The latest risk alert from CUNA Mutual Group identifies whether consumers victimized in the new version of the Zelle/P2P fraud scam are entitled to protection under Reg E.

The risk alert warns that in the new version of the Zelle/P2P fraud scam, fraudsters con Zelle users into using Zelle to transfer funds to themselves using their mobile phone number under the guise that the transfer will replace funds stolen from the users’ accounts, however, the transfers go to the fraudsters.

According to the risk alert, an attorney with the CFPB provided CUNA Mutual Group with “informal non-binding guidance,” referring to Section 2.3.1 in the CFPB’s Fall 2021 Supervisory Highlights issued in December 2021. The attorney reasoned that the Zelle transfer initiated by the user using their own mobile phone number should be considered a “token error.” A token error occurs when a Zelle user enters the recipient’s current and accurate phone number or email address, but the transfer is misdirected to an unintended recipient. Token errors are considered “incorrect electronic fund transfers” or EFTs, which are a defined error under §1005.11(a)(1)(iii).

The risk alert states that the CFPB’s Electronic Fund Transfer FAQs “clearly indicate” that consumers victimized in the traditional scam are entitled to protection under Reg E (refer to questions 4 and 5 under the category, “Error Resolution: Unauthorized EFTs”).

“Based on the informal non-binding guidance provided by the CFPB, it appears that members victimized in the new version of the Zelle/P2P fraud scam are entitled to protection under Reg E,” the risk alert states. “However, you may want to consult legal counsel to determine your obligations under Reg E.”

CUNA Mutual Group’s risk alerts, in addition to additional risk-prevention resources, may be accessed in their Protection Resource Center. Log-in is required.