Many business owners have been surprised to learn that their company assets are not protected against incidents of cyber fraud or other forms of cybercrime. Federal regulations, like Section E of the Electronic Fund Transfer Act, explicitly protect individuals from incidents of fraud. However, business owners are not afforded those same protections and are often left to foot the bill themselves.
Both small and large businesses are at risk of cyber attacks and the amount lost to fraudulent charges has no impact on a bank’s ability to reimburse unauthorized charges. The Uniform Commercial Code only requires banks to offer a “commercially reasonable” security protocol, which seldom alerts business owners of suspicious activity until it is too late to challenge the charges. If the bank follows this lackluster protocol, they can legally refuse to reimburse businesses that fall victim to cybercrime.