Regulation E was originally written back in the 1980s and some parts of it could still be brought more current. This definition is one of the problem areas that could certainly use some commentary, but it also falls under the general caveat I issue to all compliance officers: "Be careful what you wish for," which is one reason that I imagine there isn't a long line of compliance officers begging the Bureau for some clarity on this issue.
I happen to take the consumer-centric view that these one-off authorizations end when the access device is returned to the cardholder's control. However (and here's the rub) the access device doesn't have to be the plastic card. The card number, expiration date and security code constitute the access device in the case of telephone or internet initiated transactions. So there is an argument that sometimes the authorization is ongoing even after the card is returned.
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8