As a corporation that handles ACH transactions on behalf of others, you may have heard your financial institution refer to you as a “Third-Party Sender.” Common examples of Third-Party Senders include payroll processing companies, rent payment companies, and other bill pay providers. If an entity is designated as a Third-Party Sender, it is subject to certain duties under the Nacha Operating Rules (“ACH Rules”), such as the requirements to have an annual ACH Audit conducted and to enter into specific agreements with its clients (the “Originators”). Continue Reading Third-Party Senders: Are you a Money Transmitter?
New Joint Regulatory FAQs Regarding Suspicious Activity Reporting and other AML Considerations
On January 19, 2021, several federal banking regulators including FinCEN, the Federal Reserve, the FDIC, NCUA, and the OCC jointly issued answers to several frequently asked questions (FAQs) regarding suspicious activity reports (SARs) and other anti-money laundering (AML) considerations for financial institutions covered by SAR rules. As used below, the term “financial institution” includes money services businesses.
Importantly, the FAQs do not alter existing BSA/AML legal or regulatory requirements, nor do they establish new supervisory expectations. Instead, they are intended to clarify the regulatory requirements related to SARs to assist financial institutions with their compliance obligations. Continue Reading New Joint Regulatory FAQs Regarding Suspicious Activity Reporting and other AML Considerations
Payment Processing Contracts and COVID-19
The commercial slowdown wrought by the global pandemic COVID-19 has left many in the payments industry wondering how the virus will affect their existing processing agreements. Depending on which side of an agreement you are on, you may be worried about breaching your contractual obligations or about the other party not being able to perform its end of the agreement. Likewise, you may be looking for a way to get out of the contract without being in breach, or, alternatively, nervous that COVID-19 will present an opportunity for the other side to legally terminate. Continue Reading Payment Processing Contracts and COVID-19
Card Brand Guidance for Managing COVID-19 Related Chargebacks
In light of the significant increase in chargebacks resulting from COVID-19, Visa, Mastercard and American Express recently issued guidance to assist acquirers, issuers, and merchants in navigating the dispute process. Below is a summary of that guidance. Visa On March 27, 2020, Visa released a bulletin titled “Managing Disputes Through COVID-19: Programs, Best Practices and FAQs to Help Clients” in which it provides guidance about managing and responding to disputes as a result of COVID-19. Continue Reading Card Brand Guidance for Managing COVID-19 Related Chargebacks
Legal Impacts of COVID-19 on the Payments Industry
The Taft Paytech & Payment Systems team has prepared the following tips for ISOs, processors, payment facilitators, ISVs, money services businesses, and banks in light of COVID-19 developments.
- Review Termination Rights and Implications. Contracts often include a force majeure clause that excuses nonperformance when it is caused by unforeseen events beyond the control of the parties. An evaluation of whether the current circumstances qualify as a force majeure event should be conducted. If the contract does not contain such a provision, there may be other remedies if you are unable to perform. Continue Reading Legal Impacts of COVID-19 on the Payments Industry
California Consumer Privacy Act (CCPA) Goes into Effect
As of January 1, 2020, the California Consumer Privacy Act (CCPA) is now in effect. As we explained here, the CCPA imposes requirements on merchants and payment processors to protect personal information of California residents.
Enforcement of the law does not begin until July 1, 2020, which is good because the regulations interpreting the law have not even been finalized yet. The draft regulations, published this past October by California’s Attorney General, propose rules relating to consumer disclosures, processing consumer requests, and other implementation details. Final rules will be issued before the July 1, 2020 enforcement date. Continue Reading California Consumer Privacy Act (CCPA) Goes into Effect
Merchant Found Not Liable for Data Breach Assessments
A federal court’s interpretation of a merchant contract resulted in the merchant not being liable for card brand security breach assessments. It may be worthwhile to examine and revise your merchant agreement in light of that ruling.
In Specs v. First Data, decided June 2019, the US Court of Appeals for the Sixth Circuit ruled that the limitation of liability clause in First Data’s merchant agreement took precedence over the agreement’s indemnification clause, and therefore that the merchant was not liable for card brand penalties. The indemnity obligated the merchant to reimburse First Data for any losses arising out of merchant violations of card brand rules, whereas the limitation of liability exempted the parties from indirect and consequential damages. The court found that card brand penalties qualified as consequential damages. Continue Reading Merchant Found Not Liable for Data Breach Assessments
Oklahoma AG: Surcharges OK
Recent opinion provides welcome clarity on Oklahoma’s position on surcharge ban enforceability, relating to electronic payment processing
Judicial developments surrounding the legality of credit card surcharging have made keeping up with the latest news on this issue a challenge. Currently, there are several states with laws in place prohibiting surcharges. Merchants have challenged the constitutionality of these laws in court, sometimes with some confusing results. Continue Reading Oklahoma AG: Surcharges OK
Legislative Watch: New Merchant Agreement Requirements
The Maryland legislature has passed legislation that, if signed by the Governor, will require merchant acquirers to revise their merchant applications and agreements. Under the proposed law, merchant services providers, financial institutions, independent sales organization (ISO’s), or any subsidiary or affiliate of those entities (“Credit Card Processors”) will be required to provide merchants with specific disclosures and notices clearly and conspicuously within the merchant agreement. We interpret this to include payment facilitators. There is also a cap on the fees or penalties that a Credit Card Processor can levy against a merchant for its cancellation of the merchant agreement. Continue Reading Legislative Watch: New Merchant Agreement Requirements
AML Program Tips
Developing an anti-money laundering program (AML) can prove challenging for card processing companies. While not an exhaustive list, here are 9 areas that an AML program should be sure to include: Continue Reading AML Program Tips