P2P payments and Regulation E error resolution
Over the last several years, the use of mobile applications to transfer money through person-to-person (P2P) payments has been gaining traction at record speeds.
Zelle reported that nearly half a trillion dollars were sent during 2021 using its platform. Considering that Zelle is not the only P2P mechanism, one can only imagine the true figure when adding all platforms together. And given the prevalence and ease of use of mobile payments, you can reasonably expect that amount to continue to increase over time.
With the ease of use, speed at which payments are processed and increasing popularity of the P2P system come concerns about fraud and an additional way for scammers to take advantage of the everyday consumer.
Regulation E error resolution questions arise
One of the most common ways fraudsters are able to make transfers through the P2P platform is through fraudulently obtained credentials.
Recently, Wipfli has received a large number of questions from financial institutions regarding the Regulation E error resolution requirements pertaining to P2P payments and what the financial institution’s responsibilities are in cases when the account owner willingly provides account access information. The Consumer Financial Protection Bureau (CFPB) has stated that when a consumer is induced by a fraudster to provide access information through fraudulent means (such as social engineering or hacking), the fraudster did not have valid authority to initiate that transfer under the regulation; thus, it is an unauthorized EFT under Regulation E. The financial institution must conduct appropriate investigations and limit consumer liability accordingly.
Consumer negligence is also not a viable exclusion from coverage of Regulation E. While financial institutions may counsel consumers on the importance of proper password and other security protections on their access devices, a financial institution cannot refuse to investigate a claim because of these best practices were not in place and resulted in the theft or unauthorized use of the access device.
P2P frauds will continue and almost certainly become more sophisticated over time. It’s a good idea for financial institutions to periodically reach out to consumers to provide tips to minimize the risks associated with these payment platforms. This would reduce not only the potential for consumer loss but also the potential loss for financial institutions from investigations related to the losses.
Electronic Funds Transfer FAQs can help
In December 2021, the CFPB expanded its Electronic Funds Transfer FAQs to address, among other things, a financial institution’s responsibilities with respect to unauthorized P2P payments. Although not a replacement for the language in the regulation, the FAQs help to clarify the Bureau’s intent and expectations regarding the handling of these and other types of EFTs.
Make sure individuals at your institution who are responsible for handling Regulation E errors familiarize themselves with the FAQs so they are prepared to respond appropriately to consumer disputes. And if you still have questions, feel free to reach out to the compliance specialists at Wipfli for assistance.