My (general) contacts with Treasury Direct re loss & liability

Discuss all general (i.e. non-personal) investing questions and issues, investing news, and theory.
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

I’m posting this in order to share information which may be of interest to other forum participants who buy securities, in particular I Bonds (U.S. Savings Bonds, Series I) through Treasury Direct. And the story is rather long because it involved multiple rounds of communication with Treasury.

I would appreciate it if any posted replies did not speculate on the actual likelihood of theft at Treasury Direct; or whether I myself “worry too much” about losing money there; or whether I Bonds themselves are a worthwhile investment. That’s not the point of my post. I do buy securities through Treasury Direct. But it also somewhat creeps me out, because it seems uncomfortably “virtual,” i.e., it’s the only financial entity I’ve ever dealt with that never self–initiates any communication with me, for the record, about activity in the account, or even about the existence of my holdings.

I began this correspondence, which would eventually spread over many months, by sending an e-mail to Treasury Direct itself. I quoted a statement previously made on this forum by Mel Lindauer, a Bogleheads book author, forum moderator, and probably the forum’s main popularizer of, and educator about, I Bonds:
Mel Lindauer wrote:with paper Savings Bonds, if they're lost [or] stolen . . . Treasury will make you whole, but if someone cleans out your TD account, you're simply out of luck and have no recourse.
And I asked Treasury Direct: “Is this true?” I said I was referring specifically to a situation in which a loss occurred in a customer account due to some breach or hacking or other shortcoming in Treasury Direct’s own systems but which the customer did absolutely nothing to permit or enable through any compromise of his/her log-in credentials, i.e., there was no way in which the customer could be viewed as at-fault in the loss. I also noted that, because Treasury Direct itself does not issue any direct account communications to the customer (no purchase or redemption confirmations, no periodic statements, no year–end tax forms)(i.e., the burden is on the customer to print all of these from the website), a Treasury Direct customer wouldn’t even have a way, other than compulsive online account-checking, of knowing, in real time, when any strange activity on the account was even occurring.

I received a form reply stating that the customer was responsible for the use made of his log-in credentials and for safeguarding them.

I e-mailed again and said this was not responsive to the question asked; that I had never doubted the customer’s obligation to do everything possible to protect his credentials; that I'd already made clear that I was asking about a situation in which the customer bore no fault or responsibility; and that I was asking about Treasury Direct’s liability for losses caused, or not prevented, by Treasury Direct itself. I repeated the Lindauer quote above and again asked “Is this true?” I then rephrased it in the opposite way and asked if there were any circumstances under which Treasury Direct would make a customer whole for losses which were in no way the customer’s fault––and, if so, what were those circumstances?

I received another form e-mail assuring me that customer security was of the utmost importance to Treasury, and that the institution regularly looked for ways to make its site even more secure.

Well, that wasn’t responsive to the specific question, either.

I decided to “go to the top.” I sent a postal letter to the Secretary of the Treasury. I noted the previous e-mail correspondence, then repeated the Lindauer quote and my own would-Treasury-ever-make-a-customer-whole follow-up question, and I emphasized that These are yes-or-no questions. Please answer “yes” or “no.”

Months passed, during which, following a change of administrations, I also sent that letter to more than one Treasury Secretary.

Finally I received a form postal letter from Treasury Securities Services in Minneapolis. It said: “The Government Loss in Shipment Act (GLSA) covers the loss/theft of United States Savings Bonds, whether in paper form or electronic form. If a Treasury Direct owner has his/her savings bonds stolen out of his/her account (and the claim is examined, validated, and approved for relief) the Treasury Department will compensate him/her for the loss. Please let us know if we can be of further service.”

I'd never heard of that law. As its name suggests, its language pertains to securities and other valuables lost or stolen while being shipped.

http://uscode.house.gov/view.xhtml?path ... ion=prelim

https://www.treasurydirect.gov/faq_glsf.htm

So, while Treasury Direct assures users that this law applies, which is good to know, it still seems a bizarre outcome, since statement-less electronic Savings Bonds are the very opposite of physical items being "shipped." And while it’s only reasonable to expect a government agency, or any business, to pay only those loss claims which are legitimate, the requirement that a claim concerning almost–virtual electronic Savings Bonds must be “examined, validated, and approved for relief,” by the Treasury, seems to provide a very large amount of wiggle room.

So, there you have it. Knowing that Treasury Direct procedures and security issues have been the subjects of other threads on this forum, I just offer the results of my own correspondence for anyone else interested.
lazyday
Posts: 3849
Joined: Wed Mar 14, 2007 10:27 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by lazyday »

Thanks for sharing this.
When valuables that have been shipped in accordance with regulations are lost, destroyed, or damaged a claim in writing for replacement shall be made on the Secretary of the Treasury.
(2) Shipment.—The term "shipment"—
(A) means the transportation, or the effecting of transportation, of valuables, without limitation as to the means or facilities used or by which the transportation is effected or the person to whom it is made; and
(B) includes shipments made to any executive department, independent establishment, agency, wholly owned or mixed-ownership Government corporation, officer, or employee of the Federal Government, or any person acting on behalf of, or at the direction of, the executive department, independent establishment, agency, wholly or partly owned Government corporation, officer, or employee.
hmmm

So if someone fraudulently clears the account, does that effect transportation of your valuables in accordance with regulations?

Mel, did you have a source on this issue? I couldn't find any with a quick google.
Grt2bOutdoors
Posts: 25625
Joined: Thu Apr 05, 2007 8:20 pm
Location: New York

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Grt2bOutdoors »

As of June 30, 2017 there is approximately $520,826,995 in various series of Savings Bonds outstanding. Of those outstanding, $384,367,775 were of the EE series and $106,859,564 were of the I series, the remaining amounts outstanding are of various series. I would find it hard to believe that the US Treasury would not make a legal, valid account holder of securities "whole" if things were found to be in proper order and theft/fraud was through no fault of their own. Not doing so, would subject the US Treasury to difficulty in raising funds through public debt issuances that are by and large made via book-entry system. The Treasury Direct portal is one such "book-entry" system.
"One should invest based on their need, ability and willingness to take risk - Larry Swedroe" Asking Portfolio Questions
User avatar
flamesabers
Posts: 1848
Joined: Fri Mar 03, 2017 11:05 am
Location: Rochester, MN

Re: My (general) contacts with Treasury Direct re loss & liability

Post by flamesabers »

Could you not use FS Form 1048 to claim the loss of electronic savings bonds? The title of the form is Claim for Lost, Stolen, or Destroyed United States Savings Bonds. Granted, the form was intended for paper savings bonds, but I don't see anywhere on the form that precludes using the form to reclaim the loss of electronic savings bonds.
User avatar
Nate79
Posts: 9373
Joined: Thu Aug 11, 2016 6:24 pm
Location: Delaware

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Nate79 »

Perhaps transportation includes electric form as well?
Osp62
Posts: 122
Joined: Sat Oct 04, 2014 9:25 am

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Osp62 »

Brardsworth, Until fall 2016, I used to have almost one third my assets at Treasury Direct and started getting concerned about their willingness to make you whole in the event of some online hacking or fraud. I read the account agreement, then talked to several customer support representatives and then was also connected to a lawyer. They all essentially said that the account agreement clearly states that TD is not responsible for any online hacking or fraud. Had three or four discussions with these people and the more I talked to them, esp. the lawyer, the more uncomfortable I got. Around that time there were also media stories about hacking of private companies and I realized that the online hacking risk was too high for an entity like TD when much more sophisticated private companies were getting hacked. Given there complete refusal to even discuss the possibility of TD compensating a customer in the event of any type of online fraud, I did not see why I should keep any assets with them.

I decided to transfer all my Treasuries to another entity and now I definitely feel much more comfortable not having any assets with TD.
Dead Man Walking
Posts: 1212
Joined: Wed Nov 07, 2007 5:51 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Dead Man Walking »

I read the terms of a Treasury Direct account when the Treasury stopped issuing paper bonds. I decided that a TD account was too risky for me. Mel's comments reinforced my decision. My younger friends and relatives think that I am paranoid.

DMW
lazyday
Posts: 3849
Joined: Wed Mar 14, 2007 10:27 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by lazyday »

Osp62 wrote: Sat Aug 12, 2017 9:40 pmI read the account agreement, then talked to several customer support representatives and then was also connected to a lawyer. They all essentially said that the account agreement clearly states that TD is not responsible for any online hacking or fraud.
https://www.treasurydirect.gov/terms.htm

My bold:
5. YOUR ACCOUNT

If you use this site, you are responsible for maintaining the confidentiality of your account, password and for restricting access to your computer. You also agree to assume responsibility for all activities that occur under any account or password that you maintain for electronic commerce with Treasury or Fiscal Service. TreasuryDirect.gov, fiscal.treasury.gov and all other websites operated by Fiscal Service do not sell products to minors. If you are under 18, you may use TreasuryDirect.gov only with involvement of a parent or guardian. TreasuryDirect.gov, fiscal.treasury.gov, and all other websites operated by Fiscal Service reserve the right to refuse service, terminate accounts, remove or edit content, or cancel purchases in their sole discretion.
Also see "3. DISCLAIMER OF LIABILITY AND WARRANTIES". I'm not a lawyer, can't say if it means that the site doesn't have to protect against hackers.
lazyday
Posts: 3849
Joined: Wed Mar 14, 2007 10:27 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by lazyday »

For PAPER savings bonds:

https://www.treasurydirect.gov/indiv/re ... q.htm#lost
We can replace your savings bonds if we can establish that a person entitled to cash the bonds hasn't done so.
There may be a better source, found that one quickly.
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

The language quoted by lazyday, two posts above, concerning the Treasury Direct customer's responsibility for the use of his/her log-in credentials, is plain in the site's terms of use. That's why, as noted in my original post which started this thread, my inquiries to Treasury specified a loss situation in which the customer bore no fault for compromising access to the account but a loss was nevertheless suffered by the customer as a result of hacking or other failure or shortcoming in Treasury's own systems which allowed, or at least failed to prevent, a loss.

As I've pondered the answer Treasury finally sent me, i.e., that an obscure law about the "shipping" of federal securities and valuables applies to electronic I Bonds which haven't actually been "shipped" anywhere at all, the following questions continue to bother me:

•Why aren't the existence of that law, and that recourse for losses, ever mentioned in Treasury Direct's online terms of use?

•Why did I have to "pull teeth," corresponding with Treasury four times, before that law was ever mentioned? The applicability of that law could, after all, have been revealed in the very first e-mail reply I got from Treasury, so let's say, charitably, that Treasury was not exactly eager to be forthcoming about it.

•Assuming that there are customers who have suffered losses from their Treasury Direct accounts (and this may or may not be the case), has this law ever been used successfully by a customer who suffered a Treasury Direct account loss which was in no way his/her fault but who nevertheless managed to find out about the law through no help from Treasury Direct? Since this law puts the burden on the customer to file a loss claim, and then gives Treasury the authority to determine whether a claim against Treasury itself is valid, has it ever done so? Of course, I have no answer.

In both psychological and financial terms, I'm still where I was in the opening paragraph of the thread, and also where I was before I ever wrote to Treasury: Other than the small exception for getting up to $5,000 of federal tax refund in the form of paper I Bonds, an electronic account is currently the only way to buy them. My wife and I both have Treasury Direct accounts, but it creeps us out, and we have an ongoing debate over whether we should get out, precisely because of such loss liability concerns and the obligation placed on the customer to create a paper trail (for the benefit of heirs or an executor, for example) documenting that the bond holdings even exist.

One thing is clear to me: The publicly stated reason for Treasury's switch from paper to electronic was to save tax money spent on printing, storing, and mailing paper bonds. And I'm sure it did so. But, to whatever extent Treasury does not make the customer whole for account losses of electronic bonds in the same way as for loss or theft of paper bonds, then a second effect of the paper-to-electronic switch was also to offload that degree of liability from the issuer to the buyer. And it seems quite bizarre that paper bonds, which are in the physical possession of the buyer, will be replaced by Treasury if lost or stolen, while electronic bonds, which are actually in the custody of Treasury itself, may or may not.

* * *
Edited to correct proofreading error.
Last edited by beardsworth on Thu Sep 28, 2017 1:31 am, edited 1 time in total.
User avatar
FIREchief
Posts: 6916
Joined: Fri Aug 19, 2016 6:40 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by FIREchief »

OP - thanks for starting this thread. I'm shocked by what I've read so far. Fortunately, I no longer hold any EE or I bonds, and my individual treasuries are held at my brokerage. Scary stuff.
I am not a lawyer, accountant or financial advisor. Any advice or suggestions that I may provide shall be considered for entertainment purposes only.
Avo
Posts: 1099
Joined: Wed Jun 11, 2008 2:21 am
Location: California

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Avo »

beardsworth wrote: Thu Aug 10, 2017 8:47 amTreasury Direct itself does not issue any direct account communications to the customer (no purchase or redemption confirmations, no periodic statements, no year–end tax forms)
I receive an email from them whenever one of my EE bonds matures.
friar1610
Posts: 2331
Joined: Sat Nov 29, 2008 8:52 pm
Location: MA South Shore

Re: My (general) contacts with Treasury Direct re loss & liability

Post by friar1610 »

Beardsworth,

Thank you for starting this thread. This week I plan to go through the thread in more detail, copy TD's rules, etc. and put together a letter to one of my senators asking why TD is able to exempt itself from any responsibility for our money if their site gets hacked. She is supposed to be a big-time consumer advocate and champion of financial reform so it will be interesting to see what she has to say. I don't really expect anything to come of it but it will make me, with a big chunk of electronic I-Bonds, feel better.
Friar1610 | 50-ish/50-ish - a satisficer, not a maximizer
lazyday
Posts: 3849
Joined: Wed Mar 14, 2007 10:27 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by lazyday »

beardsworth wrote: Sun Aug 13, 2017 7:30 am My wife and I both have Treasury Direct accounts, but it creeps us out, and we have an ongoing debate over whether we should get out, precisely because of such loss liability concerns and the obligation placed on the customer to create a paper trail (for the benefit of heirs or an executor, for example) documenting that the bond holdings even exist.
The problem for heirs is another issue with TD, though I suppose it can be reduced with an In Case of Death folder that they know about. If you pay taxes on TD holdings, it would also appear in your returns. Of course, as you say, they will not get any statements by snail mail, including tax statements.

On your concern for loss: I view this as one of many risks in investing. It would be convenient to convert my paper savings bonds to electronic, but I don't because of this risk. Others might find the risk so insignificant that it's worth converting to make things simpler. I do purchase the max amount of I bonds each year, in spite of this risk.

If you log in to TD and try to link a new bank account, I think you'll find it a bit of a challenge. If either someone you know or an unknown hacker tries to steal your bonds, they will probably have difficulty getting the cash, unless they also have access to your linked bank. So I view the risk as quite small.

EDIT: Adding a new bank no longer requires a snail mail form with medallion guarantee. Just tried this and was only required to answer a security question. Also was sent an email warning that a change was made.
Last edited by lazyday on Mon Nov 06, 2017 3:20 pm, edited 1 time in total.
sophie1
Posts: 142
Joined: Thu Apr 18, 2013 1:58 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by sophie1 »

Taking beardsworth's advice to revive this thread rather than to derail a thread about the I Bond fixed rate...

I've assumed that the best protection you have with Treasury Direct is that a link to a bank account can only be made by submitting a form with a medallion signature guarantee. How easy is it to fake one of those, and will Treasury Direct reliably check each stamp? I do know that a notary signature is laughably easy to fake. A member of my mother's church provided notary services for around 40 years before it was discovered that after her original notary license expired sometime in the 1960s, she bought new stamps at Staples and carried on. She didn't know she had to renew it, and it took that long before anyone checked.

A medallion signature requires that the bank or brokerage providing it have a relationship with the person requesting it, although it would of course be easy to open an account online and then come in the next day with a driver's license to get the stamp. Not something you can easily do from, say, Romania. Also I assume TD would alert you by email to any change in the account (hopefully not by some method that ends up in a spam folder).
fipt2030
Posts: 69
Joined: Tue Oct 03, 2017 8:09 am

Re: My (general) contacts with Treasury Direct re loss & liability

Post by fipt2030 »

lazyday wrote: Mon Aug 14, 2017 3:11 am
beardsworth wrote: Sun Aug 13, 2017 7:30 am My wife and I both have Treasury Direct accounts, but it creeps us out, and we have an ongoing debate over whether we should get out, precisely because of such loss liability concerns and the obligation placed on the customer to create a paper trail (for the benefit of heirs or an executor, for example) documenting that the bond holdings even exist.
The problem for heirs is another issue with TD, though I suppose it can be reduced with an In Case of Death folder that they know about. If you pay taxes on TD holdings, it would also appear in your returns. Of course, as you say, they will not get any statements by snail mail, including tax statements.

On your concern for loss: I view this as one of many risks in investing. It would be convenient to convert my paper savings bonds to electronic, but I don't because of this risk. Others might find the risk so insignificant that it's worth converting to make things simpler. I do purchase the max amount of I bonds each year, in spite of this risk.

If you log in to TD and try to link a new bank account, I think you'll find it a bit of a challenge. If either someone you know or an unknown hacker tries to steal your bonds, they will probably have difficulty getting the cash, unless they also have access to your linked bank. So I view the risk as quite small.
Thank you for that reasoning, I am about to start my hopefully 50 year relationship with TD ( EE and I bond )
the above concerns on this thread gave me pause
User avatar
Phineas J. Whoopee
Posts: 9675
Joined: Sun Dec 18, 2011 5:18 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Phineas J. Whoopee »

sophie1 wrote: Fri Nov 03, 2017 7:12 am ...
I've assumed that the best protection you have with Treasury Direct is that a link to a bank account can only be made by submitting a form with a medallion signature guarantee. ...
I'm afraid that's no longer the case. Today you can simply add a bank account, with identical registration of course, online.
PJW
Call_Me_Op
Posts: 9881
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Call_Me_Op »

This is a very relevant and timely thread for me, as I only recently became aware of TD's stated policy. Needless to say, I am very concerned, and I am considering transferring my assets out of there. It is a shame, because I really like IBonds.
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein
User avatar
samsoes
Posts: 2802
Joined: Tue Mar 05, 2013 8:12 am
Location: Northeast Rat Race

Re: My (general) contacts with Treasury Direct re loss & liability

Post by samsoes »

Call_Me_Op wrote: Sat Nov 04, 2017 7:12 am This is a very relevant and timely thread for me, as I only recently became aware of TD's stated policy. Needless to say, I am very concerned, and I am considering transferring my assets out of there. It is a shame, because I really like IBonds.
Agreed. The only thing holding me back is the 1.1% fixed rate on the pile of bonds I bought in the early 2000's, and regrettably converted them to electronic format at TD a short time later. That I-Bond fixed rate is looooong gone, not likely to be seen again anytime soon!
"Happiness Is Not My Companion" - Gen. Gouverneur K. Warren. | (Avatar is the statue of Gen. Warren atop Little Round Top @ Gettysburg National Military Park.)
mpsz
Posts: 516
Joined: Sat Jan 09, 2016 6:11 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by mpsz »

Thanks for sharing. This is pretty scary, especially since the TD site uses that stupid click-keyboard to log in and it's difficult to use a long, random password.

I'll likely switch to paper I-bonds... seems to be no downside to doing this (except for overpaying taxes temporarily) since the bonds can always be converted to electronic at a later date if TD switches to a more modern/sane fraud policy.
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

mpsz wrote: Sat Nov 04, 2017 8:56 am Thanks for sharing. This is pretty scary, especially since the TD site uses that stupid click-keyboard to log in and it's difficult to use a long, random password.

I'll likely switch to paper I-bonds... seems to be no downside to doing this (except for overpaying taxes temporarily) since the bonds can always be converted to electronic at a later date if TD switches to a more modern/sane fraud policy.
It's not clear whether you're under the impression that you can buy the same amount of paper I Bonds each year as you can of online I Bonds, i.e., that it's simply a matter of choosing between the two "formats." You cannot. The only way that I Bonds can still be purchased in paper form is by filing Form 8888 with your federal tax return in order to allocate a maximum of $5,000 of federal tax refund to be received as paper I bonds. And that $5,000 is per tax return, not per person, i.e., the amount is not increased for married filers or dependents listed on the return. It's never been clear how long this option will last, i.e., whether it's going to a permanent feature, or is just the government's way of using up leftover paper bonds until the supply is gone.

Some people intentionally overpay their federal estimated tax in order to get that $5,000 of paper I Bonds, because they consider $5,000 to be better than none, and the $5,000 does still increase the maximum (paper + online combined) which can be bought each year. But that tax refund mechanism is the sole exception to the requirement that I Bonds must otherwise be bought through an online account at Treasury Direct.
Last edited by beardsworth on Sat Nov 04, 2017 10:09 am, edited 1 time in total.
mpsz
Posts: 516
Joined: Sat Jan 09, 2016 6:11 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by mpsz »

beardsworth wrote: Sat Nov 04, 2017 10:02 am It's not clear whether you're under the impression that you can buy the same amount of paper I Bonds each year as you can of online I Bonds, i.e., that it's simply a matter of choosing between the two "formats." You cannot. The only way that I Bonds can still be purchased in paper form is by filing Form 8888 with your federal tax return in order to allocate a maximum of $5,000 (per tax return, not per person) of federal tax refund to be received as paper I bonds.

Some people intentionally overpay their federal estimated tax in order to get that $5,000 of paper I Bonds, because they consider $5,000 to be better than none, and the $5,000 does still increase the maximum (paper + online combined) which can be bought each year. But that tax refund mechanism is the sole exception to the requirement that I Bonds must otherwise be bought through an online account at Treasury Direct.
I'm aware of those caveats, but this is a good reminder. I'm intending to purchase well below $5k in I-bonds per year.

Thanks
User avatar
Phineas J. Whoopee
Posts: 9675
Joined: Sun Dec 18, 2011 5:18 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Phineas J. Whoopee »

mpsz wrote: Sat Nov 04, 2017 8:56 am Thanks for sharing. This is pretty scary, especially since the TD site uses that stupid click-keyboard to log in and it's difficult to use a long, random password.
...
That stupid click-keyboard prevents keyloggers, should you be infected with one, from learning your password.

Some years ago there was a physical card with codes on it, a second authentication factor, which people here derided as "the secret decoder ring." In response TD replaced it with less-secure email.

I do not understand the hostility people have toward security measures that keep them safer than if the measures weren't in place.

Especially in a thread about not feeling secure.

PJW
User avatar
dual
Posts: 1383
Joined: Mon Feb 26, 2007 6:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by dual »

What are the alternatives for my electronic I-bonds to keeping them at TreasuryDirect?

Five minutes on the wiki and a search engine indicates that the only alternative is to sell them.

Correct?
User avatar
llama
Posts: 115
Joined: Wed Dec 23, 2015 12:41 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by llama »

mpsz wrote: Sat Nov 04, 2017 8:56 am Thanks for sharing. This is pretty scary, especially since the TD site uses that stupid click-keyboard to log in and it's difficult to use a long, random password.
I use a long, random password for TD and paste it in from my password manager software by using my browser to edit the page's HTML to remove the readonly="readonly" attribute from the input box.
User avatar
Phineas J. Whoopee
Posts: 9675
Joined: Sun Dec 18, 2011 5:18 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Phineas J. Whoopee »

dual wrote: Sat Nov 04, 2017 1:41 pm What are the alternatives for my electronic I-bonds to keeping them at TreasuryDirect?

Five minutes on the wiki and a search engine indicates that the only alternative is to sell them.

Correct?
Yes, that's correct. Savings bonds can only be held directly with the treasury, and can't be held via anybody else. It's true of paper as well as electronic, but some people are more comfortable with physically printed savings bonds.
PJW
Last edited by Phineas J. Whoopee on Sat Nov 04, 2017 2:14 pm, edited 1 time in total.
User avatar
TheTimeLord
Posts: 12130
Joined: Fri Jul 26, 2013 2:05 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by TheTimeLord »

Phineas J. Whoopee wrote: Fri Nov 03, 2017 6:04 pm
sophie1 wrote: Fri Nov 03, 2017 7:12 am ...
I've assumed that the best protection you have with Treasury Direct is that a link to a bank account can only be made by submitting a form with a medallion signature guarantee. ...
I'm afraid that's no longer the case. Today you can simply add a bank account, with identical registration of course, online.
PJW
I would assume you would be notified with an email confirmation if your bank account or email address was changed. I am correct to assume providing you monitor your email, they would need to discern your password, hijack your email, change your email and change your bank account with you noticing to transfer money out?
IMHO, Investing should be about living the life you want, not avoiding the life you fear. | Run, You Clever Boy! [9085]
User avatar
Phineas J. Whoopee
Posts: 9675
Joined: Sun Dec 18, 2011 5:18 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Phineas J. Whoopee »

TheTimeLord wrote: Sat Nov 04, 2017 1:52 pm
Phineas J. Whoopee wrote: Fri Nov 03, 2017 6:04 pm
sophie1 wrote: Fri Nov 03, 2017 7:12 am ...
I've assumed that the best protection you have with Treasury Direct is that a link to a bank account can only be made by submitting a form with a medallion signature guarantee. ...
I'm afraid that's no longer the case. Today you can simply add a bank account, with identical registration of course, online.
PJW
I would assume you would be notified with an email confirmation if your bank account or email address was changed. I am correct to assume providing you monitor your email, they would need to discern your password, hijack your email, change your email and change your bank account with you noticing to transfer money out?
They could also hack your linked bank account.

I don't know about Treasury Direct email notifications. My practice is to log in to every place where I have substantial assets to be sure we agree, and to verify security items like address (for possible paper checks) and linked bank accounts, weekly. I know some people won't want to do such a thing.

I personally think TD's security is pretty good, but I don't think anybody's is perfect, which is why I log in everywhere weekly. I look at my checking account balance, to see if we agree, daily because that's probably my most hackable, stealable, and least easy to recover from pocket that can be picked.

Some people don't want to lock their door, or carry a key, because they believe it shouldn't be their responsibility to manage their home's physical security. It should be somebody else's responsibility. Different strokes for different folks.

PJW
mpsz
Posts: 516
Joined: Sat Jan 09, 2016 6:11 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by mpsz »

Phineas J. Whoopee wrote: Sat Nov 04, 2017 1:19 pm That stupid click-keyboard prevents keyloggers, should you be infected with one, from learning your password.
...
I do not understand the hostility people have toward security measures that keep them safer than if the measures weren't in place.
I stand by what I said.

The click keyboard does prevent against keyloggers... sure. However, it does not prevent against someone observing you logging in, whether this is somebody standing over your shoulder or screen monitoring software. If your computer is compromised to the point you have a keylogger installed, you could also have screen monitoring software installed.

A traditional password field is not vulnerable to being observed, because the attacker would see just dots or asterisks on the screen. With TD, they see which button you clicked.

As such, since the stupid click keyboard closes one attack door, opens a new attack door, and makes it more difficult to use a secure password in the first place, it's complete baloney. It reduces the overall security of the TD platform. There's a reason no other sites do this.
lazyday
Posts: 3849
Joined: Wed Mar 14, 2007 10:27 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by lazyday »

Phineas J. Whoopee wrote: Fri Nov 03, 2017 6:04 pmToday you can simply add a bank account, with identical registration of course, online.
Thanks, wasn't aware of this change.

TD required my answer to a security question, and sent me an email warning that a change had been made. I haven't tried the new linked bank yet so don't know if there's anything else.
leehsm
Posts: 83
Joined: Sat Nov 28, 2009 4:42 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by leehsm »

Is there a way I can sell, or move my TD I bonds to another financial institution without being hit with taxes on the interest earned over the past 8 years. Thanks
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

leehsm wrote: Mon Nov 06, 2017 6:25 pm Is there a way I can sell, or move my TD I bonds to another financial institution without being hit with taxes on the interest earned over the past 8 years. Thanks
If your mention of "selling" your I Bonds refers to redeeming them, then you could deposit the cash proceeds in whatever financial institution you wish (bank, credit union, mutual fund), but you'd owe federal (although not state) income taxes on the accrued interest in the tax year of the redemption. (I won't deal here with separate tax rules about using I Bonds for children's education, or other special situations.)

With regard to your mention of "moving" them, the answer is no, because they can't be moved. I Bonds are not marketable securities and can't be held in any brokerage situation or third-party custodial institution. You can hold them personally in paper form (if you originally bought them that way), or you can hold them in electronic form on the "books" of Treasury Direct. That's it.
TravelGeek
Posts: 4902
Joined: Sat Oct 25, 2014 3:23 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by TravelGeek »

Phineas J. Whoopee wrote: Sat Nov 04, 2017 2:06 pm
I personally think TD's security is pretty good, but I don't think anybody's is perfect, which is why I log in everywhere weekly. I look at my checking account balance, to see if we agree, daily because that's probably my most hackable, stealable, and least easy to recover from pocket that can be picked.
What I see when I log into a site like TD (or Vanguard or Fidelity or redneck bank or ...) is just the tip of the ice berg of their software. Not necessarily a good way to judge the overall system security based on the login screen and other security mechanisms. E.g., a site might have strict password rules, require 2FA, and store the passwords in clear text and I would never know. Sites might also not have the latest updates and security patches applied. Large well-known companies have had hacks that revealed surprising bad practices (I look at you, Linkedin and Equifax).

That said, I think TD was, I think, one of the first financial sites that forced me to use 2FA with their physical code card.

I don’t mind the on-screen keyboard. Small inconvenience and some additional protection (since it isn’t common practice, screen recording tools are also less common than keystroke loggers).

What this thread is really about, though, is what happens when my account get emptied out without the use of my credentials.
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

TravelGeek wrote: Tue Nov 07, 2017 12:44 am
What this thread is really about, though, is what happens when my account get emptied out without the use of my credentials.
OP here.

Thanks for making that point, TravelGeek.

That is indeed what I intended the thread to be about when I started it, and that's also why my own correspondence with Treasury, described in the opening post, focused on the issue of whether, or how much, Treasury accepts any liability or responsibility to make-whole in case of hacking and other potential situations in which the Treasury Direct customer did nothing to enable an account loss. And I also expressed the wish, in the original post, that responses not debate the likelihood of theft from a Treasury Direct account.

Of course, no OP can "control" the subsequent course of a thread, and give-and-take dialogue is natural. But I hope that further responses in the thread can be kept on-topic and not get diverted into personal opinions about Treasury Direct's log-in system, or general discussions about personal security practices in people's financial lives. There were already plenty of those elsewhere on this Bogleheads forum. This one was intended to be about Treasury Direct's own policy in the event of customer losses, i.e., what Treasury Direct does, not what Bogleheads do.
TravelGeek
Posts: 4902
Joined: Sat Oct 25, 2014 3:23 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by TravelGeek »

One thing, in addition to the obscure law that allegedly covers stolen iBonds from my TD account, that has been bothering me is that I probably have no way of proving that my credentials were in fact not used to access my account.

As I was looking around the TD site, I came across this feature:
Customer Hold: As an added security feature, TreasuryDirect allows you to place a hold on your account. If you believe someone else has learned your account access information and you want to prevent unauthorized access to your account, you may edit your Account Info in your primary account to place a Customer Hold. This action will prohibit all transactions associated with your primary and linked accounts. After you place your Customer Hold, you will not have access to your account until the hold is removed. To remove the hold, you must contact the Bureau of the Fiscal Service (formerly Bureau of the Public Debt), Risk Management Group.
Since I am in the accumulation phase for iBonds, I don't generally need to access my account on a regular basis to perform transactions. I wonder how much hassle it would be to get the account unlocked as needed (once a year) and leave it locked the rest of the time.
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

TravelGeek wrote:
I don't generally need to access my account on a regular basis to perform transactions. I wonder how much hassle it would be to get the account unlocked as needed (once a year) and leave it locked the rest of the time.
That's an interesting question.

If I understand what you're thinking, the situation would be analogous to a person who freezes his files at the national credit rating bureaus at all times except when he actually wants to apply for a new loan or card, then very temporarily unfreezes them long enough to get the application approved, then freezes them again. In Treasury Direct terms, there would be a Customer Hold in effect at all times except when the customer was actually buying or redeeming securities.

Since it was the report of my own repeated correspondence with Treasury Direct which began this thread, I've written to Treasury Direct again to ask if such a Customer Hold practice would be allowed, even if the customer did not (in the Treasury Direct web site language you quoted in your post above) have particular reason to "believe" the log-in credentials had been mis-used, but simply wanted to add an additional layer of self-protection, an additional barrier to "unauthorized account access," especially in view of Treasury Direct's own disclaimer of all liability for use of customer credentials.

I'll post here again if I get any useful reply. If the experience in the original post is a guide, it may take a while.

All of which is still slightly off-topic from the original issue of whether Treasury Direct will do anything to make a customer whole for account losses attributable to a failure of security at Treasury Direct itself, rather than to any action or negligence on the part of the customer.
TravelGeek
Posts: 4902
Joined: Sat Oct 25, 2014 3:23 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by TravelGeek »

beardsworth wrote: Thu Nov 09, 2017 4:13 pm
I'll post here again if I get any useful reply. If the experience in the original post is a guide, it may take a while.

All of which is still slightly off-topic from the original issue of whether Treasury Direct will do anything to make a customer whole for account losses attributable to a failure of security at Treasury Direct itself, rather than to any action or negligence on the part of the customer.
Thanks for following up with them.

I don't think you are likely going to get an authoritative answer (or someone speaking from experience... I hope) to the narrow (and important!) question of what they will do if you bonds get redeemed and the money vanishes (without usage of your credentials).

My gut feel is that the Dept of the Treasury would have no choice but to make you whole because in that scenario you'd unlikely be the only victim, and political pressure would be forcing the Treasury to fix their problem. The possible account lock "workaround" I might have found is simply to shortcircuit any discussion of who's fault it is if it happens.
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

An update . . .

As promised following the exchange of posts above with TravelGeek, I sent another e-mail to Treasury Direct, although, as usual in my contacts with this agency, no useful information was received on one try alone.

I asked (closely paraphrasing my actual words here):

The Treasury Direct site [URL] contains the following language: "Customer Hold: As an added security feature, TreasuryDirect allows you to place a hold on your account. If you believe someone else has learned your account access information and you want to prevent unauthorized access to your account, you may edit your Account Info in your primary account to place a Customer Hold. This action will prohibit all transactions associated with your primary and linked accounts. After you place your Customer Hold, you will not have access to your account until the hold is removed. To remove the hold, you must contact the Bureau of the Fiscal Service (formerly Bureau of the Public Debt), Risk Management Group.”

Since the site’s own “Terms of Use” make clear that Treasury Direct renounces all liability for mis-use of log-in credentials, is it possible to place a routine “Customer Hold” on an account even if the customer does not have specific reason to believe that log-in credentials have been compromised? It seems to me that Treasury Direct would—or should—allow such a practice, if Treasury Direct truly wishes to maximize customer protection in view of Treasury Direct’s own rejection of liability for mis-use of log-in credentials. The situation described would be very much like a person who places a freeze at the national credit bureaus in order to prevent anyone from applying for credit in his name, but can temporarily un-freeze the credit file when actually applying for a new loan or credit card, and then re-freeze the file. Similarly, there would be a “Customer Hold” on the Treasury Direct account at all times except when the customer was actually buying or selling securities. . . .

And when a Customer Hold has been placed, what is the specific procedure to remove it? The web site language quoted above tells the customer how to place a hold, but says nothing about how to lift it, other than to “contact” Fiscal Service. That’s vague. What is involved to lift a hold? (Phone call? E-mail? Specific Treasury forms? Notarized signature? Medallion-guaranteed signature? Other?)


I received a boilerplate brushoff e-mail from Treasury Direct, giving the same kind of irrelevant response as when I first wrote, over a year ago, in an effort to clarify the issue of account losses caused by a situation in which Treasury Direct itself was hacked or otherwise failed to maintain account security, i.e., that customer security is very important and Treasury is always working to make the site better to meet or exceed the guidelines issued by the Federal Financial Institutions Examination Council; that the customer should do everything possible to protect log-in credentials; that the site uses Secure Sockets Layer technology; and (in language sufficient to make any reader wonder whether Treasury Direct’s behind-the-scenes systems are as antiquated as its boilerplate correspondence) “For your protection, TreasuryDirect requires the security that up-to-date Web browsers provide, specifically Microsoft Internet Explorer 5.01 or Netscape Navigator 6.2 or later.”

So I wrote again, via postal mail, to the Secretary of the Treasury, the third time I’d done so in somewhat over a year (twice to the current occupant, once to his predecessor), and observed that the reason for this new postal correspondence was the same as the others: Treasury Direct’s inability or unwillingness to give direct answers to simple direct questions. And I repeated the inquiry above. I did not, of course, expect a reply from anyone actually located in the Secretary’s office, but hoped that a new round of correspondence sent to “the top” might again produce a more relevant response out of Treasury Direct.

I recently received the following e-mail reply from Treasury Direct. For privacy reasons I’ve omitted here the salutation containing my own name, and the sign–off containing the Treasury Direct staff member’s name and title, but otherwise this is an exact copy-and-paste of the text, with spelling, punctuation, and syntax preserved just as in the chaotic original: “The customer hold code you are referring to can only be lifted by contacting Customer Service and is only should be placed by the account owner as only if the account owner believes someone else has learned their account access information, which means someone would have your TreasuryDirect account number, your password, access to your email to obtain the pass code and know the answers to your security questions. The answer is no TreasuryDirect will not routinely permit a customer to place that hold on their account and have the customer request that hold be removed only when they wish to access their account.”

Recapping my understanding of the information I’ve been gathering and presenting since this thread began:

•If Savings Bonds are held in paper form, then Treasury promises to make the customer whole for loss or theft, even though paper bonds are in the physical custody of their individual owners in places and storage conditions over which Treasury Direct has absolutely no control. Although Treasury obviously continues to maintain an inventory of paper I Bonds in order to fulfill requests for tax refunds in the form of paper bonds, the replacement for lost or stolen paper I Bonds will nevertheless be in the form of new electronic I Bonds.

https://www.treasurydirect.gov/indiv/re ... eplace.htm

In contrast to paper Savings Bonds, which are in the custody of their owners under conditions beyond Treasury Direct's control, electronic bonds are in the actual custody of Treasury Direct itself. However, unlike losses in paper bonds, where Treasury’s commitment to make the customer whole appears to be completely unambiguous, losses in electronic bonds in the custody of Treasury may or may not be made whole, depending on the circumstances of the loss:

•If the loss is due to any use of the log-in credentials, then the Terms of Use make clear that Treasury Direct renounces all obligation to make the customer whole for loss, even if the use of the credentials was not authorized or enabled by the customer, and even if the customer didn't know in real time (because Treasury Direct does not issue account statements or detailed transaction confirmations) that unauthorized activity was occurring. . . . But (translating into standard English the bizarre e-mail text recently received), notwithstanding its blanket renunciation of liability for losses caused by use of the log-in credentials, and notwithstanding the availability of a "Customer Hold" procedure which its own site describes as “an added security feature,” Treasury Direct will not allow a customer to routinely place such a hold, in a manner similar to a credit freeze, unless the customer’s log-in credentials have already been compromised. This clearly seems a case of (choose your favorite folksy description) the horse is already out of the barn; the train has already left the station; the water has already gone over the dam; if your house has burned down, be sure to ask about our complimentary fire extinguisher gift package. “An added security feature” is something which should be a preventive, i.e., available before an account has been compromised or looted. So this seems to me the worst of both worlds: Treasury disclaims liability for every manner of loss attributable to use of log–in credentials, but Treasury will not allow its own freeze procedure to be used routinely as a means for the customer to further minimize the possibility of fraudulent activity before it happens. . . . No reason was given for this denial of routine account freezes. I imagine that (1) Treasury doesn’t want to be bothered, because such an option would require the hiring of additional customer service staff to un–freeze individual holds maintained on a widespread basis; and/or (2) a failure of Treasury’s own “customer hold” feature, if the feature were implemented as a preventive measure against losses, would imply Treasury liability, e.g., in the event of a site hacking, to make whole for any losses suffered on accounts which already had routine preventive customer holds in place.

•If an account holder suffers a loss through a failure of Treasury Direct’s own security systems, e.g., hacking or other malicious activity not involving a customer's log-in credentials, Treasury Direct has now stated that such loss is covered by an obscure law about the “shipping” of federal property, even though electronic bonds are not actual physical objects and are not being “shipped” anywhere. The existence and applicability of that shipping law were only mentioned after my multiple rounds of correspondence with Treasury. The law is not mentioned as an available loss remedy in Treasury Direct’s online terms of use. Any loss claim under that “shipping” law will be reimbursed only if “the claim is examined, validated, and approved for relief”—in other words, only if Treasury itself concludes that Treasury should be liable. It’s not clear whether any Treasury Direct customer has ever sustained a loss attributable to (or enabled by) flaws or failures of Treasury’s own systems; or, if so, whether Treasury informed the customer of the existence and applicability of the “shipping” law; or whether any customer has ever successfully used that law to be made whole for a loss.

I repeat an observation I made earlier here: While a reduction of Savings Bond program costs for printing, storage, and mailing of paper bonds may have been a major “official” reason given for the switch from paper to electronic, another effect of that change, coupled with Treasury’s stance on security and liability issues, was to shift the risk burden for loss and fraud toward Savings Bond customers. Losses or thefts of paper Savings Bonds are made whole. Period. Losses in electronic bonds, not so much. Whether that outcome was intentional is a question whose answer may depend heavily on a person’s level of cynicism (or, as the case may be, realism).

This thread was intended only as a report of my own exploration of loss prevention and loss recovery issues. I ask again, as I did in my original post, that the thread not be diverted toward conversation about whether Savings Bonds are a good investment, or whether I myself “worry too much” about Treasury Direct security policies. My wife and I do own electronic I Bonds. We are also reconsidering that part of our investments, because, although we hope that the actual risk of loss is small, we’re really turned off by Treasury Direct’s position on its liability-related obligations to its customers. And it’s the very opposite of reassuring to learn that Treasury Direct offers account freezes but will not allow them in advance as a preventive measure; nor is it reassuring to receive a near–illiterate explanation of that policy; nor is it reassuring to read Treasury Direct boilerplate reminders (in response to questions about site security!) to make sure we’re logging into our accounts with the latest version of Internet Explorer or Netscape Navigator.

Other readers will, of course, have to form their own conclusions about the balance of risks of doing online business with this entity, and the various ways in which its practices might or might not leave customers “holding the bag” in the event of loss. Meanwhile, paper Savings Bonds remain the only instrument for which Treasury unambiguously promises to make the customer whole in case of loss or theft, but the allowable purchase quantity of paper bonds is exactly what Treasury has severely limited, and I believe that the promise embodied in the former is one reason for the limitation imposed on the latter.

For a while now, there have been news reports about the hobbling of the IRS through budget cuts, and about the antique software being used there. That's beyond the scope of this post and thread. I do wonder, however, whether Treasury Direct, a unit of the same federal department, is getting everything it needs to maximize account security.
User avatar
flamesabers
Posts: 1848
Joined: Fri Mar 03, 2017 11:05 am
Location: Rochester, MN

Re: My (general) contacts with Treasury Direct re loss & liability

Post by flamesabers »

Beardsworth,

In regards to placing a hold on your Treasury Direct account, how does the Treasury validate whether your account may have been compromised? Is a major data leak like with Equifax sufficient reason for someone to suspect their Treasury Direct account may have been compromised?

As far as lifting the hold, it doesn't sound like you got an answer to this process beyond contacting the Bureau of the Fiscal Service. Maybe you'll have to contact this Bureau first and then they'll walk you through the hold removal process? :confused
Topic Author
beardsworth
Posts: 2135
Joined: Fri Jun 15, 2007 4:02 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by beardsworth »

flamesabers wrote: Thu Jan 04, 2018 10:14 am Beardsworth,

In regards to placing a hold on your Treasury Direct account, how does the Treasury validate whether your account may have been compromised?

Beats me. They obviously don't like to talk about the possibility. The customer hold language on their web page about that subject simply says that a hold can be placed if the account owner believes that someone else has learned the account access information.

Is a major data leak like with Equifax sufficient reason for someone to suspect their Treasury Direct account may have been compromised?

I can't see any linkage. However, I think the Equifax episode certainly provides an illustration of what can actually be happening behind-the-scenes at the same time an organization is regularly giving soothing public assurances about its admirable security precautions.

As far as lifting the hold, it doesn't sound like you got an answer to this process beyond contacting the Bureau of the Fiscal Service.

That's true. TD never responded in any detail to my question about the procedure for cancelling a customer hold. But I myself was focused on the issue of whether such holds could be placed, as a matter of routine, like a credit bureau freeze, at all times except when actually performing account transactions. Because the answer to the latter was "no," and because (as my narrative in this thread has illustrated) getting prompt and on-target answers from Treasury has been like pulling teeth, I didn't pursue the issue further. Perhaps the day will come (although I hope not) when some unfortunate Boglehead actually experiences a loss due to compromised log-in credentials, and can then share with the rest of us the "learning experience" of placing a hold after damage has already occurred, and then later lifting that same hold in order to transact business again, presumably with a set of log-in credentials altered from the ones which got compromised before Treasury Direct would allow an account hold. :confused
User avatar
tadamsmar
Posts: 9972
Joined: Mon May 07, 2007 12:33 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by tadamsmar »

From the Code of Federal Regulations on TD:

"You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions conducted using your password as having been authorized by you. We are not liable for any loss, liability, cost, or expense that you may incur as a result of transactions made using your password."

https://tinyurl.com/yc68wpqk

Edit: This was previously posted here:

viewtopic.php?t=87934#p1262620
User avatar
tadamsmar
Posts: 9972
Joined: Mon May 07, 2007 12:33 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by tadamsmar »

One way to beef up TD security would be to beef up security on the second factor: get a physical fob for the email you use as the second factor.

Also, if they send an alert via email when a new bank account is linked, then you can at least catch that early. I think linking a bank account would be necessary to steal from your account.
oner
Posts: 46
Joined: Wed Aug 25, 2010 6:35 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by oner »

Can you transfer your Treasury Direct bonds to another financial institution? If so, how do you do this?
HomeStretch
Posts: 11419
Joined: Thu Dec 27, 2018 2:06 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by HomeStretch »

oner wrote: Tue Nov 05, 2019 2:39 pm Can you transfer your Treasury Direct bonds to another financial institution? If so, how do you do this?
EE/I Bonds can only be held electronically in a TD account. Not sure about other Treasury bonds.
User avatar
nisiprius
Advisory Board
Posts: 52216
Joined: Thu Jul 26, 2007 9:33 am
Location: The terrestrial, globular, planetary hunk of matter, flattened at the poles, is my abode.--O. Henry

Re: My (general) contacts with Treasury Direct re loss & liability

Post by nisiprius »

oner wrote: Tue Nov 05, 2019 2:39 pm Can you transfer your Treasury Direct bonds to another financial institution? If so, how do you do this?
If they are marketable securities, such as TIPS or Treasury notes or bonds, I think so, because I did it myself. This was years ago, when it was what is now known as "Legacy Treasury Direct," but I assume you still can. If I recall correctly, it required mailed paperwork including a medallion signature guarantee.

If they are United States Savings Bonds, they they are not marketable securities, so, no.
Annual income twenty pounds, annual expenditure nineteen nineteen and six, result happiness; Annual income twenty pounds, annual expenditure twenty pounds ought and six, result misery.
Geologist
Posts: 3057
Joined: Fri Jan 02, 2009 6:35 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Geologist »

oner wrote: Tue Nov 05, 2019 2:39 pm Can you transfer your Treasury Direct bonds to another financial institution? If so, how do you do this?
You can, because my brother and I did so for my mother's TIPS bonds in settling her estate. This is what you have to do if you want to sell them before maturity. There is a paper form that requires a medallion signature guarantee. We transferred them to Vanguard.
User avatar
Mel Lindauer
Moderator
Posts: 35782
Joined: Mon Feb 19, 2007 7:49 pm
Location: Daytona Beach Shores, Florida
Contact:

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Mel Lindauer »

At the risk of repeating myself, I think the frustration experienced here is simply part of the Treasury's indifference to the Savings Bond program.

Here's a Forbes column I did some time ago, speculating that Treasury was hoping to kill off the Savings Bond program:

https://www.forbes.com/sites/theboglehe ... e1f482a8d8
Best Regards - Mel | | Semper Fi
User avatar
Riley15
Posts: 209
Joined: Wed May 11, 2016 9:21 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by Riley15 »

tadamsmar wrote: Fri Feb 08, 2019 7:54 am From the Code of Federal Regulations on TD:

"You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions conducted using your password as having been authorized by you. We are not liable for any loss, liability, cost, or expense that you may incur as a result of transactions made using your password."

https://tinyurl.com/yc68wpqk

Edit: This was previously posted here:

viewtopic.php?t=87934#p1262620

This issue with Treasury Direct security and Liability comes up from time to time and has discouraged some from using them.

But I think the issue may be way overblown out of proportion.

The language that has most people concerned about confidentiality of you account information and password exists in Terms and Conditions of just about every major financial institution including most Banks and even Vanguard. So why should TD be any exception. In fact they may even have more protections in place.
User avatar
tadamsmar
Posts: 9972
Joined: Mon May 07, 2007 12:33 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by tadamsmar »

Riley15 wrote: Thu Mar 18, 2021 12:31 pm
tadamsmar wrote: Fri Feb 08, 2019 7:54 am From the Code of Federal Regulations on TD:

"You are solely responsible for the confidentiality and use of your account number, password, and any other form(s) of authentication we may require. We will treat any transactions conducted using your password as having been authorized by you. We are not liable for any loss, liability, cost, or expense that you may incur as a result of transactions made using your password."

https://tinyurl.com/yc68wpqk

Edit: This was previously posted here:

viewtopic.php?t=87934#p1262620

This issue with Treasury Direct security and Liability comes up from time to time and has discouraged some from using them.

But I think the issue may be way overblown out of proportion.

The language that has most people concerned about confidentiality of you account information and password exists in Terms and Conditions of just about every major financial institution including most Banks and even Vanguard. So why should TD be any exception. In fact they may even have more protections in place.
If there is a place where Vanguard says that "You are solely responsible for the confidentially of your....password..." then show it to us.

Vanguard fraud policy is here:

https://investor.vanguard.com/security-center

It require some due diligence, but it does not make you "solely responsible" for such things as hacks on a computer where you have taken reasonable precautions.

And there is a history on this. Some federal TSP investor where made solely responsible and not reimbursed for a hack.

If Vanguard did that to a customer who was not grossly negligent then they would lose a lot of customers.

It's the federal government, they are less accommodating to their individual investor "customers".
User avatar
FIREchief
Posts: 6916
Joined: Fri Aug 19, 2016 6:40 pm

Re: My (general) contacts with Treasury Direct re loss & liability

Post by FIREchief »

Riley15 wrote: Thu Mar 18, 2021 12:31 pm This issue with Treasury Direct security and Liability comes up from time to time and has discouraged some from using them.

But I think the issue may be way overblown out of proportion.
Given the concerns, is there any good reason why anybody would use TD for anything other than savings bonds?
I am not a lawyer, accountant or financial advisor. Any advice or suggestions that I may provide shall be considered for entertainment purposes only.
Post Reply