Code of Colorado Regulations
700 - Department of Regulatory Agencies
701 - Division of Banking
3 CCR 701-5 - ELECTRONIC FUNDS ACT

A. "Account Holder" is defined in Section 11-101-401(1), C.R.S., to mean a person having an established demand, savings or loan account at a Colorado bank.

B. "Bank of Account" means the bank in which an account holder has established a demand, savings or loan account.

C. "Banking Transactions" are defined in Section 11-101-401(9), to mean cash withdrawals, deposits, account transfers, payments from bank accounts, disbursements under a preauthorized credit agreement, and loan payments initiated by an account holder at a communications facility VV and accessing his account at a Colorado bank.

D. "Card" shall refer to the card, plate or other device issued to an account holder for use to engage in one or more banking transactions at a communications facility.

E. "Cardholder Agreement" shall refer to the written agreement between the card Issuer and the account holder specifying the terms of use of the card and repayment of obligations arising therefrom.

F. "Card Issuer" shall, with respect to any card, refer to the Colorado bank which issued the card to the account holder.

G. "Communications Facility" is defined to mean an attended or unattended electronic information processing device, other than an ordinary telephone instrument, located in this state separate and apart from a Colorado bank or detached facility and through which account holders and Colorado banks may engage in banking transactions by means of either the instant transmission (on-line) of electronic impulses to and from the Colorado bank or its data processing agent or the recording of electronic impulses or other indicia of a banking transaction for delayed transmission (off-line) to a Colorado bank or its data processing agent. Such a device located on the premises of a Colorado bank or its detached facility shall be a communications facility if such device is utilized by the account holders of other Colorado banks.

H. "Person" is defined in Section. 2-4-401(8), C.R.S., to mean an individual, corporation, government or governmental subdivision or agency, business trust, estate, trust, partnership, or association, or any other legal entity. "Person" includes another bank.

I. "Unauthorized Use" means the use of a card by a person other than the account holder.

A. An account holder whose card is lost or stolen shall be liable for unauthorized use of the card at a communications facility only if:

B. Card issuers must, at or prior to the time of issuing any new card or reissuing an existing card, notify their account holders:

C. Cardholder agreements may not specifically state or imply that the account holder may be liable for unauthorized use of the card at a communications facility, unless the limitations on such liability as prescribed by statute are fully set forth.

D. If the account holder allows another to use the card or to have access to the account holder's security code and that person then or subsequently uses the card in an unauthorized manner, such use shall be deemed to be an authorized use of the card. Such authorized use may be revoked by written notice to the card Issuer, which notice shall be effective as to transactions conducted after midnight on the next banking day following the banking day on which the card Issuer receives the written notice. This Paragraph shall not be deemed an all inclusive listing of what constitutes an authorized use.

E. For the purposes of Paragraph (A) of this Rule, an account holder notifies a card Issuer by taking such steps as may be reasonably required in the ordinary course of business to provide the card issuer with the pertinent information with respect to loss, theft, or possible unauthorized use of any card, whether or not any particular officer, employee, or agent of the card Issuer does, in fact, receive such notice or information. At the option of the account holder, notice may be given to the card issuer of its designee in person or by telephone, or by letter, telegram, radiogram, cablegram, or other written communication which sets forth the pertinent information. Notice by mail, telegram, radiogram, cablegram, or other written communication shall be considered given at the time of receipt or, whether or not received, at the expiration of the time ordinarily required for transmission, whichever is earlier.

F. If ten (10) or more cards are issued by one card issuer for use by the employees of a single business or other organization, nothing in this Rule or Section 11-105-208(2), C.R.S., prohibits the card issuer from agreeing by contract with such business or other organizations as to liability for unauthorized use of any such cards without regard to the provisions of this Rule or Section 11-105-208(2), C.R.S., but in no case may any business or other organization or card issuer impose liability on any employee of such business or other organization with respect to unauthorized use of such card except in accordance with and subject to the other liability limitations of this Rule or Section 11-105-208(2), C.R.S.

A. The bank of account shall be liable for erroneous, unauthorized or fraudulent use of the EFT account unless the bank of account can demonstrate its own use of reasonable care and that the account holder's negligence or fraud substantially contributed to the erroneous, unauthorized, or fraudulent act. Account holder negligence exists if the bank of account can demonstrate, for example, that:

B. The bank of account shall be liable for any direct monetary loss, but not for consequential losses, occurring as a result of any tampering, malfunction or manipulation of a communications facility unless the account holder authorizes or performs such acts.