Regulation E: How To Meet Overdraft Opt-in Compliance

According to Reg E, a financial services organization cannot assess an overdraft fee on automated teller machine or one-time point of sale transactions unless the organization:

• Provides written notice describing the overdraft service to customers or electronic notice if customers agree to it
• Provides an opportunity for customers to review and affirmatively consent to the overdraft service
• Obtains evidence of customer consent
• Provides written confirmation of consent to customers or electronic confirmation if customers agree to it

The overdraft opt-in process is relatively straightforward for account openings over the phone, electronically, and through mail.

Websites and mail can provide all written information upfront to customers, who can then submit their choice for consent through an electronic or paper form. Over the telephone, customers can be informed of all the fees and features of opting in – ideally through a documented script. The financial services organization can then document whether customers opted in, when, and how. In all cases, proof of customer consent must be provided in writing or electronically.

However, in-person account openings can be a more complicated process. Face-to-face interactions can result in red flags in the timing of notices, their presentation, and what constitutes affirmative consent.

In one enforcement action, a financial services organization’s employees asked customers to provide oral consent for enrollment before receiving written notice describing the overdraft service. This approach provided customers with no real opportunity to review what they were consenting to, and it lacked an obtainable, direct opt-in choice from each customer.

An ideal in-person overdraft opt-in:

• Displays a clear, stand-alone, and easily recognizable overdraft service description to customers
• Requires a direct and unmistakable action customers must make to accept
• Makes customer approval easily recordable

A more compliant overdraft opt-in could take the form of a financial services organization representative displaying a screen to customers with the full overdraft service description. Customers could then be asked to check a box on the screen confirming or denying their approval, then signing their name below their choice. In this case, customers take a direct action to acknowledge their choice by checking the box. This selection and customers’ signatures are then electronically stored. Customers must then be provided with confirmation of consent.

Other plausible forms of compliant opt-ins exist. They do not necessarily need to take the form of checkboxes or touchscreens as long as they adhere to Reg E criteria. In some cases, Reg E might not be updated to reflect technological advances, and improved compliance might mean sacrificing what formerly felt like a streamlined experience for customers. Ultimately, however, more properly informed customers are worth the time.

The procedures for opening accounts often aren’t determined by the representatives in the room with customers. Additional team members, such as compliance officers, product creators, and even marketers, can hold significant influence over how transactions occur. The fewer people involved who understand Reg E compliance, the higher the risk that noncompliant choices could be made.

Cooperation between departments is crucial for establishing proper opt-in procedures, from how information is presented to customers to how records are kept. A shared understanding of Reg E, including employee training, is the foundation for recognizing risks that need to be mitigated or avoided.

When all lines bring their operational experience, compliance processes, and regulatory knowledge under the same shared mission, financial services organizations can achieve better Reg E compliance with fewer disruptions to customers.