Looking for some help with this example, new to this side of compliance and trying to get a handle. Customer reports on Monday his card is stolen over weekend and used without his authorization at an ATM location in a store. The card is still in the customers possession, but he has written his pin on the card and informs us he left his wallet in his unlocked truck over the weekend. Wife states it is probably the adult son or 2 other "family friends". Customer failed to even attempt to secure his card and pin in any kind of form or fashion. Customer also stated he had $150.00 in cash disappear too. Camera in store where transactions were completed, (2 each day for 200 each), was non-functioning, so no proof of who oommitted the crime. Are we really out the these withdrawals despite the customers carelessness??? If customer does not report to law enforcement, we will. Can't make heads or tails of the reg as it applies here. An ATM was used and the pin was used, due to the customer's negligence. Any hope here? Thanks for any help or advice you can give

Unfortunately you can't use negligence as a reason to deny restitution.

And welcome to BOL!

First, welcome to BankersOnline. You will find that there is quite a community of compliance professionals that share your frustration with Reg E.

The staff interpretations to 1005.6 are very clear about the role customer negligence plays in determining liability. Since the cardholder reported the theft timely, their maximum liability is $50.00. If you can determine that the customer gave the card and PIN to a third party and they used the card you can deny the claim based on 1005.2(m). Based on your description of events this does not seem likely. Regardless, the best way to minimize losses in this case may be to pay the customer $750, file your own police report if they refuse to, and never give this customer another card.

Consumer negligence. Negligence by the consumer cannot be used as the basis for imposing greater liability than is permissible under Regulation E. Thus, consumer behavior that may constitute negligence under state law, such as writing the PIN on a debit card or on a piece of paper kept with the card, does not affect the consumer's liability for unauthorized transfers. (However, refer to comment 2(m)-2 regarding termination of the authority of given by the consumer to another person.)

2(m)2 Authority. If a consumer furnishes an access device and grants authority to make transfers to a person (such as a family member or co-worker) who exceeds the authority given, the consumer is fully liable for the transfers unless the consumer has notified the financial institution that transfers by that person are no longer authorized.

Excellent Brian - only one other thing - if not already done, cancel the card immediately!

Oh, in case you're tempted to try to get the customer to file a police report before you provide reimbursement (or provisional credit), don't even think about making that a requirement (you can ask, but you cannot require it). You can tell the customer that, if the bank determines that the withdrawals weren't authorized and therefore reimburses the customer for his loss (less $50), the bank can then pursue the matter with the police on its own.