District Court dismisses EFTA claims over prepaid debit card fraud
On August 11, the U.S. District Court for the District of Maryland dismissed a putative class action alleging violations of the EFTA and state privacy and consumer protection laws brought against a national bank on behalf of consumers who were issued prepaid debit cards providing pandemic unemployment benefits. The named plaintiff—a self-employed individual who did not qualify for state unemployment insurance but who was eligible to receive temporary Pandemic Unemployment Assistance (PUA) benefits—alleged that he lost nearly $15,000 when an unauthorized user fraudulently used a prepaid debit card containing PUA funds that were intended for him. The court dismissed the class claims with respect to the EFTA and Regulation E, finding that the Covid-19 pandemic was a “qualified disaster” under applicable law and regulations (i.e. PUA payments were “qualified disaster relief payments”), and that as such, the payments satisfied the CFPB’s official interpretation of Regulation E and were excluded from the definition of a “prepaid account.” The court further explained that while relevant CFPB regulations define an “account” to include a prepaid account, Regulation E excludes “any ‘account that is directly or indirectly established through a third party and loaded only with qualified disaster relief payments.’” Because the prepaid debit card in question was established through a third party and was loaded only with PUA funds, it did not meet the definition of a “prepaid account” and therefore fell outside the EFTA’s definition of a covered account. The court also disagreed with the plaintiff’s contention that PUA payments were authorized by Congress in the CARES Act due to the public health emergency rather than a disaster.