Payment Processors in Regulatory Crosshairs – Recent Cases

Payment processors have recently become increasingly the target of regulatory investigations and actions by the Federal Trade Commission (“FTC) and the Consumer Financial Protection Bureau (“CFPB”). The results can be extremely severe to the processors and ISOs involved, as well as their owners and executives. The most common punishments, either by agreement or order, are industry bans, fines (and suspended fines) against the entities and the owners, mandatory implementation of strict monitoring and screening requirements and automatic triggers for investigation based on chargeback rates.

Recent FTC Examples

FTC v. Electronic Payment Systems, LLC (“EPS”)

This case was a prosecution by the FTC against an ISO and its owners that was filed originally in 2017 on the basis of, among other allegations, facilitating an unlawful telemarketing scheme and allowing straw merchants (even after red flags). There was a Consent Agreement between EPS and FTC that was posted for public comment wherein there was not a monetary judgment (because of the Supreme Court’s decision in AMG Capital Management v. FTC), but there were very severe and specific enforcement restrictions placed on EPS’s future operations. For instance, EPS is required to implement secret shoppers with merchants that meet a threshold percentage or raw number of chargebacks for a month. EPS is also required to stringently monitor its ISAs and terminate within 3 days of becoming aware of certain red flags with the ISAs and their merchants.

FTC v. Universal Guardian Acceptance (“UGA”)

This case involved alleged ineffective and deceptive investment training services. In lieu of monetary penalties (and largely because the AMG ruling stood in the way), UGA was ordered to forgive tremendous amount of debt. UGA was also given a very substantial and stringent list of monitoring and screening obligations for future operations.

FTC v. Automatic Funds Transfer Services, Inc. (“AFTS”)

This case involved processing for a TSR for student loan debt relief and high return rate merchants. Settlement terms included entity and owners being banned from processing for debt relief and student loan entities (their primary field of business), stringent monitoring and screening requirements and a $500,000 fine with an additional suspended (because of inability to pay) fine of $27 million.

FTC v. Hornbeam Special Situations, LLC (“iStream”)

This case involved remotely created checks, which is an industry that is heavily scrutinized and targeted by regulatory agents such as the FTC and CFPB and selling discount club services. As part of the settlement, iStream was banned from processing for remote created checks, outbound telemarketing, discount clubs and payday loans. There were also severe monitoring and iStream was ordered to pay $2.3 million. Notably, the FTC sought $40 million and stated that the only reason it was so much less was the Supreme Court’s AMG ruling.

McNamara v. Wells Fargo

This is an interesting case that is still pending. The significance of this case is the FTC’s use of McNamara as a receiver in order to get around the limits imposed by the AMG ruling in terms of getting monetary damages. This is potentially a very important outcome to watch for as it could provide effective template to the FTC to follow in future matters.

The CFPB is another regulatory and enforcement branch to be aware of that has been very active in terms of prosecuting payment processors and related entities. They are under new leadership (Rohit Chopra) that has been very aggressive in doing so.

Recent CFPB Examples

In re Ram Payment, LLC.

This case involved debt relief payment processors involved with student loan and traditional debt relief, as well as account maintenance and approximately 270,000 consumers. Among other things, Ram was accused of failing to return unearned funds to consumers. On May 11, 2022, a consent order was entered. The order included an $8.7 million refund, $3 million in civil fines to the bureau victim fund and industry bans against the owners and the entity.

CFPB v. BrightSpeed Solutions

This case involved remotely created checks and online tech support, both big targets of the regulators. The result was a stipulated judgment wherein BrightSpeed was banned from payment processing for consumer lending and debt collection. The owner was fined $500,000 and the company was given a $54 million suspended fine.

CFPB v. MoneyGram.

This case is still pending, with MoneyGram’s response to the complaint due on May 20, 2022. It is a fund transfer case. Among other things, MoneyGram is accused of failing to make adequate disclosures such as accurate delivery dates. Key issues include repeat offender allegations and prior knowledge of violations allegations. The repeat offender issue is important to notes, as when there are FTC or CFPB related orders it is extremely important to be diligent and detail-oriented about making the changes and closely monitoring. It is also worth mentioning that employing payments attorneys for assistance with this is highly recommended.