Am I correct in that if a customer claims an unauthorized transaction but states they wrote the PIN on the card we still have to reimburse??? Can they not be held liable for writing the PIN on the card?

You are correct. This is consumer protection at its finest.

Make sure you get all the details so you can determine whether any other protections may apply. As I recall, you may have an out there if the customer never told the bank that they had at one time "loaned" their card and PIN to an individual that later conducted an "unauthorized" transaction.

You can refuse to re-issue due to neglegence.

I disagree with this. It depends on if the card was given and abused, or later stolen. What is the difference in liability if X writes his PIN on his card and loses it, or if he wrote it on the card and it was stolen and used? None, these are unauthorized.

Say X gave his card to his son 6 months ago and it was used as agreed and immediately returned. Fast forward to today. Son (or someone) stole card and used it. The PIN may have been written on the card. You want to deny the claim because the son used it 6 months ago on an authorized basis. I wouldn't agree with that call. Instead of relying on 2(m)2 in the OSC, read further to 2(m)3. I believe that applies. An unofficial opinion I got from an FRB attorney agrees that so long as the card was taken back, there is no evergreen authority.

§205.2 Definitions.
2(m)2. If a consumer furnishes an access device and grants authority to make transfers to a person (such as a family member or co-worker) who exceeds the authority given, the consumer is fully liable for the transfers unless the consumer has notified the financial institution that transfers by that person are no longer authorized.

3. Access device obtained through robbery or fraud. An unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery.

I wouldn't deny the claim unless we could prove (or the customer told us) the son had conducted the "unauthorized" transaction. If we have that information, I think we can deny the claim if the customer never notified the Bank that such transfers were no longer authorized. We could have reissued the card to protect the Bank if we had been notified.

My original question is based on a lost or stolen card with the PIN written on it. Not a card that had been loaned for one transaction and later used without permission. So a stolen card with PIN on it that is used is an unauthorized transaction and needs to be reimbursed even though the customer was negligent in writing the number on the card. Right???

Right.