Jeff Gelles: Looted account leaves Wells Fargo, customer at odds

Barbara McMullen says she is a victim of fraud after about $4,500 disappeared from her checking account at Wells Fargo Bank.
Barbara McMullen says she is a victim of fraud after about $4,500 disappeared from her checking account at Wells Fargo Bank. (JEFF GELLES / Staff)
Posted: November 20, 2011

Barbara McMullen works two jobs and studies business at Rider University. She's not yet sure what she wants to do with her M.B.A. - in this economy, who knows what might be available? But there's one sector that's doing a good job of scaring her off: banking.

McMullen, 23, says she's a victim of fraud: In September and early October, someone looted about $4,500 from her checking account at Wells Fargo Bank. And now, she says, Wells Fargo appears to be blaming the victim.

The Philadelphia resident has complained to the bank - all the way up to chief executive officer John Stumpf - and to federal regulators.

So far, the only response she has gotten is that Wells Fargo plans to hold her responsible, despite federal law that in most circumstances limits a consumer's liability for fraud losses from electronic transactions to $500.

Losing her money is taking a toll on McMullen, who works 30 to 35 hours a week at a fitness center and for a company that provides health services to businesses.

"Money is still coming in, but I don't have any kind of buffer," McMullen says. "It's not enough for a lawyer, but it's enough to ruin the start of my life on my own."

She says the issue goes beyond the money. In her letter to Stumpf, she said the bank had "impugned my reputation and integrity" by seeming to blame her for fraudulent withdrawals.

McMullen makes much the same point in conversation: "I wouldn't be complaining at this level, I wouldn't be going out of my way like this if I thought this was in any way my fault."

I can't give you Wells Fargo's side of the story because it refuses to discuss the case for privacy reasons. But spokeswoman Barbara Nate described its policies and procedures for addressing reports of ATM fraud.

If McMullen's account is correct, the bank apparently violated its procedures at least once in dealing with her. But here's an important point that goes beyond the particulars of this case: Consumer advocates say banks often try to hold customers responsible for electronic-transaction losses when the law plainly says they aren't.

And McMullen's story may be a perfect example.

Two waves of theft

McMullen says the losses began in mid-September, with a string of unauthorized withdrawals. All were at non-Wells Fargo ATMs, a red flag to McMullen, who avoids them to spare herself the extra fees.

She reported the losses to the bank and police as soon as she noticed them, she says, and Wells Fargo gave her a provisional credit for about $1,400. It also canceled her card and issued a new one, though with the same account number and PIN.

Changing a customer's PIN "is kind of common sense if you think your card has been compromised," Nate told me. "We strongly advise the customer to change the PIN, every time."

McMullen says the subject didn't even come up when she visited her neighborhood bank to report the fraud. "I went there twice, and nobody said anything about changing my PIN number," she says. "I would remember, because I would have done it immediately right there."

McMullen says she's never told anyone her PIN - not even her parents. Nevertheless, it was a costly lapse. Within days of getting her new card, she discovered more fraudulent withdrawals.

In essence, the $1,400 was looted twice from her account, and then some. By Oct. 11, when she decided to close the account and switch to a new bank, she'd lost more than $4,500 - including the $1,400 that Wells Fargo had initially reimbursed and then told her she'd have to repay.

A red herring?

Here's where the story gets a bit murky. McMullen says bank officials told her she was responsible without providing evidence why. And Nate, without discussing McMullen's case directly, made it clear Wells Fargo believed it had a basis for doing so.

Nate first told me that if bank investigators see no sign of systemic fraud, such as ATM "skimming" to create cloned cards, they look for evidence that a customer was somehow "careless about the card" or PIN code. "In that case, it's not considered fraud, because the customer is considered responsible for keeping the card secure and the PIN secret," Nate said.

The problem is, that policy would be at odds with the law and the Federal Reserve's rules, according to Philadelphia consumer lawyer Michael D. Donovan and Georgia State University law professor Mark E. Budnitz, an expert on the Electronic Funds Transfer Act.

"Whether she lost control of the card or her number doesn't matter under this law," says Budnitz.

As long as a consumer is prompt about reporting loss or theft of a card, or evidence of unauthorized transactions found on a bank statement, the law and rules limit liability to, at most, $500, Donovan says.

As an example, the Fed's guidelines state that a consumer can't be held liable for negligence even if he or she "wrote a PIN on an ATM card."

"How careful she was has nothing to do with her liability," Donovan says.

When I told Nate about the Fed's guidelines Friday, she double-checked and acknowledged she had misunderstood.

"We will deny a claim if we don't believe it's a fraud. Period. End of story," she said.

It may not be for McMullen, who still has the option of taking Wells Fargo to small-claims court. At least there, Budnitz says, the bank should have to prove its case.

Contact columnist Jeff Gelles at 215-854-2776 or

comments powered by Disqus