Whether or not other states follow the Keystone State’s lead, this decision will have devastating consequences for emerging payment companies, especially those who do not have the resources of traditional old line processors. Many may well be faced with the prospect of either banning Pennsylvania consumers or leaving the nonprofit and religious processing space.

On September 29, 2015, the Pennsylvania Department of Banking and Securities issued an advisory that its money transmitter regulations are violated when payment facilitators or ISOs collect money from consumers and forward it to nonprofits and religious organizations. In fact, the advisory, according to its plain language, would ban all traditional payment processing for nonprofits and religious organizations by any company that is not licensed as a money transmitter. (The state also issued a news release defending its decision.)

Although the Department directed the advisory to Pennsylvania’s nonprofit and religious organizations to warn about the risks of using unlicensed electronic payment service providers to collect charitable donations, it is the payment facilitators and ISOs operating within the state that are going to feel its impact. For instance, the advisory does not distinguish between a payment entity that settles the money into its own account and one that transmits funds directly from the acquiring bank to a non-profit/religious institution.

This another example of the continuing technological innovation in the payments sphere leading to uncertainty in the law and conflicting regulatory approaches between federal and state regulators as to the legal status of various money services businesses.

One key issue that is very much in flux is what types of business activities qualify as “money transmission” activities requiring federal registration and/or state licensing as a money transmitter. Depending on how and where a payment facilitator is doing business, it may be subject to federal registration requirements with the Financial Crimes Enforcement Network (“FinCEN”) pursuant to the Bank Secrecy Act (“BSA”), without being subject to state licensure requirements. Or it may be subject to licensure requirements in some states, but not in other states or under federal law.

This presents particular challenges to young emerging payments companies, which often lack experienced legal teams to track the frequent changes in the law. Those businesses may also lack the resources to undertake the costly and time-consuming process of getting licensed as a money transmitter in every state where they operate.

The advisory admonishes that any person selling services to “non-profits, religious organizations, charities and political campaigns (“third-party recipient”) for the movement of money from a donor’s bank account or credit card to the account of a third-party recipient” must be licensed as a money transmitter under Pennsylvania law, regardless of whether the transmission is executed by the service provider through its own banking institution, or forwarded to a payment processor for processing through the ACH system. All persons subject to licensure as a money transmitter in Pennsylvania are also subject to the additional statutory requirements that they carry a $1 million liability bond and have a minimum net worth of at least $500,000. (7 P.S. §6102).

Significantly, the advisory said that payment processors and ISOs must be licensed to perform such money transmission activities. This is in direct contrast to federal law, which expressly excludes payment processors and ISOs from the federal registration requirements for “money transmitter” money services businesses under the BSA, provided they qualify for the “payment processor exemption” by satisfying four mandatory conditions:

• The entity must facilitate the purchase of goods or services, or the payment of bills for goods or services (other than money transmission itself)
• The entity must operate through clearance and settlement systems that admit only BSA-regulated financial institutions (such as the ACH) or are themselves regulated institutions (such as operators of credit cards)
• The entity must provide the service pursuant to a formal agreement
• The entity’s agreement must be at a minimum with the seller or creditor that provided the goods or services and receives the funds. (See FIN-2014-R009, “Application of Money Services Business Regulations to a Company Acting as an Independent Sales Organization and Payment Processor”, August 27, 2014.)

The Department emphasized that “the fact that the federal government may have determined that the activity engaged in by [companies fitting within the payment processor exemption] is not money transmission for purposes of federal law is irrelevant to a determination that one is acting as a money transmitter for purposes of state law and the need to comply with state law” because of the distinctly different purposes behind the federal and state statutes in question. The advisory said that the “purpose of the designation of a money transmission under federal law is to further compliance with the Bank Secrecy Act and to prevent the use of the banking system in furtherance of an illegal or criminal activity.”

In contrast, Pennsylvania’s state licensing requirements for companies selling money transmission services to non-profits and charitable organizations aims to provide protection for the donor’s funds through the net worth and bond requirements of the statute. Under the language of the advisory, any religious organization using any payment processing service would be banned unless the service is licensed in the state.

Of course, electronic payment service companies affected by the advisory may avoid the impact of the Department’s decision by simply not doing any business with Pennsylvania consumers. Yet that is a questionable strategy, especially given the likelihood that at least some states will follow Pennsylvania’s example.

Another option is to implement contractual changes and/or vary the structure of their business activities such as offering a good or service to the consumers, to qualify for other exemptions from such licensing requirements. Potential solutions must be evaluated on a case-by-case basis, however, and may satisfy some regulatory licensure schemes but not others. One thing for certain is that the problem is not going away anytime soon.

The post State Money Transmitter Rule Slams PFs, ISOs appeared first on Genco Payments.

Before 2002, the FTC had never sued an ISO. Since then, however, it has filed at least seven lawsuits against payment processors for facilitating merchant fraud. This trend seems to be gaining momentum.
To establish liability, the FTC relied on Section 5 of the 1914 FTC Act and the Telemarketing Sales Rule (TSR), which was enacted in 1995.

Section 5 is the basic federal consumer protection statute that allows the FTC to take action against unfair or deceptive business practices. The TSR protects consumers against businesses that engage in or facilitate fraudulent telemarketing.

The FTC takes aim

In February 2002, the FTC initiated its first lawsuit against an ISO when it sued Certified Merchant Services Ltd. under Section 5. The lawsuit alleged CMS and its third-party sales agents unfairly and deceptively modified customer contracts, debited customer accounts without authorization, failed to disclose charges and fees, and misrepresented various goods and services offered.

CMS agreed to pay $23.5 million to settle the charges. Payment to the FTC came from a forced sale of CMS’ assets.

In July 2003, the FTC filed suit against Electronics Financial Group and its principals. EFG provided a variety of electronic payment services to clients in the United States and Canada, including electronic debits and credits to consumer bank accounts through the automated clearing house (ACH) networks.

The EFG case is striking. Unlike the CMS case, which involved unfair business practices against consumers perpetrated directly by the ISO, EFG’s liability was premised on the unlawful conduct of its merchants. In particular, the FTC alleged EFG violated the law by doing the following:

• Providing assistance to merchants engaged in the deceptive marketing of advance-fee debit cards
• Processing ACH transactions on behalf of merchants engaged in outbound telemarketing to consumers with whom the merchants had no relationship. This activity was unfair in the eyes of the FTC because NACHA – The Electronic Payments Association operating rules (by which all processors are bound) specifically prohibit processing this type of transaction.
• Providing substantial assistance and support to numerous telemarketing clients who EFG knew or should have known were engaged in business practices that violated the TSR.

EFG ultimately paid $3.9 million to settle the suit. The settlement banned EFG from processing any telephone-initiated sales through the ACH network.

The offensive expands

The FTC filed a similar action against First American Payment Processing Inc. in January 2004. Once again, it relied on Section 5 and the TSR. The FTC sought to hold First American liable for processing ACH transactions on behalf of merchants engaged in fraudulent outbound telemarketing, not for any deceptive act vis-à-vis consumers by First American.

First American paid $1,580,739 to settle this case. It also agreed to halt processing payments for outbound telemarketers.

In August 2005, Universal Processing Inc. and its principals were subject to yet another FTC action. It was premised on the unlawful conduct of Universal’s merchants, not on the processor’s actions. The FTC alleged that high return rates should have tipped Universal off that it was processing unauthorized charges even though, in reality, Universal had no way of knowing consumers had not authorized debits.
Universal ultimately entered into an agreement with the FTC to settle the matter. That agreement specified that the settlement did not in any way constitute an admission of guilt on the part of Universal.

More processors hit

The FTC filed two more actions against ISOs in December 2006. The first alleged the payment processing businesses owned and/or controlled by Ira Rubin violated the TSR by aiding at least nine malicious, Canada-based, advance-fee credit card schemes. The subterfuge induced consumers to allow electronic debits from their bank accounts in exchange for unsecured credit cards. Many consumers never even received the cards.

The FTC alleged Rubin and his companies provided processing services despite receiving complaints from consumers, law enforcement and Better Business Bureau chapters concerning the deceptive and abusive business practices of its merchants.

The second action was against InterBill Ltd., a payment processor servicing high-risk merchants, such as online gambling Web sites and MO/TO marketing companies. The FTC alleged InterBill violated the FTC Act by debiting consumer bank accounts despite clear red flags that its merchants were submitting illegal transactions for processing.

It is worth noting the FTC’s claim emphasized that InterBill failed to follow its own merchant guidelines when processing these transactions, such as checking references, collecting information and verifying physical addresses.

Leveled by criminal charges

ISOs and payment processors are also vulnerable to other government actions and investigations, including criminal charges. In February 2006, CardSystems Solutions Inc. agreed to settle FTC charges that alleged the processor failed to take appropriate security measures to protect the sensitive information of tens of millions of consumers.

Also in February 2006, the U.S. government (not the FTC) filed a civil action against Payment Processing Center LLC and its principals. The suit alleged PPC either knew or remained intentionally ignorant of the fact that it was enabling merchants to engage in fraud, because it continued to process transactions for certain accounts with high return rates.

The PPC case was previously discussed in “Are you Big Brother material? The FTC seems to think so,” by Theodore F. Monroe, The Green Sheet, Sept. 11, 2006, issue 06:09:01. It is compelling because the government did not sue any of the 13 PPC merchants specifically alleged to have perpetrated the underlying acts of fraud.

In secret, the government also obtained a restraining order against PPC that barred the company from processing certain types of transactions. In addition, the order contained an immediate asset freeze.

And in January 2007, authorities brought criminal charges against John David Lefebvre and Stephen Eric Lawrence, the principals of a company that processed Internet gambling transactions.

The charges alleged the pair set up an Internet payment services company to help facilitate the transfer of billions of dollars of illegal gambling proceeds from American citizens to overseas Internet gambling companies.

Protective armor for payment processors

Worried? Here are some things you can do to avoid these types of government inquiries and lawsuits:

• Investigate your merchants’ business practices, and verify that they honor all promises they make.
• Carefully adhere to your underwriting guidelines, and look for inconsistencies in merchant applications.
• Halt processing services to merchants that may be violating the law or have unusual or high chargeback ratios.
• Review all marketing materials and telemarketing scripts.
• Obtain written documents demonstrating your merchants’ compliance with card Association and NACHA rules and regulations regarding consumer authorization of debits.
• Never process ACH transactions on behalf of merchants engaged in outbound telemarketing to consumers with whom such merchants have no existing relationship. Remember, this activity constitutes an unfair practice in the eyes of the FTC. And it violates the NACHA rules to which processors are contractually bound.

If you suspect your customers of violations, or if you receive a government inquiry concerning one of your merchant accounts, consult a lawyer with experience in the payments industry.

There are many ways you can be held responsible for your clients’ conduct. An attorney can help ensure that you do everything in your power to comply with the law and avoid a situation where you incur liability for aiding and abetting unlawful conduct.

The information contained in this article is for informational purposes only. Please consult an attorney before relying upon it for your specific legal needs. Theodore F. Monroe is an Attorney whose practice focuses on the electronic payment and direct marketing industries. For more information about this article or any other matter, please e-mail Monroe at monroe@tfmlaw.com

The post Think Chargebacks Are Bad? Look What Uncle Sam Can Do appeared first on Genco Payments.