All Wireless & Prepaid News
2021 - Expo - Register


Jul 15, 2005

The Legal Line

Ed Maldonado, Esq.

Dear Legal Line:
I am part of a stored value company that has a variety of prepaid cards including major credit card “branded” cards, our own re-loadable PIN-based debit cards, and a few private label prepaid gift and reward cards for small businesses. I worked with regulatory compliance for a past employer that was a prepaid calling card company and was asked to update my company’s compliance program for stored value. After reviewing everything, I felt very uneasy because there are so few clear guidelines of compliance. I read the pertinent parts of newest version of the Patriot Act, the Money Service Business rules, talked to others in the industry about their programs, and reached the conclusion that no one really knows what stored value compliance is and that it really varies from company to company. Is this correct or is some unturned stone out there that answers all of this? I would like to know more about stored value compliance guidelines because it is quite confusing.

Dear SVCLynn:

I agree with you that there is no central source of guidelines for Stored Value Card Compliance. Complicating this situation is that both federal and state regulation may apply depending upon the nature of your Stored Value services and precisely how they work. You seem to be focusing on federal issues in your e-mail (the Patriot Act and Money Service Business regulation) so I will address these for this discussion. However, be aware that state regulation does exist, and you should also be mindful of it and the states in which you sell your Stored Value Cards when either reviewing or updating a compliance program. This is a matter where obtaining legal counsel knowledgeable in Stored Value and Money Service Businesses arena is a must for you and your company in being compliant, and I suggest you do so.

Continue reading this article

Please enter your email address:

As for your question, let’s begin with defining your Stored Value Cards (SVCs) for regulatory purposes. Generally Stored Value services utilize one of two types of systems: 1.) Open-Loop Systems, and 2.) Closed-Loop Systems. Regulation tends to follow the type of system in defining the requirements for registration, reporting, and disclosures. Examples of some Open-Loop Systems are Credit Card “Branded” Stored Value Cards with a signature-based format of SVC using a Credit Card’s proprietary network, as well as ATM or POS; Non-Credit Card PIN-based SVC using only POS and ATM networks; and consumer-funded or re-loadable SVC using a provider’s own SVC processing or network. In all these formats, consumers have financial interaction with SVC to load and reload value on the SVC, or dedicate monies from the SVC to be used for a particular purpose. Ergo: “Open-Loop System”. Much of the federal regulation that applies to stored value traditional falls over these types of Open-Loop systems.

Closed-Loop Systems, on the other hand, are much like what they sound to be. The SVC is loaded with a set value and the consumer utilizes that value until the amount is fully consumed. Examples of some Closed-Loop Systems are Prepaid Gift Cards, Prepaid Phone Cards, and Discount Cards. Because of the fixed value associated with the SVC, Closed-Loop systems tend to have more implication of state regulation related to consumers. Particular to Prepaid Gift Cards and Discount Cards are state issues of escheat laws and maintenance fees on consumer funds prepaid.

Now from your e-mail it sounds as if your company’s SVCs are a combination of Open-Loop SVC systems and Closed-Loop SVC systems. As for federal regulation of Open-Loop SVC systems, Title III of the Patriot Act is the cornerstone for disclosure and suspicious transaction reporting and compliance programs. The Act itself incorporates several prior laws and reinforces the requirements of financial institutions and those engaging in financial transactions with the public. Included are the International Money Laundering Abatement and Anti-Financing Act of 2001, Bank Secrecy Act and Money Laundering Act of 1986. The thrust of the Patriot Act requires financial institutions and other parties engaging in financial transactions to compare its customers with lists of suspected terrorists periodically released by the Office of Foreign Asset Control and notify OFAC of it a transaction appears suspicious. The Act requires financial institutions to implement an adequate self-reporting compliance program involving a myriad of issues which can include: verifying customer identification, filing Reports to OFACC, creating and retaining records, responding to law enforcement requests, maintaining a compliance officer, conducting ongoing compliance training of employees and having an independent audit to test and review the compliance program.

While the Act requires reporting and compliance, the substance of what this involves is found in the International Money Laundering Abatement and Anti-Financing Act of 2001, the Bank Secrecy Act and the Money Laundering Act of 1986. Here arises your concern about Money Service Business requirements. The Bank Secrecy Act is found at 12 USC § 1951, and requires financial institutions defined in 31 USC § 5312 (a)(2) and “Money Service Businesses” defined by the Secrecy Act, to register, disclose agents and report suspicious activity. Per this statute, an MSB must register with the Department of Treasury in addition to any applicable state licensure. Registration renewal is required if more than 10% of the voting power or equity interests change during the life of the registration or a 50% increase of a MSB’s registered agents at any given time. New businesses have a 180-day window to file and registration remains valid for two years. An MSB must also keep on file on a designated IRS Computing Center a list of all agents, which is then shared with the Department of Financial Crime Enforcement of the Treasury Department. The Bank Secrecy Act also requires that MSBs file a Suspicious Activity Report-Money Service Businesses (SAR-MSB) within 30 days of discovery of “any suspicious transaction relevant to a possible violation of law or regulation.” Such suspicious activity includes: Currency Transfer Report within 15 days of more than 10K cash-in or cash-out or by the same customer on the same business day; Cash Purchases of $3,000.00 to $10,000.00 treated and reported as one purchase when it occurred at the same time or on the same day; money “transfers” of $3,000.00 or more or a transaction or a pattern of transactions which involves $2,000.00 or more.

Perhaps the biggest stick for SVC providers in ensuring compliance is the Money Laundering Suppression Act of 1994, wherein states are authorized and required to promulgate civil and criminal penalties for MSB who fail to comply with the currency reporting requirements of the federal Bank Secrecy Act. At present more that 44 states have enacted laws regarding “sale of payment instruments” and “money transmission”. So this is a point were state and federal regulation reinforce one another regarding compliance. This is why having a solid compliance program in place is so important. It also brings us back to your question – “what are my requirements and the right guidelines to compliance”. The answer is that it really does vary from company to company depending upon your SVC services, the way it transacts, and the total amounts that may be available for the consumers “on-demand” use at any given time. To all of these, I reiterate that seeking legal counsel is important as to getting it right because there is no “cookie cutter” compliance package. SVC regulatory compliance must be tailored to your particular business. I know it is not the answer you were looking for but I hope this response helps in understanding the way SVCs are generally handled from a regulatory perspective.

Good Luck and Success in the Industry.

Do you have questions for Legal Line? Send them


Write a comment: