LawWiki
HomeCodesSearchGlossaryAPIAbout
LawWiki

Plain English summaries of California law with zero-hallucination AI. Every summary is verified against official source text.

Product

  • Search
  • Codes
  • About

Legal

  • Privacy Policy
  • Terms of Service
  • Disclaimer

© 2026 LawWiki. All rights reserved.

HomeCommercial CodeDiv. 11Ch. 2§ 11203 Unauthorized Payment Order Limits

§ 11203 Unauthorized Payment Order Limits

Commercial Code·California
AI Summary·Official Text·Key Terms·Related Statutes·References
AI SummaryVerified

§ 11203 Unauthorized Payment Order Limits

This law says a bank can only keep or force a payment if it has a written agreement, and it must let the payment go if the customer shows the order came from someone who wasn’t trusted or who broke into the customer’s system, even if the customer made a mistake.

Key Takeaways

  • •The bank can limit its right to keep a payment only if there’s a written agreement.
  • •The bank cannot keep or enforce a payment if the customer shows the order came from an unauthorized person or a security breach.
  • •The same rules apply to changes (amendments) to a payment order.

Example

A person’s online banking password is stolen and the thief sends money to another account.

If the customer can prove the transfer was done by the thief who wasn’t authorized to act for them, the bank can’t keep the money or force the payment, unless the bank had a prior written agreement limiting its rights.

AI-generated — May contain errors. Not legal advice. Always verify source.

Official Source
View on CA.gov

§ 11203 Unauthorized Payment Order Limits

(a) If an accepted payment order is not, under subdivision (a) of Section 11202, an authorized order of a customer identified as sender, but is effective as an order of the customer pursuant to subdivision (b) of Section 11202, the following rules apply: (1) By express agreement evidenced by a record, the receiving bank may limit the extent to which it is entitled to enforce or retain payment of the payment order. (2) The receiving bank is not entitled to enforce or retain payment of the payment order if the customer proves that the order was not caused, directly or indirectly, by a person (i) entrusted at any time with duties to act for the customer with respect to payment orders or the security procedure, or (ii) who obtained access to transmitting facilities of the customer or who obtained, from a source controlled by the customer and without authority of the receiving bank, information facilitating breach of the security procedure, regardless of how the information was obtained or whether the customer was at fault. Information includes any access device, computer software, or the like. (b) This section applies to amendments of payment orders to the same extent it applies to payment orders. (Amended by Stats. 2023, Ch. 210, Sec. 84. (SB 95) Effective January 1, 2024.)

Last verified: January 10, 2026

Key Terms

payment orderreceiving banksecurity procedureexpress agreement

Related Statutes

  • § 11201 Payment Order Security Procedures
  • § 11211 Payment Order Cancellation
  • § 11212 Bank Payment Order Liability
  • § 11210 Payment Order Rejection
  • § 11202 Payment Order Authorization Rules

References

  • Official text at leginfo.legislature.ca.gov
  • California Legislature. Commercial Code. Section 11203.
View Official Source