Regulation E – Electronic Fund Transfers Act and Regulation II – Debit Card Interchange Fees and Routing Issues
On July 27, 2012, the Federal Reserve Board announced the approval of a final rule that amended the provisions in Regulation II (Debit Card Interchange Fees and Routing) that permit a debit card issuer subject to the interchange fee standards to receive a fraud-prevention adjustment. The final rule is effective October 1, 2012, and revises provisions that are currently in effect as an interim final rule.
The rule was implemented as a result of amendments made to the Electronic Fund Transfer Act (“EFTA”) required by the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”). Section 920 of the Durbin Amendment to the Dodd-Frank Act states: “The term ‘issuer’ means any person who issues a debit card, or credit card, or the agent of such person with respect to such card.”
Under the final rule, an issuer may be eligible for an adjustment of no more than 1 cent per transaction, the same amount as in the interim final rule. To qualify, it must develop and implement policies and procedures that are designed to reduce the occurrence and costs of fraudulent debit card transactions. The announcement makes changes simplifying the elements required to be included in an issuer’s fraud-prevention policies and procedures.
To be eligible to receive or charge the fraud-prevention adjustment, debit card issuers must develop and implement policies and procedures reasonably designed to effectively reduce the occurrence and cost of fraudulent electronic debit transactions. Such steps include the development and implementation of cost-effective fraud-prevention technology.
To comply with the requirements, a debit card issuer should immediately review current policies, procedures, and practices relevant to the debit card business for the following:
Documentation of the procedures used to conduct the review, findings, recommendations, and management responses should be maintained to evidence the scope and results of the review. Pursuant to the annual review requirement below, issuers should ensure internal audit or compliance monitoring schedules are revised to include the requirement.
After an initial review, issuers must review fraud-prevention policies, procedures, and their implementation at least annually and update them as necessary to ensure:
To receive or charge a fraud-prevention adjustment, an issuer must annually notify its payment card networks that it complies with the issuer standards described above for reviews of policies, procedures, and practical implementation.
An issuer is not eligible to receive or charge a fraud-prevention adjustment if the issuer is substantially non-compliant with the standards. That determination may be made by the issuer or the appropriate agency as defined in section 3(q) of the Federal Deposit Insurance Act (typically, the issuer’s federal regulator). The issuer must notify its payment card networks that it is no longer eligible for the adjustment no later than 10 days after determining or receiving notification that the issuer is substantially non-compliant with the standards. The issuer must stop receiving and charging the fraud-prevention adjustment no later than 30 days after notifying its payment card networks.
Consumer Financial Protection Bureau (“CFPB”) Foreign Remittances Final Rule and Safe Harbor for Certain Financial Institutions
On August 7, 2012, the CFPB amended Regulation E, which implements the Electronic Fund Transfer Act, and the official interpretation to the regulation. This rule covers remittance transfers sent by consumers in the United States to individuals and businesses in foreign countries. The rule is effective February 7, 2013.
The final rule:
Under the regulation, a “remittance transfer provider” or “provider” means any person that provides remittance transfers for a consumer in the normal course of its business, regardless of whether the consumer holds an account with such person. In the revised rule, the CFPB describes the safe harbor provision to the definition of “normal course of business.” A person is deemed not to be providing remittance transfers for a consumer in the normal course of its business if the person:
During a transition period (100 or fewer remittance transfers in the previous calendar year and more than 100 remittance transfers in the current calendar year), a person providing remittance transfers for a consumer in the normal course of its business has a reasonable period of time, not to exceed six months, to begin complying with the remittance rules.
The regulation prescribes minimum disclosures remittance providers must make to consumer senders. The disclosures include information about the transfer; name, telephone number, and website of the remittance transfer provider; and a statement regarding questions or complaints about the remittance transfer provider. The regulation also requires remittance providers to provide a receipt for the transfer, either separately or in a combined disclosure.
If the remittance transfer provider gives the combined disclosure and the sender completes the transfer, the remittance transfer provider must give the sender proof of payment when payment is made for the remittance transfer. The proof of payment must be clear and conspicuous, provided in writing or electronically, and provided in a retainable form. For transfers scheduled before the date of transfer, a remittance transfer provider may provide confirmation that the transaction has been scheduled in lieu of the proof of payment. The confirmation of scheduling must be clear and conspicuous, provided in writing or electronically, and provided in a retainable form. Model disclosure language is provided in Appendix A to the regulation.
Compliance policies, procedures, and practices supporting payment remittances, including processes for pre-authorized payment services, should be revised to include the new requirements. Disclosures should be reviewed against the comparable model disclosures in Appendix A to the regulation, and, error resolution procedures to ensure compliance in the event of a consumer sender complaint.
On July 30, 2012, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (“the agencies”) announced the availability of the 2012 list of distressed or underserved nonmetropolitan middle-income geographies, in which bank revitalization or stabilization activities will receive Community Reinvestment Act (“CRA”) consideration as “community development.”
The data reflect local economic conditions including triggers such as unemployment, poverty, and population changes. The information should be provided to CRA Officers, Chief Lending Officers, Community Development Officers, and Marketing and Business Development Officers, and used by senior management and the board of directors to help maintain a current and effective CRA and community development program.
On August 9, 2012, the National Credit Union Association (“NCUA”) announced that credit unions that want to offer consumers more service options through video teller machines can consider the new machines “service facilities” under certain criteria. Under the Regulatory Modernization Initiative, NCUA is reviewing the rules governing emerging technologies while reducing the overall regulatory burden. According to NCUA Board Chairman Debbie Matz, “The use of video tellers as service facilities is sensible for both credit unions and consumers.”
Video tellers and other self-service technologies are becoming more popular as credit unions seek to give members more options, expand their reach into underserved areas, and improve efficiency. The NCUA legal opinion, at this link, addresses the option for credit unions to use video tellers as service facilities for both select group additions and underserved areas.
To comply with the definition of a service facility under the Federal Credit Union Act (“FCUA”) and the NCUA Chartering Manual, a video teller must meet the following criteria:
Consumer Financial Protection Bureau (“CFPB”) Proposes Rules to Protect Mortgage Borrowers
On August 10, 2012, the CFPB proposed two notices containing rules to protect homeowners from surprises and costly mistakes by their mortgage servicers and effect changes to Regulation Z – Truth in Lending Act (“TILA”) and Regulation X – Real Estate Settlement Procedures Act (“RESPA”). The Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”) addresses some mortgage loan servicing problems and imposes certain requirements on servicers, which the CFPB is implementing and refining. The Dodd-Frank Act also gave the CFPB the statutory authority to help fix the market by writing additional rules. CFPB calls the current initiative, “Putting The ‘Service’ Back In Mortgage Servicing – No Surprises, No Runarounds.” The public will have 60 days, until October 9, 2012, to review and provide comments on the proposed rules. The CFPB will review and analyze the comments before issuing final rules in January 2013.
The CFPB has published a concise fact sheet that contains a good summary of the proposed mortgage servicing rules.
Some of the key provisions of the proposals are:
No changes to policies, procedures, documentation, or processes surrounding mortgage lending should be made until final rules are issued by CFPB. Mortgage servicers and banks that work with mortgage servicers should gain an understanding of the proposals and comment on any potential impact to their mortgage business.
On August 1, 2012, the Federal Trade Commission published a Federal Register Notice seeking public comments on additional proposed modifications to the Children’s Online Privacy Protection Rule (“COPPA Rule”). The comment period ends September 10, 2012.
In September 2011, the FTC updated the COPPA Rule to reflect technology advances and issued a Notice of Proposed Rulemaking seeking comment on proposed changes to the COPPA Rule. In response to 350 comments received and informed by its experience in enforcing and administrating the COPPA Rule, the FTC now proposes to modify certain definitions to clarify the scope of the COPPA Rule and strengthen its protections for the online collection, use, or disclosure of children’s personal information.
Modifications to the following definitions are included in the proposal:
Banks should review policies and procedures in support of on-line products and services to determine if the proposed changes could have an impact on current operations and prepare to make revisions or enhancements upon receipt of the final rules.
FDIC Announces Settlements With Higher One, Inc., New Haven, Connecticut, and The Bancorp Bank, Wilmington, Delaware for Unfair and Deceptive Practices
On August 8, 2012, the Federal Deposit Insurance Corporation (“FDIC”) announced settlements with Higher One, Inc., New Haven, Connecticut, (“Higher One”) and The Bancorp Bank, Wilmington, Delaware, for alleged unfair and deceptive practices in violation of Section 5 of the Federal Trade Commission Act (“Section 5”). Higher One is an institution-affiliated party of The Bancorp Bank. Under the settlements, both Higher One and The Bancorp Bank have agreed to Consent Orders and Higher One has agreed to provide restitution of approximately $11 million to approximately 60,000 students. In addition, the FDIC has imposed civil money penalties of $110,000 for Higher One and $172,000 for The Bancorp Bank. As of March 31, 2012, the Bancorp Bank reported total assets of just over $4 billion.
In separate actions taken by the Office of the Comptroller of the Currency (“OCC”) and by the Consumer Financial Protection Bureau (“CFPB”), both entities acknowledged the activities warranted civil money penalties, reimbursement, corrective action, and restitution against Capital One Bank (USA) N.A. (“Capital One”) for violations of Section 5 of the FTC Act and Section 1036 of the Dodd-Frank Act.
The announcement of actions against Higher One, Inc., and The Bancorp Bank, is of significance by virtue of the recent Capital One actions, the nature of the regulatory issues, and the connection to previous FDIC issuances about overdraft programs. FIL-81-2010 Overdraft Payment Programs and Consumer Protection Final Overdraft Payment Supervisory Guidance, dated November 24, 2010, and FDIC Overdraft Payment Program Supervisory Guidance Frequently Asked Questions, dated April 1, 2011, provided guidance to FDIC-regulated financial institutions for oversight of overdraft protection programs. The issuances state the FDIC expects the institutions it supervises to closely monitor and oversee any overdraft payment programs offered to consumers, including taking appropriate measures to mitigate risks, incorporating the best practices outlined in the 2005 Joint Guidance on Overdraft Protection Programs, and effectively managing third-party arrangements. Under the guidance, management is directed to be especially vigilant with respect to product over-use that may harm consumers, rather than providing them the protection against occasional errors or funds shortfalls for which the programs were intended.
In the most recent case, the FDIC determined that Higher One operated its student debit card account program (OneAccount) with The Bancorp Bank in violation of Section 5. Among other things, the FDIC found that Higher One and The Bancorp Bank were:
The FDIC also determined that The Bancorp Bank, as issuer of the OneAccount debit card, was responsible to ensure that Higher One operated the OneAccount program in compliance with all applicable laws.
The Consent Order requires Higher One to change the manner in which it imposes NSF fees. It is required:
In addition, Higher One is required not to make misleading or deceptive representations or omissions in its marketing materials or disclosures and to institute a sound compliance management system.
The Consent Order requires The Bancorp Bank to:
The order additionally states that, if Higher One fails to complete restitution, the FDIC may require The Bancorp Bank to establish a restitution account in the amount of restitution unpaid by Higher One.