|
[Main Tabs]
[Table of Contents - 6500]
[Index]
[Previous Page]
[Next Page]
[Search]
6500 - Consumer Protection
{{10-31-06 p.7389}}
SUPPLEMENT I TO PART 205OFFICIAL STAFF
INTERPRETATIONS
Section
205.2--Definitions.
2(a) Access Device
1. Examples. The term access device includes debit
cards, personal identification numbers (PINs), telephone transfer and
telephone bill payment codes, and other means that may be used by a
consumer to initiate an electronic fund transfer (EFT) to or from a
consumer account. The term does not include magnetic tape or other
devices used internally by a financial institution to initiate
electronic transfers.
2. Checks used to capture information. The term
"access device" does not include a check or draft used to capture
the MICR (Magnetic Ink Character Recognition) encoding to initiate a
one-time ACH debit. For example, if a consumer authorizes a one-time
ACH debit from the consumer's account using a blank, partially
completed, or fully completed and signed check for the merchant to
capture the routing, account, and serial numbers to initiate the debit,
the check is not an access device. (Although the check is not an access
device under Regulation E, the transaction is nonetheless covered by
the regulation. See comment 3(b)(1)--1.v)
2(b) Account
1. Consumer asset account. The term consumer asset
account includes:
i. Club accounts, such as vacation clubs. In many cases, however,
these accounts are exempt from the regulation under § 205.3(c)(5)
because all electronic transfers to or from the account have been
preauthorized by the consumer and involve another account of the
consumer at the same institution.
ii. A retail repurchase agreement (repo), which is a loan made to a
financial institution by a consumer that is collateralized by
government or government-insured securities.
2. Certain employment-related cards not covered. The
term "payroll card account" does not include a card used solely
to disburse incentive-based payments (other than commissions which can
represent the primary means through which a consumer is paid), such as
bonuses, which are unlikely to be a consumer's primary source of
salary or other compensation. The term also does not include a card
used solely to make disbursements unrelated to compensation, such as
petty cash reimbursements or travel per diem payments. Similarly, a
payroll card account does not include a card that is used in isolated
instances to which an employer typically does not make recurring
payments, such as when providing final payments or in emergency
situations when other payment methods are unavailable. However, all
transactions involving the transfer of funds to or from a payroll card
account are covered by the regulation, even if a particular transaction
involves payment of a bonus, other incentive-based payment, or
reimbursement, or the transaction does not represent a transfer of
wages, salary, or other employee compensation.
3. Examples of accounts not covered by Regulation E (12 CFR part
205) include:
i. Profit-sharing and pension accounts established under a trust
agreement, which are exempt under § 205.2(b)(2).
ii. Escrow accounts, such as those established to ensure payment of
items such as real estate taxes, insurance premiums, or completion of
repairs or improvements.
iii. Accounts for accumulating funds to purchase U.S. savings
bonds.
Paragraph 2(b)(2)
1. Bona fide trust agreements. The term bona fide trust
agreement is not defined by the act or regulation; therefore, financial
institutions must look to state or other applicable law for
interpretation.
2. Custodial agreements. An account held under a
custodial agreement that qualifies as a trust under the Internal
Revenue Code, such as an individual retirement account, is
considered to be held under a trust agreement for purposes of
Regulation E.
2(d) Business Day
1. Duration. A business day includes the entire 24-hour
period ending at midnight, and a notice required by the regulation is
effective even if given outside normal business hours. The regulation
does not require, however, that a financial institution make telephone
lines available on a 24-hour basis.
{{10-31-06 p.7390}}
2. Substantially all business functions.
"Substantially all business functions" include both the
public and the back-office operations of the institution. For example,
if the offices of an institution are open on Saturdays for handling
some consumer transactions (such as deposits, withdrawals, and other
teller transactions), but not for performing internal functions (such
as investigating account errors), then Saturday is not a business day
for that institution. In this case, Saturday does not count toward the
business-day standard set by the regulation for reporting lost or
stolen access devices, resolving errors, etc.
3. Short hours. A financial institution may determine,
at its election, whether an abbreviated day is a business day. For
example, if an institution engages in substantially all business
functions until noon on Saturdays instead of its usual 3:00 p.m.
closing, it may consider Saturday a business day.
4. Telephone line. If a financial institution makes a
telephone line available on Sundays for reporting the loss or theft of
an access device, but performs no other busi-ness functions, Sunday is
not a business day under the "substantially all business
functions" standard.
2(h) Electronic Terminal
1. Point-of-sale (POS) payments initiated by telephone.
Because the term electronic terminal excludes a telephone operated
by a consumer, a financial institution need not provide a terminal
receipt when:
i. A consumer uses a debit card at a public telephone to pay for
the call.
ii. A consumer initiates a transfer by a means analogous in
function to a telephone, such as by home banking equipment or a
facsimile machine.
2. POS terminals. A POS terminal that captures data
electronically, for debiting or crediting to a consumer's asset
account, is an electronic terminal for purposes of Regulation E if no
access device is used to initiate the transaction. (See § 205.9 for
receipt requirements.)
2(k) Preauthorized Electronic Fund Transfer
1. Advance authorization. A "preauthorized
electronic fund transfer" under Regulation E is one authorized by
the consumer in advance of a transfer that will take place on a
recurring basis, at substantially regular intervals, and will require
no further action by the consumer to initiate the transfer. In a
bill-payment system, for example, if the consumer authorizes a
financial institution to make monthly payments to a payee by means of
EFTs, and the payments take place without further action by the
consumer, the payments are preauthorized EFTs. In contrast, if the
consumer must take action each month to initiate a payment (such as by
entering instructions on a touch-tone telephone or home computer), the
payments are not preauthorized EFTs.
3. Teller-operated terminals. A terminal or other
computer equipment operated by an employee of a financial institution
is not an electronic terminal for purposes of the regulation. However,
transfers initiated at such terminals by means of a consumer's access
device (using the consumer's PIN, for example) are EFTs and are subject
to other requirements of the regulation. If an access device is used
only for identification purposes or for determining the account
balance, the transfers are not EFTs for purposes of the regulation.
2(m) Unauthorized Electronic Fund Transfer
1. Transfer by institution's employee. A consumer has no
liability for erroneous or fraudulent transfers initiated by an
employee of a financial institution.
2. Authority. If a consumer furnishes an access device
and grants authority to make transfers to a person (such as a family
member or co-worker) who exceeds the authority given, the consumer is
fully liable for the transfers unless the consumer has notified the
financial institution that transfers by that person are no longer
authorized.
3. Access device obtained through robbery or fraud. An
unauthorized EFT includes a transfer initiated by a person who obtained
the access device from the consumer through fraud or robbery.
4. Forced initiation. An EFT at an automated teller
machine (ATM) is an unauthorized transfer if the consumer has been
induced by force to initiate the transfer.
5. Reversal of direct deposits. The reversal of a direct
deposit made in error is not an unauthorized EFT when it involves:
i. A credit made to the wrong consumer's account;
ii. A duplicate credit made to a consumer's account; or
iii. A credit in the wrong amount (for example, when the amount
credited to the consumer's account differs from the amount in the
transmittal instructions).
{{12-29-06 p.7391}}
Section
205.3--Coverage
3(a) General
1. Accounts covered. The requirements of the regulation
apply only to an account for which an agreement for EFT services to or
from the account has been entered into between:
i. The consumer and the financial institution (including an account
for which an access device has been issued to the consumer, for
example);
ii. The consumer and a third party (for preauthorized debits or
credits, for example), when the account-holding institution has
received notice of the agreement and the fund transfers have begun.
2. Automated clearing house (ACH) membership. The fact
that membership in an ACH requires a financial institution to accept
EFTs to accounts at the institution does not make every account of that
institution subject to the regulation.
3. Foreign applicability. Regulation E applies to all
persons (including branches and other offices of foreign banks located
in the United States) that offer EFT services to residents of any
state, including resident aliens. It covers any account located in the
United States through which EFTs are offered to a resident of a state.
This is the case whether or not a particular transfer takes place in
the United States and whether or not the financial institution is
chartered in the United States or a foreign country. The regulation
does not apply to a foreign branch of a U.S. bank unless the EFT
services are offered in connection with an account in a state as
defined in § 205.2(1).
3(b) Electronic fund transfer
3(b)(1)--Definition
3(b)(1)1 Fund transfers covered. The term electronic
fund transfer includes:
i. A deposit made at an ATM or other electronic terminal (including
a deposit in cash or by check) provided a specific agreement exists
between the financial institution and the consumer for EFTs to or from
the account to which the deposit is made.
ii. A transfer sent via ACH. For example, social security benefits
under the U.S. Treasury's direct-deposit program are covered, even if
the listing of payees and payment amounts reaches the account-holding
institution by means of a computer printout from a correspondent bank.
iii. A preauthorized transfer credited or debited to an account in
accordance with instructions contained on magnetic tape, even if the
financial institution holding the account sends or receives a composite
check.
iv. A transfer from the consumer's account resulting from a
debit-card transac- tion at a merchant location, even if no electronic
terminal is involved at the time of the transaction, if the consumer's
asset account is subsequently debited for the amount of the transfer.
v. A transfer via ACH where a consumer has provided a check to
enable the merchant or other payee to capture the routing, account, and
serial numbers to initiate the transfer, whether the check is blank,
partially completed, or fully completed and signed; whether the check
is presented at POS or is mailed to a merchant or other payee or
lockbox and later converted to an EFT; or whether the check is retained
by the consumer, the merchant or other payee, or the payee's financial
institution.
vi. A payment made by a bill payer under a bill-payment service
available to a consumer via computer or other electronic means, unless
the terms of the bill-payment service explicitly state that all
payments, or all payments to a particular payee or payees, will be
solely by check, draft, or similar paper instrument drawn on the
consumer's account, and the payee or payees that will be paid in this
manner are identified to the consumer.
3(b)(1)2 Fund transfers not covered. The term electronic
fund transfer does not include:
i. A payment that does not debit or credit a consumer asset
account, such as a payroll allotment to a creditor to repay a credit
extension (which is deducted from salary).
ii. A payment made in currency by a consumer to another person at
an electronic terminal.
iii. A preauthorized check drawn by the financial institution on
the consumer's account (such as an interest or other recurring payment
to the consumer or another party), even if the check is
computer-generated.
iv. Transactions arising from the electronic collection,
presentment, or return of checks through the check collection system,
such as through transmission of electronic check images.
{{12-29-06 p.7392}}
Paragraph 3(b)(2)--Electronic Fund Transfer Using Information
From a Check
1. Notice at POS not furnished due to inadvertent error.
If the copy of the notice under section 205.3(b)(2)(ii) for ECK
transactions is not provided to the consumer at POS because of a bona
fide unintentional error, such as when a terminal printing mechanism
jams, no violation results if the payee maintains procedures reasonably
adapted to avoid such occurrences.
2. Authorization to process a transaction as an EFT or as a
check. In order to process a transaction as an EFT or
alternatively as a check, the payee must obtain the consumer's
authorization to do so. A payee may, at its option, specify the
circumstances under which a check may not be converted to an EFT. (See
model clauses in Appendix A--6.)
3. Notice for each transfer. Generally, a notice to
authorize an electronic check conversion transaction must be provided
for each transaction. For example, a consumer must receive a notice
that the transaction will be processed as an EFT for each transaction
at POS or each time a consumer mails a check in an accounts receivable
(ARC) transaction to pay a bill, such as a utility bill, if the payee
intends to convert a check received as payment. Similarly, the consumer
must receive notice if the payee intends to collect a service fee for
insufficient or uncollected funds via an EFT for each transaction
whether at POS or if the consumer mails a check to pay a bill. The
notice about when funds may be debited from a consumer's account and
the non-return of consumer checks by the consumer's financial
institution must also be provided for each transaction. However, if in
an ARC transaction, a payee provides a coupon book to a consumer, for
example, for mortgage loan payments, and the payment dates and amounts
are set out in the coupon book, the payee may provide a single notice
on the coupon book stating all of the required disclosures under
paragraph (b)(2) of this section in order to obtain authorization for
each conversion of a check and any debits via EFT to the consumer's
account to collect any service fees imposed by the payee for
insufficient or uncollected funds in the consumer's account. The
notice must be placed on a conspicuous location of the coupon book that
a consumer can retain--for example, on the first page, or inside the
front cover.
4. Multiple payments/multiple consumers. If a merchant
or other payee will use information from a consumer's check to
initiate an EFT from the consumer's account, notice to a consumer
listed on the billing account that a check provided as payment during a
single billing cycle or after receiving an invoice or statement will be
processed as a one-time EFT or as a check transaction constitutes
notice for all checks provided in payment for the billing cycle or the
invoice for which notice has been provided, whether the check(s) is
submitted by the consumer or someone else. The notice applies to all
checks provided in payment for the billing cycle or invoice until the
provision of notice on or with the next invoice or statement. Thus, if
a merchant or other payee receives a check as payment for the consumer
listed on the billing account after providing notice that the check
will be processed as a one-time EFT, the authorization from that
consumer constitutes authorization to convert any other checks provided
for that invoice or statement. Other notices required under this
paragraph (b)(2) (for example, to collect a service fee for
insufficient or uncollected funds via an EFT) provided to the consumer
listed on the billing account also constitutes notice to any other
consumer who may provide a check for the billing cycle or invoice.
5. Additional disclosures about ECK transactions at POS.
When a payee initiates an EFT at POS using information from the
consumer's check, and returns the check to the consumer at POS, the
payee need not provide a notice to the consumer that the check will not
be returned by the consumer's financial institution.
Paragraph 3(b)(3)--Collection of Returned Item Fees via
Electronic Fund Transfer
1. Fees imposed by account-holding institution. The
requirement to obtain a consumer's authorization to collect a fee via
EFT for the return of an EFT or check unpaid applies only to the person
that intends to initiate an EFT to collect the
{{12-29-06 p.7392.01}}returned item fee from the consumer's account. The
authorization requirement does not apply to any fees assessed by the
consumer's account-holding financial institution when it returns the
unpaid underlying EFT or check or pays the amount of an overdraft.
2. Accounts receivable transactions. In an accounts
receivable (ARC) transaction where a consumer sends in a payment for
amounts owed (or makes an in-person payment at a biller's physical
location, such as when a consumer makes a loan payment at a bank branch
or places a payment in a dropbox), a person seeking to electronically
collect a fee for items returned unpaid must obtain the consumer's
authorization to collect the fee in this manner. A consumer authorizes
a person to electronically collect a returned item fee when the
consumer receives notice, typically on an invoice or statement, that
the person may collect the fee through an EFT to the consumer's
account, and the consumer goes forward with the underlying transaction
by providing payment. The notice must also state the dollar amount of
the fee. However, an explanation of how that fee will be determined may
be provided in place of the dollar amount of the fee if the fee may
vary due to the amount of the transaction or due to other factors, such
as the number of days the underlying transaction is left outstanding.
For example, if a state law permits a maximum fee of $30 or 10% of the
underlying transaction, whichever is greater, the person collecting the
fee may explain how the fee is determined rather than state a specific
dollar amount for the fee.
3. Disclousre of dollar amount of fee for POS
transactions. The notice provided to the consumer in connection
with a POS transaction under § 205.3(b)(3)(ii) must state the amount
of the fee for a returned item if the dollar amount of the fee can be
calculated at the time the notice is provided or mailed. For example,
if notice is provided to the consumer at the time of the transaction,
if the applicable state law sets a maximum fee that may be collected
for a returned item based on the amount of the underlying transaction
(such as where the amount of the fee is expressed as a percentage of
the underlying transaction), the person collecting the fee must state
the actual dollar amount of the fee on the notice provided to the
consumer. Alternatively, if the amount of the fee to be collected
cannot be calculated at the time of the transaction (for example, where
the amount of the fee will depend on the number of days a debt
continues to be owed), the person collecting the fee may provide a
description of how the fee will be determined on both the posted notice
as well as on the notice provided at the time of the transaction.
However, if the person collecting the fee elects to send the consumer
notice after the person has initiated an EFT to collect the fee, that
notice must state the amount of the fee to be collected.
4. Third party providing notice. The person initiating
an EFT to a consumer's account to electronically collect a fee for an
item returned unpaid may obtain the authorization and provide the
notices required under § 205.3(b)(3) through third parties, such as
merchants.
3(c) Exclusion From Coverage
Paragraph 3(c)(1)--Checks
1. Re-presented checks. The electronic re-presentment of
a returned check is not covered by Regulation E because the transaction
originated by check. Regulation E does apply, however, to any fee
debited via an EFT from a consumer's account by the payee because the
check was returned for
{{2-28-06 p.7393}}insufficient or uncollected funds. The
person debiting the fee electronically must obtain the consumer's
authorization.
2. Check used to capture information for a one-time EFT.
See comment 3(b)(1)--1.v.
Paragraph 3(c)(2)--Check Guarantee or Authorization
1. Memo posting. Under a check guarantee or check
authorization service, debiting of the consumer's account occurs when
the check or draft is presented for payment. These services are exempt
from coverage, even when a temporary hold on the account is memo-posted
electronically at the time of authorization.
Paragraph 3(c)(3)--Wire or Other Similar Transfers
1. Fedwire and ACH. If a financial institution makes a
fund transfer to a consumer's account after receiving funds through
Fedwire or a similar network, the transfer by ACH is covered by the
regulation even though the Fedwire or network transfer is exempt.
2. Article 4A. Financial institutions that offer
telephone-initiated Fedwire payments are subject to the requirements of
UCC section 4A--202, which encourages verification of Fedwire payment
orders pursuant to a security procedure established by agreement
between the consumer and the receiving bank. These transfers are not
subject to Regulation E and the agreement is not considered a telephone
plan if the service is offered separately from a telephone bill-payment
or other prearranged plan subject to Regulation E. The Board's
Regulation J (12 CFR part 210) specifies the rules applicable to
funds handled by Federal Reserve Banks. To ensure that the rules for
all fund transfers through Fedwire are consistent, the Board used its
preemptive authority under UCC section 4A--107 to determine that
subpart B of Regulation J (12 CFR part 210), including the provisions
of Article 4A, applies to all fund transfers through Fedwire, even if a
portion of the fund transfer is governed by the EFTA. The portion of
the fund transfer that is governed by the EFTA is not governed by
subpart B of Regulation J (12 CFR part 210).
3. Similar fund transfer systems. Fund transfer systems
that are similar to Fedwire include the Clearing House Interbank
Payments System (CHIPS), Society for Worldwide Interbank Financial
Telecommunication (SWIFT), Telex, and transfers made on the books of
correspondent banks.
Paragraph 3(c)(4)--Securities and Commodities Transfers
1. Coverage. The securities exemption applies to
securities and commodities that may be sold by a registered
broker-dealer or futures commission merchant, even when the security or
commodity itself is not regulated by the Securities and Exchange
Commission or the Commodity Futures Trading Commission.
2. Example of exempt transfer. The exemption applies to
a transfer involving a transfer initiated by a telephone order to a
stockbroker to buy or sell securities or to exercise a margin call.
3. Examples of nonexempt transfers. The exemption does
not apply to a transfer involving:
i. A debit card or other access device that accesses a securities
or commodities account such as a money market mutual fund and that the
consumer uses for purchasing goods or services or for obtaining cash.
ii. A payment of interest or dividends into the consumer's account
(for example, from a brokerage firm or from a Federal Reserve Bank for
government securities).
Paragraph 3(c)(5)--Automatic Transfers by Account-Holding
Institution
1. Automatic transfers exempted. The exemption applies
to:
i. Electronic debits or credits to consumer accounts for check
charges, stop-payment charges, NSF charges, overdraft charges,
provisional credits, error adjustments, and similar items that are
initiated automatically on the occurrence of certain events.
ii. Debits to consumer accounts for group insurance available only
through the financial institution and payable only by means of an
aggregate payment from the institution to the insurer.
{{2-28-06 p.7394}}
iii. EFTs between a thrift institution and its paired commercial
bank in the state of Rhode Island, which are deemed under state law to
be intra-institutional.
iv. Automatic transfers between a consumer's accounts within the
same financial institution, even if the account holders on the two
accounts are not identical.
2. Automatic transfers not exempted. Transfers between
accounts of the consumer at affiliated institutions (such as
between a bank and its subsidiary or within a holding company) are
not intra-institutional transfers, and thus do not qualify for the
exemption.
Paragraph 3(c)(6)--Telephone-Initiated Transfers
1. Written plan or agreement. A transfer that the
consumer initiates by telephone is covered by Regulation E if the
transfer is made under a written plan or agreement between the consumer
and the financial institution making the transfer. A written statement
available to the public or to account holders that describes a service
allowing a consumer to initiate transfers by telephone constitutes a
plan--for example, a brochure, or material included with periodic
statements. The following, however, do not, by themselves, constitute a
written plan or agreement:
i. A hold-harmless agreement on a signature card that protects the
institution if the consumer requests a transfer.
ii. A legend on a signature card, periodic statement, or passbook
that limits the number of telephone-initiated transfers the consumer
can make from a savings account because of reserve requirements under
Regulation D (12 CFR part 204).
iii. An agreement permitting the consumer to approve by telephone
the rollover of funds at the maturity of an instrument.
2. Examples of covered transfers. When a written plan or
agreement has been entered into, a transfer initiated by a telephone
call from a consumer is covered even though:
i. An employee of the financial institution completes the transfer
manually (for example, by means of a debit memo or deposit slip).
ii. The consumer is required to make a separate request for each
transfer.
iii. The consumer uses the plan infrequently.
iv. The consumer initiates the transfer via a facsimile machine.
v. The consumer initiates the transfer using a financial
institution's audio-response or voice-response telephone system.
Paragraph 3(c)(7)--Small Institutions
1. Coverage. This exemption is limited to preauthorized
transfers; institutions that offer other EFTs must comply with the
applicable sections of the regulation as to such services. The
preauthorized transfers remain subject to sections 913, 915, and 916 of
the act and § 205.10(e), and are therefore exempt from UCC Article
4A.
Section
205.4--General Disclosure Requirements; Jointly Offered
Services
4(a) Form of Disclosures
1. General. Although no particular rules govern type
size, number of pages, or the relative conspicuousness of various
terms, the disclosures must be in a clear and readily understandable
written form that the consumer may retain. Numbers or codes are
considered readily understandable if explained elsewhere on the
disclosure form.
2. Foreign language disclosures. Disclosures may be made
in languages other than English, provided they are available in English
upon request.
Section
205.5--Issuance of Access Devices
1. Coverage. The provisions of this section limit the
circumstances under which a financial institution may issue an access
device to a consumer. Making an additional account accessible through
an existing access device is equivalent to issuing an access device and
is subject to the limitations of this section.
5(a) Solicited Issuance
Paragraph 5(a)(1)
1. Joint account. For a joint account, a financial
institution may issue an access device to each account holder if the
requesting holder specifically authorizes the issuance.
2. Permissible forms of request. The request for an
access device may be written
{{2-28-06 p.7395}}or oral (for example, in response to a
telephone solicitation by a card issuer).
Paragraph 5(a)(2)
1. One-for-one rule. In issuing a renewal or substitute
access device, only one renewal or substitute device may replace a
previously issued device. For example, only one new card and PIN may
replace a card and PIN previously issued. A financial institution may
provide additional devices at the time it issues the renewal or
substitute access device, however, provided the institution complies
with § 205.5(b). (See comment 5(b)--5.) If the replacement device or
the additional device permits either fewer or additional types of
electronic fund transfer services, a change-in-terms notice or new
disclosures are required.
2. Renewal or substitution by a successor institution. A
successor institution is an entity that replaces the original financial
institution (for example, following a corporate merger or acquisition)
or that acquires accounts or assumes the operation of an EFT system.
5(b) Unsolicited Issuance
1. Compliance. A financial institution may issue an
unsolicited access device (such as the combination of a debit card and
PIN) if the institution's ATM system has been programmed not to accept
the access device until after the consumer requests and the institution
validates the device. Merely instructing a consumer not to use an
unsolicited debit card and PIN until after the institution verifies the
consumer's identity does not comply with the regulation.
2. PINS. A financial institution may impose no liability
on a consumer for unauthorized transfers involving an unsolicited
access device until the device becomes an "accepted access
device" under the regulation. A card and PIN combination may be
treated as an accepted access device once the consumer has used it to
make a transfer.
3. Functions of PIN. If an institution issues a PIN at
the consumer's request, the issuance may constitute both a way of
validating the debit card and the means to identify the consumer
(required as a condition of imposing liability for unauthorized
transfers).
4. Verification of identity. To verify the consumer's
identity, a financial institution may use any reasonable means, such as
a photograph, fingerprint, personal visit, sig-nature comparison, or
personal information about the consumer. However, even if reasonable
means were used, if an institution fails to verify correctly the
consumer's identity and an imposter succeeds in having the device
validated, the consumer is not liable for any unauthorized transfers
from the account.
5. Additional access devices in a renewal or
substitution. A financial institution may issue more than one
access device in connection with the renewal or substitution of a
previously issued accepted access device, provided that any additional
access device (beyond the device replacing the accepted access device)
is not validated at the time it is issued, and the institution complies
with the other requirements of § 205.5(b). The institution may, if it
chooses, set up the validation procedure such that both the device
replacing the previously issued device and the additional device are
not validated at the time they are issued, and validation will apply to
both devices. If the institution sets up the validation procedure in
this way, the institution should provide a clear and readily
understandable disclosure to the consumer that both devices are
unvalidated and that validation will apply to both devices.
Section
205.6--Liability of Consumer for Unauthorized Transfers
6(a) Conditions for Liability
1. Means of identification. A financial institution may
use various means for identifying the consumer to whom the access
device is issued, including but not limited to:
i. Electronic or mechanical confirmation (such as a PIN).
ii. Comparison of the consumer's signature, fingerprint, or
photograph.
2. Multiple users. When more than one access device is
issued for an account, the financial institution may, but need not,
provide a separate means to identify each user of the
account.
{{2-28-06 p.7396}}
6(b) Limitations on Amount of Liability
1. Application of liability provisions. There are three
possible tiers of consumer liability for unauthorized EFTs depending on
the situation. A consumer may be liable for (1) up to $50; (2) up to
$500; or (3) an unlimited amount depending on when the unauthorized EFT
occurs. More than one tier may apply to a given situation because each
corresponds to a different (sometimes overlapping) time period or set
of conditions.
2. Consumer negligence. Negligence by the consumer
cannot be used as the basis for imposing greater liability than is
permissible under Regulation E. Thus, consumer behavior that may
constitute negligence under state law, such as writing the PIN on a
debit card or on a piece of paper kept with the card, does not affect
the consumer's liability for unauthorized transfers. (However, refer to
comment 2(m)-2 regarding termination of the authority of given by the
consumer to another person.)
3. Limits on liability. The extent of the consumer's
liability is determined solely by the consumer's promptness in
reporting the loss or theft of an access device. Similarly, no
agreement between the consumer and an institution may impose greater
liability on the consumer for an unauthorized transfer than the limits
provided in Regulation E.
Paragraph 6(b)(1)--Timely Notice Given
1. $50 limit applies. The basic liability limit is $50.
For example, the consumer's card is lost or stolen on Monday and the
consumer learns of the loss or theft on Wednesday. If the consumer
notifies the financial institution within two business days of learning
of the loss or theft (by midnight Friday), the consumer's liability is
limited to $50 or the amount of the unauthorized transfers that
occurred before notification, whichever is less.
2. Knowledge of loss or theft of access device. The fact
that a consumer has received a periodic statement that reflects
unauthorized transfers may be a factor in determining whether the
consumer had knowledge of the loss or theft, but cannot be deemed to
represent conclusive evidence that the consumer had such knowledge.
3. Two-business-day rule. The two-business-day period
does not include the day the consumer learns of the loss or theft or
any day that is not a business day. The rule is calculated based on two
24-hour periods, without regard to the financial institution's
business hours or the time of day that the consumer learns of the loss
or theft. For example, a consumer learns of the loss or theft at 6 p.m.
on Friday. Assuming that Saturday is a business day and Sunday is not,
the two-business-day period begins on Saturday and expires at 11:59
p.m. on Monday, not at the end of the financial institution's business
day on Monday.
Paragraph 6(b)(2)--Timely Notice Not Given
1. $500 limit applies. The second tier of liability is
$500. For example, the consumer's card is stolen on Monday and the
consumer learns of the theft that same day. The consumer reports the
theft on Friday. The $500 limit applies because the consumer failed
to notify the financial institution within two business days of
learning of the theft (which would have been by midnight Wednesday).
How much the consumer is actually liable for, however, depends on
when the unauthorized transfers take place. In this example,
assume a $100 unauthorized transfer was made on Tuesday and a $600
unauthorized transfer on Thursday. Because the consumer is liable
for the amount of the loss that occurs within the first two business
days (but no more than $50), plus the amount of the unauthorized
transfers that occurs after the first two business days and before the
consumer gives notice, the consumer's total liability is $500 ($50 of
the $100 transfer plus $450 of the $600 transfer, in this example). But
if $600 was taken on Tuesday and $100 on Thursday, the consumer's
maximum liability would be $150 ($50 of the $600 plus $100).
Paragraph 6(b)(3)--Periodic Statement; Timely Notice
Not Given
1. Unlimited liability applies. The standard of
unlimited liability applies if unauthorized transfers appear on a
periodic statement, and may apply in conjunction with the first two
tiers of liability. If a periodic statement shows an unauthorized
transfer
{{2-28-06 p.7397}}made with a lost or stolen debit card, the
consumer must notify the financial institution within 60 calendar days
after the periodic statement was sent; otherwise, the consumer faces
unlimited liability for all unauthorized transfers made after the
60-day period. The consumer's liability for unauthorized transfers
before the statement is sent, and up to 60 days following, is
determined based on the first two tiers of liability: up to $50 if the
consumer notifies the financial institution within two business days of
learning of the loss or theft of the card and up to $500 if the
consumer notifies the institution after two business days of learning
of the loss or theft.
2. Transfers not involving access device. The first two
tiers of liability do not apply to unauthorized transfers from a
consumer's account made without an access device. If, however, the
consumer fails to report such unauthorized transfers within 60 calendar
days of the financial institution's transmittal of the periodic
statement, the consumer may be liable for any transfers occurring after
the close of the 60 days and before notice is given to the institution.
For example, a consumer's account is electronically debited for $200
without the consumer's authorization and by means other than the
consumer's access device. If the consumer notifies the institution
within 60 days of the transmittal of the periodic statement that shows
the unauthorized transfer, the consumer has no liability. However, if
in addition to the $200, the consumer's account is debited for a $400
unauthorized transfer on the 61st day and the consumer fails to notify
the institution of the first unauthorized transfer until the 62nd day,
the consumer may be liable for the full $400.
Paragraph 6(b)(4)--Extension of Time Limits
1. Extenuating circumstances. Examples of circumstances
that require extension of the notification periods under this section
include the consumer's extended travel or hospitalization.
Paragraph 6(b)(5)--Notice to Financial Institution
1. Receipt of notice. A financial institution is
considered to have received notice for purposes of limiting the
consumer's liability if notice is given in a reasonable manner, even if
the consumer notifies the institution but uses an address or telephone
number other than the one specified by the institution.
2. Notice by third party. Notice to a financial
institution by a person acting on the consumer's behalf is considered
valid under this section. For example, if a consumer is hospitalized
and unable to report the loss or theft of an access device, notice is
considered given when someone acting on the consumer's behalf notifies
the bank of the loss or theft. A financial institution may require
appropriate documentation from the person representing the consumer to
establish that the person is acting on the consumer's behalf.
3. Content of notice. Notice to a financial institution
is considered given when a consumer takes reasonable steps to provide
the institution with the pertinent account information. Even when the
consumer is unable to provide the account number or the card number in
reporting a lost or stolen access device or an unauthorized transfer,
the notice effectively limits the consumer's liability if the consumer
otherwise identifies sufficiently the account in question. For example,
the consumer may identify the account by the name on the account and
the type of account in question.
Section
205.7--Initial Disclosures
7(a) Timing of Disclosures
1. Early disclosures. Disclosures given by a financial
institution earlier than the regulation requires (for example, when the
consumer opens a checking account) need not be repeated when the
consumer later enters into an agreement with a third party to initiate
preauthorized transfers to or from the consumer's account, unless the
terms and conditions differ from those that the institution previously
disclosed. This interpretation also applies to any notice provided
about one-time EFTs from a consumer's account initiated using
information from the consumer's check. On the other hand, if an
agreement for EFT services to be provided by an account-holding
institution is directly between the consumer and the account-holding
institution, disclosures must be
{{2-28-06 p.7398}}given in close proximity to the event
requiring disclosure, for example, when the consumer contracts for a
new service.
2. Lack of advance notice of a transfer. Where a
consumer authorizes a third party to debit or credit the consumer's
account, an account-holding institution that has not received advance
notice of the transfer or transfers must provide the required
disclosures as soon as reasonably possible after the first debit or
credit is made, unless the institution has previously given the
disclosures.
3. Addition of new accounts. If a consumer opens a new
account permitting EFTs at a financial institution, and the consumer
already has received Regulation E disclosures for another account at
that institution, the institution need only disclose terms and
conditions that differ from those previously given.
4. Addition of service in interchange systems. If a
financial institution joins an interchange or shared network system
(which provides access to terminals operated by other institutions),
disclosures are required for additional EFT services not previously
available to consumers if the terms and conditions differ from those
previously disclosed.
5. Disclosures covering all EFT services offered. An
institution may provide disclosures covering all EFT services that it
offers, even if some consumers have not arranged to use all services.
7(b) Content of Disclosures
Paragraph 7(b)(1)--Liability of Consumer
1. No liability imposed by financial institution. If a
financial institution chooses to impose zero liability for unauthorized
EFTs, it need not provide the liability disclosures. If the institution
later decides to impose liability, however, it must first provide the
disclosures.
2. Preauthorized transfers. If the only EFTs from an
account are preauthorized transfers, liability could arise if the
consumer fails to report unauthorized transfers reflected on a periodic
statement. To impose such liability on the consumer, the institution
must have disclosed the potential liability and the telephone number
and address for reporting unauthorized transfers.
3. Additional information. At the institution's option,
the summary of the consumer's liability may include advice on
promptly reporting unauthorized transfers or the loss or theft of the
access device.
Paragraph 7(b)(2)--Telephone Number and Address
1. Disclosure of telephone numbers. An institution may
use the same or different telephone numbers in the disclosures for the
purpose of:
i. Reporting the loss or theft of an access device or possible
unauthorized transfers;
ii. Inquiring about the receipt of a preauthorized credit;
iii. Stopping payment of a preauthorized debit;
iv. Giving notice of an error.
2. Location of telephone number. The telephone number
need not be incorporated into the text of the disclosure; for example,
the institution may instead insert a reference to a telephone number
that is readily available to the consumer, such as "Call your branch
office. The number is shown on your periodic statement." However, an
institution must provide a specific telephone number and address, on or
with the disclosure statement, for reporting a lost or stolen access
device or a possible unauthorized transfer.
Paragraph 7(b)(4)--Types of Transfers; Limitations
1. Security limitations. Information about limitations
on the frequency and dollar amount of transfers generally must be
disclosed in detail, even if related to security aspects of the system.
If the confidentiality of certain details is essential to the security
of an account or system, these details may be withheld (but the fact
that limitations exist must still be disclosed). For example, an
institution limits cash ATM withdrawals to $100 per day. The
institution may disclose that daily withdrawal limitations apply and
need not disclose that the limitations may not always be in force (such
as during periods when its ATMs are off-line).
2. Restrictions on certain deposit accounts. A
limitation on account activity that restricts the consumer's ability to
make EFTs must be disclosed even if the restriction also applies to
transfers made by nonelectronic means. For example, Regulation D
(12 CFR Part 204) restricts
the number of payments to third parties that may be made from a money
market deposit account; an institution that does not execute fund
transfers in excess of those limits must disclose the restriction as a
limitation on the frequency of EFTs.
{{2-28-06 p.7398.01}}
3. Preauthorized transfers. Financial institutions are
not required to list preauthorized transfers among the types of
transfers that a consumer can make.
4. One-time EFTs initiated using information from a
check. Financial institutions must disclose the fact that one-time
EFTs initiated using informaiton from a consumer's check are among the
types of transfers that a consumer can make. (See Appendix A--2.)
Paragraph 7(b)(5)--Fees
1. Disclosure of EFT fees. An institution is required to
disclose all fees for EFTs or the right to make them. Others fees (for
example, minimum-balance fees, stop-payment fees, or account
overdrafts) may, but need not, be disclosed (but see Regulation DD,
12 CFR Part 230). An
institution is not required to disclose fees for inquiries made at an
ATM since no transfer of funds is involved.
2. Fees also applicable to non-EFT. A per-item fee for
EFTs must be disclosed even if the same fee is imposed on nonelectronic
transfers. If a per-item fee is imposed only under certain conditions,
such as when the transactions in the cycle exceed a certain number,
those conditions must be disclosed. Itemization of the various fees
may be provided on the disclosure statement or on an accompanying
document that is referenced in the statement.
3. Interchange system fees. Fees paid by the
account-holding institution to the operator of a shared or interchange
ATM system need not be disclosed, unless they are imposed on the
consumer by the account-holding institution. Fees for use of an ATM
that are debited directly from the consumer's account by an institution
other than the account-holding institution (for example, fees included
in the transfer amount) need not be disclosed. (See § 205.7(b)(11)
for the general notice requirement regarding fees that may be imposed
by ATM operators and by a network used to complete the transfer.)
Paragraph 7(b)(9)--Confidentiality
1. Information provided to third parties. An institution
must describe the circumstances under which any information relating to
an account to or from which EFTs are permitted will be made available
to third parties, not just information concerning those EFTs. The term
"third parties" includes affiliates such as other subsidiaries of
the same holding company.
Paragraph 7(b)(10)--Error Resolution
1. Substantially similar. The error resolution notice
must be substantially similar to the model form in appendix A of part
205. An institution may use different wording so long as the substance
of the notice remains the same, may delete inapplicable provisions (for
example, the requirement for written confirmation of an oral
notification), and may substitute substantive state law requirements
affording greater consumer protection than Regulation E.
2. Extended time-period for certain transactions. To
take advantage of the longer time periods for resolving errors under
§ 205.11(c)(3) (for new accounts as defined in Regulation CC (12 CFR
part 229), transfers initiated outside the United States, or transfers
resulting from POS debit-card transactions), a financial institution
must have disclosed these longer time periods. Similarly, an
institution that relies on the exception from provisional crediting in
§ 205.11(c)(2) for accounts subject to Regulation T (12 CFR part 220)
must have disclosed accordingly.
7(c) Addition of Electronic Fund Transfer Services
1. Addition of electronic check conversion services.
One-time EFTs initiated using information from a consumer's check
are a new type of transfer requiring new disclosures, as applicable.
(See Appendix A--2.)
Section
205.8--Change-in-Terms Notice; Error Resolution Notice
8(a) Change-in-Terms Notice
1. Form of notice. No specific form or wording is
required for a change-in-terms notice. The notice may appear on a
periodic statement, or may be given by sending a copy of a revised
disclosure statement, provided attention is directed to the change (for
example, in a cover letter referencing the changed term).
2. Changes not requiring notice. The following changes
do not require disclosure:
{{2-28-06 p.7398.02}}
i. Closing some of an institution's ATMs;
ii. Cancellation of an access device.
3. Limitations on transfers. When the initial
disclosures omit details about limitations because secrecy is essential
to the security of the account or system, a subsequent increase in
those limitations need not be disclosed if secrecy is still essential.
If, however, an institution had no limits in place when the initial
disclosures were given and now wishes to impose limits for the first
time, it must disclose at least the fact that limits have been adopted.
(See also § 205.7(b)(4) and the related commentary.)
4. Change in telephone number or address. When a
financial institution changes the telephone number or address used for
reporting possible unauthorized transfers, a change-in-terms notice is
required only if the institution will impose liability on the consumer
for unauthorized transfers under § 205.6. (See also § 205.6(a) and
the related commentary.)
8(b) Error Resolution Notice
1. Change between annual and periodic notice. If an
institution switches from an annual to a periodic notice, or vice
versa, the first notice under the new method must
{{4-30-01 p.7399}}be sent no later than 12 months after
the last notice sent under the old method.
2. Exception for new accounts. For new accounts,
disclosure of the longer error resolution time periods under
§ 205.11(c)(3) is not required in the annual error resolution notice
or in the notice that may be provided with each periodic statement as
an alternative to the annual notice.
Section
205.9--Receipts at Electronic Terminals; Periodic Statements
9(a) Receipts at Electronic Terminals
1. Receipts furnished only on request. The regulation
requires that a receipt be "made available." A financial
institution may program its electronic terminals to provide a receipt
only to consumers who elect to receive one.
2. Third party providing receipt. An account-holding
institution may make terminal receipts available through third parties
such as merchants or other financial institutions.
3. Inclusion of promotional material. A financial
institution may include promotional material on receipts if the
required information is set forth clearly (for example, by separating
it from the promotional material). In addition, a consumer may not be
required to surrender the receipt or that portion containing the
required disclosures in order to take advantage of a promotion.
4. Transfer not completed. The receipt requirement does
not apply to a transfer that is initiated but not completed (for
example, if the ATM is out of currency or the consumer decides not to
complete the transfer).
5. Receipts not furnished due to inadvertent error. If a
receipt is not provided to the consumer because of a bona fide
unintentional error, such as when a terminal runs out of paper or the
mechanism jams, no violation results if the financial institution
maintains procedures reasonably adapted to avoid such occurrences.
6. Multiple transfers. If the consumer makes multiple
transfers at the same time, the financial institution may document them
on a single or on separate receipts.
Paragraph 9(a)(1)--Amount
1. Disclosure of transaction fee. The required display
of a fee amount on or atthe terminal may be
accomplished by displaying the fee on a sign at the terminal or on the
terminal screen for a reasonable duration. Displaying the fee on a
screen provides adequate notice, as long as consumers are given the
option to cancel the transaction after receiving notice of a fee. (See
§ 205.16 for the notice requirements applicable to ATM operators that
impose a fee for providing EFT services.)
2. Relationship between § 205.9(a)(1) and
§ 205.16. The requirements of §§ 205.9(a)(1) and 205.16 are
similar but not identical.
i. Section 205.9(a)(1) requires that if the amount of the
transfer as shown on the receipt will include the fee, then the fee
must be disclosed either on a sign on or at the terminal, or on the
terminal screen. Section 205.16 requires disclosure both on a sign on
or at the terminal (in a prominent and conspicuous location) and on the
terminal screen. Section 205.16 permits disclosure on a paper notice as
an alternative to the on-screen disclosure.
ii. The disclosure of the fee on the receipt under
§ 205.9(a)(1) cannot be used to comply with the alternative paper
disclosure procedure under § 205.16, if the receipt is provided at
the completion of the transaction because, pursuant to the statute, the
paper notice must be provided before the consumer is committed to
paying the fee.
iii. Section 205.9(a)(1) applies to any type of electronic
terminal as defined in Regulation E (for example, to POS terminals as
well as to ATMs), while § 205.16 applies only to ATMs.
Paragraph 9(a)(2)--Date
1. Calendar date. The receipt must disclose the calendar
date on which the consumer uses the electronic terminal. An accounting
or business date may be disclosed in addition if the dates are clearly
distinguished.
Paragraph 9(a)(3)--Type
1. Identifying transfer and account. Examples
identifying the type of transfer and the type of the consumer's account
include "withdrawal from checking," "transfer from savings to
checking," or "payment from savings."
{{4-30-01 p.7400}}
2. Exception. Identification of an account is not
required when the consumer can access only one asset account at a
particular time or terminal, even if the access device can normally be
used to access more than one account. For example, the consumer may be
able to access only one particular account at terminals not operated by
the account-holding institution, or may be able to access only one
particular account when the terminal is off-line. The exception is
available even if, in addition to accessing one asset account, the
consumer also can access a credit line.
3. Access to multiple accounts. If the consumer can use
an access device to make transfers to or from different accounts of the
same type, the terminal receipt must specify which account was
accessed, such as "withdrawal from checking I" or "withdrawal
from checking II." If only one account besides the primary checking
account can be debited, the receipt can identify the account as
"withdrawal from other account."
4. Generic descriptions. Generic descriptions may be
used for accounts that are similar in function, such as share draft or
NOW accounts and checking accounts. In a shared system, for example,
when a credit union member initiates transfers to or from a share draft
account at a terminal owned or operated by a bank, the receipt may
identify a withdrawal from the account as a "withdrawal from
checking."
5. Point-of-sale transactions. There is no prescribed
terminology for identifying a transfer at a merchant's POS terminal. A
transfer may be identified, for example, as a purchase, a sale of goods
or services, or a payment to a third party. When a consumer obtains
cash from a POS terminal in addition to purchasing goods, or obtains
cash only, the documentation need not differentiate the transaction
from one involving the purchase of goods.
Paragraph 9(a)(5)--Terminal Location
1. Options for identifying terminal. The institution may
provide either:
i. The city, state or foreign country, and the information in
§§ 205.9(a)(5)(i), (ii), or (iii), or
ii. A number or a code identifying the terminal. If the institution
chooses the sec-ond option, the code or terminal
number identifying the terminal where the transfer is initiated may be
given as part of a transaction code.
2. Omission of city name. The city may be omitted if the
generally accepted name (such as a branch name) contains the city name.
3. Omission of a state. A state may be omitted from the
location information on the receipt if:
i. All the terminals owned or operated by the financial institution
providing the statement (or by the system in which it participates) are
located in that state, or
ii. All transfers occur at terminals located within 50 miles of the
financial institution's main office.
4. Omission of a city and state. A city and state may be
omitted if all the terminals owned or operated by the financial
institution providing the statement (or by the system in which it
participates) are located in the same city.
Paragraph 9(a)(5)(i)
1. Street address. The address should include number and
street (or intersection); the number (or intersecting street) may be
omitted if the street alone uniquely identifies the terminal location.
Paragraph 9(a)(5)(ii)
1. Generally accepted name. Examples of a generally
accepted name for a specific location include a branch of the financial
institution, a shopping center, or an airport.
Paragraph 9(a)(5)(iii)
1. Name of owner or operator of terminal. Examples of an
owner or operator of a terminal are a financial institution or a retail
merchant.
Paragraph 9(a)(6)--Third Party Transfer
1. Omission of third-party name. The receipt need not
disclose the third-party name if the name is provided by the consumer
in a form that is not machine readable (for example, if the consumer
indicates the payee by depositing a payment stub into the ATM). If, on
the other hand, the consumer keys in the identity of the payee, the
receipt must identify the payee by name or
{{4-30-01 p.7401}}by using a code that is explained elsewhere
on the receipt.
2. Receipt as proof of payment. Documentation required
under the regulation constitutes prima facie proof of a payment
to another person, except in the case of a terminal receipt
documenting a deposit.
9(b) Periodic Statements
1. Periodic cycles. Periodic statements may be sent on a
cycle that is shorter than monthly. The statements must correspond to
periodic cycles that are reasonably equal, that is, do not vary by more
than four days from the regular cycle. The requirement of reasonably
equal cycles does not apply when an institution changes cycles for
operational or other reasons, such as to establish a new statement day
or date.
2. Interim statements. Generally, a financial
institution must provide periodic statements for each monthly cycle in
which an EFT occurs, and at least quarterly if a transfer has not
occurred. Where EFTs occur between regularly-scheduled cycles, interim
statements must be provided. For example, if an institution issues
quarterly statements at the end of March, June, September and December,
and the consumer initiates an EFT in February, an interim statement for
February must be provided. If an interim statement contains interest or
rate information, the institution must comply with Regulation DD,
12 CFR 230.6.
3. Inactive accounts. A financial institution need not
send statements to consumers whose accounts are inactive as defined by
the institution.
4. Statement pickup. A financial institution may permit,
but may not require, consumers to pick up their periodic statements at
the financial institution.
5. Periodic statements limited to EFT activity. A
financial institution that uses a passbook as the primary means for
displaying account activity, but also allows the account to be debited
electronically, may provide a periodic statement requirement that
reflects only the EFTs and other required disclosures (such as charges,
account balances, and address and telephone number for inquiries). (See
§ 205.9(c)(1)(i) for the exception applicable to preauthorized
transfers for passbook accounts.)
6. Codes and accompanying documents. To meet the
documentation requirements for periodic statements, a financial
institution may:
i. Include copies of terminal receipts to reflect transfers
initiated by the consumer at electronic terminals;
ii. Enclose posting memos, deposit slips, and other documents that,
together with the statement, disclose all the required information;
iii. Use codes for names of third parties or terminal locations and
explain the information to which the codes relate on an accompanying
document.
Paragraph 9(b)(1)--Transaction Information
1. Information obtained from others. While financial
institutions must maintain reasonable procedures to ensure the
integrity of data obtained from another institution, a merchant, or
other third parties, verification of each transfer that appears on the
periodic statement is not required.
Paragraph 9(b)(1)(i)
1. Incorrect deposit amount. If a financial institution
determines that the amount actually deposited at an ATM is different
from the amount entered by the consumer, the institution need not
immediately notify the consumer of the discrepancy. The periodic
statement reflecting the deposit may show either the correct amount of
the deposit or the amount entered by the consumer along with the
institution's adjustment.
Paragraph 9(b)(1)(iii)
1. Type of transfer. There is no prescribed terminology
for describing a type of transfer. Placement of the amount of the
transfer in the debit or the credit column is sufficient if other
information on the statement, such as a terminal location or
third-party name, enables the consumer to identify the type of
transfer.
Paragraph 9(b)(1)(iv)
1. Nonproprietary terminal in network. An institution
need not reflect on the peri-
{{4-30-01 p.7402}}odic statement the street addresses,
identification codes, or terminal numbers for transfers initiated in a
shared or interchange system at a terminal operated by an institution
other than the account-holding institution. The statement must,
however, specify the entity that owns or operates the terminal, plus
the city and state.
Paragraph 9(b)(1)(v)
1. Recurring payments by government agency.
The third-party name for recurring payments from federal, state,
or local governments need not list the particular agency. For example,
"U.S. gov't" or "N.Y. sal" will suffice.
2. Consumer as third-party payee. If a consumer makes an
electronic fund transfer to another consumer, the financial institution
must identify the recipient by name (not just by an account number, for
example).
3. Terminal location/third party. A single entry may be
used to identify both the terminal location and the name of the third
party to or from whom funds are transferred. For example, if a consumer
purchases goods from a merchant, the name of the party to whom funds
are transferred (the merchant) and the location of the terminal where
the transfer is initiated will be satisfied by a disclosure such as
"XYZ Store, Anytown, Ohio."
4. Account-holding institution as third party. Transfers
to the account-holding institution (by ATM, for example) must show the
institution as the recipient, unless other information on the statement
(such as, "loan payment from checking") clearly indicates that
the payment was to the account-holding institution.
5. Consistency in third-party identity. The periodic
statement must disclose a third-party name as it appeared on the
receipt, whether it was, for example, the "dba" (doing business
as) name of the third party or the parent corporation's name.
6. Third-party identity on deposits at electronic terminal.
A financial institution need not identify third parties whose
names appear on checks, drafts, or similar paper instruments deposited
to the consumer's account at an electronic terminal.
Paragraph 9(b)(3)--Fees
1. Disclosure of fees. The fees disclosed may
include fees for EFTs and for other nonelectronic services, and both
fixed fees and per-item fees; they may be given as a total or may be
itemized in part or in full.
2. Fees in interchange system. An account-holding
institution must disclose any fees it imposes on the consumer for EFTs,
including fees for ATM transactions in an interchange or shared ATM
system. Fees for use of an ATM imposed on the consumer by an
institution other than the account-holding institution and included in
the amount of the transfer by the terminal-operating institution need
not be separately disclosed on the periodic statement.
3. Finance charges. The requirement to disclose any fees
assessed against the account does not include a finance charge imposed
on the account during the statement period.
Paragraph 9(b)(4)--Account Balances
1. Opening and closing balances. The opening and closing
balances must reflect both EFTs and other account activity.
Paragraph 9(b)(5)--Address and Telephone Number for Inquiries
1. Telephone number. A single telephone number, preceded
by the "direct inquiries to" language, will satisfy the
requirements of § 205.9(b)(5) and (6).
Paragraph 9(b)(6)--Telephone Number for Preauthorized
Transfers
1. Telephone number. See comment 9(b)(5)--1.
9(c) Exceptions to the Periodic Statement Requirements for
Certain Accounts
1. Transfers between accounts. The regulation provides
an exception from the periodic statement requirement for certain
intra-institutional transfers between a consumer's accounts. The
financial institution must still comply with the applicable periodic
statement requirements for any other EFTs to or from the account. For
example, a Regulation E statement must be provided quarterly for an
account that also receives payroll deposits electronically, or for any
month in which an account is also accessed by a withdrawal at an ATM.
Paragraph 9(c)(1)--Preauthorized Transfers to Accounts
1. Accounts that may be accessed only by preauthorized
transfers to the account. The exception for "accounts that may
be
{{2-28-06 p.7403}}accessed only by preauthorized transfers to
the account" includes accounts that can be accessed by means other
than EFTs, such as checks. If, however, an account may be accessed by
any EFT other than preauthorized credits to the account, such as
preauthorized debits or ATM transactions, the account does not qualify
for the exception.
2. Reversal of direct deposits. For direct-deposit-only
accounts, a financial institution must send a periodic statement at
least quarterly. A reversal of a direct deposit to correct an error
does not trigger the monthly statement requirement when the error
represented a credit to the wrong consumer's account, a duplicate
credit, or a credit in the wrong amount. (See also comment 2(m)--5.)
9(d) Documentation for Foreign-Initiated Transfers
1. Foreign-initiated transfers. An institution must make
a good faith effort to provide all required information for
foreign-initiated transfers. For example, even if the institution is
not able to provide a specific terminal location, it should identify
the country and city in which the transfer was initiated.
Section
205.10--Preauthorized Transfers
10(a) Preauthorized Transfers to Consumer's Account
Paragraph 10(a)(1)--Notice by Financial Institution
1. Content. No specific language is required for notice
regarding receipt of a preauthorized transfer. Identifying the deposit
is sufficient; however, simply providing the current account balance is
not.
2. Notice of credit. A financial institution may use
different methods of notice for various types or series of
preauthorized transfers, and the institution need not offer consumers a
choice of notice methods.
3. Positive notice. A periodic statement sent within two
business days of the scheduled transfer, showing the transfer, can
serve as notice of receipt.
4. Negative notice. The absence of a deposit entry (on a
periodic statement sent within two business days of the scheduled
transfer date) will serve as negative notice.
5. Telephone notice. If a financial institution uses the
telephone notice option, it should be able in most instances to verify
during a consumer's initial call whether a transfer was received. The
institution must respond within two business days to any inquiry not
answered immediately.
6. Phone number for passbook accounts. The financial
institution may use any reasonable means necessary to provide the
telephone number to consumers with passbook accounts that can only be
accessed by preauthorized credits and that do not receive periodic
statements. For example, it may print the telephone number in the
passbook, or include the number with the annual error resolution
notice.
7. Telephone line availability. To satisfy the
readily-available standard, the financial institution must provide
enough telephone lines so that consumers get a reasonably prompt
response. The institution need only provide telephone service during
normal business hours. Within its primary service area, an institution
must provide a local or toll-free telephone number. It need not provide
a toll-free number or accept collect long-distance calls from outside
the area where it normally conducts business.
10(b) Written Authorization for Preauthorized Transfers From
Consumer's Account
1. Preexisting authorizations. The financial
institution need not require a new authorization before changing from
paper-based to electronic debiting when the existing authorization does
not specify that debiting is to occur electronically or specifies that
the debiting will occur by paper means. A new authorization also is not
required when a successor institution begins collecting payments.
2. Authorization obtained by third party. The
account-holding financial institution does not violate the regulation
when a third-party payee fails to obtain the authorization in
writing or fails to give a copy to the consumer; rather, it is the
third-party payee that is in violation of the regulation.
3. Written authorization for preauthorized transfers.
The requirement that preauthorized EFTs be authorized by the
consumer "only by a writing" cannot be
{{2-28-06 p.7404}}met by a payee's signing a written
authorization on the consumer's behalf with only an oral authorization
from the consumer.
4. Use of a confirmation form. A financial institution
or designated payee may comply with the requirements of this section in
various ways. For example, a payee may provide the consumer with two
copies of a preauthorization form, and ask the consumer to sign and
return one and to retain the second copy.
5. Similarly authenticated. The similarly authenticated
standard permits signed, written authorizations to be provided
electronically. The writing and signature requirements of this section
are satisfied by complying with the Electronic Signatures in Global and
National Commerce Act, 15 U.S.C. 7001 et seq., which defines
electronic records and electronic signatures. Examples of electronic
signatures include, but are not limited to, digital signatures and
security codes. A security code need not originate with the
account-holding institution. The authorization process should evidence
the consumer's identity and assent to the authorization. The person
that obtains the authorization must provide a copy of the terms of the
authorization to the consumer either electronically or in paper form.
Only the consumer may authorize the transfer and not, for example, a
third-party merchant on behalf of the consumer.
6. Requirements of an authorization. An authorization is
valid if it is readily identifiable as such and the terms of the
preauthorized transfer are clear and readily understandable.
7. Bona fide error. Consumers sometimes authorize
third-party payees, by telephone or on-line, to submit recurring
charges against a credit card account. If the consumer indicates use of
a credit card account when in fact a debit card is being used, the
payee does not violate the requirement to obtain a written
authorization if the failure to obtain written authorization was not
intentional and resulted from a bona fide error, and if the payee
maintains procedures reasonably adapted to avoid any such error.
Procedures reasonably adapted to avoid error will depend upon the
circumstances. Generally, requesting the consumer to specify whether
the card to be used for the authorization is a debit (or check) card or
a credit card is a reasonable procedure. Where the consumer has
indicated that the card is a credit card (or that the card is not a
debit or check card), the payee may rely on the consumer's statement
without seeking further information about the type of card. If the
payee believes, at the time of the authorization, that a credit card is
involved, and later finds that the card used is a debit card (for
example, because the consumer later brings the matter to the payee's
attention), the payee must obtain a written and signed or (where
appropriate) a similarly authenticated authorization as soon as
reasonably possible, or cease debiting the consumer's account.
10(c) Consumer's Right to Stop Payment
1. Stop-payment order. The financial
institution must honor an oral stop-payment order made at least three
business days before a scheduled debit. If the debit item is
resubmitted, the institution must continue to honor the stop-payment
order (for example, by suspending all subsequent payments to the
payee-originator until the consumer notifies the institution that
payments should resume).
2. Revocation of authorization. Once a financial
institution has been notified that the consumer's authorization is no
longer valid, it must block all future payments for the particular
debit transmitted by the designated payee-originator. (However, see
comment 10(c)-3.) The institution may not wait for the payee-originator
to terminate the automatic debits. The institution may confirm that the
consumer has informed the payee-originator of the revocation (for
example, by requiring a copy of the consumer's revocation as written
confirmation to be provided within 14 days of an oral notification). If
the institution does not receive the required written confirmation
within the 14 day period, it may honor subsequent debits to the
account.
3. Alternative procedure for processing a stop-payment
request. If an institution does not have the capability to block a
preauthorized debit from being posted to the consumer's account--as in
the case of a preauthorized debit made through a debit card network or
other system, for example--the institution may instead comply with the
stop-payment requirements by using a third party to block the
transfer(s), as long as the consumer's account is not debited for the
payment.
10(d) Notice of Transfers Varying in Amount
Paragraph 10(d)(1)--Notice
1. Preexisting authorizations. A financial
institution holding the consumer's account does not violate the
regulation if the desig-
{{8-31-07 p.7405}}nated payee fails to provide notice of
varying amounts.
Paragraph 10(d)(2)--Range
1. Range. A financial institution or designated payee
that elects to offer the consumer a specified range of amounts for
debiting (in lieu of providing the notice of transfers varying in
amount) must provide an acceptable range that could be antici- pated by
the consumer. For example, if the transfer is for payment of a gas
bill, an appropriate range might be based on the highest bill in winter
and the lowest bill in summer.
2. Transfers to an account of the consumer held at another
institution. A financial institution need not provide a consumer
the option of receiving notice with each varying transfer, and may
instead provide notice only when a debit to an account of the consumer
falls outside a specified range or differs by more than a specified
amount from the most recent transfer, if the funds are transferred and
credited to an account of the consumer held at another financial
institution. The specified range or amount, however, must be one that
reasonably could be anticipated by the consumer, and the institution
must notify the consumer of the range or amount at the time the
consumer provides authorization for the preauthorized transfers. For
example, if the transfer is for payment of interest for a fixed-rate
certificate of deposit account, an appropriate range might be based on
a month containing 28 days and a month containing 31 days.
10(e) Compulsory Use
Paragraph 10(e)(1)--Credit
1. Loan payments. Creditors may not require repayment of
loans by electronic means on a preauthorized, recurring basis. A
creditor may offer a program with a reduced annual percentage rate or
other cost-related incentive for an automatic repayment feature,
provided the program with the automatic payment feature is not the only
loan program offered by the creditor for the type of credit involved.
Examples include:
i. Mortgages with graduated payments in which a pledged savings
account is automatically debited during an initial period to supplement
the monthly payments made by the borrower.
ii. Mortgage plans calling for preauthorized biweekly payments that
are debited electronically to the consumer's account and produce a
lower total finance charge.
2. Overdraft. A financial institution may require the
automatic repayment of an overdraft credit plan even if the overdraft
extension is charged to an open-end account that may be accessed by the
consumer in ways other than by overdrafts.
Paragraph 10(e)(2)--Employment or Government Benefit
1. Payroll. An employer (including a financial
institution) may not require its employees to receive their salary by
direct deposit to any particular institution. An employer may require
direct deposit of salary by electronic means if employees are allowed
to choose the institution that will receive the direct deposit.
Alternatively, an employer may give employees the choice of having
their salary deposited at a particular institution (designated by the
employer) or receiving their salary by another means, such as by check
or cash.
Section
205.11--Procedures for Resolving Errors
11(a) Definition of Error
1. Terminal location. With regard to deposits at an ATM,
a consumer's request for the terminal location or other
information triggers the error resolution proce-dures, but the
financial institution need only provide the ATM location if it has
captured that information.
2. Verifying account debit or credit. If the consumer
contacts the financial institution to ascertain whether a payment (for
example, in a home-banking or bill-payment program) or any other type
of EFT was debited to the account, or whether a deposit made via ATM,
preauthorized transfer, or any other type of EFT was credited to the
account, without asserting an error, the error resolution procedures do
not apply.
3. Loss or theft of access device. A financial
institution is required to comply with the error resolution procedures
when a consumer reports the loss or theft of an access device if the
consumer also alleges possible unauthorized use as a consequence of the
loss or theft.
{{8-31-07 p.7406}}
4. Error asserted after account closed. The financial
institution must comply with the error resolution procedures when a
consumer properly asserts an error, even if the account has been
closed.
5. Request for documentation or information. A request
for documentation or other information must be treated as an error
unless it is clear that the consumer is requesting a duplicate copy for
tax or other record-keeping purposes.
6. Terminal receipts for transfers of $15 or less. The
fact that an institution does not make a terminal receipt available for
a transfer of $15 or less in accordance with § 205.9(e) is not an
error for purposes of §§ 205.11(a)(1)(vi) or (vii).
11(b) Notice of Error From Consumer
Paragraph 11(b)(1)--Timing; Contents
1. Content of error notice. The notice of error is
effective even if it does not contain the consumer's account number, so
long as the financial institution is able to identify the account in
question. For example, the consumer could provide a Social Security
number or other unique means of identification.
2. Investigation pending receipt of information. While a
financial institution may request a written, signed statement from the
consumer relating to a notice of error, it may not delay initiating or
completing an investigation pending receipt of the statement.
3. Statement held for consumer. When a consumer has
arranged for periodic statements to be held until picked up, the
statement for a particular cycle is deemed to have been transmitted on
the date the finan-cial institution first makes the statement available
to the consumer.
4. Failure to provide statement. When a financial
institution fails to provide the consumer with a periodic statement, a
request for a copy is governed by this section if the consumer gives
notice within 60 days from the date on which the statement should have
been transmitted.
5. Discovery of error by institution. The error
resolution procedures of this section apply when a notice of error is
received from the consumer, and not when the financial institution
itself discovers and corrects an error.
6. Notice at particular phone number or address. A
financial institution may require the consumer to give notice only at
the telephone number or address disclosed by the institution, provided
the institution maintains reasonable procedures to refer the consumer
to the specified telephone number or address if the consumer attempts
to give notice to the institution in a different manner.
7. Effect of late notice. An institution is not required
to comply with the requirements of this section for any notice of error
from the consumer that is received by the institution later than 60
days from the date on which the periodic statement first reflecting the
error is sent. Where the consumer's assertion of error involves an
unauthorized EFT, however, the institution must comply with § 205.6
before it may impose any liability on the consumer.
Paragraph 11(b)(2)--Written Confirmation
1. Written confirmation-of-error notice. If the consumer
sends a written confirmation of error to the wrong address, the
financial institution must process the confirmation through normal
procedures. But the institution need not provisionally credit the
consumer's account if the written confirmation is delayed beyond 10
business days in getting to the right place because it was sent to the
wrong address.
11(c) Time Limits and Extent of Investigation
1. Notice to consumer. Unless otherwise indicated in
this section, the financial institution may provide the required
notices to the consumer either orally or in writing.
2. Written confirmation of oral notice. A financial
institution must begin its investigation promptly upon receipt of an
oral notice. It may not delay until it has received a written
confirmation.
3. Charges for error resolution. If a billing error
occurred, whether as alleged or in a different amount or manner, the
financial institution may not impose a charge related to any aspect of
the error-resolution process (including charges for documentation or
investigation). Since the act grants the consumer error-resolution
rights, the institution should avoid any chilling effect on the
good-faith assertion of errors that might result if charges are
assessed when no billing error has occurred.
4. Correction without investigation. A financial
institution may make, without investigation, a final correction to a
consum-
{{2-28-06 p.7407}}er's account in the amount or manner
alleged by the consumer to be in error, but must comply with all other
applicable requirements of § 205.11.
5. Correction notice. A financial institution may
include the notice of correction on a periodic statement that is mailed
or delivered within the 10-business-day or 45-calendar-day time limits
and that clearly identifies the correction to the consumer's account.
The institution must determine whether such a mailing will be prompt
enough to satisfy the requirements of this section, taking into account
the specific facts involved.
6. Correction of an error. If the financial institution
determines an error occurred, within either the 10-day or 45-day
period, it must correct the error (subject to the liability provisions
of §§ 205.6 (a) and (b)) including, where applicable, the crediting
of interest and the refunding of any fees imposed by the institution.
In a combined credit/EFT transaction, for example, the institution must
refund any finance charges incurred as a result of the error. The
institution need not refund fees that would have been imposed whether
or not the error occurred.
7. Extent of required investigation. A financial
institution complies with its duty to investigate, correct, and report
its determination regarding an error described in § 205.11(a)(1)(vii)
by transmitting the requested information, clarification, or
documentation within the time limits set forth in § 205.11(c). If the
institution has provisionally credited the consumer's account in
accordance with § 205.11(c)(2), it may debit the amount upon
transmitting the requested information, clarification, or
documentation.
Paragraph 11(c)(2)(i)
1. Compliance with all requirements. Financial
institutions exempted from provi-sionally crediting a consumer's
account under § 205.11(c)(2)(i) (A) and (B) must still comply with
all other requirements of § 205.11.
Paragraph 11(c)(3)--Extension of Time Periods
1. POS debit card transactions. The extended deadlines
for investigating errors resulting from POS debit card transaction
apply to all debit card transactions, including those for cash only, at
merchants' POS terminals, and also including mail and telephone orders.
The deadlines do not apply to transactions at an ATM, however, even
though the ATM may be in a merchant location.
Paragraph 11(c)(4)--Investigation
1. Third parties. When information or documentation
requested by the consumer is in the possession of a third party with
whom the financial institution does not have an agreement, the
institution satisfies the error resolution requirement by so advising
the consumer within the specified time period.
2. Scope of investigation. When an alleged error
involves a payment to a third party under the financial institution's
telephone bill-payment plan, a review of the institution's own records
is sufficient, assuming no agreement exists between the institution and
the third party concerning the bill-payment service.
3. POS transfers. When a consumer alleges an error
involving a transfer to a merchant via a POS terminal, the institution
must verify the information previously transmitted when executing the
transfer. For example, the financial institution may request a copy of
the sales receipt to verify that the amount of the transfer correctly
corresponds to the amount of the consumer's purchase.
4. Agreement. An agreement that a third party will honor
an access device is an agreement for purposes of this paragraph. A
financial institution does not have an agreement for purposes of
§ 205.11(c)(4)(ii) solely because it participates in transactions
that occur under the federal recurring payments programs, or that are
cleared through an ACH or similar arrangement for the clearing and
settlement of fund transfers generally, or because it agrees to be
bound by the rules of such an arrangement.
5. No EFT agreement. When there is no agreement between
the institution and the third party for the type of EFT involved, the
financial institution must review any relevant information within the
institution's own records for the particular account to resolve the
consumer's claim. The extent of the investigation required may vary
depending on the facts and circumstances. However, a financial
institution may not limit its investigation solely to the payment
instructions where additional information within its own records
pertaining to the particular
{{2-28-06 p.7408}}account in question could help to
resolve a consumer's claim.
Information that may be reviewed as part of an investigation might
include:
i. The ACH transaction records for the transfer;
ii. The transaction history of the particular account for a
reasonable period of time immediately preceding the allegation of
error;
iii. Whether the check number of the transaction in question is
notably out-of-sequence;
iv. The location of either the transaction or the payee in question
relative to the consumer's place of residence and habitual transaction
area;
v. Information relative to the account in question within the
control of the institution's third-party service providers if the
financial institution reasonably believes that it may have records or
other information that could be dispositive; or
vi. Any other information appropriate to resolve the claim.
11(d) Procedures if Financial Institution Determines No
Error or Different Error Occurred
1. Error different from that alleged. When a financial
institution determines that an error occurred in a manner or amount
different from that described by the consumer, it must comply with the
requirements of both § 205.11 (c) and (d), as relevant. The
institution may give the notice of correction and the explanation
separately or in a combined form.
Paragraph 11(d)(1)--Written Explanation
1. Request for documentation. When a consumer requests
copies of documents, the financial institution must provide the copies
in an understandable form. If an institution relied on magnetic tape it
must convert the applicable data into readable form, for example, by
printing it and explaining any codes.
Paragraph 11(d)(2)--Debiting Provisional Credit
1. Alternative procedure for debiting of credited funds.
The financial institution may comply with the requirements of this
section by notifying the consumer that the consumer's account will be
debited five business days from the transmittal of the notification,
specifying the calendar date on which the debiting will occur.
2. Fees for overdrafts. The financial institution may
not impose fees for items it is required to honor under § 205.11. It
may, however, impose any normal transaction or item fee that is
unrelated to an overdraft resulting from the debiting. If the account
is still overdrawn after five business days, the institution may impose
the fees or finance charges to which it is entitled, if any, under an
overdraft credit plan.
11(e) Reassertion of Error
1. Withdrawal of error; right to reassert. The
financial institution has no further error resolution
responsibilities if the consumer voluntarily withdraws the notice
alleging an error. A consumer who haswithdrawn an allegation of error
has the right to reassert the allegation unless the financial
institution had already complied with all of the error resolution
requirements before the allegation was withdrawn. The consumer must do
so, however, within the original 60-day period.
Section
205.12--Relation to Other Laws
12(a) Relation to Truth in Lending
1. Determining applicable regulation. i. For
transactions involving access devices that also function as credit
cards, whether Regulation E or Regulation Z (12 CFR part 226) applies,
depends on the nature of the transaction. For example, if the
transaction solely involves an extension of credit, and does not
include a debit to a checking account (or other consumer asset
account), the liability limitations and error resolution requirements
of Regulation Z apply. If the transaction debits a checking account
only (with no credit extended), the provisions of Regulation E apply.
If the transaction debits a checking account but also draws on an
overdraft line of credit attached to the account, Regulation E's
liability limitations apply, in addition to §§ 226.13(d) and (g) of
Regulation Z (which apply because of the extension of credit associated
with the overdraft feature on the checking account). If a consumer's
access device is also a credit card and the device is used to make
unauthorized withdrawals from a checking account, but also is used to
obtain unauthorized cash advances directly from a line of credit that
is separate from the checking account, both Regulation E and Regulation
Z apply.
ii. The following examples illustrate these principles:
{{2-28-06 p.7408.01}}
A. A consumer has a card that can be used either as a credit card
or a debit card. When used as a debit card, the card draws on the
consumer's checking account. When used as a credit card, the card
draws only on a separate line of credit. If the card is stolen and used
as a credit card to make purchases or to get cash advances at an ATM
from the line of credit, the liability limits and error resolution
provisions of Regulation Z apply; Regulation E does not apply.
B. In the same situation, if the card is stolen and is used as a
debit card to make purchases or to get cash withdrawals at an ATM from
the checking account, the liability limits and error resolution
provisions of Regulation E apply; Regulation Z does not apply.
C. In the same situation, assume the card is stolen and used both
as a debit card and as a credit card; for example, the thief makes some
purchases using the card as a debit card, and other purchases using the
card as a credit card. Here, the liability limits and error resolution
provisions of Regulation E apply to the unauthorized transactions in
which the card was used as a debit card, and the corresponding
provisions of Regulation Z apply to the unauthorized transactions in
which the card was used as a credit card.
D. Assume a somewhat different type of card, one that draws on the
consumer's checking account and can also draw on an overdraft line of
credit attached to the checking account. There is no separate line of
credit, only the overdraft line, associated with the card. In this
situation, if the card is stolen and used, the liability limits and the
error resolution provisions of Regulation E apply. In addition, if the
use of the card has resulted in accessing the overdraft line of credit,
the error resolution provisions of § 226.13(d) and (g) of Regulation
Z also apply, but not the other error resolution provisions of
Regulation Z.
2. Issuance rules. For access devices that also
constitute credit cards, the issuance rules of Regulation E apply if
the only credit feature is a preexisting credit line attached to the
asset account to cover overdrafts (or to maintain a specified minimum
balance). Regulation Z (12 CFR part 226) rules apply if there is
another type of credit feature, for example, one permitting direct
extensions of credit that do not involve the asset account.
12(b) Preemption of Inconsistent State Laws
1. Specific determinations. The regulation prescribes
standards for determining whether state laws that govern EFTs are
preempted by the act and the regulation. A state law that is
inconsistent may be preempted even if the Board has not issued a
determination. However, nothing in§ 205.12(b) provides a financial
institution with immunity for violations of state law if the
institution chooses not to make state disclosures and the Board later
determines that the state law is not preempted.
2. Preemption determination. The Board determined that
certain provisions in the state law of Michigan are preempted by the
federal law, effective March 30, 1981:
i. Definition of unauthorized use. Section 5(4) is preempted to the
extent that it relates to the section of state law governing consumer
liability for unauthorized use of an access device.
ii. Consumer liability for unauthorized use of an account. Section
14 is inconsistent with § 205.6 and is less protective of the
consumer than the federal law. The state law places liability on the
consumer for the unauthorized use of an account in cases involving the
consumer's negligence. Under the federal law, a consumer's liability
for unauthorized use is not related to the consumer's negligence and
depends instead on the consumer's promptness in reporting the loss or
theft of the access device.
iii. Error resolution. Section 15 is preempted because it is
inconsistent with § 205.11 and is less protective of the consumer
than the federal law. The state law allows financial institutions up to
70 days to resolve errors, whereas the federal law generally requires
errors to be resolved within 45 days.
iv. Receipts and periodic statements. Sections 17 and 18 are
preempted because they are inconsistent with § 205.9. The state
provisions require a different disclosure of information than does the
federal law. The receipt provision is also preempted because it allows
the consumer to be charged for receiving a receipt if a machine cannot
furnish one at the time of a transfer.
{{2-28-06 p.7408.02}}
Section
205.13--Administrative Enforcement; Record Retention
13(B) Record Retention
1. Requirements. A financial institution need not retain
records that it has given disclosures and documentation to each
consumer; it need only retain evidence demonstrating that its
procedures reasonably ensure the consumers' receipt of required
disclosures and documentation.
Section 205.14--Electronic Fund Transfer Service Provider Not
Holding Consumer's Account
14(a) Electronic Fund Transfer Service Providers Subject to
Regulation
1. Applicability. This section applies only when a
service provider issues an access device to a consumer for initiating
transfers to or from the consumer's account at a financial institution
and the two entities have no agreement regarding this EFT service. If
the service provider does not issue an access device to the consumer
for accessing an account held by another institution, it does not
qualify for the treatment accorded by § 205.14. For example, this
section does not apply to an institution that initiates preauthorized
payroll deposits to consumer accounts on behalf of an employer. By
contrast, § 205.14 can apply to an institution that issues a code for
initiating telephone transfers to be carried out through the ACH from a
consumer's account at another institution. This is the case even if the
consumer has accounts at both institutions.
2. ACH agreements. The ACH rules generally do not
constitute an agreement for purposes of this section. However, an ACH
agreement under which members specifically agree to honor each other's
debit cards is an "agreement," and thus this section does not
apply.
14(b) Compliance by Electronic Fund Transfer Service
Provider
1. Liability. The service provider is liable for
unauthorized EFTs that exceed limits on the consumer's liability under
§ 205.6.
Paragraph 14(b)(1)--Disclosures and Documentation
1. Periodic statements from electronic fund transfer service
provider. A service provider that meets the conditions set forth
in this paragraph does not have to issue periodic statements. A service
provider that does not meet the conditions need only include on
periodic statements information about transfers initiated with the
access device it has issued.
Paragraph 14(b)(2)--Error Resolution
1. Error resolution. When a consumer notifies the
service provider of an error, the EFT service provider must investigate
and resolve the error in compliance with § 205.11 as modified by
§ 205.14(b)(2). If an error occurred, any fees or charges imposed as
a result of the error, either by the service provider or by the
account-holding institution (for example, overdraft or dishonor fees)
must be reimbursed to the consumer by the service provider.
14(c) Compliance by Account-Holding Institution
Paragraph 14(c)(1)
1. Periodic statements from account-holding
institution. The periodic statement provided by the
account-holding institution need only contain the information required
by § 205.9(b)(1).
Section 205.16--Disclosures at Automated
Teller Machines
16(b) General
Paragraph 16(b)(1)
1. Specific notices. An ATM operator that
imposes a fee for a specific type of transaction--such as a cash
withdrawal, but not for a balance inquiry, or for some cash
withdrawals, but not for others (such as where the card was issued by a
foreign bank or by a card issuer that has entered into a special
contractual relationship with the ATM operator regarding
surcharges)--may provide a notice on or at the ATM that a fee will be
imposed or a notice that a fee may be imposed for providing EFT
services or may specify the type of EFT for which a fee is imposed. If,
however, a fee will be imposed in all instances, the notice must state
that a fee will be imposed.
{{12-31-07 p.7408.03}}
Section 205.17--[Reserved]
Section 205.18 Requirements for Institutions Offering Payroll
Card Accounts
18(a) Coverage.
1. Issuance of access device. Consistent with section
205.5(a), a financial institution may issue an access device only in
response to an oral or written request for the device, or as a renewal
or substitute for an accepted access device. A consumer is deemed to
request an access device for a payroll card account when the consumer
chooses to receive salary or other compensation through a payroll card
account.
2. Application to employers and service providers.
Typically, employers and third-party service providers do not meet
the definition of a "financial institution" subject to the
regulation because they neither hold payroll card accounts nor issue
payroll cards and agree with consumers to provide EFT services in
connection with payroll card accounts. However, to the extent an
employer or a service provider undertakes either of these functions, it
would be deemed a financial institution under the regulation.
18(b) Alternative to Periodic Statements
1. Posted transactions. A history of transactions
provided under §§ 205.18(b)(1) (ii) and (iii) shall reflect
transfers once they have been posted to the account. Thus, an
institution does not need to include transactions that have been
authorized, but that have not yet posted to the account.
2. Electronic history. The electronic history required
under § 205.18(b)(1)(ii) must be provided in a form that the consumer
may keep, as required under § 205.4(a)(1). Financial institutions may
satisfy this requirement if they make the electronic history available
in a format that is capable of being retained. For example, an
institution satisfies the requirement if it provides a history at an
Internet Web site in a format that is capable of being printed or
stored electronically using an Internet web browser.
18(c) Modified Requirements
1. Error resolution safe harbor provision. Institutions
that choose to investigate notices of error provided up to 120 days
from the date a transaction has posted to a consumer's account may
still disclose the error resolution time period required by the
regulation (as set forth in the Model Form in Appendix A--7).
Specifically, an institution may disclose to payroll card account
holders that the institution will investigate any notice of error
provided within 60 days of the consumer electronically accessing an
account or receiving a written history upon request that reflects the
error, even if, for some or all transactions, the institution
investigates any notice of error provided up to 120 days from the date
that the transaction alleged to be in error has posted to the
consumer's account. Similarly, an institution's summary of the
consumer's liability (as required under § 205.7(b)(1)) may disclose
that liability is based on the consumer providing notice of error
within 60 days of the consumer electronically accessing an account or
receiving a written history reflecting the error, even if, for some or
all transactions, the institution allows a consumer to assert a notice
of error up to 120 days from the date of posting of the alleged error.
2. Electronic access. A consumer is deemed to have
accessed a payroll card account electronically when the consumer enters
a user identification code or password or otherwise complies with a
security procedure used by an institution to verify the consumer's
identity. An institution is not required to determine whether a
consumer has in fact accessed information about specific transactions
to trigger the beginning of the 60-day periods for liability limits and
error resolution under §§ 205.6 and 205.11.
3. Untimely notice of error. An institution that
provides a transaction history under § 205.18(b)(1) is not required
to comply with the requirements of § 205.11 for any notice of error
from the consumer pertaining to a transfer that occurred more than 60
days prior to the earlier of the date the consumer electronically
accesses the account or the date the financial institution sends a
written history upon the consumer's request. (Alternatively, as
provided in § 205.18(c)(4) (ii), an institution need not comply
with the requirements of § 205.11 with respect to any notice of error
received from the consumer more than 120 days after the date of posting
of the transfer allegedly in error.) Where the consumer's assertion of
error involves an unauthorized EFT, however, the institution must
comply with § 205.6 before it may impose any liability on the
consumer.
{{12-31-07 p.7408.04}}
Appendix AModel Disclosure Clauses and Forms
1. Review of forms. The Board will not review or
approve disclosure forms or statements for financial institutions.
However, the Board has issued model clauses for institutions to use in
designing their disclosures. If an institution uses these clauses
accurately to reflect its service, the institution is protected from
liability for failure to make disclosures in proper form.
2. Use of the forms. The appendix contains model
disclosure clauses for optional use by financial institutions to
facilitate compliance with the disclosure requirements of
§§ 205.5(b)(2) and (b)(3), 205.6(a), 205.7, 205.8(b),
205.14(b)(1)(ii), 205.15(d) (1) and (d)(2), and 205.18(c)(1) and
(c)(2). The use of appropriate clauses in making disclosures will
protect a financial institution from liability under sections 915 and
916 of the act provided the clauses accurately reflect the
institution's EFT services.
3. Altering the clauses. Financial institutions may use
clauses of their own design in conjunction with the Board's model
clauses. The inapplicable words or portions of phrases in parentheses
should be deleted. The catchlines are not part of the clauses and need
not be used. Financial institutions may make alterations,
substitutions, or additions in the clauses to reflect the services
offered, such as technical changes (including the substitution of a
trade name for the word "card," deletion of inapplicable
services, or substitution of lesser liability limits). Several of the
model clauses include references to a telephone number and ad- dress.
Where two or more of these clauses are used in a disclosure, the
telephone number and address may be referenced and need not be
repeated.
[Source: 46 Fed. Reg. 46877, September 23,
1981, effective September 24, 1981; amended at 46 Fed. Reg. 60190,
Decem-ber 9, 1981; 48 Fed. Reg. 14881, April 6, 1983, effective
April 1, 1983; 49 Fed. Reg. 40798, October 18, 1984, effective
October 16, 1984; 50 Fed. Reg. 13181, April 3, 1985,
effective April 1, 1985, except for the revision to question 7-18.5
applicable to foreign-initiated transfers, which is effective October
1, 1985; 51 Fed. Reg. 13485, April 21, 1986, effective April 16, 1986;
52 Fed. Reg. 10734, April 3, 1987, effective April 1, 1987; 53 Fed.
Reg. 11046, April 5, 1988, effective April 1, 1988; 54 Fed. Reg. 9417,
March 7, 1989, effective April 1, 1989; 61 Fed. Reg. 19686, May 2,
1996; 66 Fed. Reg. 15192, March 16, 2001, effective March 15, 2001;
however, to allow time for any necessary operational changes, the
mandatory compliance date is January 1, 2002; 66 Fed. Reg. 13413, March
6, 2001, effective March 9, 2001, however, compliance date is delayed
until October 1, 2001; 66 Fed. Reg. 17793, March 30, 2001, effective
March 30, 2001; 71 Fed. Reg. 1661 January 10, 2006, effective February
9, 2006; 71 Fed. Reg. 1483, January 10, 2006, effective July 1, 2007;
71 Fed. Reg. 41450, August 30, 2006, effective July 1, 2007; 71 Fed.
Reg. 51457, August 30, 2006, effective July 1, 2007; 71 Fed. Reg.
69437, December 1, 2006, effective January 1, 2007; 72 Fed. Reg. 36593,
July 5, 2007, effective August 6, 2007; 72 Fed. Reg. 63456, November 9,
2007, effective December 10, 2007, the mandatory compliance date is
October 1, 2008]
[The page following this is 7409.]
[Main Tabs]
[Table of Contents - 6500]
[Index]
[Previous Page]
[Next Page]
[Search]
|