Corporate cards: How to dispute fraudulent charges


    Your Business Credit with Elaine Pofeldt

    Elaine Pofeldt is a journalist whose articles on entrepreneurship and careers have appeared in Fortune, Working Mother, Money and many other publications. She is a former senior editor at Fortune Small Business magazine and an entrepreneur herself, as co-founder of Her book, “The Million-Dollar, One-Person Business,” was released in 2018. She writes “Your Business Credit,” a weekly column about small business and credit, for

    Ask Elaine a question, or see if your question has already been answered in the Your Business Credit answer archive.

    Fraudulent charges were put on my corporate card after it was stolen, but my bank won’t cover most of them. What are my options?

    Because corporate credit cards are not covered automatically by the same zero-liability protections that govern consumer credit cards, start by reading the terms and conditions on your card. 

    Depending on the protections offered by your card, you have a few options. These include reaching out to the bank’s ombudsman and asking for help, filing a complaint with the BBB or the CFPB, or working with an identity-theft resolution expert to handle a dispute with your bank. 

    Expert Q&A

    Check out all the answers from our credit card experts. 

    Dear Your Business Credit, 

    I was on a business trip a couple of months ago and had my corporate credit card stolen and soon thereafter fraudulent charges on my corporate account. I noticed the charges the day after they occurred (the same time I noticed my card was missing) and disputed them immediately.

    Unsure if it matters toward the dispute, but I also filed a police report. Today, I finally received a conclusion to the dispute: They will only replace $70 of $2,000 in disputed charges.

    I immediately redisputed the charges and the dispute manager responds: “Consumer credit cards and corporate credit cards are different in respect to the dispute process. Liability of the disputed transactions is first determined upon how the transactions were processed through Visa. Unfortunately, these transactions are non-recoverable for us through Visa due to the fact that the chip card was present and read before the card being closed. After that, liability is then determined by your company’s contract with our bank.”

    After doing research on and other sites, I keep seeing again and again that, business cards or consumer cards, your max liability for fraudulent charges (not billing errors) is $50 if reported within two days. I see nothing about the use the chip being a disqualifier to dispute charges (and why would it be if the chip isn’t able to prevent fraud?) – or a company contract voiding fraudulent claims. Is my research correct? Is the dispute representative correct? Thanks in advance for any help. – Jacob 

    Dear Jacob,

    Grrr! Hearing about situations like yours makes me want to tear out my hair. 

    This is an example of an issue I’ve been noticing more often recently: Some banks are trying to foist the problem of dealing with business-card fraud on to innocent cardholders like yourself, rather than investing in better cybersecurity. 

    See related: Do zero liability rules apply to corporate cards? 

    Corporate card fraudulent charges: Seeking bank’s help

    If you otherwise have had good relations with this bank, you might try reaching out to the bank’s ombudsman and asking for his or her help. 

    It’s possible that with this intervention, you can get this issue fixed quickly. A good bank won’t want to drive out honest small-business owners with policies like this. 

    Who would want to entrust the bank with any of his accounts if this is how theft and fraud are handled? Although the fraud totaled $2,000 in this case, what if it reached $200,000? Many business owners would be at risk of bankruptcy.

    But what if the bank won’t help you?

    Zero liability: Consumer cards versus corporate cards

    I ran your question past two experts to see what you can do to rectify the situation.

    One of the experts is Brian J. Crow, executive vice president of TCA, a Chicago-based company that helps banks monitor their compliance obligations.

    As he explained in an email, the Truth in Lending Act governs the issuance of credit cards to consumers who use their cards for personal and household expenses.

    According to Crow, as implemented by Federal Regulation Z, Section 1026.12(b)(1)(ii) limits consumer liability for unauthorized use of a credit card to $50.00. VISA’s Zero Liability protections further reduce this liability to $0, he said.

    However, he went on to explain, section 1026.12(b)(5) of the regulation enables the card issuer “to modify liability based on the card agreement with the business.” Visa’s Zero Liability Policy notes that it may “exclude certain commercial card transactions,” Crow noted.

    Visa, in fact, states that its Zero Liability Policy “does not apply to Visa corporate or Visa purchasing card.”

    When zero-liability protections don’t apply to your card

    Crow’s recommendation is that you carefully review the card agreement to see if Zero Liability protections are included.

    “If they are and the card issuer did not provide them, then the reader could have a claim for breach of contract citing that the bank did not abide by the terms of the contract,” he explained. “If the card agreement states that the business is liable for all unauthorized transactions, then the business owner is likely not able to recover any more funds and would be advised to look for a business credit card that provides more favorable terms to its customers.”

    As Crow noted, “Most of our banking laws are written to protect consumers and there appears to be a higher standard expected of businesses to protect themselves from losses associated with fraud.”

    When you need to take action for loss of fraud protection

    What if you conclude there was a breach of contract and want to take action? 

    You can try bringing the bank to small claims court, file a claim through the Better Business Bureau or file a complaint through the Consumer Financial Protection Bureau (CFPB), Crow wrote.

    “The CFPB may not get directly involved, but depending on the size of the bank, they will refer the complaint to the bank’s primary regulator,” Crow notes.

    Tip: If you’re considering applying for a business credit card, make sure to understand the main differences between these credit products and a consumer credit card. Business card issuers can, for example, instantly raise rates. Read “10 ways business credit cards are different” to learn more.

    Seek help from ID theft resolution organizations

    I also reached out to Brett Montgomery, manager of resolution services at CyberScout, a Scottsdale, Arizona-based provider of solutions that protect consumers, businesses and institutions against hackers, thieves and human error. 

    He explained that under 15 U.S. Code § 1645, you should not be liable because you reported the stolen card the day you discovered it was missing. 

    He recommended working with a professional organization that offers services like identity theft resolution and breach response to handle the dispute. Other options include contacting the Attorney General’s office or the Department of Consumer Affairs.

    In the event you are an employee of the business rather than the owner, your employer can’t hold you responsible for the unauthorized charges, according to Montgomery.

    See related: 5 business expense card options for employers

    “It may be that the business has to take the unauthorized charges as a loss,” he wrote.

    That would not sit well with many employers who issue business cards, but if that’s the case, perhaps your next project could be helping your employer find a card that does a better job of protecting the businesses it serves. 

    There are some excellent, customer-friendly cards out there, but in today’s climate, you’ll have to read the fine print.


    Please enter your comment!
    Please enter your name here