Skip to content
BOL Conferences
Learn More - Click Here!

Thread Options
#532301 - 04/17/06 02:12 PM Unauthorized ACH
#12 Online
Diamond Poster
Joined: Jun 2005
Posts: 1,343
Here's my situation. We had a customer report to us on Friday (April 14) that there have been unauthorized ACH transactions on his statements going back to July of 2005. Can someone help me out on what we need to give back to him, or where I should start looking? Thank you!
_________________________
CRCM

Return to Top
Operations Compliance
#532302 - 04/17/06 03:19 PM Re: Unauthorized ACH
PJ Offline
100 Club
Joined: Sep 2005
Posts: 115
Do you mean how to start researching or what the compliance issues are? If it's the compliance issues, start with Reg E error resolution and your deposit contract. Assuming your contract is not more restrictive than Reg E -- the customer had 60 days to notify the bank of an error after a periodic statement was sent showing the first error. They are liable for the lesser of $50 or the amount of unauthorized EFTs occuring during the 60 day period PLUS the amount of unauthorized EFTs that occured after the 60 days and before notice to the bank. You'll want to take whatever steps you need to take to make sure there aren't any more. (I don't know anything about ACH rules and what you have to do to return an unauthorized transaction.) I have seen some banks that just refund the amount exceeding $50 during the 60 day period if it's not much money. If you choose to investigate, you'll need to start looking at whether or not these were authorized. The party initiating the EFTs would have to have customer authorization. Also remember you'll have to follow the Reg E investigation rules - make a determination within 10 days or provisionally recredit. But again, this would only be for the amount w/in the 60 day period.

Return to Top
#532303 - 04/17/06 03:34 PM Re: Unauthorized ACH
mcgwirefan Offline
Junior Member
Joined: Apr 2006
Posts: 26
Okay, so here is my question. On Friday, April 14th one of our account officers noticed several entries on a customers account that was overdrawing the account. WE contacted the customer and asked if these items were legite. He said no and thought he knew who had made the entries. There are 34 entries in the amount of $49.99. The total amount is $1699.66. Are we required to start with a Reg E and do we need to refund the customer the entire amount since all entries were under $50.00? Since the customer did not notify us are we still under the Reg E regulation?

Return to Top
#532304 - 04/17/06 03:42 PM Re: Unauthorized ACH
#12 Online
Diamond Poster
Joined: Jun 2005
Posts: 1,343
Thanks PJ, yes I was looking at compliance issues, specifically how much the customer was going to be liable for considering he took his sweet time notifying us!
_________________________
CRCM

Return to Top
#532305 - 04/17/06 03:46 PM Re: Unauthorized ACH
blue Offline
Platinum Poster
Joined: Jul 2005
Posts: 793
I am not greatly familiar with Reg E so I can't be of much help there. The next part of your issue is the transactions that occurred between the ODFI and the RDFI and your rights there. NACHA's 2006 Guidelines, page 105 will help there.
I am curious as the answer you will get to your last question regarding did the customer notify you. I would say they did notify you these transactions were unauthorized when they responded to your inquiry. However, I am but a novice as such things and defer to the greater wisdom of BOL.
I really do learn a lot by reviewing the Threads. I am so glad this resource exists.

Return to Top
#532306 - 04/17/06 04:00 PM Re: Unauthorized ACH
PJ Offline
100 Club
Joined: Sep 2005
Posts: 115
Quote:

Okay, so here is my question. On Friday, April 14th one of our account officers noticed several entries on a customers account that was overdrawing the account. WE contacted the customer and asked if these items were legite. He said no and thought he knew who had made the entries. There are 34 entries in the amount of $49.99. The total amount is $1699.66. Are we required to start with a Reg E and do we need to refund the customer the entire amount since all entries were under $50.00? Since the customer did not notify us are we still under the Reg E regulation?



What kind of items were they? Again - I don't know anything about ACH return rules. But if the item(s) were presented Friday and you knew they were unauthorized on Friday, did you return them? As far as liability goes, I think that once the bank knows there are unauthorized transactions, you would be considered to have been notified. When calculating liability, it's an aggregate within certain time frames - not each transaction. It depends somewhat on the type of transaction - for example if they were debit card transactions or preauthorized transfers (see liability and the commentary to 12 CFR 205.6)

Return to Top
#532307 - 04/17/06 04:07 PM Re: Unauthorized ACH
mcgwirefan Offline
Junior Member
Joined: Apr 2006
Posts: 26
We think they were initated via telephone by a friend of the man's son. The account officer paid the items on Friday and later in the day got ahold of our customer who then said they were not legite. So you believe, according to Reg E, we need to refund the customer $1649.66?

Return to Top
#532308 - 04/17/06 04:11 PM Re: Unauthorized ACH
John Burnett Offline
10K Club
John Burnett
Joined: Oct 2000
Posts: 40,086
Cape Cod
The ACH return rules govern what you may return to the Originator under what circumstances. They do not relate to the original question, which is where to look for rules that govern what the customer is entitled to recover.

You can't assume anything here without knowing first what kind of account is affected? Is it a consumer account, or a business account?

Second piece of information we need is the type of tranaction that hit the account, apparently once a week. You have said ACH, but are they really ACH? Are they card-initiated (POS)? Are they true ACH transactions (and if so, what type of ACH transactions -- WEB, PPD, TEL?)?
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8

Return to Top
#532309 - 04/17/06 04:15 PM Re: Unauthorized ACH
#12 Online
Diamond Poster
Joined: Jun 2005
Posts: 1,343
This is a consumer account, they have hit the account twice a month since July of 2005. They are WEB ACH transactions. Thanks for they help, the question was clear in my mind!!
_________________________
CRCM

Return to Top
#532310 - 04/17/06 04:17 PM Re: Unauthorized ACH
mcgwirefan Offline
Junior Member
Joined: Apr 2006
Posts: 26
This it for the 34 transactions totaling $1699. We noticed the entries starting around March 7, 2006 and have continued to today. It has affected a consumer account and they are TEL transactions.

Return to Top
#532311 - 04/17/06 04:18 PM Re: Unauthorized ACH
mcgwirefan Offline
Junior Member
Joined: Apr 2006
Posts: 26
Sorry #12, I started a question within your question. I think I am confusing people. I will start my own thread.

Return to Top
#532312 - 04/17/06 04:29 PM Re: Unauthorized ACH
John Burnett Offline
10K Club
John Burnett
Joined: Oct 2000
Posts: 40,086
Cape Cod
OK. So now you know that Regulation E will apply. These are not "access device" transactions, since they are apparently originated using the customer's account number, not a card number. Accordingly, the rules in ยง 205.6(b)(3) will determine the customer's liability --- regardless of the fact that the customer is woefully late in notifying the bank.

Start by determining whether the transactions were authorized by your customer. Don't forget that to be unauthorized, the customer must not have benefited from the transactions. If the transactions were unauthorized, look for the statement showing the first of the string of unauthorized transfers. Determine when that statement was delivered (mailed or otherwise made available) to your customer. That's your starting date.

Then determine the date that is 60 days after the starting date. That's your ending date. Any of the transactions that posted on or before the ending date is the bank's responsibility. Any that posted after the ending date are the customer's responsibility, unless the bank is subject to a state law (as it would be in Massachusetts) that says otherwise.

Whether the bank wishes to cover any part of the customer's liability here is up to the bank, of course.

As to the WEB transfers, the bank may, if it obtains the required WSUPP from its customer, recover any transfer that's not already 60 days old at the time it uses the ACH R10 adjustment entry to send it back.
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8

Return to Top
#532313 - 04/17/06 04:32 PM Re: Unauthorized ACH
#12 Online
Diamond Poster
Joined: Jun 2005
Posts: 1,343
Thanks John, I appreciate the help on a confusing topic!
_________________________
CRCM

Return to Top
#532314 - 04/17/06 04:47 PM Re: Unauthorized ACH
mcgwirefan Offline
Junior Member
Joined: Apr 2006
Posts: 26
One more question for my problem: Our ACH provider will allow us to return entries for the past ten days for free but then they charge us $15.00 for every entry after that. Can we pass the charge on to the customer?

Return to Top
#532315 - 04/17/06 04:55 PM Re: Unauthorized ACH
John Burnett Offline
10K Club
John Burnett
Joined: Oct 2000
Posts: 40,086
Cape Cod
Your customer is entitled to the protections of Regulation E (you said a consumer is involved), and you can't charge the consumer for that coverage.

Going back to the specifics of your question (and you are correct, it would have been a lot clearer to have used your own thread, instead of hijacking this one), it appears that everything has occurred within the last 60 days. Thus everything should be eligible for return using the R10 adjusting entry, provided you get the appropriate WSUPP from your customer.

Because a card was not involved, I see no justification for pushing ANY liability on your customer. No $50, no nothing.
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8

Return to Top
#532316 - 04/17/06 11:39 PM Re: Unauthorized ACH
Latitude 21 Offline
Member
Joined: Sep 2004
Posts: 93
John, isn't the receiving bank liable for the items that were processed after 60 days from the transaction settlement dates and before 60 days from statement date? I was under the impression that there was a window between the ACH Rules and the Reg E deadlines that exposes all receiving banks to potential loss from unauthorized entries. We have to recredit the consumer, but we may not be able to return the ACH entry. As always, great threads...

Return to Top
#532317 - 04/18/06 12:11 PM Re: Unauthorized ACH
John Burnett Offline
10K Club
John Burnett
Joined: Oct 2000
Posts: 40,086
Cape Cod
The RDFI is able to return unauthorized ACH debits to consumer accounts if the debits are not yet more than 60 days past their settlement dates. Any older debits cannot be returned via the ACH, but they continue to be subject to the NACHA warranties of authorization (and thus, theoretically, capable of being the focus of a civil suit under those warranties, directed at the ODFI and/or Originator).

The consumer is entitled to escape liability for the transactions that occurred before the end of the 60-day period counted from the date of delivery of the statement showing the first unauthorized debit of the group.

Whether the account-holding bank will suffer a loss will largely depend upon the timing of the individual transactions that are being refunded and returned.
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8

Return to Top
#532318 - 04/19/06 02:49 PM Re: Unauthorized ACH
#12 Online
Diamond Poster
Joined: Jun 2005
Posts: 1,343
Ok, I think I understand, I just want to check my timeline:
Customer received first statement with errors on July 1, 2005. They notified us April 14, 2006.

We need to refund customer all unauthorized amounts from July 1, 2005 to August 29, 2005. They are responsible for items after that. However, we can return any unauthorized ACH from about February 13 until now, so really the customer is liable for about 5 1/2 months of transactions (Sept - Jan & 1/2 of Feb)?
_________________________
CRCM

Return to Top
#532319 - 04/19/06 05:06 PM Re: Unauthorized ACH
John Burnett Offline
10K Club
John Burnett
Joined: Oct 2000
Posts: 40,086
Cape Cod
Refund any unauthorized transfers prior to August 29 (including those shown on the July 1 statement). That is all the customer is entitled to.

Recover any unauthorized ACH from mid-Febuary 2006 and later.

And happy birthday!
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8

Return to Top
#532320 - 04/19/06 05:11 PM Re: Unauthorized ACH
#12 Online
Diamond Poster
Joined: Jun 2005
Posts: 1,343
Thanks and thanks!
_________________________
CRCM

Return to Top

Moderator:  Andy_Z, John Burnett