Archive | Uncategorized RSS feed for this section

State Operation Choke Point Efforts

15 Apr

Regulatory Alert: State governments are now getting into the Operation Choke Point mode. Over the last few years the Federal Trade Commission and other federal agencies have tried to enforce their laws and regulations by cutting off fraudsters’ access to electronic payments networks. By choking off the flow of funds, the federal government puts the fraudsters out of business. This has come to be known as “Operation Choke Point.” Now state governments are getting into the act.

The most recent example comes from Arizona. The Arizona Attorney General has decided to target processors and acquirers in its attempt to enforce its ban on tobacco sales without state licensure. Relying on an Arizona law which prohibits any person from knowingly providing “substantial assistance” to a person who violates a tobacco product sales ban, the Arizona Attorney General seeks to have processors and acquirers prohibit the completion of any tobacco sales into Arizona by unlicensed merchants. In other words, the Arizona Attorney General, like the FTC before it, wants to turn processors into policemen.

And Arizona’s efforts are paying off. On April 14, 2016, Visa released an announcement advising acquirers that they must take immediate action to ensure that their merchants comply with all applicable laws related to the sale and shipping of cigarettes. Visa advised that acquirers must identify and terminate merchants that engage in illegal online cigarette sales. The Visa bulletin further noted that it is the acquirers’ responsibility to confirm that all transactions introduced into the Visa system by their merchants are legal in both the buyers’ and sellers’ jurisdictions.

To protect the integrity of the payments system, acquirers and ISOs are required to review their merchant portfolios to identify any merchants that sell cigarettes online and then take the following concrete actions:

  • Underwrite the principal owners to validate their eligibility to hold a merchant account;
  • Carefully examine the merchant’s website to make sure they are not engaged in illegal activities, have appropriate shipping restrictions in place, and are not circumventing cigarette tax laws;
  • Use a mystery shopper to confirm compliance;
  • Confirm the merchant is not on the list created under the Prevent All Cigarette Trafficking Act;
  • Recheck the MATCH list; and
  • Terminate merchants that are identified as violating applicable laws.

Visa warns that violations of Visa Rules will result in substantial non-compliance assessments.

We expect that other states and agencies will jump on the band wagon in the near future and use the payment networks as leverage to put an end to conduct that they may not have a capacity to regulate on their own. Higher scrutiny of merchants engaged in regulated activities prior to on-boarding is well-advised.

–Eric Linden and Holli Targan, Attorneys and Partners, Jaffe, Raitt, Heuer & Weiss, P.C.

 

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

State Law Mandates New Merchant Contract Requirements

3 Feb

The payments world is in a constant state of change, and the requirements surrounding clauses that must be included in card processing agreements with merchants are no exception.  Typically, language that must appear in merchant contracts is handed down from the card brands.  To remain compliant with those constantly-evolving requirements a close eye on card brand rule revisions has been essential.  But now states are getting into the act as well.     

Tennessee provides the latest example.  Effective March 1, 2016, Tennessee requires that all merchant agreements disclose certain terms, such as the effective date and term of the contract,  the circumstances surrounding early termination or cancellation, and a complete schedule of all fees applicable to card processing services.  These requirements are benign enough, as the vast majority of commercial contracts already contain those provisions. 

But here comes the sticky part.  In addition to the above, the Tennessee statute requires the payment acquirer to provide monthly statements.  So far so good – everyone provides monthly statements.  However, the law mandates that certain data points be included in each monthly statement, including an itemized list of all fees assessed since the previous statement, the total value of the transactions processed, and, if the acquirer is not a bank, an indication of the “aggregate fee percentage”.  The aggregate fee percentage is calculated by dividing the fees by the total value of processed transactions during the statement period.

The troubling requirement is the last one:  that any non-bank payment acquirer include in monthly statements the fees imposed, calculated as a percentage of the total value of the transactions processed during the statement period.  Currently such a calculation is not determined, so systems will need to be revamped to include that information in statements. 

And a determination will need to be made as to who, exactly, this requirement applies to.  The law says it is imposed on non-bank payment acquirers.  Certainly that includes payment facilitators.  But if both an ISO and a bank are a party to a merchant agreement and provide the statement, does the aggregate fee percentage need to be included in the monthly statement?  It’s not clear.  A conservative interpretation would suggest that if any non-bank is a party to a merchant agreement, the aggregate fee percentage should be disclosed each month.

Interestingly, the remedy for non-compliance with the Tennessee law is limited to an option by the merchant to terminate the contract.  Before the merchant may cancel the agreement, it must give the acquirer 30 days’ notice.  If the non-compliance is cured, then the merchant is not permitted to terminate the agreement.

ISOs, banks, and processors should review the new Tennessee statute to ensure compliance with its provisions.  And now that the payments industry is on the radar of state legislators, card processors will need to monitor state law developments to keep up with shifting obligations. 

–Holli Targan, Partner, Jaffe, Raitt, Heuer & Weiss, P.C.

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

Next Generation Payment Systems

27 Oct

Given the importance of payment infrastructure to the global economy, and the lucrative prospects of owning or running such infrastructure, it will come as little surprise that many entrepreneurs are racing to develop new payment solutions and large payment companies have been on acquisition sprees as they seek to update and build out their existing networks.

This focus on developing new payment systems and enhancing existing payment systems has caught the attention of the Consumer Financial Protection Bureau (“CFPB”).  For the benefit of those working to develop and improve their payment systems, the CFPB has issued nine consumer protection principles to keep in mind in connection with such development:

1. Consumer Control Over Payments.  Consumers should have control over payments, including their authorizations, the length of time for which such authorization is valid, and the ability to revoke an authorization.

2. Data and Privacy.  Consumers should be kept informed as to how their data is used, who has access to their data, and potential risks associated with transfer of their data.  Data collected should only be used to benefit consumers, and consumers should be able to specify what data is accessible by third parties.

3. Fraud and Error Resolutions Protections.  The system should incorporate protections against mistaken, fraudulent, unauthorized, and erroneous transactions.  The system should also create adequate records for post-transaction evaluation, allow the reversal of erroneous and unauthorized transactions, and comply with all regulatory requirements.

4. Transparency.  Consumers should have real-time access to information about each transaction, such as payment confirmations and receipt of funds, as well as timely disclosure of costs, risks, fund availability, and security.

5. Cost.  Fees charged to consumers should be disclosed in a way which allows consumers to compare the costs of using different payment options and should not obscure the full cost of making or receiving a payment.

6. Access.  The system should be broadly accessible to consumers, widely accepted by businesses and other consumers, and permit access to such system through qualified intermediaries.

7. Funds Availability.  The system should provide fast guaranteed access to funds.

8. Security and Payment Credential Value.  The system should have built in protection to detect and limit errors, unauthorized transactions, and fraud.  These protections should safeguard against and respond to data breaches.  The System should enable gateway institutions to offer enhanced security protections and limit the value of consumer payment credentials.

9. Accountability Mechanisms.  The system should align the incentive of system operators, participants, and end users.  Commercial participants should be accountable for the risks, harm, and costs they introduce into the system and should be incentivized to prevent and correct fraudulent, unauthorized, or erroneous transactions.  The system should also have automated monitoring capabilities, incentives for participants to report misuse, and transparent enforcement procedures.

The release from the CFPB is available here: http://files.consumerfinance.gov/f/201507_cfpb_consumer-protection-principles.pdf.

We recommend that those companies running or developing any type of payment system accommodate the above principles in their development process.  As this is a rapidly changing area of the law, we also recommend staying up to date with the latest requirements and recommendations of the CFPB and other applicable regulatory agencies.

– James Kramer, Attorney, Jaffe Raitt Heuer & Weiss, P.C.

James Kramer

James Kramer

James is a member of the firm's Electronic Payment Group, Corporate Group and Business Transactions Group. James counsels clients on contractual, regulatory, and compliance matters as well as on purchases, sales, mergers, and acquisitions. He routinely advises and negotiates on behalf of financial institutions and entities in the electronic payments industry.

jkramer@jaffelaw.com

What to Do in the Face of a Dispute

9 Mar

What do you do when your exclusive agent starts referring merchants to a different processor?  What if your residuals from your ISO are cut off, or if you don’t receive the hold-back payment from the buyer of your merchant portfolio?

These are the kind of disputes that regularly arise in the payments industry and which require immediate attention.  What should you do when faced with them?

First, gather up all relevant documents, including written agreements, emails and letters concerning the dispute as well as information that supports the other side.  Then, reach out to a lawyer knowledgeable and experienced in the industry.  Knowledge of the payments business is critical because courts will look to industry standards in interpreting contractual ambiguities.

Should you file a lawsuit right away?  We typically recommend, instead, that a demand letter be sent.  A demand letter lays out in some detail what your grievances are, why the contract or parties’ dealings support your position, and what you want the other side to do.  If you are the recipient of a demand letter, gather up the same materials and get them to your counsel right away.

The principal goal of a demand letter is to begin a discussion to reach a resolution of the dispute.  A resolution of a dispute, however, is not the same thing as capitulation.  It involves compromise and negotiation.  Why compromise?  Because litigation is expensive, time-consuming, distracting and the end result is always uncertain.  A negotiated resolution to a dispute is far preferable to one costing tens of thousands of dollars and dragging on for months if not years.

Of course, some disputes cannot be resolved amicably or are of such dire importance that immediate court intervention is necessary.  Under such circumstances, litigation may be the only recourse.

Litigation starts with preparing a complaint which sets forth facts and the plaintiff’s claims.  That document is filed with the court and is served on the other side.  The other side usually has 20 to 30 days to answer depending on the state.  The next step is usually written discovery, meaning a set of questions which need to be answered.  Following written discovery, usually depositions are taken where lawyers question witnesses under oath.  Once all discovery is complete, the parties often will file motions for summary judgment.  A motion for summary judgment asks the court to rule that there are no issues of fact requiring trial and that, as a matter of law, you are entitled to prevail on your claims.  Preparation of a good motion for summary judgment is an arduous task requiring the summation of all of the evidence gathered through the discovery process.  If the court finds that it is unable to grant summary judgment for either side, then the case will proceed to trial.

Litigation can be a lengthy, costly and distracting process.  It will consume many hours of internal personnel time.  Conventional wisdom says that 99% of commercial litigation matters get resolved before trial.  There is, therefore, no reason why a resolution could not have been reached at the demand letter stage rather than after 12 months of discovery and tens or hundreds of thousands of dollars of expense.  If you provide your lawyer with all relevant information at the outset of the dispute, significant costs may be avoided with little, if any, difference in the ultimate outcome.

 — Eric A. Linden, Attorney and Partner, Jaffe Raitt Heuer & Weiss, P.C.

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

FinCEN Rules that ISOs and Processors Are Not Money Transmitters

2 Oct

In the age of greater regulatory scrutiny on the ISO business, here’s a shout-out to FinCEN, who recently ruled that ISOs and processors are not money transmitters under the Federal Bank Secrecy Act (BSA).

In a refreshingly straight-forward administrative ruling dated August 27, 2014, the Financial Crimes Enforcement Network (FinCEN) clarified that an ISO company’s activities marketing card processing services to merchants does not make the company a money transmitter under FinCEN regulations.   Because the ISO neither accepted nor transmitted funds on behalf of the merchants it solicited, nor on behalf of the sponsor bank, it did not satisfy a critical component of a money transmitter:  that of transmitting funds.  

The ruling also set forth a four part test to determine whether payment processing activities fit within a payment processor exemption to the money transmitter definition.  In order for the payment processor exemption to apply, the processor:

 1.  must facilitate the purchase of goods or services,

2.  must operate through clearance and settlement systems that admit only BSA-regulated financial institutions,

3.  must provide the service pursuant to a formal agreement, and

4.  must have an agreement with the seller or creditor that provided the goods or services and receives the funds.  

The question of whether or not ISOs and processors qualify as money transmitters under Federal law has dogged the industry for some time.  This ruling finally clarifies that traditional ISOs do not qualify as money transmitters, and that as long as processors satisfy the above conditions, they will not be deemed a money transmitter under the BSA. 

Unfortunately state law still must be reckoned with, and remains murky.  Each state has its own money transmitter law, and a similar ruling would need to be obtained from each state to fully settle the issue.  But the FinCEN action will make an easier case in front of state regulators that the activities of ISOs and processors should not render them money transmitters under state statutes.

–Holli Targan, Attorney and Partner, Jaffe, Raitt, Heuer & Weiss, P.C.

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

Holli Targan honored as one of the most influential women in the payments industry

13 May

PaymentsSource, the leading information resource for news, trends and analysis in the payments industry, has honored Jaffe attorney and partner Holli Targan as one of the year’s Most Influential Women in the Payments industry for 2014

Ms. Targan was honored at a reception held April 22 during the 26th Annual Card Forum & Expo in Orlando, Florida and was a featured panelist at the Women in Payments Leadership Exchange. Selected for her achievements in a traditionally male dominated industry, Targan is one of only 20 women recognized for helping redefine the way people and businesses handle money.

Read PaymentsSource article by Ed McKinley regarding Holli’s achievements in this dynamic industry sector.

 

–          Jill Miller, Jaffe Raitt Heuer & Weiss P.C.

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

Are you complying with the Fair Credit Reporting Act?

29 Apr

As an employer, you must comply with the Fair Credit Reporting Act (“FCRA”) if you hire an outside third party, known as a “consumer reporting agency” to perform credit and background checks on employees and applicants.  The information provided by a consumer reporting agency to an employer is referred to as a “consumer report” and such report can contain anything from information on an employee or applicant’s creditworthiness and reputation to information regarding their criminal history.  While the FCRA contains many requirements related to consumer reports with which employers must comply, three basic notices employers are required to provide are:

1.            Notice prior to obtaining a consumer report.

After obtaining written permission from an applicant or employee to obtain their consumer report, you must provide them with written notice that you might use information in their consumer report for decisions related to their employment – such as hiring, retention, promotion, reassignment, etc.  This notice must be in its own document and cannot be contained within an employment application.

2.            Notice prior to taking adverse action.

Before you reject a job application, reassign or terminate an employee, deny a promotion, or take any other adverse employment action based on information contained in a consumer report, you must give the applicant or employee a notice that includes a copy of the consumer report you relied on to make your decision and a copy of the FCRA document “A Summary of Your Rights Under the Fair Credit Reporting Act.”

3.            Notice after taking adverse action.

If you take adverse action based on any information contained in a consumer report, you must notify the applicant or employee of that fact.  This notice is called an “adverse action notice” and the FCRA sets forth specifics as to when and how the notice must be sent, in addition to what information the notice must include.

The FCRA is complex and contains potentially significant consequences for non-compliance.  As an employer, you should review your processes and procedures to verify that you are not only sending out the appropriate FCRA notices but that you are in full compliance with all applicable provisions of the act.

Heather Maldegen-Long

Attorney

heamal@jaffelaw.com

Durbin Regulation Ruling: Appeals Court Overturns Lower Court Decision

21 Mar

 Today the District of Columbia Court of Appeals upheld the Federal Reserve Board’s regulations interpreting the Durbin Amendment, and in so doing reversed the lower court’s decision invalidating those rules.  Last July, Judge Leon of the U.S. District Court concluded that the Board’s regulations violated the Durbin Amendment statute’s plain language.  Today the Court of Appeals disagreed, holding that the Board’s rules are a reasonable construction of the law. 

The court noted that it reviewed the Board’s interpretation of the law directly, according no deference to the lower court’s ruling.  In an opinion that is a marked departure from the lower court’s combative tone, today’s opinion logically analyzes each of the arguments advocated by the merchants and by the Federal Reserve Board, concluding that the Board’s interpretation of the Durbin Amendment language should stand.

The court remanded back to the Board one aspect of the Durbin regulation, requiring an explanation of the Board’s interpretation of the fraud prevention adjustment.  In the meanwhile, the existing regulation remains in place.

Thus, unless and until today’s decision is appealed to the Supreme Court, both the interchange fee and the anti-exclusivity aspects of the current regulation govern.

 –Holli Targan, Partner, Jaffe, Raitt, Heuer & Weiss, P.C.

 

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

CFPB Settles with ISO for Violating the Telemarketing Sales Rule

25 Oct

Once again, an independent sales organization (“ISO”) has been sued by a Federal agency for violating the Telemarketing Sales Rule (the “TSR”). Once again, the government claimed that the ISO provided substantial assistance to merchants while it knew or consciously avoided knowing that the merchants were engaged in abusive telemarketing practices. However, unlike the lawsuits filed this past summer (which are described in our blog posts dated June 20, 2013 and June 24, 2013), the agency involved is the Consumer Financial Protection Bureau (“CFPB”).

On October 3, 2013 the CFPB filed a complaint and settlement order against Meracord LLC (“Meracord”). The TSR prohibits debt-relief service providers (“DRSPs”) from charging consumers fees before settling any of their debts. The CFPB zeroed in on Meracord through investigations into several DRSPs that allegedly charged illegal fees. In building its case against those DRSPs, the CFPB discovered that Meracord had processed at least $11 million in unlawful fees from October 2010 to July 2013. The complaint alleges that more than 11,000 customers were charged upfront fees by the merchants in violation of the TSR, and nearly 5,000 of them had none of their debts settled. The CFPB alleged that Meracord knew that it was transmitting advance fees to DRSPs that had not yet settled consumers’ debts and that were not entitled to advance fees.

At the time the complaint was filed, the CFPB, Meracord and Meracord’s chief executive, Linda Remsberg, agreed to an order that will: (1) permanently bar Meracord and Mrs. Remsberg from processing payments for debt-settlement companies and for members of the related mortgage-settlement industry; (2) impose a civil money penalty of $1.376 million upon Meracord and Mrs. Remsberg, jointly and severally; and (3) subject Meracord and Mrs. Remsberg to submitting additional compliance reports with the CFPB.

This is the first action taken by the CFPB against an ISO, which indicates that there is a new federal agency that ISOs must be cognizant of. The CFPB’s initial foray in the enforcement of the TSR should be seen as another warning sign that the federal government is serious about its enforcement of the TSR and it will hold payment processors accountable for their merchants’ failure to comply with the TSR by using the “knew or consciously avoided knowing that the merchants were engaged in abusive telemarketing practices” TSR language.

With the federal government’s recent actions regarding enforcement of the TSR, it would be in payment processors’ best interests to familiarize themselves with the TSR. Due diligence on merchant activities should be investigated to make sure that merchants are not violating the TSR. Although this routine may be burdensome, it pales in comparison to the alternative of possibly being shut out of the industry and having to pay millions of dollars in fines.

— Andrew Hayner, Jaffe, Raitt, Heuer & Weiss, P.C.

Holli Targan

Attorney & Partner

htargan@jaffelaw.com

Preventing Headaches: Do Your Due Diligence

30 Sep

We’ve encountered a few situations lately that underscore the importance of following basic sound contracting practices.  Rushing to move projects along as quickly as possible may lead companies to contract with vendors before thorough investigation, at their peril.  Far too often researching a potential supplier to discover whether the company is able to perform according to plan is ignored. 

Time spent on conducting due diligence up front can save you money and headaches down the road.  Due diligence means investigating a prospective vendor to ensure that the company is what its agents say it is, and that the company can do what they say they will do.

 Why should you bother?  Scrutinizing every prospective contracting party may avoid lost opportunities, costly mistakes, litigation, and degradation of your good name later on.  In situations where the supplier will be performing a service to your customers, the company will affect your profitability and influence how the customer perceives the quality of the service.  In other cases, a vendor may be manufacturing a piece of equipment or developing software, and inexperience may result in months or years of delay.  The few hours that it takes to complete due diligence will reveal information indicating whether the company is able to perform – information that you are better off knowing before the contract is signed.

 Below are the basics of a due diligence policy to get you started:

 The Policy.  Contracting procedures should require that a “due diligence checklist” be filled out on every prospective vendor.  The checklist will highlight key information that should be explored.  Some of the material may be sensitive in nature, so the prospect may feel more comfortable disclosing such information after both sides sign a confidentiality agreement.  The due diligence policy should require that the disclosures be updated at least annually on companies with whom you will have a continuing relationship. 

 The Inquiry.  Every situation is unique, but at a minimum the following should be examined:

*          The company’s most recent financial statement, audited if available. 

*          Talk to at least three business references that have a contractual relationship similar to the one you are contemplating.  Dig deep, asking the references about challenges they have faced working with the prospective vendor. 

*          Professional biographies on individuals in the company with significant management responsibility. 

*          A schedule of all material insurance policies in effect. 

*          Disaster contingency plans. 

*          Outstanding, anticipated, and recently concluded legal action by or against third parties and all government investigations. 

*          Policies and procedures covering security controls. 

The investigation should be thorough enough to uncover information that will reveal whether or not the company can perform the best job for you, and will be there for the long haul.  A good due diligence policy that has the support of senior management can be your best defense against problems down the road. 

–Holli Targan, Partner, Jaffe, Raitt, Heuer & Weiss, P.C.

 

Holli Targan

Attorney & Partner

htargan@jaffelaw.com