Answer:
This is a difficult scenario because of the initial authority to use the card and PIN. In the definition of an "unauthorized EFT," quoted below, we see that a transaction is not considered unauthorized if it was done by someone who had authority to use an access device, even if the specific transaction in question was not approved by the cardholder, if the cardholder had not contacted the bank to terminate the authority.
There is also information, in the Staff Commentary to the regulation, that says that an EFT made by someone who steals an access device is unauthorized.
Here is your cite for authorized/unauthorized use:
Section 205.2(m) Unauthorized electronic fund transfer means an electronic fund transfer from a consumer's account initiated by a person other than the consumer without actual authority to initiate the transfer and from which the consumer receives no benefit. The term does not include an electronic fund transfer initiated:
(1) By a person who was furnished the access device to the consumer's account by the consumer, unless the consumer has notified the financial institution that transfers by that person are no longer authorized;
And here is the OSC cite addressing theft:
3. An unauthorized EFT includes a transfer initiated by a person who obtained the access device from the consumer through fraud or robbery.
Regulation E is decidedly a consumer protection regulation. When there are apparent conflicts, we should lean in the consumer's favor. In this case, we believe that the theft trumped the earlier grant of authority.
If the card had not been returned to the customer after she gave it to her son, there would not have been a theft, and we would argue that the transactions were authorized under Section 205.2(m), if completed by the son.
The fact that the unauthorized transaction claim was made by the brother (not involved in the account) is immaterial.
First published on BankersOnline.com 05/3/04. Revised 12/16/04
print
share