After scammers spent years swiping hundreds of millions from Zelle users by inducing people to authorize fraudulent payments, lawmakers were horrified to discover in fall 2022 that “the vast majority” of defrauded Zelle users never got their money back. To regulators, it seemed like Zelle was shirking responsibility for policing this increasingly common fraudulent activity on its payments platform.
But now, Zelle has changed its mind and is working harder to protect users from imposter scams. On Monday, Zelle confirmed that at the end of June, the payments app finally started refunding users targeted by scammers.
According to Reuters, this was possible because Zelle’s network operator, Early Warning Services (EWS), found a solution that lets Zelle’s network of 2,100 financial firms off the hook for reimbursing transactions where “potentially billions of dollars” might be stolen by imposter scammers. Instead of expecting financial partners to foot the bill to cover this fraudulent activity, Zelle simply “implemented a mechanism that allows banks to claw back funds from the recipient’s account and return them to the sender.”
“As the operator of Zelle, we continuously review and update our operating rules and technology practices to improve the consumer experience and address the dynamic nature of fraud and scams,” an EWS spokesperson told Ars. “As of June 30, 2023, our bank and credit union participants must reimburse consumers for qualifying imposter scams, like when a scammer impersonates a bank to trick a consumer into sending them money with Zelle. The change ensures consistency across our network and goes beyond legal requirements.”
This is the first time EWS has provided details on its new policy to refund victims of the Zelle imposter scam, Reuters reported. It’s a major policy reversal that Reuters said was likely prompted to spare banks and payments apps from stricter regulatory interventions that would require refunds for every scam victim. (Currently, the US only requires banks to refund any fraudulent payments made without customers’ authorization.)
The chief fraud risk officer at EWS, Ben Chance, reiterated to Reuters that Zelle’s new policy goes “well above existing legal and regulatory requirements.”
It’s unclear if regulators will be satisfied leaving this matter to banks and payment apps, though. There may be just too many people using payment apps to ignore gaps in laws intended to protect against financial fraud. Between 2018 and 2022, peer-to-peer (P2P) payments quadrupled in the US, the Consumer Financial Protection Bureau (CFPB) reported, and by 2027, P2P payments “may reach nearly $1.6 trillion.”
Meanwhile, as P2P payments have increased substantially, these imposter scams have become “the most-reported scam,” targeting users “across all payment methods,” the Federal Trade Commission (FTC) reported. In total, the FTC said that scam victims lost $2.6 billion last year alone.
The CFPB previously mulled new laws that would require lenders to reimburse scam victims, but a person familiar with the matter told Reuters that the CFPB may no longer be considering new protections, because Zelle’s recent changes “have so far satisfied the agency.” However, Senator Elizabeth Warren (D-Mass.)—who spearheaded the probe into Zelle imposter scams—told Reuters that she is not likely to stop monitoring the situation any time soon.
“Zelle’s platform changes are long overdue,” Warren said. “The CFPB is standing with consumers, and I urge the agency to keep the pressure on Zelle to protect consumers from bad actors.”
https://arstechnica.com/?p=1983390