There’s at least 11 ways to get scammed on Zelle, the payment app owned by JP Morgan, Bank of America and other large American banks. But Zelle’s chief fraud risk manager, Ben Chance, thinks the app is doing everything it should to prevent them. Beyond that, he says, the responsibility for shutting down scammers lies with you, law-makers, and the law enforcement agencies supposed to protect you.
In a far reaching conversation with Fortune, Chance addressed concerns raised in a Zelle-related investigation reportedly underway by the Consumer Financial Protection Bureau. The probe targets JPMorgan, Bank of America and Wells Fargo—while a JP Morgan filing last week suggested the bank may pre-empt the investigation by suing the CFPB, which is tasked with ensuring banks’ treatment of their users are fair, transparent and legal.
JPMorgan confirmed they are under investigation. Wells Fargo and Bank of America declined to comment. The CFPB declined to comment.
Chance, who joined Zelle last year after a career working at banks including Goldman Sachs, Capital One and Barclays, detailed what Zelle is already doing and why he thinks its sufficient. As part of a broader effort with the U.S. Treasury Department and the Zelle owners, he called for better education of users, sound policy and more funding for law enforcement.
“The real solution,” says Chance, “is to focus on the criminals who are perpetrating these crimes across phone, text message, email, digital marketplaces and social media platforms…and of course, partnering with those platforms, along with financial services and law enforcement in the prosecution and removal of these criminal actors.”
Zelle’s creator, Early Warning Services, was founded in 1990 to help banks protect their clients before they are harmed. The consortium of owners, which also includes Truist, Capital One, PNC Financial Services Group, and U.S. Bancorp, launched Zelle in 2017 to compete with payment apps like Venmo and Cash App.
Scammers have since then supercharged elaborate ploys to trick users into sending them money, largely relying on what’s called “spoofing,” or pretending to be a bank, a boss, or someone else the user trusts. While Zelle and its owners claim to be complying or exceeding legal requirements to make their users whole, not everyone agrees.
On Monday, U.S. Senator Richard Blumenthal (D-CT), Chair of the Permanent Subcommittee on Investigations wrote a letter to the Consumer Financial Protection Bureau calling for an investigation, and claiming that between 2019 and 2023 the total percentage of reimbursed Zelle fraud claims fell from 62% to 38%.
To give an idea of the potential magnitude of the problem, consumers have spent more than $2.3 trillion using Zelle, according to a testimony submitted to Senator Blumenthal by Mark Monaco, the head of Bank of America’s global payment solutions. $370 billion of that came from Bank of America alone. Monaco said that fewer than five in 10,000 Zelle transfers sent by Bank of America customers last year resulted in a customer contacting them to complain about losses
Zelle’s Chance says one possible explanation for the decrease of reimbursements is that fewer legitimate scams are being perpetrated. Last month he published a report saying that while Zelle volume grew by 28% from 2022 to 2023 there was a nearly 50% decrease in reports of fraud and scam payments processed on the network. In part, he attributes that to Zelle’s anti-scam education program featuring actress Christina Ricci, which he says has been viewed by 40 million people, and two in-app warnings before a payment is sent, which he says were sent 700 million times last year.
And yet the problem persists. Regulators have been trying to get a grip on slippery scams since at least 1991, when President George H.W. Bush signed the Telephone Consumer Protection Act into law. But that effort, and subsequent ones in 2003 and 2009, have failed to stop the flood of scammers. A scammer using robocalls banned from telemarketing in 2013 simply ignored the prohibition, and allegedly made another 5 billion calls to Americans from Panama and Hungry.
Other scammers move onto unregulated technology. It wasn’t until last March that the FCC released its first rules targeting text scammers. In March the agency requested funds from Congress to “facilitate the development of solutions that identify the makers of robocalls,” in next year’s budget, and to “coordinate with international partners and the State Department on diplomatic means and mechanisms to combat unlawful robocalls and robotexts from other countries into the United States.”
Until then, JP Morgan, Bank of America, Wells Fargo and Zelle have partnered with the U.S. Department of Treasury and others on the National Task Force for Fraud & Scam Prevention created by the non-profit Aspen Institute. While most of the work, scheduled to start in September, is focused on education, prevention and detection of scams, part of it is focused on recovery of lost funds and prosecution. Bank of America’s Monaco described the group in his testimony as “an initiative to bring together leading stakeholders from government, law enforcement, private industry, and civil society.”
“Scams and fraud don't originate in Zelle, and scams and fraud aren't unique to Zelle,” says Chance. “They cut across all payment networks. Therefore, the solution to fraud and scam prevention has to be one that focuses across all payment networks, not one isolated payment network.”