WASHINGTON—Alleging Zelle “rushed to market” and that consumers have lost more than $870 billion due to fraud on Zelle, the CFPB has sued the operator of America’s most widely available peer-to-peer payment network and three of the nation’s largest banks for failing to protect consumers from “widespread fraud” on the payments app, the Bureau announced.
Early Warning Services, which operates Zelle, along with three of its owner banks—Bank of America, JPMorgan Chase, and Wells Fargo—"rushed the network to market” to compete against growing payment apps such as Venmo and CashApp, without implementing effective consumer safeguards, the CFPB said.
Customers of the three banks named in the lawsuit have lost more than $870 million over the network’s seven-year existence due to these failures.
The CFPB’s lawsuit describes how hundreds of thousands of consumers filed fraud complaints and were largely denied assistance, with some being told to contact the fraudsters directly to recover their money. Bank of America, JPMorgan Chase, and Wells Fargo also allegedly failed to properly investigate complaints or provide consumers with legally required reimbursement for fraud and errors, the Bureau stated.
The CFPB said it is seeking to stop the alleged unlawful practices, secure redress and penalties, and obtain other relief.
“The nation’s largest banks felt threatened by competing payment apps, so they rushed to put out Zelle,” said CFPB Director Rohit Chopra. “By their failing to put in place proper safeguards, Zelle became a gold mine for fraudsters, while often leaving victims to fend for themselves.”
Early Warning Services is a financial technology and consumer reporting company based in Scottsdale, Ariz. Early Warning Services designed and operates the Zelle network. It is co-owned by seven of the largest banks in the United States: Bank of America, Capital One, JPMorgan Chase, PNC Bank, Truist, U.S. Bank, and Wells Fargo.
Widespread Losses
The CFPB alleges widespread consumer losses since Zelle’s 2017 launch due to the platform’s and the defendant banks’ failure to implement appropriate fraud prevention and detection safeguards. The CFPB alleges that Bank of America, JPMorgan Chase, Wells Fargo, and Early Warning Services violated federal law through critical failures including:
- Leaving the door open to scammers: “Zelle’s limited identity verification methods have allowed bad actors to quickly create accounts and target Zelle users. For example, criminals often exploited Zelle’s design and features to link a victim’s token to the fraudster’s deposit account, which caused payments intended for the consumer’s account to instead flow to the fraudster account,” the CFPB said.
- Allowing repeat offenders to hop between banks: “Early Warning Services and the defendant banks were too slow to restrict and track criminals as they exploited multiple accounts across the network. Banks did not share information about known fraudulent transactions with other banks on the network. As a result, bad actors could carry out repeated fraud schemes across multiple institutions before being detected, if they were detected at all,” the CFPB said.
-
Ignoring red flags that could prevent fraud: “Despite receiving hundreds of thousands of fraud complaints, the defendant banks have failed to use this information to prevent further fraud. They also allegedly violated the Zelle Network’s own rules by not reporting fraud incidents consistently or on time,” the agency said.
- Abandoning consumers after fraud occurred: “Despite obligations under the Electronic Fund Transfer Act and Regulation E, the defendant banks failed to properly investigate Zelle customer complaints and take appropriate action for certain types of fraud and errors,” the CFPB said.
The CFPB’s lawsuit seeks to halt unlawful conduct, obtain redress for harmed consumers, and obtain a civil money penalty, which would be paid into the CFPB’s victims relief fund, and secure other appropriate relief.
Read the complaint against Early Warning Services, Bank of America, JPMorgan Chase, and Wells Fargo.
'Unsettling' For Credit Unions
While the CFPB’s lawsuit targets the practices of large banks and a shared payments platform, the premise of the CFPB’s allegations should be unsettling for credit unions, said Jim Nussle, America’s Credit Unions President/CEO.
"The CFPB wants to make it harder for all financial institutions to raise defenses against liability for fraud, even when there may be compelling evidence that bears upon the question of who is ultimately responsible," Nussle said. "Credit unions are committed to protecting consumers from bad actors, but this is an overstep by the Bureau. America's Credit Unions will continue to fight against regulatory overreach."