Answer:
Regulation E's "notification within two business days" rule on limiting consumer liability only applies to situations in which an access device was lost or stolen and used without authority. That includes compromised numbers used fraudulently. It does not apply to unauthorized EFTs via ACH or other events for which an access device is not used. The two business days are counted from the date on which the consumer learns of the loss or theft of the device, not from when the loss or theft took place.
If no error took place, that is, if the investigation determines that the transaction was authorized, the consumer's liability is $0. If the transaction was unauthorized, and the Visa zero-liability rule applies, the consumer's liability is $0.
If the transaction was unauthorized and the Visa zero-liability rule does not apply for some reason and the consumer notified you of the loss or theft of the device within two business days of learning of its loss or theft, the $50 liability cap applies. If the consumer delayed notifying you until beyond two days from learning of the loss or theft, the $50/$500/unlimited liability rule in Section 205.6 applies, depending when the transaction took place.
First published on BankersOnline.com 1/18/10
print
share