E. Unauthorised transactions

E. Unauthorised transactions 

Unauthorised transactions are the card spending or cash advances made with the credit card without the cardholder’s knowledge or authorisation. Unauthorised transactions may occur if the credit card is lost, stolen or used without the cardholder’s authorisation.

 

Banks have to treat cardholders fairly when handling unauthorised transactions. The credit card agreement will have to set out clearly the obligations and liabilities of the bank and the cardholder respectively for the unauthorised transactions.   

 

1. Cardholder

A cardholder should keep its credit card and security details (e.g. personal identification number, authentication factors and other personal credentials) secret to prevent fraud (section 35.2 of the Code of Banking Practice).

 

If a card or any security details are lost, stolen or compromised, the cardholder should notify the bank as soon as reasonably practicable (section 38.1 of the Code of Banking Practice).

 

A cardholder should review each credit card statement carefully and report any unauthorised transaction to the bank within 60 days from the statement date (section 37.1 of the Code of Banking Practice).

 

If the cardholder fails to do the above, it may be liable for all losses resulting from the unauthorised transactions (section 39.4 of the Code of Banking Practice).

 

2. Bank

After being notified by a cardholder that its card or security details are lost, stolen or compromised, a bank is expected to take appropriate steps such as disabling the credit card to mitigate the risk of unauthorised transactions. (section 38.5 of the Code of Banking Practice).

 

As long as a cardholder has not acted fraudulently or with gross negligence, and has notified the bank as soon as reasonably practicable after knowing that its card or security details are lost, stolen or compromised, the bank should limit the cardholder’s maximum liability for the unauthorised transactions to HK$500. This limit does not apply to cash advances (section 39.3 of the Code of Banking Practice).

 

The bank has to bear the full loss resulting from unauthorised transactions (section 39.1 of the Code of Banking Practice):

  • If the card is misused where the cardholder has not received the card;
  • Made with the card after the bank has been notified by the cardholder that its card or security details are lost, stolen or compromised; or
  • Where the transactions are made through the use of counterfeit cards.

 

3. Handling and investigation of unauthorised transactions

A bank should, in the absence of circumstances which are beyond its control, complete an investigation within 90 days after receiving notice of an unauthorised transaction (section 37.2 of the Code of Banking Practice).

 

Where a cardholder reports an unauthorised transaction before the payment due date, the cardholder has the right to withhold payment of the disputed amount during the investigation period. The bank should not impose any interest or finance charges on such disputed amount while it is under investigation and should not make any adverse credit report against the cardholder. However, if the cardholder’s report is subsequently proved to be unfounded, the bank may re-impose the interest or finance charges on the disputed amount over the whole period, including the investigation period (section 37.3 of the Code of Banking Practice).

 

Choosing a subtopic

Friendly Links

image 3

Image 5

Image 4

Sentencing Predictor

Important

The information available at the Community Legal Information Centre (CLIC) is for preliminary reference only and should NOT be considered as legal advice. You should consult your own lawyer if you want to obtain further information or legal assistance concerning any specific legal matter.

Copyright © 2004 - 2024 Community Legal Information Centre (CLIC), The University of Hong Kong. All Rights Reserved.

Web Design By Visible One