Reg. E ( specifically 205.11 Procedures for resolving errors
) as those in the business who know like to call it is, in short, the law gives
consumers protection and certain rights regarding claims of fraud and/ or
errors on their bank accounts.
When this provision was first
established, it was a victory for the honest consumer because some banking institutions
may have made it incumbent upon the consumer to prove they did not commit the
fraud reported in their accounts resulting in denial of their claims. . It is
now incumbent upon the financial institutions to prove a consumer’s liability.
This regulation put the banks on notice that if they did not follow the regulation,
they would be subject to unwanted scrutiny, heavy penalties and civil liability
from banking regulators. These liabilities and penalties instilled fear in
financial institutions, which resulted in a pay the claim attitude (then deny
it, and take the loss.) This contributed to an existing atmosphere conducive to
fraudulent behavior in this country or what I like to call “a fraudsters Disneyland.”
Naturally, what occurred is that
some institutions became more vulnerable than others because their flawed
investigative policy resulted in a reluctance to deny claims. Fraudsters and possibly terrorists too,
target specific institutions because of their policies.
Some financial institutions are now
advertising that they will reimburse fraud claims within 24 hours. This
customer service issue will surely put a smile on the fraudsters face. It will
make it easier to commit fraud and have the money credited to them even faster.
For those consumers that are true victims, I say that’s great and it should be
done. However, between 15% -40% of ATM, Point of Sale and Debit Card claims are
from clients that require scrutiny. (Such
claims are fraud reported within 90 days of the account opening, the 2nd or 3rd
claim within a year and /or the claim of a client losing his card with the pin
written down on the back of the card.)
It’s too easy to claim fraud in these situations, and once a provisional
credit is issued the money is taken out of the account and the client
disappears.
Could it be that financial
institution's loss prevention units aren’t very good at investigating fraud? Do
they have the investigative acumen required?
There are so many claims, they cannot properly investigate every one;
not to mention, the fear of denying a claim and the penalties of this
regulation, which I believe after customer service is one of the reasons so
many fraudulent claims are honored. This Regulation, although unintentionally,
has created a sense of paranoia among financial institutions. Even in cases where claims such as
these are denied, if the fraudster is smart enough and makes a complaint, some
banks will usually pay these claims to avoid the cost or hassle of litigation
The Regulation does state that FI’s
may not be held liable if they show good faith in their investigations. How many investigators are aware of this and
are willing to take the steps to conduct this good faith investigation and deny
the claim? How many investigators know what this means? It’s probably safe to
say that most of the investigators on the loss prevention side of FIs aren't former
law enforcement investigators nor do they
know the Regulation.
Investigations are usually based on a checklist of questions that are inadequate. They rely on the Compliance and Legal
Departments to make sure the Regulation is being followed. However, all too
often it’s compliance that sets the pace looking at customer service as the
broader perspective.
Case in point: A client made a claim with a bank stating that he
left all his bank cards in his car when he was moving, and his car was broken
into and all the cards were taken when he was on vacation in Florida. He stated that he had the pin
numbers written down on an index card with all his cards in the car. All were
in the same box that was stolen and monies were taken from all the cards via
ATM machine withdrawals over a 10-day period. Total claims made on all seven institutions
involved over $80,000. After my initial interview, I contacted the six other
institutions involved, which also included a major brokerage company. All the
institutions you would know by name. All six told me that they were paying this
claim because they didn’t want to violate the Reg. I asked all the institutions
to hold off on paying the claim and within days I could deny his claim. It turned out this client was
never on vacation in Florida
at the time of the fraud; he was at work. I found several inconsistencies in his
statements to me. A further interview revealed that he lied about the claim,
and that he was the one who made the fraudulent transactions. As a result, all
the institutions involved denied his claim, and a FBI investigation was later
conducted. How much work did this take:
maybe 10 calls and 3 - 4 man-hours over a 3-day period? The cost of
denying this $80,000 claim was about $300.00; not bad, right. I have no problem
investing $300 dollars to save $80,000. Do you? During my investigation, I
never violated the Reg. Why? I conducted
a good faith investigation. This denial could and would stand up to any
scrutiny by regulators. I proved that the client was the “bad guy.”
A common argument made by bankers
is: “We made $150,000,000 last year and $2,000,000 of those were losses due to
fraud. No big deal. It’s the cost of doing business.” This way of thinking is way outdated and
requires a major paradigm shift. For example, $2,000,000 in losses this year
makes the fraudsters want to double it next year because we made it much easier
for them this year and it will be even easier the next. Especially vulnerable
are small banks that cannot absorb such losses. They pour more resources into
the investigative side, or they make the wrong decisions and deny a legitimate
claim by a client leaving them wide open for the sting of the regulators for
violation of the Reg.
With fraud on the rise year after
year, it’s going to eventually get to unacceptable levels. It appears that the
more technologically advanced we get in the industry the more vulnerable we
become. Investigating the non- client fraudster is hard enough and with the
resources available to the Criminal Justice system we cannot seem to ever get a
lid on that problem and probably never will. Law Enforcement is inundated with
fraud cases that are at uncontrollable levels. We cannot depend on the
statistics we read about regarding ID Theft because most fraud is not reported
to the police. Customers who become victims usually just call the bank, and
their claim is paid. They see no reason to go to the police; they see it as the
bank’s problem. It seems to me that we can put a lid on client-based fraud, and
it is easily investigated. We do have the ability to control it if we want, in
a cost-effective manner.
We also, to a certain extent, need
to make consumers responsible for some of their actions. It’s my opinion that
if someone writes their PIN number on the back of a bank card. they are indeed
compromising that information and should be liable for any loss incurred as a
result of that card’s loss. Now, I know fraud investigators agree with me here.
However, Regulation E does not. This is a common sense issue. I mean really, lets wake-up! A police report of the fraud should be
required.
We can’t be willfully blind to the
fact that financial fraud is not affecting us. If we wait to properly address
the situation, it may be too late. When I was a detective with the NYPD
investigating ID theft in three years I saw the complaints more than triple and,
of course, these are just the persons who make a report; most don’t.
When I was a VP at Citibank, I developed
and instituted a new Regulation E investigation unit called the Major Incident
Unit. In short, this innovative investigative process that I developed significantly
reduced Citibank’s client based fraud exposure. Let’s put it this way,
if you’re a client at Citibank looking to make a false claim, it's over for
you. The unit was so successful they tripled the unit’s manpower. When McKinsey
& Company saw what I was doing they said my investigative process should be
“best practices”, and that no other bank had such a process that they were
aware of.
Let me be clear, I’m not
saying that Reg. E is bad, nor is it responsible for most of the fraud that
exists today, but it makes a considerable contribution to client based fraud.
It needs to be amended to deal with today’s specific financial fraud threats.
Protecting the consumer’s rights is paramount; however, a more common-sense
approach needs to be implemented.
Fraud and identity theft in this
country are out of control to the point where sooner, or later it will affect
the bottom line of banks worldwide, or the consumer will pay for the losses
with bank fees. Is that good customer service?
How will changes in the Regulation
help the consumer? It will help by
reducing the financial institutions fraud exposure and losses; therefore, the
bank saves money and this will stabilize or reduce their cost of doing business
and trickle down to the consumer. It will significantly reduce client-based
fraud and the possibility of terrorist financing.
In light of the new federal
regulations coming into effect this year for cards, losses are even more
important to the bottom line. This is an area that banks can recoup millions of
dollars every year depending on their losses.
Comments