The Federal Deposit Insurance Corporation’s release on January 31, 2012, of revised guidance on payment processor relationships should serve as a stark reminder to all banks that regulators are continuing to give increased scrutiny to such relationships. The revised guidance raises the specter of stepped-up enforcement activity targeting payment processor relationships. Ballard Spahr lawyers have assisted banks with the implementation of risk mitigation programs for such relationships and represented banks whose relationships with payment processors have been challenged by regulators.

In the last two years, the FDIC and the Office of the Comptroller of the Currency have brought at least five civil enforcement actions against banks for engaging in allegedly unfair practices under Section 5 of the Federal Trade Commission Act or unsafe and unsound practices through the handling of their relationships with payment processors. Several of those banks were also the subject of criminal enforcement actions brought by the U.S. Department of Justice. Notably, the Consumer Financial Protection Bureau’s recently issued Supervision and Examination Manual uses one of the OCC actions as an example of a bank engaging in an unfair practice.

A payment processor is typically a deposit customer of a bank that uses deposit accounts—its own or ones established for its merchant clients—to process payments for those clients either by creating and depositing remotely created checks or by originating Automated Clearing House debits.

The FDIC’s revised guidance includes the highlighted warning that banks “that fail to adequately manage [payment processor] relationships may be viewed as facilitating a payment processor’s or merchant client’s fraudulent or unlawful activity and, thus, may be liable for such acts or practices.

In particular, the FDIC states that banks risk liability “for facilitating or aiding and abetting consumer unfairness or deception under Section 5 of the [FTC] Act.” To underscore the seriousness of its concerns, the FDIC urges banks twice in the revised guidance “to act promptly” if consumers may have been harmed by fraudulent or improper activities engaged in by a payment processor or merchant client.

The revised guidance describes the risks that payment processors can present for banks, identifies warning signs that may indicate increased risk in a payment processor relationship, and discusses the risk-mitigation controls—including due diligence and monitoring—that a bank should implement to reduce the risk of establishing or maintaining inappropriate relationships with payment processors used by disreputable merchants.

The FDIC reminds banks that they cannot rely solely on due diligence performed by a processor on the merchants for which the processor originates payments. More specifically, the FDIC says it expects a bank “to adequately oversee all transactions and activities that it processes and to appropriately manage and mitigate operational risks, Bank Secrecy Act compliance, fraud risks, and consumer protection risks, among others.”

Banks are also warned of the heightened risk presented by “nested processor and aggregator relationships” in which payment processors may also process transactions for other payment processors (including a merchant who is also a payment processor.) In addition, the FDIC wants banks to “be alert for payment processors that solicit business relationships with troubled financial institutions in need of capital.” It also notes the challenge that payment processor relationships can create for smaller, community banks that may be less likely to have the infrastructure needed to properly manage such relationships.

Ballard Spahr’s Consumer Financial Services Group is nationally recognized for its guidance in structuring and documenting new consumer financial services products, its experience with the full range of federal and state consumer credit laws throughout the country, and its skill in litigation defense and avoidance (including pioneering work in pre-dispute arbitration programs.)

The group also produces the CFPB Monitor, a blog that focuses exclusively on important Consumer Financial Protection Bureau developments. To subscribe, use the link provided to the right.. For more information, please contact Practice Leader Alan S. Kaplinsky , 215.864.8544 or kaplinsky@ballardspahr.com; Practice Leader Jeremy T. Rosenblum , 215.864.8505 or rosenblum@ballardspahr.com; John L. Culhane, Jr. , 215.864.8535 or culhane@ballardspahr.com; Beth Moskow-Schnoll , 302.252.4447 or moskowb@ballardspahr.com; Barbara S. Mishkin , 215.864.8528 or mishkinb@ballardspahr.com; or Mark J. Furletti , 215.864.8138 or furlettim@ballardspahr.com .

 


Copyright © 2012 by Ballard Spahr LLP.
www.ballardspahr.com
(No claim to original U.S. government material.)

 

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.

This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.