Add to collection(s) Add to saved
  1. Social Science
  2. Law

Getting And Maintaining A Bank Relations

advertisement 
Legal and Regulatory Track
Payments: Getting and
Maintaining a Bank Relationship
Moderator:
Jennifer Galloway, Jennifer Galloway, PA
Panelists:
Kirk Chewning, Strategic Link Consulting
Mark Murphy, Sandberg Phoenix & von Gontard PC
Rick Eckman, Pepper Hamilton
Blake Sims, Hudson Cook
Outline
• OLA Payments best practices
• ACH processing in the current environment
• Payments compliance and alternatives
OLA Payment Best
Practices & Reporting
Presented By: Kirk Chewning
OLA Best Practices
1. Lenders, processors and their agents shall develop and maintain timely postings of
returns information
2. Lenders shall provide consumers an alternative to ACH debiting. These alternatives
shall be provided both when the customer is current and in collection stages. Such
alternatives may include paper check, debit card, money order, or other means.
3. All customers must have the right to rescind the loan and the ACH authorization within
one (1) business day of the loan approval so long as the customer returns the funds
within 24 hours of the rescission
4. Lenders will follow all NACHA presentment rules – one original presentment plus only
two re-presentments on each original payment.
OLA Best Practices (Continued)
5. Lenders will not process multiple ACH debit attempts to an individual loan on the same
effective date (No ACH Split Payments) unless expressly authorized by (expressly
requested by) the customer
6. Lenders shall charge only one NSF fee per original loan payment
7. All authorizations for recurring debits shall be secured in accordance with NACHA
rules, the Electronic Funds Transfer Act and Regulation E. This shall include securing
authorization for recurring debits in writing and signed or similarly authenticated by the
consumer:
1. Authorization can be electronic
2. Authorization must be retained and a copy provided to borrower
3. Must include the five essential elements defined by NACHA rules
8.
Lenders shall transfer PII data using TPS and TPP security protocols to ensure no
inappropriate passing of data.
OLA Best Practices (Continued)
9. All parties will comply with the new NACHA Rule 2.3.4 which requires the ODFI to
ensure that originators and third-party senders do not share account/routing numbers
for the purpose of initiating debit entries that are not covered by the original
authorization
10.Lenders shall not ACH debit a consumer unless they have a valid authorization with
the proper ABA and account information. Lenders shall not use new bank account
information that the merchant sourced from the marketplace on the consumer, or in
other words, Lenders shall only debit consumers for the account listed on the valid
authorization.
11.Lenders shall not use RCCs and RCPOs in their normal course of business unless
formally requested and proper consumer authorization has been secured.
12. Lenders shall provide their payment processors and the sponsoring ODFI signed
payment authorizations for all R10’s and R29’s returns within 24 hours of the request
for such documentation.
OLA Best Practices (Continued)
13.Lenders shall provide Proof of Authorizations to be delivered to
TPP within 24 business hours of the request
14. Lenders shall maintain all Proof of Authorization for all
unauthorized transactions in a segregated manner and shall be
be delivered to TPP within 4 business hours, upon request
RETURNS TESTS
OLA Best Practices Return Testing
General Guidance
Any merchant’s (lender’s) third party processor has the ultimate responsibility and authority to establish,
monitor and adjudicate the rate of returns of all types and codes. The processor is the gateway to the
ODFI bank partner and obligated to comply not only with federal regulatory standards but those
established by NACHA. Notwithstanding this ultimate authority, both merchants (lenders) and processors
are well advised to closely jointly monitor return rates of all types on a constant and continual basis. In the
event a merchant’s processor or bank does not frequently, proactively provide return code analysis by
ABA, merchants (lenders) should ask their processor to do so on a monthly basis, and to review those
data with recommendations to control return rates under levels acceptable to NACHA.
Testing
Lenders/Merchants shall at a minimum test their portfolios monthly to generate the results of the
previous month using the following tests on the next few pages. In the event that any merchant is out of
the best practice realm they should work closely with their processor(s) and internal staff to correct lack of
compliance swiftly. Regulators, Processors and other payment experts recommend daily and weekly
review of these thresholds. They feel that not only will it make the relationship better with processors and
ODFI but also make the product better for consumers and in some cases reduce default and fraud.
OLA Best Practices Return Testing
Return Test Rules
Test 1: Best Practice #15 - The total count of all returns (all codes) shall not be greater than 30% of total
debits processed as computed by the effective dates of the corresponding debits.
Test 2: Best Practice #16 – The total count of all NSF Returns (R01 & R09) shall not be greater than 25%
of total debits processed as computed by the effective dates of the corresponding debits.
Test 3: Best Practices #17 – Lenders shall have an administration return code less than or equal to 4.0%
of total debits processed as computed by the effective dates of the corresponding debits. Admin <= 4%
(R02, R03, R04)
Test 4: Best Practice #18 - All R05, R07, R10, R29, and R51’s (negative chargeback returns) shall not to
be greater than 0.5% of total debits processed as computed by the effective dates of the corresponding
debits. (It is understood that NACHA’s current requirement is 1.0% or less than)
Test 5: Best Practices #19 – Lenders shall have a corrections (C Codes) of less than or equal to 0.40%
of total debits processed as computed by the effective dates of the corresponding debits.
Corrections <= 0.40% (any C code).
OLA Best Practices Return Testing
Test 6: Best Practice #20 - The total of all R01 and R09 (insufficient fund returns) shall be greater than
75% of the total returns for the merchant as computed by the effective dates of the corresponding debits.
Test 7: Best Practice #21 - Lenders shall review individual ABA numbers which have an extremely high
return percentage of the total transactions processed during any given thirty day period. For any ABA
numbers that represent greater than 1.5X the merchants average return % (ABA returns vs. ABA debits)
and if the merchant submitted more than 15 returns per month with the said ABA then Lenders will take the
following measures:
a) Closely evaluate the applicant pre-approval, risk management and underwriting means and
methods being used in comparison the industry best practices and the state of the art methods
available from third party providers of consumer data, and promptly institute such improved
measures.
b) Discuss with the processor recommendations for controlling returns.
c) In the event return rates do not fall into line with industry practices and NACHA guidelines, the
lender is advised to cease funding loans from any such ABA
Test 8: Best Practice #22 - Lenders shall review and promptly modify their approval and risk
management practices for any individual ABA numbers for which more than 15 returns have been
processed during the prior calendar month in order to ensure no single ABA number represents negative
chargeback returns greater than 1.5% of total debits for said ABA as computed by the effective dates of the
corresponding debits.
Merchant Reporting Example - Return Testing
ACH Portfolio Test Report
September 1, 2013 - September 30,
2013
Test 1: Best Practice #15
The total count of all returns (all codes) shall not be greater than 30% of total debits processed as computed by the effective dates of the
corresponding debits.
Test Results:
RETURNS_VS_DEB
RETURNS
ITS
MERCHANT
DEBITS
ABC Company
75,056
9,728
13.0%
XYZ Company
76,808
10,644
13.9%
TOTAL
151,863
20,372
13.4%
Test 2: Best Practice #16
The total count of all NSF Returns (R01 & R09) shall not be greater than 25% of total debits processed as computed by the effective dates of the
corresponding debits.
Test Results:
RETURNS_VS_DEB
RETURNS
ITS
MERCHANT
DEBITS
ABC Company
75,056
8,085
10.8%
XYZ Company
76,808
8,683
11.3%
TOTAL
151,863
16,767
11.0%
Merchant Reporting Example - Return Testing
ACH Portfolio Test Report
September 1, 2013 - September
30, 2013
Test 3: Best Practice
#17
Lenders shall have an administration return code less than or equal to 4.0% of total debits processed as computed by the effective
dates of the corresponding debits. Admin <= 4% (R02, R03, R04)
Test Results:
MERCHANT
ABC
Company
XYZ
Company
DEBITS
ADMIN
R02
R03
R04
ADMIN_VS_DE
BITS
75,056
777
703
64
10
1.04%
76,808
997
887
96
14
1.30%
TOTAL
151,863
1,775
1,590
160
25
1.17%
Merchant Reporting Example - Return Testing
Test 4: Best Practice
#18
All R05, R07, R10, R29, and R51’s (negative chargeback returns) shall not to be
greater than 0.5% of total
debits processed as computed by the effective dates of the
corresponding debits.
(It is understood that NACHA’s current requirement is 1.0% or less
than)
Test Results:
MERCHANT
ABC
Company
DEBITS
NCB
R05
R07
R10
R29
R51
NCB_VS_DEBITS
75,056
85
0
39
45.5
0
0
0.113%
XYZ Company
76,808
75
0
31.2
44.2
0
0
0.098%
TOTAL
151,863
160
0
70.2
89.7
0
0
0.105%
Test 5: Best Practice
#19
Lenders shall have a corrections (C Codes) of less than or equal to 0.40% of total debits processed as computed by the effective
dates of the corresponding debits.
Corrections <= 0.40%
(any C code).
Results
No Correction codes
found
Merchant Reporting Example - Return Testing
Test 6: Best Practice
#20
The total of all R01 and R09 (insufficient fund returns) shall be greater than 75% of the total returns for the merchant as
computed by the effective dates of the corresponding debits.
Test Results
MERCHANT RETURNS NSF
ABC
Company
9,728
8,085
XYZ
Company
10,644 8,683
TOTAL
20,372
16,767
NSF_VS_RETU
RNS
83.1%
81.6%
82.3%
Merchant Reporting Example - Return Testing
Test 7: Best Practice #21
Lenders shall review individual ABA numbers which have an extremely high return percentage of the total transactions processed
during any given thirty day period. For any ABA numbers that represent
greater than 1.5X the merchants average return % (ABA returns vs. ABA debits) and if the merchant submitted more than 15 returns
per month with the said ABA then Lenders will take the following measures:
* Closely evaluate the applicant pre-approval, risk management and underwriting means and methods being used in comparison the
industry best practices and the state of the art methods available from third
party providers of consumer data, and promptly institute such improved measures.
* Discuss with the processor recommendations for controlling returns.
* In the event return rates do not fall into line with industry practices and NACHA guidelines, the lender is advised to cease funding
loans from any such ABA
Test Results:
MERCHANT
ABA
DEBITS
RETURNS
RETURNS_VS_DEBITS
MERCH_AVE_X_150
ABC Company
XYZ Company
TOTAL
75,056
76,808
151,863
ABA with 15 or more Returns for Test 7
MERCHANT
ABA
DEBITS
ABC Company
314074269
796
ABC Company
226078036
613
ABC Company
256074974
412
9,728
10,644
20,372
RETURNS
205
178
93
13.0%
13.9%
13.4%
19.4%
20.8%
20.1%
RETURNS_VS_DEBITS
25.8%
29.0%
22.6%
MERCH_AVE_X_150
22.4%
22.4%
22.4%
Merchant Reporting Example - Return Testing
Test 8: Best Practice #22
Lenders shall review and promptly modify their approval and risk management practices for any individual ABA numbers for which
more than 15 returns have been processed during the prior calendar
month in order to ensure no single ABA number represents negative chargeback returns greater than 1.5% of total debits for said ABA
as computed by the effective dates of the corresponding debits.
MERCHANT
ABC Company
XYZ Company
Total
ABA
123556667
344445556
DEBITS
498
256
754
RETURNS
107
46
153
NCB
11
4
15
NCB_VS_DEBITS
2.2%
1.6%
1.99%
ABA with 15 or more Returns for Test 8
- Lenders shall review and promptly modify their approval and risk management practices for any individual ABA numbers for which
more than 15 returns have been processed during the prior calendar month in order
order to ensure no single ABA number represents negative chargeback returns greater than 1.5% of total debits for said ABA as
computed by the effective dates of the corresponding debits.
MERCHANT
ABA
Debits
Return
NCB
NCB_VS_DEBITS
ABC Company
253177049
304
62
7
2.3%
ABC Company
063104668
149
26
3
2.0%
ABC Company
021001088
107
20
2
1.9%
Questions?
Thank you
OLA Best Practices:
Payments
A Closer Look
Presented by: Mark Murphy
Timely Postings
•Payments must be posted upon receipt.
•Policies must prevent delay and/or
incorrect application of payments.
Payment Options
•Lenders must provide an alternative to
ACH debiting.
•The alternative must be provided when
customer is current or in collection.
•Alternatives may include: paper check,
debit card, money order or other means.
Electronic Payment
Authorization
•One Time Debits: Notice of amount and date required.
Notice in loan agreement is sufficient.
•Recurring Debits: Written authorization required,
containing amount or range of amounts, and dates. Paper or electronic
form acceptable. Retain copy and give copy to consumer.
•Unauthorized Debits: Lenders and processors must
ensure any unauthorized debit is quickly identified and reversed.
Reporting
Our best fraud prevention tool:
Reporting of current and prior loan activity that is Timely, Accurate and Complete.
•Report within 30 days after furnishing the negative information to the CRA.
•Furnisher has a duty to correct the information and thereafter furnish only
complete and accurate information.
•Furnisher must reinvestigate, and must complete the investigation within 30
days.
•Furnisher must notify any CRA to which it furnished inaccurate information
and provide any information necessary to correct
Repayment Options
•The Consumer must be made aware of
repayment options at the time they enter into
the Loan.
•When a Lender learns that a Consumer is
unable to repay at original terms, Members
should offer repayment plans that provide
flexibility based on Consumer’s circumstances.
Returns
•Returns occur when a Consumer believes a debit is unauthorized and asks
for the debit to be reversed.
•High rate of returns indicates failures in processes for obtaining proper
authorizations, or may indicate incidents of fraud.
•Depository institutions may take action to close a Lender’s account due to
high rate of returns, harming the Lender’s relationship with the depository
institution and ability to process payments.
Identifying and Dealing
with Returns
•Block any ABA number/bank with an extremely high return percentage,
which in general is 30% or more of total debits.
Only exception: Consumer proves that ABA or DDA at the ABA is a valid account, allow debits for only that situation.
•Stop processing any debits or credits for accounts when ACH Negative
Return Codes appear.
ACH Negative Return Code processing: R2, R3, R4, R5, R7, R8, R10, R16, R20, R29.
•For all R10 and R29 (Chargeback where customer flags as unauthorized):
• Show ACH processor authentication and authorization documents, and
• Ensure no additional transactions are completed on the account.
Third-Party
Payment Processors &
Compliance
Richard P. Eckman
Partner, Pepper Hamilton LLP
Third-Party Payment Processors
• TPPPs: What are they?
•
A deposit customer that uses its banking
relationship to process payments for merchant
clients
• Merchant Clients
•
•
•
Legitimate?
High Risk
Illegal
Warning Signs/Red Flags
• Consumer complaints (i.e., unauthorized,
misrepresented, merchant strong-armed consumer
into providing account information
• High rates of unauthorized returns/charge backs
• TPPPs have been targeting problem institutions
with the promise of income and capital
• TPPP likely to use more than one financial
institution to process payments, and activity may
periodically move among institutions
Enhanced Due Diligence
• Policies and procedures
• Know your TPPPs’ customers
• Develop a processor approval program that
extends beyond credit risk management
• Perform background checks on TPPPs and
merchant clients
• Authenticate the TPPPs business operations and
assess the risk level
Enhanced Due Diligence (cont.)
• Review promotional materials, including websites,
to determine target clientele
• Identify processors’ major customers
• Review corporate documentation
• Visit business operations center
• Review information of merchant clients; the
principle business activity; geographic location;
and sales techniques
Ongoing Monitoring Systems
•
•
•
•
•
•
Monitoring high rates of return
Setting return rate thresholds
Setting transaction volume limits
Auditing third-party processors’ programs
Monitoring reserve adequacy
Monitoring consumer complaints about merchant
clients on internet blogs and industry databases
• Developing contract language addressing access to
records, conditions requiring account closing, and
reserve adequacy
Potential Supervisory Responses
• May require the bank to terminate the relationship with
the high-risk TPP
• Informal enforcement actions
• Formal enforcement actions
• Civil money penalties
• Section 5 of the FTC Act
Unfair or Deceptive Practices?
• A bank may be viewed as facilitating a TPPP’s or a
merchant’s fraudulent or unlawful activity
• Section 5(a) of the FTC Act prohibits “unfair or
deceptive acts or practices affecting commerce” and
applies to all persons engaged in commerce, including
banks
• Authority under Section 8 of the FDI Act to take
appropriate action when unfair or deceptive acts or
practices are uncovered
Examining Guidance
• Verify the bank’s due diligence and underwriting
• Review the bank’s controls, policies and procedures
for high-risk accounts
• If you find suspicious activity:
•
•
•
•
Gather information to support your findings
Escalate findings to your superiors
Communicate to the bank the seriousness of potentially
facilitating consumer fraud
Encourage the bank to file a SAR and to contact law
enforcement
Red Flags
•
•
•
•
High return rates
Merchants selling questionable products and services
100% refund policy
Prior civil, criminal and regulatory actions against
processor or its principals
• Consumer and other bank complaints
• Inquiries from law enforcement
A Simple Proposition
•
•
•
•
Mass-market scammers need access to payment systems
(RCCs, ACH, CC) to take consumers’ money. Without bank
access there are no unauthorized withdrawals.
Banks are stationary (no “whack-a-mole”), regulated and are
concerned about reputational risk.
Banks already are required to have systems in place to
prevent criminals from accessing the banking system.
Cutting off the scammers’ access to the payment systems is
relatively efficient and fast, and protects consumers
prospectively as we investigate.
Important Steps Forward
• Guidance to banks from FDIC, OCC and FinCEN
• United States v. First Bank of Delaware
• Financial Fraud Enforcement Task Force/Consumer
Protection Branch efforts to choke off fraudsters’
access to payment systems (DOJ, FTC, FDIC-OIG,
USPIS, FBI and others)
• May 21, 2013: FTIC Notice of Proposed Rulemaking
would ban the use of RCCs in connection with
telemarketing
Operation Choke Point, So Far
• More than 50 subpoenas issued to banks and TPPPs
• Several active and criminal investigations
• Banks are self-disclosing problematic TPPP
relationships
• Banks are terminating TPPP relationships and
scrutinizing scammer relationships
• Internet payday lending – collateral benefits
• Investigative support from USPIS, FBI, SIGTARP,
USSS
Regulatory Loophole
• Treasury Department regulation amended in 2011
arguably excludes TPPPs from the definition of
“money transmitter” and thus is not a Money Services
Business (MSB)
• A payment processor that originates tens of millions of
dollars of debit transactions against consumer bank
accounts on behalf of Internet and telemarketing
merchants may not be an MSB and may not be
required to register with FinCEN or comply with the
BSA
Payment Alternatives
H. Blake Sims
Hudson Cook, LLP
Payment Alternatives
•
•
•
•
•
•
Cards (debit, credit, prepaid)
Check
Remotely-created check (RCC)
Electronic Payment Order (EPO)
Revocable Wage Assignment
Others: Direct Carrier Billing, Mobile Wallets
Payment Alternatives - Cards
•
Credit/debit/prepaid cards
•
•
•
Card company rules and PCI compliance
Truncation (no more than the last 5 digits of a card
number)
Debit card payments are covered by Reg. E (cannot
condition the extension of credit)
•
Must run as a credit transaction for recurring payment
because cannot hold PIN
Payment Alternatives – Debit Cards
•
Single-initiated TEL entries
•
•
Either record explicit oral authorization or provide, in
advance of debit, written notice that confirms the oral
authorization.
Recurring TEL entries
•
Must record explicit oral authorization and provide a
written copy of the authorization.
Payment Alternatives – Debit Cards
Both Single/Recurring entries
•
•
•
•
The authorization must be readily identifiable as an authorization and must
have clear and readily understandable terms.
Certain required minimum information must be included as part of the
authorization (recommend scripts).
Written notice confirming oral authorization must include, at a minimum, the
pieces of information required to be included during the telephone call. Should
disclose the method by which written notice will be provided if this option is
used .
You must clearly state during the telephone conversation that the consumer is
authorizing a debit entry to his account. The customer must explicitly express
consent. Silence is not express consent.
Payment Alternatives – Debit Cards
•
EFTA penalties
•
•
Actual Damages
Statutory damages
•
•
•
•
•
•
Individual action up to $1,000;
Class action up to $1,000 for each plaintiff, and $500,000 or 1% of
net worth, whichever is less
Attorney fees
Court costs
Class actions
Possibly punitive damages under state law
Payment Alternatives - Checks
•
•
•
•
Articles 3 & 4 of the UCC and Reg. CC
Electronic Check Clearing House Organization (ECCHO) –
www.eccho.org
Personal Checks (manual deposit, Check 21, BOC)
Remotely-Created Checks (RCC)
•
•
•
•
Telemarketing Sales Rule
Requires authorization and printing of check
Cannot BOC
Reg. CC shifted bank warranties to depositor’s bank
•
Payment Alternatives - Checks
Electronic Payment Order (EPO)
•
•
•
aka remotely-created electronic payment, e-check, or remotelycreated payment order
Requires authorization but no check printed
Legal framework uncertain – do we apply check laws or EFTA?
•
•
•
•
•
Reg. CC – not addressed
Federal Reserve Operating Circular 3 – requires paper check;
not eligible for check imaging, and Fed has no liability
ECCHO Rules – not an “item” under rules
May be deemed an EFT – CFPB interprets Reg. E
Federal Reserve has created a working group to study
Payment Alternatives – Wage Assignment
•
FTC Credit Practices Rule - 16 CFR part 444.
•
•
•
•
•
•
Allowed if revocable “at will”
Wage assignment should be clearly and
conspicuously disclosed
Wage assignment should NOT insinuate it is a
garnishment
Likely to draw close scrutiny from regulators
OLA “Best Practices”
State laws vary
•
Payment Alternatives – Others
Direct Carrier Billing – consumers make a purchase and
have the charge appear on a monthly wireless phone bill
or deducted from their prepaid balance.
•
•
•
Ex. BillToMobile, etc.
FTC rules on “cramming”
Mobile Wallets – singular payment application that allows
consumers to save and manage a variety of payment
methods in one place.
•
•
Consumer payment credentials stored in a cloudbased vault
Ex. GoogleWallet, etc.
Contact Information
H. Blake Sims
Hudson Cook, LLP
6005 Century Oaks Drive, Suite 500
Chattanooga, TN 37416
423.490.7563 (direct)
bsims@hudco.com
Legal Disclaimer
•
•
•
•
•
•
These presentation is provided with the understanding that the presenters are not
rendering legal advice or services.
Laws are constantly changing, and each federal law, state law, and regulation
should be checked by legal counsel for the most current version.
We make no claims, promises, or guarantees about the accuracy, completeness, or
adequacy of the information contained in this presentation.
Do not act upon this information without seeking the advice of an attorney.
This outline is intended to be informational. It does not provide legal advice.
Neither your attendance nor the presenters answering a specific audience member
question creates an attorney-client relationship
Related documents
Chapter 4
Chapter 4
Maths Applications Transistion Lecture
Maths Applications Transistion Lecture
IB MYP Authorization Timeline
IB MYP Authorization Timeline
Payment_Options - Online Lenders Alliance
Payment_Options - Online Lenders Alliance
Financial Accounting and Accounting Standards
Financial Accounting and Accounting Standards
The amount of money earned after the costs of operating a business
The amount of money earned after the costs of operating a business
Accounting: The Key to Success - McGraw
Accounting: The Key to Success - McGraw
Download
advertisement