was attempting to steal personal information from Cash App users.[11] During the course of the call, Green provided the third party with personal information concerning his bank account.[12] Thereafter, Green deleted the app from his phone, but soon discovered that the fraudster had transferred in excess of $1,000 from his account to unknown third parties.[13]
Green reported the transactions to Capital One and initially received a refund while Capital One conducted its investigation.[14] Several months later, however, Capital One reversed three of the four refunds and determined that the alleged fraud was the responsibility of Green and Square.[15]Green then filed suit against both Capital One and Square, Inc. alleging, in part, that Capital One violated EFTA.[16] Capital One moved to dismiss the complaint alleging that the transactions were not “unauthorized” because Green voluntarily provided the fraudster with both his personal and account information.[17]
Applying a Federal Rule of Civil Procedure 12(b)(6) analysis, the court held that Green adequately stated a claim for a violation of EFTA §1693g(a).[18] Based on the official interpretations, the court reasoned that access obtained by fraud is distinguishable from access legitimately granted and later revoked.[19] Accordingly, the court found that because the access to Green’s account information was furnished under fraudulent pretenses, the transactions were not authorized under EFTA.[20]
As a result, EFTA’s fraud exception for unauthorized electronic transfers is just one example of the pivotal role regulatory schemes play in resolving disputes involving fraudulent activity on a consumer’s account.
The financial services attorneys at Chuhak & Tecson, P.C. can help financial institutions navigate the rights and liabilities imposed by the EFTA and a range of other significant issues affecting institutions.
Client alert authored by Martin J. Crowley (312 855 4604), Associate.
This Chuhak & Tecson, P.C. communication is intended only to provide information regarding developments in the law and information of general interest. It is not intended to constitute advice regarding legal problems and should not be relied upon as such.
[1] As Nationwide Fraud Losses Top $10 Billion in 2023, FTC Steps Up Efforts to Protect the Public, Federal Trade Commission (Feb. 9, 2024), https://www.ftc.gov/news-events/news/press-releases/2024/02/nationwide-fraud-losses-top-10-billion-2023-ftc-steps-efforts-protect-public
[2] 15 U.S.C. 1693(b)
[3] 15 U.S.C. 1693g(a)(1)-(2)
[4] 15 U.S.C. §1693a(12)(A)
[5] See 12 C.F.R. §205.2(m); 12 C.F.R. §1005.2(m).
[6] See 12 C.F.R. §205, Supp. I at 2(m); 12 C.F.R. §1005, Supp. I at 2(m).
[7] 557 F.Supp.3d 441 (S.D.N.Y. 2021).
[8] Id. at 444.
[9] Id.
[10] Id. at 445.
[11] Id.
[12] Id.
[13] Id.
[14] Id.
[15] Id.
[16] Id.
[17] Id. at 447.
[18] Id. at 447-48.
[19] Id. at 448.
[20] Id.