by Brian Crow:
Not only did your cardholder not exercise reasonable care in safeguarding the card, even if the card were truly lost or stolen, your cardholder did not promptly notify the institution of the loss or theft. Both of these factors negate Zero Liability protections. Although Reg E does not apply to businesses, had this been a claim on a consumer account, Reg E would not have provided any protection either as this very situation is excluded from the definition of an electronic funds transfer error in 1005.2(m). In this case, the cardholder is responsible for the disputed charges.
(m) “Unauthorized electronic fund transfer” means an electronic fund transfer from a consumer's account initiated by a person other than the consumer without actual authority to initiate the transfer and from which the consumer receives no benefit. The term does not include an electronic fund transfer initiated:
(1) By a person who was furnished the access device to the consumer's account by the consumer, unless the consumer has notified the financial institution that transfers by that person are no longer authorized;
(2) With fraudulent intent by the consumer or any person acting in concert with the consumer; or
(3) By the financial institution or its employee.
by John Burnett:
First, Regulation E is not implicated here. So don't get hung up over the special Reg E definition of unauthorized EFT. I'd also say that I don't feel the Mastercard's zero liability policy is going to cover this customer, either, because he failed to safeguard his card. In my opinion, unless your bank made the major mistake of providing the customer Reg E disclosures that suggest he is covered by a consumer protection law and regulation, you are left with whatever contactual provisions apply to the account and the use of the card. Check out your account agreement and business card agreement to see where you and the customer stand.