Earlier this month, the Electronic Transactions Association (ETA) hosted its annual TRANSACT conference to connect and educate the various branches of the payments industry. Industry leaders spoke on technology, security, regulatory and policy issues affecting the industry. In this update, we offer some key points from sessions at the conference that focused on legal issues.
Regulatory and Litigation Trends
One session at the conference focused on three emerging regulatory and litigation trends affecting companies in the payments ecosystem: (1) FTC/CFPB regulation; (2) litigation over the use and implementation of chip cards and signature verification; and (3) merchant class actions against processors.
FTC/CFPB Regulation of Processors and ISOs
Historically, the U.S. Department of Justice (DOJ) and Federal Trade Commission (FTC) have regulated the payments industry. While the DOJ has been relatively dormant since its high-profile Operation Chokepoint initiative, the FTC has undertaken several initiatives focused in particular on processors and ISOs. The FTC has issued civil investigative demands for information, frozen assets of those accused of wrongful conduct, taken the position that a processor’s reserve accounts are merchant assets and sued processors for providing “substantial assistance” to telemarketing merchants while “consciously avoiding knowing” that the merchant engaged in deceptive practices. Meanwhile, the Consumer Financial Protection Bureau (CFPB) has taken a greater—and growing—interest in regulating the payments industry, including processors and ISOs, under the jurisdiction granted to it by the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act.
According to the panelists, emerging dangers to participants in the payments system include potential joint and several liability for consumer injury and invasive FTC/CFPB oversight of the company’s operations. For example, the FTC/CFPB could dictate how a payments company must screen its merchants and require the company to submit regular reports for 20 years—the typical reporting period—evidencing compliance.
Red flags that will catch the eyes of these regulators include the following:
-
Departures from a company’s internal credit policies
-
Laundering or factoring (e.g., one business runs its transactions under another merchant’s ID)
-
A single merchant with more than one merchant ID—even though there may be legitimate reasons
-
Chargeback ratios exceeding a certain threshold—the government has considered even a 3% chargeback ratio to be a red flag
-
Suspicious or questionable chargeback narratives
Litigation Over Use of Chip Cards & Signature Verification
Several lawsuits are currently affecting the payments landscape.
B&R Supermarket, Inc. et al. v. Visa Inc. et al., originally filed in the U.S. District Court for the Northern District of California, involves allegations by merchants that the four big card networks, EMVCo, and a number of large issuing banks conspired to roll out a liability shift in lockstep, and that the conspiracy restrains trade and violates the Sherman Act and analogous state statutes. After transferring the claims against American Express to the U.S. District Court for the Southern District of New York pursuant to a contractual forum selection clause, the court dismissed the claims against the issuing banks and EMVCo on the basis that the merchant-plaintiffs had failed to state a claim. The court then transferred the remainder of the suit to the U.S. District Court for the Eastern District of New York, where it remains pending against Visa, MasterCard and Discover.
In The Home Depot Inc. v. MasterCard Inc. et al., Home Depot is alleging that Visa and MasterCard violated the Sherman Act and analogous state laws by trying to force merchants to accept signature verification because it results in a higher interchange fee paid by the merchant that Visa and MasterCard have fixed at a supra-competitive rate. This suit is also currently pending in the Eastern District of New York.
Similarly in The Kroger Co. v. Visa Inc., pending in the U.S. District Court for the Southern District of Ohio, and Wal-Mart Stores, Inc. et al. v. Visa U.S.A. Inc., pending in the Supreme Court of the State of New York for New York County, Kroger and Wal-Mart respectively allege that Visa forced them to accept signature authentication on debit card transactions, resulting in higher interchange and the inhibition of merchant network choice.
Each of these cases is still in the early stages of litigation, and no substantive rulings on the validity of the liability shift or verification methods have been issued yet. In the meantime, non-parties could be drawn into the litigation through third-party discovery requests, including document subpoenas and depositions, and they may also receive inquiries from merchants.
Merchant Class Actions Against Processors
When directed at processors, merchant class actions often challenge processing agreement terms, including perceived fee disparities, fee increases, inflation of interchange, limitations on liability, time limitations on reporting statement discrepancies, attorney fee provisions, and class-action and jury-trial waivers (including arbitration clauses). Class plaintiffs typically assert claims for breach of contract, unjust enrichment and fraud, but may in some cases bring a claim under the Federal Racketeer Influenced and Corrupt Organizations Act (RICO), which broadly regulates transfers of money. According to panelists, best practices for processors seeking to avoid these claims include:
-
Review processing agreements
-
Make certain provisions more conspicuous
-
Distinguish between third-party pass-through fees and processing fees for purposes of notice
-
Implement arbitration provisions and/or class-action waivers in contracts
Regulatory and Compliance Essentials for Fintech Companies
This session focused on the fundamental regulatory and compliance steps for new or startup companies in the fintech sphere.
Compliance is essential for the continued growth of any company, the panelists emphasized, because noncompliance can result in serious liability exposure and setbacks. In addition, banks and other financial partners factor compliance into their assessment of a potential partner or borrower. Particularly when partnering with banks, compliance with applicable laws is key to establishing a good relationship. According to the panelists, in approaching potential non-bank partners, a fintech company should consider the characteristics that will make it an attractive partner, including adequate capitalization/funding, a developed actionable business plan and compliance with all applicable laws and regulations. The company should vet its potential non-bank partners carefully, including by evaluating the potential partner’s financials and management, checking for pending regulatory or private enforcement actions and reviewing the partner’s regulatory risk profile.
Licensing is a compliance roadblock that is particularly difficult for new companies because it requires navigating a patchwork of requirements at both the federal level and among the various states. The Conference of State Bank Supervisors (CSBS), through its Vision 20/20 initiative, hopes to make the process of obtaining nationwide licenses feasible and simple. State-specific requirements that often pose hurdles for companies include surety bonds posted in every state the company does business, which can add up; audited financials, (which can be particularly difficult for a nascent company and fingerprinting of management and directors. A nationwide license would allow companies to directly offer services to consumers in every state and provide greater control over its customer relationships and the delivery of its product and services. However, nationwide licenses, even with the CSBS initiative, are still costly and time-consuming to obtain. A good strategy for those not wanting to pursue a nationwide license at the outset is to focus on the most important states for business first or to partner with established businesses to save costs upfront and get to market faster.
Value of Arbitration in Payments Space
In a session focused on the use of arbitration to resolve disputes in the payments space, the panelists discussed the following benefits of using arbitration:
-
A private forum that does not create a public record
-
Less intrusive and expensive discovery procedures
-
Potential immunization from class actions, which are generally unavailable in arbitration (although in McGill v. Citibank NA, the Supreme Court of California recently ruled that arbitration clauses that preclude class actions are unenforceable as they contradict public policy)
-
An adverse arbitration award generally has no preclusive effect
Some of these advantages were also identified as potential disadvantages, however, depending on the case. For example, a less formal and less expensive process increases access for plaintiffs, arbitrators may be more inclined to make decisions based on equity and less likely to strictly apply legal precedent, and the probability of winning dispositive motions in arbitration is lower than in litigation.
Processors should weigh the alternatives and make informed, strategic decisions about whether to include arbitration clauses in their merchant agreements. If processors decide to include arbitration clauses, they should make the clauses conspicuous, consider including an opt-out provision, be accommodating and reasonable in terms of location and division of arbitration fees, and avoid excessive limitations on discovery to avoid challenges to enforceability.
Impact of New Administration on Payment Industry Regulation and Opportunities for Self-Regulation
Though the Trump administration is seen overall as being more pro-bank, with several industry-friendly candidates already appointed, some unease remains. Certain appointments have been seen as questionable, and there is concern about who will be identified as the next director of the CFPB. The latency of the administration’s nominations adds to this concern. Assuming a pro-bank candidate is nominated and confirmed as the next director of the CFPB, rollback of the CFPB’s rulemaking is expected, but the industry will likely not see such changes until 2019 or 2020. The CFPB typically takes over two years to promulgate each new rule. Rulemaking may take even longer in the new administration if officials are sidelined by unrelated distractions.
Dodd-Frank and Durbin Amendments
There are a number of proposals before Congress to amend Dodd-Frank, including the Durbin Amendment, and it is difficult to predict how successful those proposals might be. Although it is plausible the House may vote to repeal or roll back Durbin or parts of Dodd-Frank, the issue so far appears toxic to Senators and thus is unlikely to make it past the upper chamber. The panelists explained that voting would make Senators choose between their various constituents, namely merchants and banks, which they do not want to do. As a result, any proposals will likely be stripped from the House bill and never make it to the Senate.
FTC
Karen Hobbs, an attorney in the FTC’s Division of Marketing Practices, reported that it is unlikely the new administration will impact her division and thus, overall, the division’s pursuits in the payments industry will not change. Hobbs did add that the agency may streamline the civil investigative demand process for third-party non-target companies, though the process is not likely to change for targets.
State Attorneys General
There is increasing coordination among state attorneys general to fill any federal void in the enforcement and regulation of the payments industry. In particular, the state attorneys general from New York, Maryland, the District of Columbia, Massachusetts, Iowa, Illinois, Minnesota and California will likely be the most active in the financial services space, both individually and as coalitions of states.
Industry Self-Regulation
Industry self-regulation continues to be a hot topic. The industry perspective is that self-regulation is a good thing if done right. It can be a defense to government inquiries or charges if the company has complied with industry standards, so long as those standards are appropriate, are fairly enforced and carry appropriate consequences for non-compliance. Thus, the value of compliance with industry standards for purposes of defending against a government challenge depends on the details of the standards and the companies’ underlying conduct.
[View source.]