FOS has identified a definite systemic issue in a FSP which had a practice of sending customers correspondence advising that unauthorised transactions under the ePayments Code could not be disputed because they were out of time.

The ePayments Code regulates consumer electronic payment transactions, including ATM, EFTPOS and credit card transactions, online payments, internet and mobile banking, and BPAY.

Chapter C sets out the rules for determining who pays for unauthorised transactions. An unauthorised transaction is a transaction that is not authorised by a facility holder.

Whilst a facility holder should not unreasonably delay in reporting the loss or theft of a card or device there are no time limits in respect of reporting an unauthorised transactions. A mistaken transaction must be reported within 10 days of it occurring.

FOS was concerned about the FSP’s process in considering its obligations under the ePayments Code as a result of a number of disputes received at FOS. The disputes indicated that the FSP did not appropriately consider its obligations under the Code when a customer disputed an unauthorised transaction.

FOS sought information from the FSP about its processes and procedures and requested its comments on how it ensures compliance with the Code.

In response, the FSP advised that as a result of a review undertaken in response to the possible systemic issue investigation, it intended to lodge a significant breach report to ASIC. This was as a result of its practice of sending customers correspondence advising that an unauthorised transaction could not be disputed because it was out of time.