These days banks want their customers using electronic banking, because it's cheaper for the banks than teller transactions or telephone transactions when an actual human is involved. The problem is that it probably isn't in your best interest to do your banking online. Here's why.
The banking laws in the US (specifically, the "Regulation E" Consumer Protection Act) are supposed to protect you from liability above $50 for electronic banking transactions, if you report fraudulent transactions within two days of becoming aware of them. Can you see the loopholes in that statement? If not, then you don't think like a lawyer.
First, you need to notify the bank within two days of finding a fraudulent transaction. What if the bank sends you an email notification and you don't check your email for three days? What if you check your email, but don't notice the bank's email? What if you accidentally delete the email and never see it? What if you don't allow the bank to notify you by email, and your only notification is by their monthly statement via US mail, but you are out of town when your statement arrives? What if you're on a vacation in Europe for a month? What if the statement is lost in the mail? What if you're home, but the statement arrives three weeks late? Are you only liable after actually laying eyes on the statement? Are you liable two days after you should have seen the statement? These are reasonable questions to ask. Some of these questions are answered by Regulation E. For example, Regulation E says that if the customer receives a "periodic statement" that contains the fraudulent transaction, he has up to 60 days to alert the bank before his liability will be unlimited. In other words, if the customer does not report the fraudulent transaction, because he doesn't see his statement before the 60 days expire, he has unlimited liability.
In addition to Regulation E, the bank has what's called an "online banking service agreement", where it spells out what it considers the customer's liability to be. If you don't follow it, you may be liable, subject to what Regulation E says. Guess what? It's really long. Here is Bank of America's. Have you read your bank's agreement? If you have, have you understood it? Do you follow it? Do you even know if you're following it? One of the things that Bank of America's agreement says is that you must notify them if you have reason to believe that your passcode has become known to an unauthorized person. It goes on to say that, "Bank of America will have no liability to you for any unauthorized payment or transfer made using your passcode that occurs before you have notified us of possible unauthorized use and we have had a reasonable opportunity to act on that notice." I couldn't find any mention of a 2-day waiting period associated with this sentence. I'm not a lawyer, but it looks to me like that means that between the time you discover that some unauthorized person has your password, and the time you notify Bank of America, you are liable. If that is correct, it means that if someone intercepts your banking password while you're online and uses it to withdraw your money, and you don't find out about it until you get your bank statement, Bank of America believes that you are liable for that transaction, even if it's for all the money in your account! However, Regulation E says, "The extent of the consumer's liability is determined solely by the consumer's promptness in reporting the loss or theft of an access device. Similarly, no agreement between the consumer and an institution may impose greater liability on the consumer for an unauthorized transfer than the limits provided in Regulation E." So, Regulation E has precedence over the bank's online banking service agreement. It looks to me like what the Bank of America believes contradicts Regulation E. However, if the bank's agreement disagrees with Regulation E, one would assume that the bank would still deduct the disputed amount from your account.
If you and a bank have a dispute, and you don't like the bank's interpretation of the law or their online banking service agreement, guess what? Your only option is to go to court. But wait--essentially every large bank in the US ( 70% in 2016 and growing rapidly) now sends its customers a notice saying that unless they object in writing, they are subject to "binding arbitration". That means that you can't go to court. You can only go before an arbitrator. The arbitrator is probably not a judge and may not even be a lawyer. And guess who he works for? Most likely, he works for the bank! Oh, not directly. He's not on the bank's payroll. But guess what? Most likely, the bank brings him a substantial amount of his business. And he knows that if he finds against the bank, the bank may not bring him any more business. And he is usually well-paid, so he wants the bank to keep bringing him business. So what does that say to you? Would you guess that just maybe he might be a teeny weeny bit biased in favor of the bank? Well, guess what? In binding arbitration cases involving an individual against a corporation, the corporation wins a much higher percentage of the time compared to when the disputes are resolved in a court room. In addition, when individuals do win, the awards average only 16% as much as in federal court and 7% as much as in state courts. So, your chance of winning and getting your money back is small.
So, if your bank account is ever emptied out, because you didn't know there was malware on your computer transmitting your passwords to a criminal, and if your bank's online banking service agreement is similar to Bank of America's, and your bank decides to enforce it, you probably won't be getting your money back. Like WOPR said in the movie "War Games", "The only way to win is not to play the game." Don't bank online in the first place.
Copyright © 2018-2019 The Cheapskate's
Guide to Computers and the Internet. All rights reserved.