I think the only time the $50/$500 liability should be assigned to the customer is when their carelessness or negligence contributed to the loss. I know Reg E doesn't allow you to assign greater liability based on negligence, but you are allowed to assign this limited liability on that basis. For a customer who has not been negligent or careless, but still experiences an unauthorized transaction, why would you say to that customer, "We're sorry for your loss. We're not going to screw you over a lot, just a little, because the law allows us to do that."? Face it, most banks encourage their customers to take advantage of electronic transactions because it is more efficient for the bank that way and less costly (more profits). So when a customer does what you want them to do and then you still punish them when something bad happens, it seems counterproductive. I think that's where Visa came up with their zero liability policy.
It's the same way with Reg Z restitution issues. Reg Z and TIL allow you a tolerance that you can use when calculating the refund so that you don't wind up refunding the full amount of the error. But how do you explain that if the customer asks about it? By the same token, how do you explain to this ATM customer that they are still going to get dinged for $50? "Sorry, but that's just your bad luck for accepting a debit card in the first place. You don't expect the bank to bear the full risk for your engaging in this dangerous behavior, do you?"
_________________________
Jim Bedsole, CRCM, CBA, CFSA, CAFP
My posts - my opinions