The Wall Street Journal has reported that the seven large banks that own Zelle are discussing possible approaches to fraudulent transactions on the Zelle network. According to the WSJ, the Zelle network rules under consideration would establish network-wide guarantees to reimburse scam victims and create liability sharing agreements, which could go live as soon as January 1, 2023. If it is determined that a customer has been scammed, the rules would provide for the receiving bank to return the money to the customer’s originating bank, which would subsequently issue a refund to the customer. The WSJ reports that banks are testing the process to ensure “the changes wouldn’t result in a fresh surge of scams.” Zelle has not confirmed these discussions or plans.
If Zelle moves forward with the new rules, the 1,800+ financial institutions that allow their customers to use Zelle would have to agree to the new fraud rules to continue to participate in Zelle. We are not aware of other P2P payments providers (such as CashApp, PayPal, Google Wallet, and Venmo) taking similar action to protect consumers from scams. However, if Zelle adopts its new rules, the other P2P payment providers will receive enormous pressure to follow suit. Also, should Zelle take this action, it seems likely that CFPB Director Chopra and Senator Elizabeth Warren (D-Mass.) will take credit for the changes just as the CFPB has taken credit for the actions of several banks to eliminate overdraft fees earlier this year. See our previous blog posts about overdraft changes here and here.
Regulators and lawmakers have increased scrutiny of P2P payments where customers get duped into sending payments to fraudsters. As we previously blogged, in December 2021, the CFPB updated its Electronic Fund Transfers FAQs by adding new questions focused on P2P payment providers and P2P transfers. As we also previously blogged, the FDIC’s March 2022 edition of Consumer Compliance Supervisory Highlights addressed fraudulent P2P payments and recommended that banks mitigate risk by: (1) reviewing account agreements and disclosures (including those with P2P payment providers) to ensure they do not attempt to limit consumers’ rights under Regulation E, and (2) implementing effective fraud detection and prevention measures, such as monitoring geographic data, spending patterns, merchant data, and IP addresses, to help detect potential fraudulent activity.
In October 2022, Senator Warren released a report titled “Facilitating Fraud: How Consumers Defrauded on Zelle are Left High and Dry by the Banks that Created It,” finding that P2P fraud is increasing, banks are not repaying customers for the vast majority of fraudulent inducement cases, and banks are not repaying customers for all “unauthorized” payments. The American Bankers Association, Bank Policy Institute, Consumer Bankers Association and The Clearing House responded to Senator Warren’s report by stating, “[the] report from Sen. Warren fails to acknowledge that 99.9% of the 5 billion transactions processed on the Zelle network in the past 5 years were sent without any report of fraud or scams.” Additionally, on October 27, 2022, the American Bankers Association sent a letter to CFPB Director Chopra, urging the CFPB not to shift liability to banks for P2P payments using an online-money transfer platform in which the consumer who authorized the payment subsequently claims it was made to a scammer. See our blog post about the letter here. Currently, customer-authorized transactions where a customer is scammed into sending money to a fraudster are not considered “unauthorized electronic fund transfers” covered by the Regulation E protections for such transfers.