Decision #61650-095Q205

File: 61650-095Q205

Compliance issue

Public commitment – Visa “zero liability” policy — Failure to comply with a public commitment of zero liability with respect to a customer who had been a victim of fraud
FCAC Act, subsection 3(2)(c) 
Visa zero liability policy

A bank failed to comply with Visa's “zero liability” policy when it terminated an investigation into credit card fraud without adequate discussion with the consumer involved. FCAC became aware of the issue when a consumer contacted the Agency to report that he had been held liable for a fraudulent transaction, despite having called the bank that had issued the credit card to report his card stolen. The bank had launched an investigation but had closed it after attempting, without success, to contact the customer by telephone. The bank subsequently sent the customer a letter indicating that, in its view, based on available information, the transaction was not fraudulent. The letter informed the customer that the disputed amount would be charged to the customer’s account and that the case was considered closed.

The Visa zero liability policy is a public commitment pursuant to subsection 3(2)(c) of the FCAC Act. This commitment to consumers includes the assurance that the “Visa Zero Liability policy provides you with protection against fraud. Should someone steal your VISA card number, you pay nothing for their fraudulent activity.” The policy further advises consumers that the “Visa Zero Liability policy eliminates consumer liability for fraudulent transactions!” and that “regardless of where you shop, enjoy the comfort of knowing you’re protected from fraud when you use your Visa card.”

Decision taken

The Commissioner upheld the finding of non-compliance issued by the Director of Compliance and Industry Relations.

Compliance considerations

The investigative process used by the bank to implement and support the zero liability commitment was inadequate, considering the importance of the public commitment and the way it is marketed to customers.

After failing to contact the customer by telephone to continue the investigation, and without contacting the customer in writing, the bank sent the customer a letter declaring the investigation closed. The onus was therefore on the customer to appeal the decision, but the consumer was not advised that the decision could be appealed.

Following an investigation of the matter, the Director of Compliance and Industry Relations issued a finding of non-compliance, indicating that the bank had not complied with the Visa zero liability policy.

FCAC considers that the bank was not forthcoming with customers, since it failed to inform them of their right to access the bank’s complaint-handling procedures or to file a complaint with the Agency, which is responsible for monitoring the implementation of any public commitment.

Prior to this incident, FCAC had not received any complaints of this nature about the bank.

Measures taken by financial institution

Following FCAC’s inquiries, the bank improved the standard letter that it sends to customers when an initial investigation does not reveal any indications of fraud. The letter now advises the customer to contact the bank if he or she has any concerns with the bank’s decision.

Page details

Date modified: