In the world of fintechs, we recently experienced this possible damage from multiple parties not working with each other. Right now, there is still ~$85 million of user deposits unaccounted for (and much more frozen) while both the BaaS provider Synapse and Evolve Bank & Trust are still pointing fingers at each other. Successfully reconciling the two different versions of the “true” ledger may or may not ever happen.
However, it appears that having multiple parties involved can also impact the big players like Fidelity Investments, not just the tiny ones. Per this Reddit post, a CPA and former bank auditor had both their Chase and Fidelity ATM cards stolen and charged debit card purchases totaling $6,000 each. The theft was reported promptly. Chase Bank refunded the $6,000 immediately. But Fidelity is not a bank and has PNC Bank issue their debit cards. In turn, apparently PNC Bank contracts out to BNY Mellon Investment Servicing Trust Company to service the transactions.
Since the theft, Fidelity, PNC Bank, and BNY Mellon have been pointing fingers at each other, and nobody has stepped up to refund the $6,000. As of the most recent comment, this situation is still not resolved after 3 weeks. The official Fidelity rep(s) that actively monitor the r/Fidelity Subreddit have gone quiet as well. Thanks to reader Larry C for bringing this to my attention. I honestly thought this would be resolved quickly, but again I am wrong and disappointed.
This experience also syncs up with a 2015 incident reported by Bogleheads Forum member madbrain. They had 3 credit cards and 2 debit cards stolen, and also reported that every financial institution refunded the fraudulent charges except Fidelity. Again, Fidelity wants you to call BNY Mellon and won’t help you themselves, and BNY Mellon was not responsive. More passing the buck until you hopefully give up.
The one institution that gave me trouble has been Fidelity with the debit card on the cash account. I called Fidelity about it several times at night to inquire about the status, and they kept saying that they had 10 days to complete their investigation, so I just waited. But I checked my balance daily, and the credit did not post.
The 10 days have now passed, and no credit was issued. I received a letter yesterday that they closed my claim because they were unable to reach me by phone !
This is not true, obviously, since I talked to the Fidelity Cash account/debit card department so many times about it. The letter says that I need to call a number at BNY Mellon, which is the bank that Fidelity contracted for the debit card. I did get one voice mail on my home phone, from what I now realize was from a BNY Mellon employee, rather than a Fidelity employee. I had returned that call and left a voice mail, but I never got a followup.
Know your rights! When it comes to fraudulent transactions on your ATM debit card, the speed at which you notify your bank is very important. Federal Reserve Regulation E clearly lays out your potential liability based on your notification timeline. Here is a good explanation.
Access devices include ATM or debit cards, codes, or any devices used to access an account (even your mobile phone!). There are three tiers of liability when one is used:
– First Tier — The customer’s maximum liability is $50 when they notify your bank within two-business days of learning about the theft. The two-day period only begins when the customer becomes aware that their card has been lost or stolen, which could be days after the actual incident.
– Second Tier — The customer’s maximum liability is $500 when they give notification after the two-business day period above, but within 60 calendar days after the first statement showing the unauthorized EFT in question.
– Third Tier — The customer’s maximum liability is $500 plus all unauthorized EFTs after the 60-day period detailed in the second tier. It is important to note that the 60-day period begins when your bank sends out the statement either by mail or electronically, with some exceptions.
The Fidelity customer notified promptly and should be covered by Reg E. Many banks even provide additional customer protection and waive the $50 limit completely (you’ll see “zero fraud liability” advertised). What’s the problem here, Fidelity?! Does Reg E not apply because of this third-party situation?
In my recent international trip, I took advantage of the worldwide ATM rebates from my Fidelity Cash Management Account multiple times. Everything went smoothly. The ATM fees were credited automatically, and there was no foreign transaction fee charged so my exchange rate was basically as good as it gets (the 1% fee only applies to signature purchases right now*).
But still, this event concerns me. In practical terms, the value of this perk was worth maybe $20 in total. I’m sure the customer above would have gladly just paid the $20 in ATM fees to deal solely with Chase as opposed to the Fidelity/BNY Mellon mess. I certainly don’t use ATMs enough to justify the risk of such a headache.
A best practice appears to be to “lock” the ATM card on the Fidelity website until you need to use it, and “unlock” only when needed.
In order to lock your card, you’ll need to log in to Fidelity.com and follow the steps below:
Under “Accounts & Trade,” select “Cash Management”
Choose the “Debit Card” drop-down, then “Manage Debit Card”
Next to the appropriate debit card, click “Lock Card”
In addition, I also purposefully do not set up my Fidelity taxable brokerage account as an automatic backup funding source for my Fidelity CMA. If someone somehow gets access to my CMA, I don’t want them to be able to drain my larger account as well. I transfer over a limited cash balance in my CMA, and that’s it. With a debit card, thieves can only take what’s in the account. Everything else should bounce.
The larger lesson is that whenever you add additional parties, the buck starts to get passed around and things get messy. Even with a usually reputable firm like Fidelity Investments.
* Regarding that foreign transaction fee, I did some additional research and found that while officially, the Fidelity fine print states that there is a 1% foreign transaction fee that “may” apply, in practice, that 1% fee is only charged on signature-based purchases, not PIN-based transactions like ATM withdrawals. This was confirmed in this article by Robert Beauregard, Director of External Communications at Fidelity. This has also been confirmed by multiple anecdotal data points. You can check for yourself on a sample transaction using a calculator like this. Rather confusing!
Unless I’m mistaken, Schwab’s debit card is handled by Schwab Bank, and has 0% foreign transaction fees along with ATM fee reimbursements, making it my preferred choice.
I agree, Schwab has its own bank which makes it better for this situation of ATM usage. You actually get a real “checking account”. It’s harder to optimize for higher interest rates there though (it only pays 0.45% APY), so I don’t know if it’s worth it overall for me.
I also am holding onto Schwab checking, less because of the bank aspect and more due to the 0% foreign transaction fees. In yesterday’s blog post, Jonathan said Fidelity CMA may charge a 1% foreign transaction fee, but now in this post says they only apply to “signature purchases” right now. Can you clarify? Are you talking about the Fidelity Visa Signature card? If Fidelity CMA doesn’t charge foreign transaction fees, that may be enough for me to make the switch.
I have added a short postscript to this post explaining that finer point. Thanks for the reminder to change that other post as well.
I can also confirm that in my most recent international travels, the effective foreign transaction fee was still 0% for ATM cash withdrawals. I took out the ATM fee and checked with this calculator.
https://usa.visa.com/support/consumer/travel-support/exchange-rate-calculator.html
I cannot find where to not allow Brokerage account to be backup for CMA account.
Check the cash manager, it’s used to configures the overdraft protection.
– Under “Accounts & Trade,” select “Cash Management”
– Choose your CMA account on the left, and then “Account Services” on the right.
– You should see an option for “Cash Management Tool”.
If you have not set it up previously, the auto-funding feature should be inactive.
Time for MFA for debit card transactions. I seen this on Reddit. Fidelity should just take care of it regardless.
Excellent use of that meme! It’s hard to believe a standard operating procedure doesn’t already make clear to all three companies how fraudulent transactions should be handled.
I agree. I wonder if the size of the claim is the issue, otherwise it would have been auto-approved at some level.
Fidelity told me when I called that the debit card spend limit is hard coded to not be decreased below 10k. I put in a request to lower it further in the past and it was denied.
Not a good look Fidelity! I’ve been considering switching from Vanguard to Fidelity, as I keep hearing about how Fidelity customer service is better. This certainly gives me some pause, not for the particulars but for the general lack of responsibility shown.
Even if one of the other parties is responsibility, a customer-centric Fidelity would drive the case on behalf of the customer and own the relationship.
how did they get the ATM pin number?
They didn’t need a PIN, they just used it like a credit card and charged something on it as a signature-based purchase.