Call it a reset on how the Consumer Financial Protection Bureau (CFPB) views authorized P2P fraud — and by extension, just who’s on the hook to make consumers whole.
For banks, the liabilities look set to increase. But there’s a silver lining.
News came Tuesday (July 19) that the CFPB has proposed requiring banks to pay back at least some (more) of their customers that are victimized by fraud conducted through P2P services such as Zelle when consumers authorize transactions that push money to fraudsters.
Read more: CFPB Wants Banks to Pay Back Victims Scammed Using Zelle, Other P2P Services
Beyond the confines of current practice — where banks only recompense for unauthorized transactions — it may now be the case that deception-induced transactions, known as authorized payments, would be treated as unauthorized payments, which in turn would mean they were fraudulent.
Attractive for Fraudsters
As PYMNTS recently reported, the P2P space has been an increasingly attractive avenue of pursuit for fraudsters. Where there are triple-digit percentage point gains in volume (as is the case with Zelle and Venmo), there remains a greater “surface area” of sorts behind which to hide. Not only that, but material gains are in the offing, too. Faster payments rails, goes the old saying, can lead to faster fraud given the instant, irrevocable nature of the transfer.
See also: P2P Payments Fraud Suggests Liability Gray Area
To get a sense of scale, consider the fact that according to the Federal Trade Commission (FTC), losses from consumer scams went up an estimated $6.1 billion last year, compared to 2020’s $3.4 billion in losses. By the end of the first quarter of this year, losses topped $1.7 billion.
Fraudsters are able to “slip in” and impersonate the banks themselves, or bank officials, and even acquaintances in a bid to get money sent to their accounts, and disappear once the funds are sent irrevocably.
Education Still Needed
In a recent interview with PYMNTS’ Karen Webster, Ingo Money CEO Drew Edwards said that “there’s still a bit of education that needs to be administered in the banking industry to keep reminding consumers of their liability.” Right now, the model is a “sender beware” model, Edwards noted, which means that there are reminders in place that the transactions are irrevocable, and that the senders must double check the recipient’s information.
But now, with the wrinkle ostensibly being put forth by the CFPB, the onus shifts a bit more to the banks. We might, by extension, see a broader range of payments innovations focused on security, and with some or all of the liability related to authorized fraud shifted to the FIs, consumer trust winds up becoming a bit more firmly grounded. We could see innovation that alerts consumers that the receiver isn’t someone in their contacts, so best make sure that they are, in fact, legit. Then again, banks could also introduce more friction into the process of sending money instantly, or sidestepping the availability of instant transfers all together over a certain amount. Banks have a responsibility to protect consumers, but consumers also have the responsibility to protect themselves.