Grandma’s bank account got hit by a fraudster

Federal and state laws that may help victims of elder fraud recover from financial institutions and credit-reporting agencies

2024 January

Between 2021 and 2022, the Federal Bureau of Investigation reported that elder victims of financial scams increased by 84% nationwide. This dramatic increase brought the total monetary loss for individuals over 60 to over $3.1 billion dollars. The average loss per victim of elder fraud was more than $35,000, with more than 5,000 victims losing over $100,000. The state of California leads the nation in the number of elderly victims of fraud with a collective loss of $624,509,520 in 2022.

The scam usually operates the same way. Pretending to be a legitimate business, the fraudsters inform the elderly individual that they need remote access to the elder’s computer to help fix the issue. But once remote access is given, these fraudsters immediately go to the elder’s online bank accounts and begin plundering – taking all the money that is in there and often opening new loans in the elder’s name to add to more to steal.

Just as tragic as the fraud, the banks rarely work with the victims to make them whole. Attorneys have been struggling over the last few years to bring cases under the Elder and Dependent Adult Civil Protection Act, Welfare & Institutions Code section 15610.30. However, this has largely been an unfruitful exercise because courts are hesitant to hold the financial institutions liable for processing wire transfers even if the financial institution knew or should have known the elder was the victim of a scam.

Under the current legal landscape, banks feel that they have immunity from liability and refuse to give the victims even a penny. However, there are a litany of consumer-protection statutes that can be applied to most elder-fraud cases that can help the elder recover. These statutes can quickly turn the tide and allow your client to go from victim to victor.

Money stolen via wire transfer

In most incidents of fraud, the fraudster will get remote access to the consumer’s account and then wire funds out of the elder’s account.  If the fraudster got into the elder’s account and wired funds out of the account, the elder might have a claim under the Uniform Commercial Code.

Under the Uniform Commercial Code, Article 4A, if there is an unauthorized wire from a bank account, the bank must refund the account holder for the unauthorized transfer from the customer’s account. (California Commercial Code § 11202.) If the bank refuses to issue a refund, the customer can also get daily interest on the funds that were not returned. (California Commercial Code § 11204.)

However, a remedy under the UCC can be tricky because there are several pitfalls to look out for. First, the consumer must notify the bank within 90 days of the statement containing the transfer. Similarly, there is a statute of repose that requires the consumer to notify the bank within one year that the customer intends to bring suit against the bank and hold them liable. This requirement is beyond mere notice that the consumer did not authorize the transfer. Unfortunately, there are no general damages available under the UCC, but instead, the elder can only get a refund and maybe interest.

Money stolen via electronic funds transfer

Let’s change the hypothetical slightly. Let’s say before the fraudster wired the funds out, the fraudster moved money around the elder’s bank accounts. It is not uncommon for a thief to concentrate funds into one bank account before then wiring the funds out of the account.

In a situation like this, the elder’s financial institution is legally required to reimburse the elder for these unauthorized transfers. Under Regulation E, the Electronic Funds Transfer Act (“EFTA”), a financial institution is required to reimburse a consumer for any unauthorized transfer of funds via an electronic funds transfer. The definition of “unauthorized” is any transfer “initiated by a person other than the consumer without actual authority to initiate such transfer and from which the consumer receives no benefit.” (15 U.S.C.S. § 1693a(12).)

EFTA allows an attorney to get creative because of how broad the definition of “electronic transfer” is. Although a wire transfer does not fall within the definition, transfers between a savings and checking account would; transfers from a Home Equity Line of Credit into a checking account would; and money sent out of the account via Zelle would apply. (See Moore v. JPMorgan Chase Bank, N.A., No. 22-cv-01849-JSC, 2022 U.S. Dist. LEXIS 205258, at *2 (N.D. Cal. Nov. 10, 2022) (intra-account transfer); Savitz v. Citizens Bank, N.A., No. 19cv0873, 2020 U.S. Dist. LEXIS 4602, at *7 (W.D. Pa. Jan. 10, 2020) (HELOC).)

In most cases, the elder usually gives the fraudster remote access to their computer because the fraudster misleads the elder victim into believing that the fraudster is Amazon, Microsoft, or some other legitimate business. Due to this, financial institutions typically argue that the transaction was authorized as the consumer furnished the means of access to the consumer’s account. In other words, the defense argues because the elder gave the fraudster access to the computer, the elder authorized the transfers.

However, this argument can be overcome. The Consumer Finance Protection Bureau has explained that when any consumer – especially a vulnerable elder – furnishes access to the account because of being misled by the fraudster, then the furnishing of this information still falls within the definition of an unauthorized transfer. EFTA’s regulatory guidance states that a transaction is unauthorized where it is “initiated by a person who obtained the access device through fraud or robbery.” (See Green v. Capital One, N.A., 557 F.Supp.3d 441, 448 (S.D.N.Y. 2021) (citing 12 C.F.R. § 1005, Supp. I, Comment to Section 1005.2(m)(3).)

Similarly, the financial institution may argue that the elder was negligent in allowing a third party to have access to their computer or information, i.e., that they did not protect their information sufficiently. However, this again is not a fruitful argument. “Negligence by the consumer cannot be used as the basis for imposing greater liability than is permissible under Regulation E. Thus, consumer behavior that may constitute negligence under state law, such as writing the PIN number on a debit card or on a piece of paper kept with the card, does not affect the consumer’s liability for unauthorized transfers.” (See 12 CFR Pt. 205, Supp.1, § 205.6.)

Fraudulent inducement

Although EFTA is a very effective tool at providing victims of financial elder abuse with an avenue to get a refund, it is not perfect. Under the current version of the statute, if a consumer is fraudulently induced to send money via an electronic funds transfer they are unable to get a remedy under EFTA as the transfer is considered to be an authorized transfer. (See Sanchez v. Navy Fed. Credit Union, No. EDCV 23-285 JGB (KKx), 2023 U.S. Dist. LEXIS 142817, at *72-85 (C.D. Cal. Aug. 14, 2023).)

Fraudulent access to the elder’s credit

Let’s change the scenario one more time. Now let’s say that the fraudster not only stole the elder victim’s cash, but also was able to access their credit card and other open lines of credit. Or let’s say with the information that the fraudster was able to obtain, the fraudster opened new accounts in the elder’s name. There are several different ways that an elder scam victim can be released from liability for these debts. Additionally, many of these statutes allow the elder to recover actual damages and statutory damages.

California Identity Theft Law, Civil Code section 1798

The California Identity Theft Law allows for any individual who has had their personal information used without their authorization to obtain credit, goods, services, money, or property to bring an action against whomever is attempting to collect the debt from this unauthorized transaction. Personal information is defined broadly under the statute to include a person’s name, address, telephone number, driver’s license number, social security number, place of employment, employee identification number, mother’s maiden name, demand deposit account number, savings account number, or credit card number.

If the elder is not released from liability after the creditor receives notice of the identity theft, then that creditor will be liable for actual damages, attorneys’ fees and costs, and any equitable relief that the court deems appropriate. (See Civ. Code, § 1798.93, subd. (c)(5).) Additionally, the court can award a civil penalty of up to $30,000 if the elder can prove that (1) at least 30 days prior to the action, the elder victim of identity theft provided written notice to the creditor of the situation; (2) the creditor failed to diligently investigate the victim’s notification of possible identity theft; and (3) the creditor continued to pursue the debt. (Civ. Code, § 1798.93, subd. (c)(6).) For an elder, the trier of fact has the discretion to treble these statutory damages under Civil Code section 3345.

Fair Credit Billing Act, 15 U.S.C. § 1666, et seq.

The Fair Credit Billing Act provides that banks or credit card companies must perform certain procedures if a customer asserts the existence of a billing error through the statutorily defined notice. One such billing error includes the extension of credit which was not made to the obligor. (15 U.S.C. § 1666(b)(1).) For proper notice, all that is required is: (1) the existence of a billing error, (2) timely notification of the billing error (within 60 days of the statement), and (3) failure of the bank to comply with the procedural requirements of 15 U.S.C. § 1666.

One such requirement is that the bank is required to conduct a reasonable investigation. (See 15 U.S.C. § 1666(a)(3)(B)(ii); 12 C.F.R. § 226.13(f).) Prior to the completion of said reasonable investigation, the bank is forbidden from taking any action to collect the amount, or any part thereof, indicated by the obligor as being a billing error. (See 15 U.S.C. § 1666(a)(3)(B).) Other procedural violations could be not sending acknowledgment of the dispute to the elder; not providing a written explanation of the results of the investigation; and even not providing investigation document when the elder requests them. There are a host of other potential violations that were not mentioned here, but are listed in the statutory language.

However, “[o]nce the court finds a violation no matter how technical it has no discretion with respect to imposition of liability.” (Grant v. Imperial Motors (5th Cir. 1976) 539 F.2d 506, 510.) This statute allows for the elder to recover (1) actual damages; (2) statutory penalty of twice the amount of finance charges in connection with each transaction per claimant (or it can be twice the finance charge with a minimum of $500 and a maximum of $5,000); and (3) forfeiture of $50 of the debt. But it’s important to note that the statutory penalties are per violation.

Imagine the creditor violates the statute by sending billing statements before a reasonable investigation is completed. Each collection letter that month is a statutory violation that would cause the statutory damages to be multiplied by the number of occurrences. (Lyon v. Chase Bank United States, N.A. (9th Cir. 2011) 656 F.3d 877, 891  [Ninth Circuit finds that consumers are entitled to duplicative statutory damages for duplicative violations of the same provisions].)

Truth in Lending Act, 15 U.S.C. § 1643

Another way an elder can get out from under fraudulent debt is through the unauthorized use provision of the Truth in Lending Act. While the Fair Credit Billing Act applies to any open-end credit, the unauthorized use provision of TILA only applies to credit cards specifically. This provision explains that a cardholder can only be liable for unauthorized charges on their credit card if a set list of qualifications all exist.

Specifically, 15 U.S.C. § 1643(a)(1) provides that a cardholder will be liable only if: (A) The card is an accepted credit card; (B) the liability is not in excess of $50; (C) the card issuer gives adequate notice to the cardholder of the potential liability; (D) the card issuer has provided the cardholder with a description of a means by which the card issuer may be notified of loss or theft of the card; (E) the unauthorized use occurs before the card issuer has been notified that an unauthorized use of the credit card has occurred or may occur as the result of loss, theft, or otherwise; and (F) the card issuer has provided a method whereby the user of such card can be identified as the person authorized to use it.

For this section of TILA, “unauthorized use” is defined as the “use of a credit card by a person other than the cardholder who does not have actual, implied, or apparent authority for such use and from which the cardholder receives no benefit.” (15 U.S.C. § 1602(p).) By defining “unauthorized use” like this, Congress apparently contemplated – and courts have accepted – primary reliance on background principles of agency law in determining the liability of cardholders for charges incurred by third-party card bearers. (Walker Bank & Trust Co. v. Jones (Utah 1983) 672 P.2d 73, 75-76, cert. denied, 466 U.S. 937, 104 S.Ct. 1911, 80 L. Ed. 2d 460 (1984); see also 12 C.F.R. § 226.12 n.22 (1990).)

This is usually where the battle will occur in litigation. Defense counsel will always make the argument that the elder had approved the charges through some level of agency. Typically, they will shoot for the lowest hanging fruit, which is that there was apparent authority when there was no way for the credit card company to know whether it was the elder or a fraudster making the charges.

However, this interpretation is likely to lose because it completely defeats the purpose of the statute. “Though a cardholder’s relinquishment of possession may create in another the appearance of authority to use the card, the statute clearly precludes a finding of apparent authority where the transfer of the card was without the cardholder’s consent, as in cases involving theft, loss, or fraud.” (Towers World Airways, Inc. v. PHH Aviation Sys., Inc. (2d Cir. 1991) 933 F.2d 174, 177.)

This provision of TILA provides for the same statutory damages as those that are available under the Fair Credit Billing Act, explained above.

Reporting of inaccurate credit information

If a bank or credit card company refuses to release the elder from the fraudulent debt, then chances are this company is also going to report said debts on the elder’s credit reports. Reporting such inaccurate and misleading information violates both state and federal law.

Specifically, under the California Consumer Credit Reporting Agencies Act, a person is forbidden from reporting information to the credit reporting agencies if that person knows or should have known that the information is not accurate.

If an elder disputes the inaccurate reporting with the credit reporting agencies – such as Equifax, Experian, or Trans Union – and the company verifies the information as still being accurate, then the elder would also have a cause of action under the Fair Credit Reporting Act under 15 U.S.C. § 1681s-2(b). Similarly, the elder might have a cause of action against any credit-reporting agency that verified the fraudulent account as accurate.

Under each of these statutes the elder would be entitled to actual damages, injunctive relief, and statutory damages of up to $1,000.

Damages and attorneys’ fees

For all of the above causes of action, many come with statutory damages. Under Civil Code section 3345, when any civil penalty or an award designed to punish or deter is awarded to an elder, the trier of fact has the discretion to treble these damages. The statutory damages that are awarded in these cases are an award that is designed to deter or punish. (See Byrne v. Crown Asset Mgmt. (N.D. Cal. Apr. 3, 2018) LLC, No. 17-cv-07090-EMC, 2018 U.S. Dist. LEXIS 57031.)

With the exception of the Uniform Commercial Code, all of the above-mentioned statutes provide the prevailing plaintiff with attorneys’ fees and costs. This allows attorneys to represent their elderly clients without having to worry about the elderly victim paying out-of-pocket or the attorney having to take a big chunk out of the elderly individual’s recovery.