On Jan. 16, CFPB fined Block fix failures, fraud on payment Cash App.
CFPB issued consent order against Block Inc., operator of peer-to-peer payments app Cash App, to refund consumers up to $120 million and pay a penalty of $55 million.
Block employed weak security protocols for Cash App and put its users at risk.
Follows related State regulators order to pay $80mn for AML violations, see #240618.
Alleged Conduct
Deploy range of tactics to suppress Cash App users from seeking help, reducing cost.
Attempted avoid investigative obligations by tricking consumers with Terms of Service.
For example, many Cash App users link their bank account to app; when a transaction occurs, money pulled from user’s bank account and sent to the transaction recipient.
In Terms of Service, consumers led to believe disputes responsibility of linked bank.
Electronic Fund Transfer Act generally requires peer-to-peer platforms to investigate unauthorized transaction disputes, cannot use fine print to escape requirements.
When it did conduct investigations, Block used intentionally shoddy investigation practices to close reports of unauthorized transactions in the company’s favor.
Deprived users of meaningful and effective customer service, left network vulnerable.
Customer service telephone number did not connect consumers to support; led to pre-recorded message directing consumers to contact customer support through the app.
Only contact Block through app or through US mail; delayed, inadequate responses.
Consumers looking for alternate to Cash App customer service through web searches targeted by fraudsters posing as Cash App reps, tricked into giving up personal info.
Block knew customers targeted by fraudsters, failed to take timely action to address.
Block required to pay up to $120mn in refunds, redress to consumers; pay $55mn.
Also ordered to set up 24-hour, live-person customer service; fully investigate unauthorized transactions and to provide timely refunds, where appropriate.
