The Legal Line
Dear Ed:We have a branded prepaid debit product ready to launch but have been recently approached by the financial network provider on Regulation-Z issues. I thought only Regulation-E issues applied to stored value cards. What’s the difference and does it really apply to prepaid debit? I think that there may be a lot of confusion as to which applies. Please submit this to Legal Line and ask how other companies how they are dealing with these issues when implementing the cards and sale of the cards.DebitDear Debit:As far as asking other companies what they do, I have included that portion of your question in Legal Line and open the forum for any replies email@example.com. If it draws input, I will forward it to you, or for publication in The Prepaid Press. As to the substance of your question, it all falls to a question of consumer use and service of the Stored Value Card, or SVC: 1) As a Credit Card purchase or payment, or 2) As a consumer Electronic Fund Transfer. Regulation-Z primarily applies to Credit Card Transactions and Regulation-E applies to Electronic Funds transfer. Both regulations are based on federal laws targeted to implement regulation over distinct services available at the time the laws were passed. Let’s begin with Regulation-Z, found at 12 C.F.R. Part 266 (1998), as it is the predecessor to most other SVC regulations. Regulation-Z was promulgated to function with the Federal Truth in Lending Act to provide credit card holders with rights and remedies for “authorized” and “unauthorized” charges to their cards or their accounts. The primary method of discerning authorization being a cardholder’s signature or affirmation by electronic signature, pursuant to the federal E-Sign Act of 2000. In a nutshell, it requires credit card providers to observe several key consumer rights between merchants and cardholders related to the charges to which the cardholder is liable:Those rights are:1.That a credit card holder is not liable for unauthorized charges of more than $50.00 from an “authorized card” for “unauthorized charges” with merchants.2.That the cardholder has the right to assert a claim or defense against a merchant arising out of the credit card transaction that cannot be resolved by the merchant, provided that a good faith effort was made with the merchant to resolve the issue.3.That the cardholder can withhold payment for any disputed billing errors of the credit card company, provided that cardholder gives notice to the issuer of the billing error.The effect of Regulation-Z is often seen in the form of “chargebacks” to the merchant and billing error settlement with credit card providers. For those readers that sell Prepaid PINs or Prepaid Cards over their websites, the consumer rights of Regulation-Z should be well known and commonplace. Another aspect of Regulation-Z is that the original “access device” that provided both security and the technical access to the credit service was an encoded magnetic strip. Over time, the magnetic strip has been expanded to other identifiers of the cardholder, such as access numbers, however, the basic set of rights and responsibilities of the network provider have remained intact. Most major financial credit card network providers supplement Regulation-Z with their own more stringent policies to ensure that substantive disputes fall between the accepting merchant and a verifiable claim of “unauthorized” use.Regulation-E (a.k.a Reg. E, 61 FR 19669, May 2, 1996 now codified 12 CFR Part 205) was promulgated to further the 1978 Electronic Funds Transfer Act, or EFTA. At the time of the 1978 Act, consumer use of electronic funds transfer was relatively limited and largely through ATM transactions. The Federal Reserve Board issued REG-E in 1996 to better implement the EFTA in connection with emerging E-Money technologies and systems as it strictly applied to personal, family or household use of EFT. There is no application of REG-E for commercial transfers or transfers within a bank between accounts or departments.Whereas REG-Z requires verification of consumer signature on credit card transactions, REG-E designates security procedures for electronic funds transfer to ensure the consumer authorizes the transaction and has notice of funds available when he access devices to transfer funds. This means that the provider must:1.Identify the particular consumer (by security code or PIN).2.Make available a statement of authorization (in paper upon request) or in text on computer screen in the case of “at-home banking,” all charges that are being applied or are sought to be applied.3.Ensure that the particular consumer, not a third-party, authorizes the funds transfer,4.Ensure that charges, fees or penalties that appear on any notice to the consumer are separate and distinct from the EFT.The question of who is a provider hinges on REG-E’s definition of Access Devices. Per REG-E this includes debit cards, point of sale transactions (POS), ATM transfers, direct deposit, ACH management, telephone wires, PINs, telephone bill payment codes, and other “similar means.” This however does NOT include magnetic tape devices or other devices used internally by a Financial Institution to initiate the transfer. Now, with this in mind, let me address your question. It sounds as if you have an SVC with the ability to be used as a credit card in some fashion – possibly a technical issue of the network platform or by virtue of a policy of your branded network. Since they are on your financial network, and you are seeking their branded name in that service, compliance with both REG-Z and REG-E may be a condition in your contract for services on the SVC. You need to take a good look at this and your contract. Have your legal counsel review both the contract and the regulations to see if this makes sense. If not, it may be a policy of the financial network provider, and a requirement by virtue of the use of their platform. Again, have legal counsel review this aspect.While on the topic of SVC Regulations, it may be wise to watch the FDIC and any potential rulings on REG-D as applied to SVC. It appears that a requirement that SVCs, and open and closed loop stored value in general, may be fast approaching that requires SVC providers to have consumer funds retained in depository accounts in FDIC insured banks or financial institutions. This may send SVC providers scrambling to find banks and financial institutions willing to accept their commercial business. In light of a recent nationwide trend of larger banks terminating their relationships with small to mid-sized money transmitters due to the burdens of Patriot Act compliance, SVC providers may need to start thinking about how they will shift their SVC business into depository accounts, as well as the effects of REG-D, REG-E and REG-Z, depending upon what they are doing with their SVC.Good Luck and Success in the Industry.Send your questions firstname.lastname@example.org.