On December 20, 2024, the CFPB sued the operator of Zelle and three of the nation’s largest banks, Bank of America, JPMorgan Chase, and Wells Fargo, for failing to protect consumers from widespread fraud on America’s most widely available peer-to-peer payment network. According to the CFPB, Early Warning Services, which operates Zelle, along with its owner banks rushed the network to market to compete against growing payment apps such as Venmo and CashApp, without implementing effective consumer safeguards.

CFPB Director Rohit Chopra said the following in a statement:

“The nation’s largest banks felt threatened by competing payment apps, so they rushed to put out Zelle. By their failing to put in place proper safeguards, Zelle became a gold mine for fraudsters, while often leaving victims to fend for themselves.”

Zelle is a peer-to-peer payment network that allows near-instant electronic money transfers through linked email addresses or U.S.-based mobile phone numbers, known as “tokens.” With Zelle, users have the ability to generate various tokens with different banks and swiftly transfer them between organizations, a capability that has exposed them to fraudulent activities.

The CFPB alleges that Bank of America, JPMorgan Chase, Wells Fargo, and Early Warning Services violated federal law through critical failures including:

Leaving the door open to scammers. Zelle’s weak identity verification methods have enabled criminals to create accounts and target users. Fraudsters exploit Zelle’s features to link a victim’s token to their own account, redirecting payments meant for the consumer to themselves.
Allowing repeat offenders to hop between banks. Early Warning Services and the defendant banks were slow to track criminals exploiting multiple accounts. They failed to share information about fraudulent transactions, allowing bad actors to carry out repeated fraud across various institutions without detection.
Ignoring red flags that could prevent fraud. The defendant banks received numerous fraud complaints but failed to use this information to prevent further incidents. They also allegedly violated Zelle Network rules by not reporting fraud consistently or promptly.
Abandoning consumers after fraud occurred.The defendant banks failed to properly investigate Zelle customer complaints and take appropriate action for certain fraud and errors, despite obligations under the Electronic Fund Transfer Act and Regulation E.

The CFPB’s lawsuit seeks to stop unlawful conduct, obtain redress for harmed consumers, obtain a civil money penalty, and secure other appropriate relief.

Read the CFPB’s press release here.

See the full complaint here.

Adam Witmer

Adam Witmer is a speaker, author, and founder of the Compliance Cohort. Adam has taught hundreds of seminars and training sessions to thousands of bankers throughout the United States and teaches on all areas of regulatory compliance. Adam has written five e-books that he never published, hit a grizzly bear while driving in a National Park, and is an award winning photographer and musician (though he no longer takes photos nor plays any instruments). In his spare time, Adam can be found kayaking on the lake, doing taekwondo with his kids, working on his (project) house, or spending time with his family.

Website

Become a Free Member