Q: If a third-party fraudulently induces a consumer to share account access information, are subsequent transfers initiated with the fraudulently obtained account information excluded from Regulation E’s definition of unauthorized electronic transfer because they are initiated “by a person who was furnished the access device to the consumer’s account by the consumer?
A: No. A consumer who is fraudulently induced into providing account information has not furnished an access device under Regulation E. As explained above in Electronic Fund Transfers Error Resolution: Unauthorized EFTs 3
, and 5
, EFTs initiated using account access information obtained through fraud or robbery fall within the Regulation E definition of unauthorized EFT. See Comment 1005.2(m)-3.