Increased Exposure: What Financial Institutions Need to Do – Now – to Avoid Fraud Liability stemming from Social Engineering Scams


It’s going to get much tougher for financial institutions to avoid being declared as liable in the case of electronic fund transfer (EFT) social engineering scams.

Specifically, the Consumer Financial Protection Bureau (CFPB) recently released a Frequently Asked Questions “compliance aid” to provide guidance about its positions on the Electronic Fund Transfer Act (EFTA) and Regulation E. The bureau indicated that, if a third party fraudulently induces a consumer into sharing account access information which is used to initiate an EFT, then the transfer meets Regulation E’s definition of an unauthorized EFT.

In a section of considerable interest, the CFPB states that these institutions cannot take into account a consumer’s negligence when determining liability for unauthorized EFTs under Regulation E. “For example, consumer behavior that may constitute negligence under state law,” according to the section, “such as…

Read full article at