The FTC and CFPB continue to bring enforcement actions against payments companies alleged to have facilitated fraudulent transactions for merchants.
In my recent webinar with Venable and MAC, I discussed three major lawsuits involving payments companies:
CFPB v. Intercept – In this case, it is alleged that Intercept and two executives ignored blatant warning signs of potential fraud. We are talking returned payment rates in the range of 20-40%—many of which stemmed from the processing of fraudulent, illegal, or unauthorized transactions—with little effort to correct or investigate. They also ignored complaints from banks and consumers. Instead of acknowledging the complaints, they simply switched to another bank to help process their payments—skipping around to 8 different banks in 6 years.
CFPB v. Universal Debt – This is a classic case of payments being considered enablers/facilitators for causing consumer harm, and therefore being held accountable. At the root cause was a robo-call phantom debt collection operation where:
- Consumers were harassed with threatening calls
- Phantom debt was collected
- Legal action was threatened against consumers
- Consumers were deceived to collect debt
FTC v. Capital Payments (Bluefin) – Capital payments was implicated as facilitating a telemarketing scheme called “The Tax Club” which used merchant accounts to bill consumers who were trying to start a home based business. Details of the settlement include underwriting requirements, monitoring requirements, and a $2.6 million settlement.
These cases are clear examples of what NOT to do if you are in the payments industry. Here are a few DON’Ts and DOs to help payments companies steer clear of regulatory actions:
DON’T: Ignore complaints from banks and consumers. Regulatory agencies like the CFPB and FTC have been accepting and maintaining large databases of consumer complaints and referencing them to inform future enforcement actions. (In fact, we just released an updated analysis of the CFPB Consumer Complaint Database, including an analysis of company responses to complaints.)
DO: Respond to complaints to keep more complaints from coming in before it’s too late. When the CFPB forwards a consumer complaint over to a company, the company is expected to respond to it within 15 days before the response time is considered “untimely”. Through our analysis, PerformLine found that when companies failed to respond to 100+ consumer complaints in a timely manner, there was a 41% probability of being the subject of a CFPB enforcement action.
DON’T: Enable other companies’ abusive and deceptive business practices. Regulators will hold partners and vendors of offending companies at least partly accountable for illegal business practices. Payments companies are not excluded.
DO: Provide merchants with feedback on their compliance. Notify your merchants of any suspicious or non-compliant practices. Compliance software that incorporates a streamlined workflow can enable enterprise efficiency of oversight, transparency, and accountability.
DON’T: Monitor your ecosystem at irregular or infrequent intervals. In the dynamic environment of the internet, illegal merchant activity can slip under the radar, putting you at risk.
DO: Keep a constant pulse on your merchants. If you’re working with highly regulated industries, you need to constantly monitor that your merchants are adhering to laws and card network guidelines, and remediate issues before you find your brand in deep water.
The patchwork of regulators overseeing merchants and payments companies makes regulatory compliance a multi-faceted task. Having a Compliance Monitoring Platform in place can help your company monitor for red flags and other changes in your merchants’ behavior. If you don’t have one in place, we have the platform you need to ensure 100% coverage of your merchants’ channels.