Legal Headaches of Check By Phone Payments in Debt Collection
John Rossman
A recently filed putative class action demonstrates the risk all companies face when accepting electronic checks by phone. While most companies agree to accept electronic checks by phone only as a convenience to customers, these transactions are governed by a confluence of financial regulations replete with thorny traps for the unwary. In particular, recurring electronic withdrawals from a consumer’s checking account must be authorized in a writing signed or similarly authenticated by the consumer.
While the definition of “similarly authenticated” is subject to some interpretation, an audio recording of the consumer’s verbal consent is arguably not sufficient.
A. Electronic Funds Transfers
An electronic funds transfer (EFT) includes a consumer authorized transfer of funds from a checking account initiated by telephone and is governed by Regulation E. A consumer authorizes a one-time EFT where the consumer receives an appropriate notice that the transaction will be processed as an EFT and other disclosures are made.
If a debt collector sets up a series of recurring of EFTs — for instance monthly electronic debits from a consumer’s checking account — the debt collector must obtain a signed, written authorization from the consumer. After obtaining the written authorization, the company must provide the consumer with a copy of the authorization and make other required disclosures. In addition, if the amount varies from EFT to EFT, further notices are required.
Unfortunately, neither Regulation E nor its accompanying Commentary elaborates on how authorization required for a recurring EFT can be achieved with an audio recorded authorization. In fact, the E-SIGN Act specifically provides that oral communications/recordings do not qualify as electronic records. See 15 U.S.C. § 7001(c)(6).
Thus, if a consumer seeks to arrange recurring payments from a checking account during a telephone call, a collection agency must obtain a signed, written authorization from the consumer for the transactions. Such written authorization could potentially be in the form of a “wet signature” from the consumer on an paper authorization form, an email from the consumer or the consumer could be routed to a payment website or even an IVR.[1]
B. Multiple One-Time EFTs
Despite the requirement that an entity obtain written authorization to set up a series of EFTs, there does not appear to be anything that would preclude a company from contacting the consumer on a monthly basis in order to audio record a separate authorization for each one-time EFT. Please note that all appropriate disclosures must be given for any transaction or communication with a consumer described in this article.
C. Paper Checks By Phone
A collection agency may create a pre-authorized demand draft (PADD), or check by phone, if authorized by the consumer. With a PADD, the consumer authorizes the company to create a physical, paper check with the consumer’s bank account information and deposit that check with the bank. The debt collector must be able to prove that it received authorization from the consumer. It appears that proof of authorization for a PADD may be established via audio recordings of the telephone communication with the consumer.[2]
Any transaction that is originated by a check, draft or other paper instrument (such as a PADD) is excluded from the definition of an EFT and not subject to Regulation E. Thus, recurring payments from a consumer’s checking account could likely be set up by phone and processed as PADDs with an audio recorded verbal authorization from the consumer, provided appropriate disclosures are made.
D. Credit Cards
Credit cards are not governed by Regulation E and do not require written authorization for recurring payments taken by phone. However, an audio recording for a credit card payment accepted by phone is required and appropriate disclosures must be made.
Please note that an error might occur where the consumer indicates that a credit card is being used for the transaction when in fact the consumer provides a debit card number – linked to a checking account – to the debt collector. Recurring payments from a debit card would be governed by Regulation E and subject to the signed, written authorization requirements discussed above. Accordingly, your company should require that telephone representatives specifically ask the consumer, on a recorded line, if the card is a debit or credit card and this request should set be forth in a written procedure.
E. Penalties for Violating the Law
If a company is found to have violated the law regarding electronic payments, it can be liable for actual damages, statutory damages of $100 to $1000, and reasonable attorney fees and costs. A consumer may also bring a class action, which provides for no minimum recovery amount and total recovery the lesser of $500,000 or 1 per centum of the net worth of the defendant. This is in addition to fees and costs. Note that the law also provides for criminal penalties.
F. Conclusion
If your company accepts recurring check by phone payments, great care must be taken to ensure that appropriate consent is obtained – and appropriate disclosures given – depending on the type of transaction contemplated.
[1] Federal laws and rules require a number of specific consumer disclosures for payment transactions and communications that are not discussed in this article for the sake of brevity. Please contact the author if you would like information regarding these required disclosures.
[2] The consumer should also be advised that he/she is on a recorded line for call recording compliance.
Thanks for the article. Do the same “Check by Phone” rules apply for business to business collections?
How about when the collector obtains an authorization for each payment (i.e. going over every date in the payment plan on the recorded line). Isn’t agreeing to each date a separate authorization for each ACH all provided in one call?
Recurring billing is, as I understand it, an amount that will continue until canceled, such as for a subscription service or like product. Payment plans are generally defined by specific payment amounts and have a defined end date.
Thank you Joshua. Yes, the same rules apply for B2B collections or any type of transaction involving recurring payments.
Thank you Ameripay. 12 C.F.R. § 1005.10(b) provides: “Written authorization for preauthorized transfers from consumer’s account. Preauthorized electronic fund transfers from a consumer’s account may be authorized only by a writing signed or similarly authenticated by the consumer. The person that obtains the authorization shall provide a copy to the consumer.” 15 U.S.C. § 7001(c)(6) provides: “An oral communication or a recording of an oral communication shall not qualify as an electronic record for purposes of this subsection except as otherwise provided under applicable law.”
Can you help me locate the name of the class action suit and where it was filed? Also, would an authorization under Reg E be considered a consumer disclosure governed by 7001(c)(6)? Or is the authorization a matter of consent?
Thanks for the clarification John. I just never know whenever I see only the word “consumer” used (and not business, or commerical) whether or not to dismiss it as only relevant to consumer/retail debt collections…. Hey, there’s an idea for another article! :-)
Thank you Joshua. Keep in mind too that there are other restrictions on debits of payments from commercial accounts. We can discuss offline if you like. Thank you.
In my venue they would be viewed the same as post-dated checks. The one cashing the check has the onus on notifying the maker of the check sufficiently in advance.
That adds another level of risk to the collector, this time the damages would be the amount of the check, the FDCPA and state violations, and the potential for TREBLE damages.
Could get expensive.
If you do B-B collections and debtor says hit my card evey 2 weeks.
best is to confirm each time you run the card no matter debit or credit?
Would we still have to send the postdate reminder letter if we have this signed document?
Thank you Bob. Yes, the post dated check notice is required by the FDCPA and must be sent even if there is a signed document complying with Regulation E.
Thank you.
– John
Thanks John!