New York Attorney General Letitia James has made consumer protection a defining priority of her tenure. Her latest salvo is a lawsuit filed on August 13 against Early Warning Services, a company run by a group of the largest banks in the United States–including Bank of America, JP Morgan Chase Bank, and Wells Fargo–that is the parent company of electronic payments platform Zelle. According to the lawsuit brought by the State of New York, the banks making up Early Warning Services rushed to develop Zelle as an alternative to popular payment platforms like Venmo and Paypal–with potentially devastating consequences.
Pixabay/Public Domain
While the banks specifically marketed Zelle to consumers through a consumer protection angle–arguing that Zelle was “backed by the banks, so you know it’s secure”–the reality apparently couldn’t be further from the truth, as the recent lawsuit highlights. James alleges that the peer-to-peer payments platform was built without vital safety features, enabling scammers to steal over $1 billion from users between 2017 and 2023. Despite ample warnings and reports about the fraud running rampant on the payment platform, Early Warning Services did little to resolve the problem, and participating banks told most defrauded customers that they were unable to get their money back. As a result, James is seeking restitution for these unfortunate customers, declaring that “No one should be left to fend for themselves after falling victim to a scam”.
The Zelle case is only James’s latest move in a broader campaign to hold leading financial institutions accountable for failing to protect consumers. A watershed moment was her January 2024 lawsuit against Citibank, a move that came after years of scandals which had seen customers bilked out of their life savings and sharply dented consumer confidence in the bank.
The Citibank case is still ongoing–this January, a U.S. District Judge rejected Citi’s bid to drop the lawsuit–but the allegations against the bank point to a pervasive culture of institutional neglect that has left countless customers exposed, ignored, and too often blamed for their own victimization.
The bank allegedly failed to implement even basic anti-fraud safeguards in its online and mobile banking systems; according to James’ complaint, this allowed scammers to drain tens of thousands of dollars from consumer accounts, while Citi’s systems either failed to detect it or allowed it to proceed.
In one example, a woman lost $40,000 from her retirement savings after receiving a phishing text that mimicked Citi communications. She clicked the link, unknowingly entered her credentials on a fake site, and was promptly locked out of her account. The scammers, now in control, swiftly changed her password and enabled online wire transfers—a feature she had never used. Citi then approved the transfer and, when she complained, denied her fraud claim.
She wasn’t alone. The Citibank lawsuit describes a pattern: passwords changed, transfers initiated, victims raising the alarm—only to be met with denial. In many cases, Citi allegedly misinformed customers about their rights, directed them to fill out notarized affidavits, and then used those affidavits to deny reimbursement. Time and time again, the bank appears to have prioritized protecting itself over protecting its clients.
Under the Electronic Fund Transfer Act (EFTA), consumers are entitled to reimbursement for unauthorized transfers if they report them promptly. But Citi applied commercial standards meant for businesses, arguing that wire transfers were exempt. If the allegations against Citi are proven in court, they would mark not just a significant legal failing, but a profound moral one. A bank’s most basic duty is to protect its customers’ money, a duty which Citibank, one of the country’s largest financial institutions, appears to have treated as optional.
The allegations laid out in James’ lawsuit against Citibank are just the latest examples of the bank apparently leaving its customers in the lurch. One particularly poignant example is the case of Robert and Laurene Yurkovich, a retired Canadian couple who held millions in founder shares from Calgary-based energy company TOU, where Robert had worked for years. In 2018, they took out a margin loan with Citi, using the TOU shares as collateral to invest in renewable energy projects. But when COVID-19 hit and markets temporarily dipped, Citibank abruptly demanded repayment and liquidated nearly 3 million of the Yurkoviches’ TOU shares behind their back, just before prices rebounded–despite the fact that the loan was at no risk of going unpaid and the Yurkoviches had offered several alternative financing solutions to ensure that the shares remained in their hands. The result: tens of millions in unnecessary losses for the Yurkoviches and a catastrophic breach of trust.
80-year-old Louis Markatos, whose Citi account was drained of $1.5 million by scammers posing as Apple tech support, was another apparent victim of Citibank’s lax approach. Despite obvious signs of suspicious activity, the bank allegedly failed to intervene until it was too late, evidence of a twisted system where the burden of vigilance has been unfairly shifted onto the consumer.
What’s striking is that this pattern doesn’t stop with a single bad apple, like Citibank. The recent lawsuit against Zelle–operated by a consortium that includes America’s largest banks—shows just how deeply embedded the problem has become. According to James’s complaint, the platform facilitated nearly a billion dollars in fraud losses, yet banks repeatedly told victims they had no recourse. In effect, the same culture of denial and downplaying that has left countless Citi customers stranded and out of pocket has been reproduced at scale across the electronic payments system.
By going after Zelle and its parent company in addition to individual banks like Citibank, AG Letitia James is challenging the collective practices of the banks themselves, which designed and promoted a payment system that left ordinary consumers bearing the cost of fraud and malfeasance. Her message is simple but far-reaching: consumer protection cannot be optional, whether the harm comes from a single institution or from an industry-wide platform.
If the courts side with her and impose significant penalties on the financial institutions involved, the consequences will extend far beyond Citi or Zelle. It could trigger a long-overdue shift across an industry where speed, scale, and shareholder returns have far too often come at the cost of basic consumer safety.
