Presentation is loading. Please wait.

Presentation is loading. Please wait.

Third-Party Payment Processor Update

Published byBethanie Burns Modified over 7 years ago

Similar presentations

Presentation on theme: "Third-Party Payment Processor Update"— Presentation transcript:

1 Third-Party Payment Processor Update
Marsha Jones, President Third Party Payment Processors Association Keith Barnett, Partner Troutman Sanders LLP

2 What is a TPPP? A Third-Party Payment Processor (TPPP) is a depository customer of a bank that processes payments, (debits and/or credits,) on behalf of other companies through the TPPP’s bank. Payroll Processors are considered Third-Party Payment Processors. TPPPs customarily referred to processors that process ACH and/or remotely created checks (RCC). However, it has become more broadly known as: A party that has a contractual relationship with another company to process payments for that company through the TPPP’s bank; and The bank does not have a contractual relationship with the company initiating the payment. TPPPs are known as Third-Party Senders (TPS) under the NACHA Operating Rules (First defined in December 2004).

3 Regulations for Electronic Payments
Electronic Funds Transfer Act (“EFTA”) and its implementing regulation, Regulation E Consumer Financial Protection Act (“CFPA”) prohibitions against unfair, deceptive, or abusive acts or practices (“UDAAP”) Federal Trade Commission Act (“FTC Act”) prohibitions against unfair or deceptive acts or practices (“UDAP”) Telemarketing Sales Rule (TSR) Fair Debt Collection Practices Act (FDCPA) Bank Secrecy Act/USA PATRIOT Act/Anti-Money Laundering OFAC Payment System Rules

4 Earliest Guidance on TPPPs
OCC BULLETING Risk Management Guidance: Automated Clearing House September 1, 2006 References Third-Party Senders OCC BULLETIN Risk Management Guidance: Payment Processors April 24, 2008 FIL Guidance on Payment Processor Relationships November 7, 2008

5 Evolution of TPPPs Many relationships with banks predated (sometimes by decades) the distinction TPPP or TPS. These relationships continued to be treated as direct originators of payments. TPPPs were often not advised of their expanded compliance responsibilities, primarily because the banks did not recognize the need to reclassify these relationships. TPPPs and banks historically focused on the credit, operational and fraud risks related to these relationships, consistent with direct merchants/originators. Recent regulatory enforcement actions emphasize compliance, legal and reputation risk.

6 Consumer Protection Working Group
Unit within the Financial Fraud Enforcement Task Force that was created in late 2009 First meeting on February 10, 2012 Announced by the Attorney General Eric Holder shortly after State of the Union Address in 2012, formed to “address several areas of concern, including payday lending and other high-pressure telemarketing or Internet scams, business opportunity schemes, for-profit schools that engage in fraud or misrepresentation, and fraudulent third- party payment processors that facilitate payments on behalf of other fraudsters without the permission of the customer.” Members of the Consumer Protection Working Group included (among others): FTC CFPB DOJ, FBI and Secret Service FDIC, OCC, FRB & NCUA FinCEN Various States Attorneys General

7 Guidance Since Working Group
FDIC FIL , Statement on Providing Banking Services FIL , FDIC Clarifying Supervisory Approach to Institutions Establishing Account Relationships with Third-Party Payment Processors (High Risk List Disappeared) FIL , FDIC Supervisory Approach to Payment Processing Relationships With Merchant Customers That Engage in Higher-Risk Activities FIL , Payment Processor Relationships, Revised Guidance (High Risk List) OCC OCC BULLETIN  , Third-Party Relationships – Risk Management Guidance FRB SR 13-19, 12/5/13, Guidance on Managing Outsourcing Risk FinCEN FIN-2012-A010, Risk Associated with Third-Party Payment Processors

8 Summary of FDIC Guidance to Banks
Ensure that contractual agreements with payment processors include safeguards. Perform a background check of the processor, its principal owners, and merchant clients. Must compare merchant information with public record, fraud databases, and trusted third-party data databases. Be aware of nested processors. Authenticate the processor’s business operations and compliance management systems. Monitor for red flags, including increases in consumer complaints. Act promptly to minimize consumer harm.

9 FinCEN Guidance on TPPPs
Financial institutions providing services to Payment Processors institutions: May find it necessary to update their anti-money laundering programs; Should determine during thorough initial and ongoing due diligence, to the extent possible, whether external investigations or legal actions are pending against a Payment Processor or its owners and operators; Should determine whether Payment Processors have obtained all necessary state licenses, registrations, and approvals; May be required to file SARs if they know, suspect, or have reason to suspect that a Payment Processor has conducted a transaction involving funds derived from illegal activity, including, but not limited to, consumer fraud; and Also may be required to file a SAR where it knows, suspects, or has reason to suspect that a Payment Processor has attempted to disguise funds derived from illegal activity, or has attempted to engage in transactions designed to evade regulations promulgated under the Bank Secrecy Act (“BSA”) or that lack a legitimate business or apparent lawful purpose.

10 Other Vehicles for Regulating
Non-banks Posing Risks: Regulation where the CFPB has reasonable cause to determine that non-bank is engaging, or has engaged, in conduct that poses risks to consumers with regard to the offering or provision of consumer financial products or services. Civil Investigative Demands: Enforcement tool which may be used when the CFPB “has reason to believe that any person may be in possession, custody, or control of any documentary material or tangible things, or may have any information relevant to a violation.” Consent Orders Requirements imposed by the CFPB or FTC on a particular company that has violated some consumer protection regulation or processed payments for a violating merchant

11 Evolution of TPPP “Guidance”
Guidance is high-level and vague regarding specific expectations and does not apply directly to TPPPs. Early enforcement actions were against banks and more heavily focused on RCC and telemarketing fraud. BSA/AML findings related to KYC and KYCC became more prevalent with banks in payment processing soon after and continue today. Consumer Protection focus emerged in 2012 following the creation of the Consumer Protection Working Group under Financial Fraud Enforcement Task Force. Consent orders against TPPPs by the CFPB and FTC are now commonplace and are more targeted and offer more specifics on regulatory expectations which frequently exceed guidance requirements.

12 No Direct Regulator Regulatory expectations must flow from the financial institution. NACHA Rules enforced through the Originating Depository Financial Institution (ODFI). Unaddressed Regulatory Gap exists between banks and payment processors. Consumer protection regulations typically apply to merchants, however regulators hold TPPPs accountable for facilitating consumer protection violations. TPPP specific guidance tends to come via consent orders.

13 Enforcement Regulatory and Rulemaking Update – 2016 In Review
Lawsuits Against Payment Processors CFPB v. Intercept Returns v. Unauthorized Returns Statute of limitations and due process

14 Enforcement Regulatory and Rulemaking Update – 2016 In Review
Lawsuits Against Lenders CFPB v. CashCall UDAAP for a Violation of State Law The CFPB Is Constitutional CFPB v. PHH Removal “ForCause” Is Unconstitutional? The Statute of Limitations The Due Process Clause

15 Enforcement Regulatory and Rulemaking Update – 2016 In Review
CFPB Proposed Rules On Small Dollar Short Term Lending Cooling Off Period Multiple Attempts to Debit An Account CFPB Proposed Rules on Mandatory Arbitrations Are We Near The End Of Mandatory Arbitration? CFPB Final Rules on Prepaid Accounts Fee Disclosures, Regulation E and Regulation Z

16 Don’t Get Caught …….. “Financial institutions and processors that fail to adequately manage their relationships may be viewed as facilitating a payment processor’s or merchant client’s fraudulent or unlawful activity and, thus, may be liable for such acts and practices.” - FIL (Revised July 2014)

17 Thoughts about Derisking
Thoughts from FinCEN “De-risking”: When financial institutions and/or payment processors seek to avoid perceived regulatory risk by terminating, restricting, or denying services to broad classes of clients, without case-by-case analysis of risk or consideration of mitigation options. A banking organization’s due diligence should be commensurate with the level of risk presented by the customer as identified in the bank’s risk assessment. As a practical matter, it is not possible for a bank to detect and report all potentially illicit transactions that flow through an institution. But where an institution follows existing guidance and establishes and maintains an appropriate risk-based program, the institution will be well-positioned to appropriately manage such accounts, while generally detecting and deterring illicit transactions.

18 Don’t Throw Out the Baby with the Bathwater
The alternative to Derisking is for Banks, Processors and Merchants to become partners in compliance.

19 Questions? Marsha Jones, TPPPA (888) Keith Barnett, Troutman Sanders (404)

Download ppt "Third-Party Payment Processor Update"

Similar presentations

HIGH-RISK: FOREIGN CORRESPONDENT BANKING

HIGH-RISK: FOREIGN CORRESPONDENT BANKING
NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.

NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.
FinCEN Director Jennifer Shasky Calvery stated: “Now that some states have elected to legalize and regulate the marijuana trade, FinCEN seeks to move.

FinCEN Director Jennifer Shasky Calvery stated: “Now that some states have elected to legalize and regulate the marijuana trade, FinCEN seeks to move.
LEADERSHIP + INNOVATION 2013 OLA Conference |October 16-17 |San Diego Get Educated on the NACHA Rules Marsha Jones, AAP, NCP, Director, TPPPA Lin Fellerman,

LEADERSHIP + INNOVATION 2013 OLA Conference |October |San Diego Get Educated on the NACHA Rules Marsha Jones, AAP, NCP, Director, TPPPA Lin Fellerman,
©2012 CliftonLarsonAllen LLP 1 111 Red Flags- Why This Matters to You An overview of the FACT Act Identity Theft Red Flag Rule and its current impact.

©2012 CliftonLarsonAllen LLP Red Flags- Why This Matters to You An overview of the FACT Act Identity Theft Red Flag Rule and its current impact.
Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.

Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.
1 Financial Crimes Enforcement Network “FinCEN” Anna Fotias Senior Regulatory Compliance Specialist Office of Regulatory Policy 202-354-6400

1 Financial Crimes Enforcement Network “FinCEN” Anna Fotias Senior Regulatory Compliance Specialist Office of Regulatory Policy
OLA {DRAFT} BEST PRACTICES Revised 6/25/2013. Payments Landscape Update Ever increasing scrutiny and pressure from every agency OCC (J LaRoche, May, 2013)

OLA {DRAFT} BEST PRACTICES Revised 6/25/2013. Payments Landscape Update Ever increasing scrutiny and pressure from every agency OCC (J LaRoche, May, 2013)
Anti-Money Laundering and OFAC Compliance for Transfer Agents SSA Annual Conference July 25, 2008.

Anti-Money Laundering and OFAC Compliance for Transfer Agents SSA Annual Conference July 25, 2008.
Charles E. Constantin Director, Senior Bank Regulatory Compliance Officer Royal Bank of Canada, RBC Capital Markets Institute of International Bankers.

Charles E. Constantin Director, Senior Bank Regulatory Compliance Officer Royal Bank of Canada, RBC Capital Markets Institute of International Bankers.
LEGAL ISSUES IN LEAD GENERATION November 1, 2012 Sonoma, California Jeremy T. Rosenblum, Practice Leader Consumer Financial Services Group

LEGAL ISSUES IN LEAD GENERATION November 1, 2012 Sonoma, California Jeremy T. Rosenblum, Practice Leader Consumer Financial Services Group
Unlawful Internet Gambling Enforcement Act Final Rule Joseph Baressi June 3, 2009.

Unlawful Internet Gambling Enforcement Act Final Rule Joseph Baressi June 3, 2009.
Anti-Money Laundering (AML)

Anti-Money Laundering (AML)
1 Supplement to the Guideline on Prevention of Money Laundering Hong Kong Monetary Authority 8 June 2004.

1 Supplement to the Guideline on Prevention of Money Laundering Hong Kong Monetary Authority 8 June 2004.
This tool can be found in the Banker Tools section of BankersOnline.com. www.bankersonline.com 1 Bank Secrecy, Anti-Money Laundering & OFAC Director Education.

This tool can be found in the Banker Tools section of BankersOnline.com. 1 Bank Secrecy, Anti-Money Laundering & OFAC Director Education.
Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA 2014. The policy advocacy and regulatory work of the GSMA Mobile Money team.

Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA The policy advocacy and regulatory work of the GSMA Mobile Money team.
Agenda Overview Updates to the Manual Sections Not Updated

Agenda Overview Updates to the Manual Sections Not Updated
Division of Depositor and Consumer Protection Banker Teleconference Series Third-Party Compliance Risk Management Tuesday, June 5, 2012.

Division of Depositor and Consumer Protection Banker Teleconference Series Third-Party Compliance Risk Management Tuesday, June 5, 2012.
Money Laundering 23 September 2014. Contents 1 What is money laundering? 2. The ‘primary’ money laundering offences 3. Failure to report and tipping off.

Money Laundering 23 September Contents 1 What is money laundering? 2. The ‘primary’ money laundering offences 3. Failure to report and tipping off.
February 10, 2012 Michelle Hemerley Director, Compliance Consulting

February 10, 2012 Michelle Hemerley Director, Compliance Consulting

Similar presentations

Ads by Google