If it was going to be a problem, they wouldn't offer it as an option that could be enabled in the control panel, I would think.
Companies routinely offer stuff which they eventually withdraw because they find it's not economically viable for some reason. A certain amount of fraud is expected in providing any financial service but no company has the capacity to absorb unlimited amounts of fraud. Once a particular vulnerability gets exploited, it becomes well known and more people exploit it - when losses become unacceptably high, the underlying mechanism which allows the fraud is often withdrawn or heavily restricted. Small start-ups often grossly estimate the incidence of fraud they're likely to encounter.
Some companies (like one's I've worked for in the past) will be straight-up with their customers and explain why it is impossible to meet a perceived obligation no matter who's fault it is. Customers tend not to be overjoyed but can usually understand and accept the reality.
Other companies (such as Dwolla) seem to find it a more rational solution to effectively steal back the money from their customers and doctor up whatever paperwork needs doctoring.
I'd personally be delighted to see Dwolla suffer because of their business choices, but I hope they do live long enough to lose the lawsuit that Tradehill has opened against them and cough up some investor dough before going under.
Dwolla has (according to Tradehill) cost me personally my preferred method transferring value between USD and BTC.