Payments and Digital Commerce

NetSpend Corporation (NetSpend) recently agreed to settle with the Federal Trade Commission (FTC) regarding allegations that NetSpend deceived consumers about certain aspects of NetSpend’s reloadable prepaid cards. NetSpend will pay $40 million in restitution to customers and $13 million to the FTC under the enforcement order. Providers of consumer financial products and services—not just prepaid card providers—should carefully review the FTC’s allegations. The allegations provide insights on practices the FTC perceives to be deceptive, and how to avoid engaging in them.
Continue Reading Federal Trade Commission Action Against NetSpend Has Relevance Beyond the Prepaid Card Industry

The Consumer Financial Protection Bureau (CFPB)’s long-delayed prepaid card rule has been delayed once again—and further delays may lie ahead, as the CFPB considers whether to make additional changes. The additional time gives prepaid providers and other stakeholders another bite at the apple to advocate for changes to this regulation.

On April 20, the CFPB issued a final rule officially delaying the prepaid rule’s effective date by six months, to April 1, 2018, after proposing that delay in light of calls from the industry for the need for more time to implement compliance. Along with announcing the delay, the CFPB stated that it also has “decided to revisit at least two substantive issues in the prepaid accounts rule through a separate notice and comment rulemaking process. We expect to release that proposal in the coming weeks.” Those two issues are “the linking of credit cards to digital wallets that are capable of storing funds” and “error resolution and limitations on liability for prepaid accounts that cannot be registered, have not yet been registered, or for which consumers have attempted but have not successfully completed the registration process.”
Continue Reading The CFPB’s Prepaid Rule: Yet Another Delay Brings a New Opportunity to Shape the Course

The Consumer Financial Protection Bureau (“CFPB”) made headlines last week by taking action against Dwolla, an online and mobile payments platform. The CFPB imposed a $100,000 penalty against Dwolla, and while the dollar amount of the penalty may appear to be small compared to other civil money penalties, the action is significant because it is the first action the CFPB has taken in the data security area and provides insight into future enforcement activities surrounding data security by the CFPB. It also serves as a notable reminder of the CFPB’s broad enforcement powers, which go beyond financial institutions to non-FI companies that deliver financial products and services to consumers. While the CFPB lacks authority over the substantive data security requirements that are enforced by the federal financial regulators, that poses no obstacle to the CFPB’s ability to take an action, like this, initiated under its authority to police “deceptive” acts or practices.
Continue Reading CFPB Takes First Data Security Enforcement Action Against Dwolla