Skip to content
BOL Conferences
Thread Options
#2270259 - 05/10/22 04:36 PM EFT Providers under Reg E?
mnbanker09 Offline
100 Club
Joined: Jan 2018
Posts: 128
Are online merchants such as Amazon and Ebay considered EFT providers under Reg E? I did find an error resolution disclosure online for Amazon, so I assume yes?

A customer that disputes unauthorized transactions from these merchants (where debit card was used as payment), and these transactions derived from their respective merchant account, can we defer to that merchant for error resolution? Or do we still have to investigate, and could have potential liability?

Return to Top
Deposits and Payments
#2270261 - 05/10/22 04:49 PM Re: EFT Providers under Reg E? mnbanker09
rlcarey Online
10K Club
rlcarey
Joined: Jul 2001
Posts: 83,219
Galveston, TX
I am not quite sure what you are saying. Is the customer claiming their Amazon or Ebay account has been hacked?
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#2270314 - 05/11/22 03:10 PM Re: EFT Providers under Reg E? mnbanker09
Valley girl Offline
Gold Star
Joined: Aug 2014
Posts: 394
TX
I asked the CFPB this very question. If a member's account with a retailer is used for fraudulent purchases (the purchases show up on the member's purchase history), how can we be liable if the card number was never compromised? The fraudster can't get the card number to use elsewhere because it is either masked or tokenized within the merchant's "payment methods." We have this situation happen all the time anymore with food apps, Uber, food delivery, Amazon, Cash App, etc. We end up cancelling the card because we have no dispute rights if the card is active.

The CFPB responded that they are working on new FAQs. Which frightens me.

We follow our error resolution procedures and investigate/reimburse on these claims because the current FAQs make it pretty apparent that we are responsible for anything that may happen with a debit card. It makes "investigation" fairly easy - basically we are just here to give money back.

Return to Top
#2270316 - 05/11/22 03:17 PM Re: EFT Providers under Reg E? rlcarey
mnbanker09 Offline
100 Club
Joined: Jan 2018
Posts: 128
rlcarey - yes, in the situation where their merchant account has been hacked, would we have liability under Reg E, or these merchants?

Return to Top
#2270317 - 05/11/22 03:20 PM Re: EFT Providers under Reg E? Valley girl
mnbanker09 Offline
100 Club
Joined: Jan 2018
Posts: 128
Valley girl - yes I agree that the recent FAQs make it clear that we need to investigate the claims under Reg E. I'm just wondering to the extent our investigation leads to their "Amazon" account being hacked and purchases are made, would those merchants be liable for error resolution (refund the customer) or are we as the FI?

Return to Top
#2270324 - 05/11/22 05:15 PM Re: EFT Providers under Reg E? mnbanker09
Valley girl Offline
Gold Star
Joined: Aug 2014
Posts: 394
TX
No, I don't believe those merchants are liable for error resolution. It still falls on us because the money left the bank account on the debit card rails. The CFPB doesn't care how access was gained to the bank account, just that the consumer did not authorize that transaction. And if an unauthorized transaction is reported to us, we have the liability.

This is what you get when you apply 1970's language to modern systems.

Return to Top
#2270333 - 05/11/22 06:41 PM Re: EFT Providers under Reg E? mnbanker09
Flower123 Offline
New Poster
Joined: Nov 2021
Posts: 21
Valley girl - When was the comment below made, before or after the December FAQs? Just wondering if another set of FAQs are in the works.


The CFPB responded that they are working on new FAQs. Which frightens me.

Return to Top
#2270347 - 05/11/22 07:59 PM Re: EFT Providers under Reg E? mnbanker09
Valley girl Offline
Gold Star
Joined: Aug 2014
Posts: 394
TX
I wrote a rant to "contact us at CFPB" after the latest FAQs and explained how many cards a week we cancel that don't need to be cancelled due to the above types of disputes. I helpfully had an email from Chipotle explaining to our member that although Chipotle could see the member's Chipotle account had been compromised, the member needed to go to their FI for reimbursement. The transactions at Chipotle all exceeded $50 (there were 3 or 4 transactions total) so I wanted to try disputing them to see if the company would pony up the funds. Which led to cancelling yet another card that was never compromised with the impending chip shortage hovering on the horizon.

I was contacted by an attorney from the CFPB that said my email had passed through a lot of people at the CFPB and he was one of the authors of the newest FAQs. He said that they were going to start working on new FAQs. I told him my hope was that they involved experts that could explain how systems work and find a way to lessen the load on us. But I don't hold out much hope if any at all.

Return to Top

Moderator:  John Burnett