chevron-down Created with Sketch Beta.

The Business Lawyer

Fall 2023 | Volume 78, Issue 4


Robert James Dinicola and Stephen Krebs


Jump to:


  • The Payments survey analyzes federal regulatory and Uniform Commercial Code Articles 3, 4, and 4A developments in the payments space.  
  • The federal regulatory update section of the survey discusses the following developments:  Consumer Financial Protection Bureau action on overdraft fees, Federal Deposit Insurance Corporation and Consumer Financial Protection Bureau guidance on multiple presentments and returned deposited item fees, and the Board of Governors of the Federal Reserve System’s guidance on evaluating requests for access to Federal Reserve Bank accounts and services.  
  • The Article 4A section of the survey describes case law relating to the application of Article 4A, authorization of payment orders, misdescription of beneficiaries in payment orders, the statute of repose, payment by originators to beneficiaries, and displacement of common law.  
  • The Articles 3 and 4 section of the survey describes case law relating to multiple payees, transfer and presentment warranties, and customer duty to discover and report.

Federal Regulatory Developments

CFPB Action on Overdraft Fees

The Consumer Financial Protection Bureau (“CFPB”) took several actions relating to unanticipated overdraft fees in 2022. First, on September 28, 2022, the CFPB issued a consent order with respect to Regions Bank’s practice of charging overdraft fees on debit-card transactions, requiring Regions Bank to repay $141 million to affected customers. Regions Bank “charged overdraft fees on transactions that had a sufficient balance at the time the Bank authorized the transaction but then later settled with an insufficient balance,” a practice known as “authorized-positive overdraft fees.” The CFPB found that, by charging authorized-positive overdraft fees, Regions Bank committed unfair and abusive acts or practices that violated sections 1031 and 1036 of the Consumer Financial Protection Act of 2010 (“CFPA”). The CFPB based its finding on the bank’s “counter-intuitive, complex processes” for processing and settling transactions, resulting in customers being unable to understand the bank’s overdraft practices or expect when they would incur authorized-positive overdraft fees. The CFPB cited examples of customers not understanding how a transaction could be covered by a sufficient balance when authorized but create an overdraft when it settled. In the years leading up to the consent order, regulators published supervisory materials that informed banks that authorized-positive overdraft fees violated federal law.

Second, on November 7, 2022, the CFPB released a circular titled “Unanticipated Overdraft Fee Assessment Practices.” The circular responded to the question: “Can the assessment of overdraft fees constitute an unfair act or practice under the [CFPA], even if the entity complies with the Truth in Lending Act (TILA) and Regulation Z, and the Electronic Fund Transfer Act (EFTA) and Regulation E?” The circular explained that unanticipated overdraft fees, which occur when an institution assesses “overdraft fees on transactions that a consumer would not reasonably expect would give rise to such fees” and include authorized-positive overdraft fees, may constitute an unfair act or practice under the CFPA even if an institution complies with the aforementioned statutes and regulations. The CFPB cautioned that overdraft fees “that a consumer would not reasonably anticipate are likely unfair” acts or practices under the CFPA. The circular described “potentially unlawful patterns of financial institution practices regarding unanticipated overdraft fees and provide[d] some examples of practices that might trigger liability under the CFPA.”

FDIC and CFPB Guidance on Multiple Presentments and Returned Deposited Item Fees

Supplementing the overdraft-related actions described above, in 2022, the Federal Deposit Insurance Corporation (“FDIC”) and the CFPB issued guidance on other payments-related fee practices. In particular, the FDIC issued guidance regarding non-sufficient funds (“NSF”) fees, while the CFB issued guidance on return item fees.

The FDIC issued its Supervisory Guidance on Multiple Re-Presentment NSF Fees on August 18, 2022. The guidance explained that NSF fees are assessed to consumers by financial institutions when a check or Automated Clearinghouse (“ACH”) transaction is authorized and presented to the financial institution, but the consumer’s account balance is insufficient to cover the payment amount. The FDIC stated that “[s]ome financial institutions charge additional NSF fees for the same transaction when a merchant re-presents a check or ACH transaction on more than one occasion after the initial unpaid transaction was declined” and that, in such situations, “there is an elevated risk of violations of law and harm to consumers.” The FDIC issued its guidance to “ensure that supervised institutions are aware of the consumer compliance risks associated with assessing multiple [NSF] fees arising from the re-presentment of the same unpaid transaction.”

The FDIC explained that such practices create “heightened risks of violations of Section 5 of the Federal Trade Commission (FTC) Act, which prohibits unfair or deceptive acts or practices (UDAP).” On this point, the FDIC indicated that, in recent examinations, it had identified disclosures that do not adequately advise customers of this practice and that misrepresentation about or absence of disclosure of such practices is material and considered to be “deceptive” pursuant to Section 5. Further, the failure to sufficiently inform customers of fee practices for re-presentments “raises unfairness concerns [under Section 5] because the practices may result in substantial injuries to customers; the injury may not be reasonably avoidable; and there may be no countervailing benefits to either customers or competition.” Thus, such practices may expose a financial institution to liability for violations of the law. The guidance further identified litigation risk associated with the imposition of multiple NSF fees and stated that some cases brought for failure to adequately disclose these fees in account agreements and disclosures “have resulted in substantial settlements, including customer restitution and legal fees.”

The FDIC’s guidance offered suggestions for NSF fee management to avoid potential liability under Section 5 of the FTC Act, which include: “[e]liminating NSF fees[; d]eclining to charge more than one NSF fee for the same transaction, regardless of whether the item is re-presented[; c]onducting a comprehensive review of policies, practices, and monitoring activities related to re-presentments and making appropriate changes and clarifications . . . [; c]learly and conspicuously disclosing the amount of NSF fees to customers and when and how such fees will be imposed . . . [; and r]eviewing customer notification or alert practices related to NSF transactions and the timing of fees to ensure customers are provided with an ability to effectively avoid multiple fees for re-presented items.”

On October 26, 2022, the CFPB issued a compliance bulletin regarding returned deposited item fee assessment practices. The bulletin noted that a Returned Deposited Item is a check deposited into a checking account that is returned to the consumer because the check could not be processed against the “check originator’s” (or payer’s) account at the paying bank. There are a number of reasons a check may be returned by a paying bank, including insufficient funds in the payer’s account, the payer requested a “stop payment” order, the payer’s account had been closed, or other errors or missing information on the check.

Noting that returned deposited item fees cause substantial harm to consumers, the CFPB stated that “[b]lanket policies of charging Returned Deposited Item fees to consumers for all returned transactions irrespective of the circumstances of the transaction or patterns of behavior on the account are likely unfair” under the prohibition of UDAP in the CFPA. The CFPB emphasized that a “consumer depositing a check would normally be unaware of and have little to no control over whether a check originator has funds in their account, will issue a stop payment instruction, or has closed the account,” and also would not typically “be able to verify whether a check will clear with the check originator’s depository institution before depositing the check or be able to pass along the cost of the fee to the check originator.”

In contrast to a blanket approach, the CFPB stated that “it is unlikely that an institution will violate the prohibition if the method in which fees are imposed are tailored to only charge consumers who could reasonably avoid the injury.” As an example, a more tailored approach may involve imposing a fee only where a consumer depositor repeatedly deposits “bad checks from the same originator, or only charges consumers a fee when checks are unsigned,” as such “fees would likely be reasonably avoidable.

Access Guidance from the Board of Governors of the Federal Reserve System

The Board of Governors of the Federal Reserve System (“Board”), on August 19, 2022, issued Guidelines for Evaluating Account and Services Requests (“Guidelines”). Under the Guidelines, the Federal Reserve Banks (“Reserve Banks”) are expected to consider six principles when evaluating the risks posed both by institutions with existing access to Reserve Bank accounts and financial services and institutions seeking access to such accounts and financial services. Because the Guidelines establish the standards to evaluate the risks posed by institutions that have or seek access to Reserve Bank accounts and financial services, the issuance of the Guidelines may impact how institutions access payment services in the United States.

Through the Guideline’s six principles, a Reserve Bank assessing an institution’s access to accounts and services are expected to consider: (i) the institution’s legal eligibility and the legal basis for its operations; (ii) risks to the Reserve Bank (e.g., credit, operational, settlement, and cyber risks); (iii) risks to the overall payment system (e.g., credit, liquidity, operational, settlement, and cyber risks); (iv) risk to the stability of the U.S. financial system; (v) risk of facilitating illicit activity (e.g., money laundering or fraud); and (vi) risk to the Federal Reserve’s ability to implement monetary policy.

The evaluation of institutions against the principles is to be performed within a three-tier framework, with institutions that fall into each tier subject to different levels of review. Institutions in Tier 1 are legally eligible financial institutions that have federal deposit insurance (from the FDIC or the National Credit Union Administration). Tier 1 institutions are generally subject to the least intensive, most streamlined review. Institutions in Tier 2 are legally eligible financial institutions that do not have federal deposit insurance but are subject by statute to prudential supervision by a federal banking agency; if the institution has a holding company, it must be subject to Federal Reserve oversight by statute or commitments. Tier 2 institutions are generally subject to an intermediate level of review. Tier 3 institutions are legally eligible institutions that do not have federal deposit insurance and are not in Tier 2. Tier 3 institutions are generally subject to the strictest level of review.

Developments Under U.C.C. Article 4A

Application of Article 4A

In a case that reversed a district court decision covered in last year’s survey, the U.S. Court of Appeals for the D.C. Circuit considered the interplay between U.C.C. Article 4A and federal law. The district court had applied the general principle of Article 4A’s money-back guarantee that a sender of a payment order may only recover payment from the receiving bank as the basis for its conclusion that the Republic of Iran did not have an interest in Office of Foreign Assets Control–blocked funds that would support attachment of such funds under applicable federal law. The appellate court disagreed, stating that a federal court should not apply Article 4A as a part of federal common law when, as in the instant case, the objectives of Article 4A and federal law are incompatible: Whereas Article 4A “seeks to minimize disruptions in electronic funds transfers, OFAC’s blocking does the opposite—its purpose is to disrupt terrorist electronic fund transactions.” The appellate court concluded that blocked funds held by an intermediary bank can be attached by a judgment creditor of the originator of a funds transfer if no party in the funds transfer between the originator and intermediary bank “asserts an interest as an innocent third party.”

Authorization of Payment Orders

Under U.C.C. section 4A-202(a), “[a] payment order received by the receiving bank is the authorized order of the person identified as sender if that person authorized the order or is otherwise bound by it under the law of agency.” If a payment order is the authorized order of the sender, then the sender cannot seek to shift any loss that may result from that order to the receiving bank under the loss-allocation rule in section 4A-204(a).

In Harborview Capital Partners, LLC v. Cross River Bank, the court considered when a payment order received by a receiving bank is the authorized order of the person identified as the sender of that order. The defendant receiving bank’s customer had allegedly been tricked by a hacker into transferring funds from its account to a foreign account. Because the payment orders at issue had been authorized by the customer’s account manager, who was authorized to send payment instructions to the receiving bank, the court found that the payment orders at issue were authorized payment orders of the customer.

Misdescription of Beneficiary

U.C.C. section 4A-207 establishes rules for the beneficiary bank’s payment of a payment order when there is an issue with the identification of the beneficiary in the payment order. Under section 4A-207(b), “[i]f the beneficiary’s bank pays the person identified by name or knows that the name and number identify different persons, no person has rights as beneficiary except the person paid by the beneficiary’s bank if that person was entitled to receive payment from the originator of the funds transfer.” Actual knowledge is required; constructive knowledge is not sufficient to establish knowledge by the beneficiary’s bank of a mismatch between a beneficiary’s name and number in a payment order under section 4A-207. “If no person has rights as beneficiary, acceptance of the order cannot occur.” If acceptance cannot occur under section 4A-207, then the funds transfer cannot be completed, and the beneficiary’s bank takes the loss under Article 4A to the extent it has paid the beneficiary.

In Approved Mortgage Corp. v. Truist Bank, the court held that an originator could not assert a claim against a beneficiary’s bank under section 4A-207. The court reasoned that the section 4A-402 money-back guarantee, which contains a privity requirement that generally “allows each sender of a payment order to seek refund only from the receiving bank it paid,” establishes what happens when a funds transfer is not completed due to a beneficiary’s bank’s actions under section 4A-207. Because the originator was in privity with the originator’s bank, not the beneficiary’s bank, the court determined that the originator could not assert a claim under section 4A-207 against the beneficiary’s bank. Another court reached a similar conclusion, holding that an originator may not bring a claim against a beneficiary’s bank under section 4A-207 if there is not privity between the originator and the beneficiary’s bank. A third court reached an opposite result, finding that an originator may bring a claim against the beneficiary’s bank under section 4A-207, even in the absence of privity.

In Deaconess Associations, Inc. v. Wells Fargo Bank, N.A., the court held that the beneficiary identified by name in a payment order did not have a right to bring a claim against the beneficiary’s bank based on allegations that it had paid the beneficiary identified by account number in violation of section 4A-207. The U.S. Court of Appeals for the Fourth Circuit reached a similar decision in affirming a district court opinion that was covered in last year’s survey.

Statute of Repose

Several courts considered the application of the statute of repose for Article 4A claims, set forth in section 4A-505. Under the statute of repose, “[i]f a receiving bank has received payment from its customer with respect to a payment order issued in the name of the customer as sender and accepted by the bank, and the customer received notification reasonably identifying the order, the customer is precluded from asserting that the bank is not entitled to retain the payment unless the customer notifies the bank of the customer’s objection to the payment within one year after the notification was received by the customer.” While section 4A-505 does not explicitly prohibit parties from modifying the length of the statute of repose by agreement, the official commentary indicates that a receiving bank may not modify section 4A-505 in a way that would cut off its refund obligations under other sections of Article 4A.

The court, in LD Management LLC v. First Republic Bank, Inc., considered when a customer receives reasonable notification of a payment order for the purpose of the statute of repose. In dicta, the court explained that it would not grant defendant receiving bank’s motion to dismiss plaintiffs’ claim for failure to bring the action within the one-year limit in section 4A-505. An employee for one of the plaintiffs had sent a series of payment orders from plaintiffs’ accounts with defendant receiving bank as part of a scheme to embezzle money from the plaintiffs. The court reasoned that the plaintiffs plausibly alleged they did not receive reasonable notification of the payment orders that would trigger the statute of repose and thus time-bar their action because the defendant had communicated with and sent bank statements regarding the payment orders at issue to the malfeasor employee.

Two courts considered the interplay between the statute of repose and the loss-allocation rule in section 4A-204, which requires a receiving bank to refund any payment of a payment order received from its customer if the payment order “is (i) not authorized and not effective as the order of the customer under Section 4A-202, or (ii) not enforceable, in whole or in part, against the customer under Section 4A-203.” The customer is not entitled to receive interest on the refunded payment if the customer fails to “notify the bank of the relevant facts within a reasonable time not exceeding 90 days after the date the customer received notification from the bank that the order was accepted or that the customer’s account was debited with respect to the order.” What constitutes a “reasonable time” to notify the receiving bank may be set by agreement, but the refund obligation may not otherwise be modified by agreement.

In a decision that partially reversed a decision covered in last year’s survey, the U.S. Court of Appeals for the Eleventh Circuit, in Rodriguez v. Branch Banking & Trust Co., held that the length of the statute of repose may not be modified by agreement. Among other reasons, the Eleventh Circuit concluded that allowing parties to modify the length of the statute of repose would modify the section 4A-204 loss-allocation rule in a manner that is inconsistent with the intent of that section. The court reasoned that, if modification of the statute of repose were allowed, a receiving bank could require a customer to provide it notification under section 4A-204 in a period “[t]hat would impair the account holder’s right to a refund” under that section. It also reasoned that allowing the one-year statute of repose to be shortened would be inconsistent with the structure of section 4A-204, which provides a customer with incentive to provide notification to the bank of the payment orders at issue within a reasonable time, not exceeding ninety days, by allowing it to receive interest from the receiving bank on the amount to be refunded; if a bank could modify the statute of repose, it could result in such a short period that undermines the interest payment incentive in that section. The court was unpersuaded by defendant’s argument that the statute of repose may be modified by agreement because section 4A-501 allows parties to modify provisions of Article 4A “except as otherwise provided in [Article 4A],” and section 4A-505 does not have such a limitation; among other reasons, the court concluded that allowing modification of the length of the statute of repose “would allow banks to eviscerate the protection [section 4A-204] creates.”

In JESCO Construction Corp. v. Wells Fargo Bank, N.A., the court reached a similar conclusion as the U.S. Court of Appeals for the Eleventh Circuit. In JESCO, the court considered whether a receiving bank could set, by agreement, a time period in which a customer must notify the receiving bank of a fraudulent transfer of funds from the customer’s account that is shorter than the one-year statute of repose. After analyzing other decisions and the commentary to the U.C.C., the court concluded that a receiving bank may not vary, by agreement, the one-year statute of repose for a customer to report a fraudulent payment order and obtain a refund under section 4A-204(a).

Payment by Originator to Beneficiary

In a petition filed with the Patent Trial and Appeal Board (“PTAB”) for the Patent and Trademark Office (“PTO”), the PTAB considered the time at which payment to a beneficiary occurs under Article 4A as incorporated into the Board’s Regulation J. Whether the petitioner had timely filed the petition at issue turned on whether the petitioner had paid the filing fee to the PTO by the deadline for the petition.

Petitioner paid the filing fee via a funds transfer sent through the Fedwire® Funds Service, which instructed payment to the PTO’s account with the U.S. Treasury in accordance with PTO instructions. Petitioner had received a Fedwire Funds Service confirmation from its bank indicating that the amount of the petitioner’s payment order had been paid to the U.S. Treasury. The PTAB concluded the Fedwire confirmation was sufficient evidence that the petitioner had paid the filing fee by the deadline.

In reaching its decision, the PTAB analyzed when an originator pays the beneficiary under Article 4A. The PTAB noted that, under section 4A-406, the originator of a funds transfer (the petitioner) pays the beneficiary (the PTO) at the time a payment order for the benefit of the beneficiary is accepted by the beneficiary’s bank (the U.S. Treasury). Under section 4A-209(b)(2), a beneficiary’s bank accepts a payment order at the earliest of several times, including when the bank receives payment of the order pursuant to section 4A-403(a)(1). A bank receives payment under section 4A-403(a)(1) when it receives final settlement of the obligation through a Reserve Bank, as was the case in the petition. Thus, under Article 4A, the petitioner paid the PTO at the time the U.S. Treasury was paid the amount of the order over the Fedwire Funds Service.

Displacement of Common Law

Article 4A is intended to be “the exclusive means of determining the rights, duties and liabilities of the affected parties in any situation covered by particular provisions of the Article,” and “resort to principles of law or equity outside of Article 4A is not appropriate to create rights, duties and liabilities inconsistent with those stated in [Article 4A].” In 2022, a significant number of decisions considered Article 4A’s displacement of inconsistent common law claims.

Developments Under U.C.C. Articles 3 and 4

Multiple Payees

VFS Leasing Co. v. Markel American Insurance Co. addressed a classic and recurring check-related legal issue where there is a split of authority. U.C.C. section 3-110(d) provides that, “[i]f an instrument is payable to two or more persons not alternatively, it is payable to all of them and may be negotiated, discharged, or enforced only by all of them.” Courts applying this and related concepts to similar facts involving a check with two (or more) payees have reached different conclusions on whether the cashing of the check by one co-payee, “without the knowledge, involvement, or endorsement” of the other co-payee(s), discharges the issuer from its obligation to pay the check or the underlying contractual obligation.

In the present case, the plaintiff, VFS Leasing Co. (“VFS”), owned and leased tractor trailers to Time Definite Leasing, LLC (“TDL”), which was not a party to the litigation. Instead of purchasing insurance, VFS required TDL to purchase insurance for each tractor trailer and name VFS as an additional insured and loss payee on the policies in an attempt to ensure VFS would recover if the trucks were damaged or destroyed. TDL purchased insurance from the defendant, Markel American Insurance Company (“Markel”). Five of the trucks were damaged or destroyed and TDL submitted five insurance claims to Markel. In an attempt to pay the claims, Markel sent checks to TDL that were payable to both VFS and TDL as co-payees. VFS had no knowledge of the checks. Unbeknownst to VFS, and without its approval, TDL cashed the checks. VFS, which was validly named as an additional insured or loss payee on the relevant insurance policies, received nothing and brought suit in U.S. District Court for the Middle District of Florida.

The court acknowledged that “courts that have confronted this issue in other parts of the country have come out differently when applying identical or nearly identical UCC provisions as Florida’s to nearly identical facts,” leading to “a split of authority [that] exists on this issue of supposedly uniform commercial law.” After reviewing several cases on the issue, the court observed that the “[case] law on this point is, at best, inconsistent and certainly not uniform.”

The first approach, which favored Markel, holds that, “when a party with a contractual obligation to pay delivers a two-party check to one of two copayees, and the copayee cashes the check without the knowledge, involvement, or endorsement of the other copayee, that party cannot be held liable on its contractual obligation because the law deems the obligation discharged when the check is delivered and cashed by the copayee.” The second approach, which favored VFS, “holds that the cashing of a two-party check by one copayee, without the knowledge, involvement, or endorsement of the other copayee, does not discharge the party that issued the check from its liability on the check or on any underlying contractual obligation.” Thus, the unpaid co-payee may bring (i) an action for breach of contract, or (ii) a suit on the check itself using the theory that the check is lost, or (iii) claims under both theories.

In VFS, the court adopted the second approach and held that the underlying obligation on the insurance policies had not been discharged and that Florida law allows VFS to bring a breach of contract claim against Markel for non-payment. The court was persuaded by the “better view” that an “underlying contractual obligation would not be discharged where, as here, a joint payee improperly cashes a two-party check.” In adopting this position, the court pointed to a Texas Supreme Court decision that similarly turned on the impropriety of the co-payee that cashed the check.

The court recognized Markel’s frustration, given that “what occurred after the checks were issued was beyond Markel’s control,” but emphasized that its decision was appropriate to protect the rights of all co-payees “as well as the integrity of the commercial paper itself.” Further, the court indicated that Markel could “seek recovery of its losses from the bank that improperly cashed the two-party check.” While admitting its interpretation could result in “circuitous litigation,” the court looked to a well-established principle of payments law: “[T]he loss should ultimately fall on the drawee bank who was in the best position to prevent the error.”

Transfer and Presentment Warranties

Under the U.C.C., the paying bank is responsible for paying a check that is not properly payable. However, the paying bank may be able to shift the loss in some circumstances under the transfer-and-presentment warranty framework. A presenting bank warrants to the paying bank that it has no knowledge that the drawer’s signature is unauthorized. In addition, a presenting bank (and prior transferors) make other warranties, including that the presenting bank (or transferor) is entitled to enforce the check (i.e., that there are no unauthorized or missing indorsements). These warranties provide certainty and an approach to loss allocation that is fundamental to the check-presentment process.

In Cornelius v. PNC Bank, N.A., the plaintiff, Debra Cornelius, brought a claim against PNC arguing that she was entitled to $100,000 plus interest in relation to a $100,000 check that was intended to be paid to Bright Investments LLC, but was cashed instead by Mark McMahon and deposited into an account held by Bright Consulting LLC, and thus was not properly payable by PNC. PNC argued that Dollar Bank, N.A. (a third-party defendant) was responsible for the loss due to a breach of the presentment warranty that there were no unauthorized indorsements on the check. Dollar Bank moved for judgment on the pleadings, arguing that “the factual allegations necessary to establish a breach of a presentment warranty do not exist in this case.” The court found “PNC alleged that Dollar Bank improperly guaranteed that there was no ‘unauthorized’ indorsement on the check” and further that the pleadings “plausibly support the position that Dollar Bank had knowledge that the signature was unauthorized for at least three reasons.” In particular, (i) the check was not payable to the entity that sought to deposit the check; (ii) Cornelius indicated in the check’s memo line that its purpose was for a “money market” account, yet Bright Consulting’s name and the description of its business in Dollar Bank’s records suggested Bright Consulting was not an investment provider; and (iii) Bright Consulting’s account was opened ten days after the check was issued and the check was the first and only deposit into the account. Hence, the court denied Dollar Bank’s motion as to PNC’s presentment-warranty claim.

In contrast, in Perlberger Law Associates, P.C. v. Wells Fargo Bank, N.A., the U.S. District Court for the Eastern District of Pennsylvania granted a motion to dismiss in favor of Wells Fargo Bank, N.A. against Perlberger Law Associates, P.C. (“Perlberger”), in a suit alleging violations of the transfer warranties under sections 3-416 and 4-207, as well as other provisions of the U.C.C. The decision demonstrates the limits of the ability to recover under the U.C.C.’s presentment warranties.

Perlberger was retained by an individual “purporting to be Julio Gomez, President of Tools & Equipment Supply . . . to collect a $199,550 debt from Derbyshire Machine & Tool Co.” Perlberger received a check in the amount of the debt owed, attempted to deposit the check in person, but, due to COVID-19 protocols, was instructed to deposit at the ATM and, thus, it was not inspected by a teller. After the funds were made available, Perlberger sent a wire transfer in accordance with instructions from Gomez, unwittingly directing the funds to a fraudster’s account at Guaranty Bank in Nigeria. Wells Fargo subsequently informed Perlberger that it was delaying access to funds because the signature on the check had been forged and then charged back Perlberger’s account in the amount of $199,500, which led to an overdraft.

Without citing any legal authority, Perlberger argued that it was a third-party beneficiary of the warranties that Wells Fargo made to Citibank when it transferred the check for payment and, thus, was entitled to recover from Wells Fargo. The court dismissed the theory, pointing out that “this Court is being asked to rewrite the statute to extend transferee warranties back to the principal of a transferor,” i.e., the depositor. In other words, according to the court, Perlberger was “attempting to fit the unusual facts of this case into a statutory provision dealing with an entirely different class of transactions. There is no reasonable basis on which to do so.” Ultimately, the court found that, while it was unfortunate that Perlberger had fallen victim to fraudsters, Wells Fargo could not be held liable for failing to identify the fraudulent check.

Customer Duty to Discover and Report

As a general matter, under U.C.C. section 4-401, a paying bank is liable to its customer for paying a check that is unauthorized (not properly payable). U.C.C. section 4-406 establishes a core customer duty regarding check payments and standards for loss allocation associated with fraudulent checks. In particular, customers must review their bank statements and report unauthorized signatures or alterations to their bank with reasonable promptness. Where a customer fails to report a fraudulent check within one year of an account statement that included information sufficient to allow the customer reasonably to identify the items paid, the “statute of repose” in U.C.C. 4-406(f ) precludes the customer from bringing a claim against the bank to recover. This one-year period may be modified by agreement, provided the shortened period is not “manifestly unreasonable.”

Further, under the “repeater rule” in U.C.C. section 4-406(d), a customer is generally precluded from bringing a claim for fraudulent checks by the same wrongdoer that are paid after thirty days from the date of the customer statement identifying the first fraudulent check. The policy rationale is that, by failing to review account statements and report the fraud, the customer provides the fraudster the opportunity to continue their scheme. The customer may shift liability to the paying bank under a comparative negligence scheme if the bank failed to exercise ordinary care and such failure substantially contributed to the loss.

Several recent cases explore the operation of U.C.C. section 4-406’s loss-allocation rules and related concepts involving negligence and the availability of account statements. In Regional Produce Cooperative Corp. v. TD Bank, N.A., the U.S. District Court for the Eastern District of Pennsylvania examined various claims regarding a bank’s liability for a non-profit organization’s losses resulting from a multiple-year embezzlement scheme in which the unscrupulous CEO (Sonny DiCrecchio) of Regional Produce Cooperative Corporation (“RPCC”) signed checks drawn on the organization’s account to enrich himself. The old-fashioned embezzlement scheme involved a bank account opened in 2009 by RPCC’s predecessor—Philadelphia Fresh Food Terminal Corporation (“PFFTC”). The account was a single-signer account, with DiCrecchio as the only authorized signer, through which much of the embezzlement occurred. RPCC board members mistakenly believed that any check drawn on the account required two authorized signatures, whereas TD Bank’s account terms specified that the bank did not offer accounts that required two or more signatures for a check or other withdrawal, nor would it enforce any such requirements. Even though PFFTC opened the account in 2009, the funds of both PFFTC and RPCC passed through the account.

After RPCC’s board of directors discovered the unauthorized checks, DiCrecchio, in August 2018, confessed to the organization’s board that he had committed the fraud. He admitted to embezzling $8,686,300.63, though only $5,493,707.00 of that sum passed through the account. To hide the scheme, DiCrecchio directed RPCC’s bookkeeper to falsely record the fraudulent payments as legitimate business expenses, such as snow removal and insurance legal fees. Notably, no one from RPCC reported any unauthorized transactions on the account to TD Bank until after DiCrecchio’s confession in August 2018.

On April 11, 2019, the organization initiated claims against TD Bank for, among other things, negligence under the Pennsylvania Commercial Code. TD Bank argued that it indisputably sent monthly account statements to the organization, that such statements showed all monthly activity on the relevant account from September 2009 to August 2018, and that RPCC’s agent confirmed she received and reviewed the statements. Thus, TD Bank argued, under the statute of repose in U.C.C. section 4-406(f ) and the repeater rule in U.C.C. section 4-406(d), RPCC was precluded from recovery for any unauthorized checks at issue in the case. RPCC raised arguments regarding these statutory provisions, including that TD Bank’s failure to exercise ordinary care under U.C.C. section 4-406(e) required it to take on liability for some of the loss.

The court observed that the “potential interplay” between the statute of repose and the repeater rule is “nuanced.” In considering RPCC’s argument regarding U.C.C. section 4-406(e), the court explained that “ordinary care” under the U.C.C. means “observance of reasonable commercial standards” and that, under the U.C.C. commentary, “‘[f]ailure to exercise ordinary care is to be determined in the context of all the facts relating to the bank’s conduct with respect to the bank’s collection of the check,’ including the names on the account, amount of check, circumstances of account opening, and actions of account holder.”

RPCC put forth evidence that (i) “TD Bank’s own forms and banking industry standards required TD Bank to verify DiCrecchio’s authority to open and transact on the Account,” (ii) “TD Bank failed to complete crucial portions of its opening forms and did not typically do anything else to verify an individual’s authority to open a corporate account,” (iii) “TD Bank’s actions regarding maintenance of the account violated industry standards,” and (iv) “[w]hen RPCC sought to add itself as a co-owner to the Account and began depositing checks into the account, TD Bank failed to inform RPCC of its option to close the Account and open a new one or that there were compliance risks in depositing checks into an account RPCC did not own.”

Accordingly, the court opined that, “although RPCC is barred under the statute of repose from recovering on fraudulent transactions appearing on bank statements prior to August 16, 2017 (one year prior to RPCC’s reporting of the fraud), … for fraudulent transactions appearing on bank statements after that time, RPCC could establish that some or all of the loss was a result of TD Bank’s failure to exercise ordinary care.”

A customer’s duty to examine bank statements and report unauthorized checks is triggered when a bank sends or “makes available” an account statement and either makes available paid items or provides information in the account statement “sufficient to allow the customer reasonably to identify the items paid.” In Pincover v. J.P. Morgan Chase Bank, N.A., the court evaluated whether “paperless” (i.e., electronic) account statements were made “available” to a customer. The decision is notable for its examination of the “availability” requirement under U.C.C. section 4-406 and the ability of a financial institution to modify the notice period, provided such modification is not “manifestly unreasonable” in the context of a particularly sympathetic victim.

The customer in the case, Pincover, was over eighty years old, lived in a nursing home, confessed to not being computer or internet savvy, and was the unfortunate victim of a scheme that resulted in $325,500 stolen from his accounts at Chase. Although Chase reimbursed him for some of the unauthorized payments, Pincover alleged that $150,000 remained owed to him. He brought claims against the bank arguing that, among other things, $98,395 in funds not reimbursed to Pincover had been stolen through fraudulent checks drawn on his account that were not properly payable under U.C.C. section 4-401. Chase filed a motion to dismiss, arguing that the claim was barred by the account agreement that required him to report any unauthorized activity to Chase within thirty days.

In his complaint, Pincover alleged that thieves changed the address on record for his accounts from his correct address in New York City to an address in Miami, Florida, with which he was not associated, such that no notice was made available to him. The complaint further alleged the thieves disabled paper statements mailed to the New York City address and made Pincover’s accounts “paperless,” so that, between October 2019 and June 2020, Pincover received no paper statements regarding his accounts. During this period, thieves stole funds from Pincover through $98,395 in fraudulent checks. According to Pincover, who also alleged that Chase failed to exercise ordinary care, the checks were “obvious forgeries” and there were other clear irregularities, including that new checks bore Pincover’s New York address but were mailed to a Florida address, the handwriting on the checks at issue differed from Pincover’s, the checks were signed “Ed Pincover” (when Mr. Pincover’s legitimate checks were always signed “Edward Pincover”), and the activity during the period of the fraud marked a “gross change” from past limited activity in the account where there was almost no ATM or ACH activity.

The court acknowledged that Pincover did not allege to have notified Chase within thirty days of receiving the account statements identifying the unauthorized transactions but held that this did not entitle Chase to dismissal because it was disputed whether the bank statements were made available to Pincover. The court explained that the “availability” requirement under U.C.C. section 4-406 has been found not to be satisfied “where the customer did not actually receive [the relevant] account statements . . . and did not authorize the bank to send statements . . . to the address to which [they] were sent.” Further, the court relied on the following language from Chase’s own account agreement to counter the bank’s argument: “If your account has had no activity during the monthly statement period, other than the payment of interest, we may not make a statement available.” On this point, the court appeared to chide Chase, stating, “[i]n light of Chase’s admonition to Pincover that if there was no account activity a statement might not be made available, the inference is fair that a person in Pincover’s situation would not have viewed the absence of a statement as triggering a duty to notify Chase that he had not received one.”

Pincover had also asserted that Chase should have some liability for failing to exercise ordinary care. Chase countered that Pincover was time barred from bringing such a claim under the same thirty-day notice period in the account agreement. However, the court believed that the thirty-day period raised the question of whether this period was “manifestly unreasonable.” The court held that it could not find that the thirty-day limit was not manifestly unreasonable, highlighting that Pincover’s complaint “alleges sufficient—indeed ample—facts on which it could find manifestly unreasonable to hold Pincover to such a deadline to protest Chase’s lapses in failing to alert him to the irregular activity in his account.” Such alleged facts included Pincover’s age, that he lived in a nursing home and was not computer or internet savvy, and “was victimized by a fraudster’s diversion of his hard-copy account statements to addresses not associated with him.” Thus, the court denied Chase’s motion to dismiss Pincover’s claim under U.C.C. section 4-401.

The views expressed in this survey do not necessarily reflect the views of the Federal Reserve Bank of New York or any other component of the Federal Reserve System, nor the views of The Clearing House Payments Company.