The Consumer Financial Protection Bureau today issued a bulletin clarifying the obligations of entities obtaining customer authorization for recurring preauthorized electronic funds transfers. To be compliant, all automatic recurring EFTs must be authorized by the customer in writing — in either paper or electronic form, as specified by the E-Sign Act — and the customer must be provided with a copy of the authorization terms that includes the timing and amount of the recurring transfers.
The bulletin — issued after the CFPB observed that “some entities may not fully comply” with Regulation E requirements on EFT authorizations — also stated that authorization can be given over the phone if the customer provides authentication by using a code or PIN entered on the phone’s keypad, or if the oral authorization is recorded and retained by the requesting company and follows the requirements of the E-Sign Act.