Share via Email



 Join the FIGHT!
Sign up for breaking
news and alerts!

Email Address:


spacer

Victims Map
Cyber Crime Victims Map

spacer

Educate & Protect

Take Action

spacer


spacer

Featured Video
video

spacer

Advertisement

  Cyberheist Now Available
  Fatal System Error

What is Regulation E?

According to the FDIC law, regulations, and related acts 6500 (consumer protection) Part 205 (electronic fund transfers) Sections 1-18, the primary objective of Regulation E is to protect individual consumers engaging in electronic fund transfers (EFT). Regulation E, under the Electronic Fund Transfer Act, provides a framework that establishes the rights, liabilities, and responsibilities of those participating in EFT such as ATM transfers, bill payment services, point-of-sale transfers in stores, and preauthorized transfers including direct deposit and Social Security payments. Regulation E covers an individual consumer who authorizes a financial institution to electronically transfer funds to debit or credit his/her account.

Under Regulation E, a consumer is not responsible for any unauthorized EFT involving the consumer’s account only they have complied with the disclosed requirements, including reporting time of the unauthorized transfer and other conditions are met by the consumer (see 205.7b(1)(2)(3)). If a consumer abides by these timelines and reporting guidelines, the consumer will not be help responsible for unauthorized transfers. A consumer may be liable for unauthorized EFT if they did not follow specific criteria including: loss limited to $50 if consumer notified financial institution within two business days, loss could be up to $500 if consumer did not notify financial institution within two business days, or loss could be unlimited including maximum over draft if any if consumer did not notify financial institution within 60 business days.

With the coverage and protection provided under Regulation E to individual consumers, why have business/commercial organizations been overlooked for the same quality and protection of their business accounts? There is a growing need for businesses to be protected from fraudulent activity and cyber theft/cyber looting, which creates a need for the extension of Regulation E to commercial accounts imperative.

Source: FDIC.gov; FederalReserve.gov


Automated Clearing House (ACH)

The Automated Clearing House (ACH) is a payment system designed to allow corporations and consumers to make routine payments electronically by reducing or eliminating the use of paper checks. Typical ACH payments include salaries, bill payments, and Social Security benefits. Because of the ACH’s system to efficiently process large volumes of payments electronically and its ability to allow a payee to debit the banking account of the payer, this system has become the largest payment system in the country with over 25,000 participating depository institutions. All of the ACH institutions must be depository institutions, which include Commercial Banks, Savings Banks, Savings & Loan Associations, U.S. Branches of foreign banks, Edge Act corporations, and credit unions.

The ACH was established in the early 1970s to address the escalation of paper checks in the United States. The Federal Reserve was involved with the early planning of the ACH and provided the computer systems necessary to process ACH transactions between depository institutions. In 1974, the National Automated Clearing House Association (NACHA) was established by the regional ACH associations (California, Georgia, New England, and Upper Midwest) to formulate uniform and nationwide operating rules and regulations to facilitate the exchange of ACH payments among ACH associations. Currently, 40 regional ACH associations in the United States are representative members of the NACHA.

How it Works:
  • Using telephone service, PC interface, or written authorization, consumer instructs bank to debit his/her account and issue a credit to bank account of payee.
  • Corporation creates computer file of payment instructions and sends file to its servicing bank.
  • Servicing bank debits its customers’ accounts and sends the ACH an e-file of all payment instructions received from all of its customers.
  • ACH processor receives the payment file from the consumer’s/corporation’s depository institution (DI).
  • Individual debit/credit transactions are sorted to create separate output file for each DI and sent electronically to the institution.
  • ACH processor posts net amount for each DI to its account.
  • DI processes file and posts individual entries to accounts of its customers.

This ACH system also services the commercial banking environment and can also be compromised with unauthorized transactions, including check fraud and wire fraud. Businesses rely on the ACH Processing to operate. Checks to vendors, wires from clients, bill payments - virtually the same as a consumer, but on a larger scale.
This is why cyber theives target commercial accounts more than consumer accounts - their "loot" is much greater, which is why Regulation E needs to extend to Commercial Accounts as well.

Source: NY.FRB.org; NACHA.org