The U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) published proposed regulations (the “Proposed Regulations”) that would expand the anti‑money laundering (“AML”) obligations under the Bank Secrecy Act (the “BSA”) for providers and sellers of “prepaid access.” In issuing the proposal, FinCEN explained that the Proposed Regulations, which are mandated under the Credit Card Accountability, Responsibility and Disclosure Act of 2009, are intended to address regulatory gaps that have resulted from the proliferation of, and innovations in, prepaid access devices over the last ten years and their increasing use as accepted payment methods. Subject to certain exceptions, the Proposed Regulations would apply to providers and sellers of a wide range of prepaid access devices, including gift cards, mobile phones, electronic serial numbers, key fobs and other mechanisms that provide a portal to funds that have been paid for in advance and are retrievable and transferable.
Under FinCEN’s current regulations, certain “issuers, “sellers,” and “redeemers” of “stored value” are considered to be “money services businesses” (“MSBs”) for purposes of FinCEN’s BSA regulations. Such issuers, sellers and redeemers of stored value must establish written anti‑money laundering (“AML”) programs and comply with currency transaction report (“CTR”) filing obligations, but are not required to register as MSBs with FinCEN or file suspicious activity reports (“SARs”). FinCEN explained that when initially adopting its MSB regulations in 1999 it deferred the application of these requirements to the stored value industry to avoid any unintended consequences that might result from applying the rules to an industry that was then in its infancy.
The Proposed Regulations would impose additional obligations on “providers” and “sellers” of “prepaid access.” As explained below, certain types of prepaid access would be excluded from coverage by the Proposed Regulations because they do not fit within the rule’s definition of “prepaid program.” In addition, as with other categories of MSBs, the Proposed Regulations would not apply to prepaid access providers or sellers that are banks or are registered with, or regulated or examined by, the SEC or CFTC.
Definition of “Prepaid Access”
The Proposed Regulations would replace the term “stored value” with “prepaid access,” which would be defined as an “[e]lectronic device or vehicle, such as a card, plate, code, number, electronic serial number, mobile identification number, personal identification number, or other instrument that provides a portal to funds or the value of funds that have been paid in advance and can be retrievable and transferrable at some point in the future.” The change in terminology from “stored value” to “prepaid access” reflects FinCEN’s understanding that prepaid value is not “stored” on a card, but instead stored in a location or a medium that can be accessed electronically through the card or an alternative device.
“Providers” and “Sellers” of Prepaid Access
A “provider” of prepaid access would be “the person with principal oversight and control over one or more prepaid programs,” as determined based on the facts and circumstances of each prepaid program’s transaction chain. As described in the Proposed Regulations, activities that include “principal oversight and control” of a prepaid program include (a) organizing the prepaid program, (b) setting the terms and conditions and determining that the terms have not been exceeded, (c) determining the other businesses that will participate in the transaction chain underlying the prepaid access (which may include the issuing bank, the payment processor or the distributor), (d) controlling or directing the appropriate party to initiate, freeze or terminate prepaid access, and (e) engaging in activity that demonstrates oversight and control of transactions.
A “seller” of prepaid access would be defined as “any person that receives funds or the value of funds in exchange for providing prepaid access as part of a prepaid program directly to the person that provided the funds or value, or to a third party as directed by the person.” The “seller” of prepaid access would generally be the party with the most face‑to‑face contact with the purchaser and would typically be a general purpose retailer, such as a pharmacy, convenience store, supermarket or discount store.
The Proposed Regulations would apply to entities that are providers or sellers with respect to “prepaid programs.” A “prepaid program” would generally be “an arrangement under which one or more persons acting together provide(s) a particular form of prepaid access.”
Recognizing that certain prepaid products and services are not conducive to money laundering, FinCEN would specify in the Proposed Regulations that certain types of arrangements would not be considered prepaid programs, including, subject in each case to the requirements described below, (1) programs that use prepaid access to pay employee benefits and compensation, to pay government benefits, such as unemployment, child support, or disaster assistance, or to disburse reimbursement funds from pre-tax flexible spending accounts for health care and dependent care expenses; (2) prepaid products with a limited maximum value of $1,000, provided, among other things, that the maximum value is clearly visible on the prepaid access product; and (3) closed-loop prepaid access products (such as a specific retailer’s gift card).
To qualify for these exclusions from the definition of “prepaid program,” the prepaid product must not permit funds or value to be transmitted internationally or permit transfers between or among users of prepaid access, such as person-to-person transfers. In addition, unless it qualifies as closed loop prepaid access, the prepaid product cannot provide the ability to load monetary value from other non-depository sources.
Requirements under the Proposed Regulations
As described above, issuers, sellers and redeemers of stored value are currently required to establish AML programs and comply with CTR filing obligations; under the Proposed Regulations, providers and sellers of prepaid access would need to comply with these requirements. As part of their AML programs, providers and sellers of prepaid access would be required to have policies and procedures to verify the identity of customers who obtain prepaid access through a prepaid program and would have to retain customer identifying information, including name, date of birth, address and identification number, for five years.
Providers and sellers of prepaid access also would become subject to the same SAR filing obligations as other types of MSBs. In addition, providers of prepaid access (but not sellers) would need to retain for five years transactional records generated in the ordinary course of business by the payment processor or other party that facilitates prepaid access activation, loads, reloads, purchases, withdrawals, transfers, or other prepaid-related transactions.
Finally, providers of prepaid access would be required to register with FinCEN as MSBs. In registering with FinCEN, the provider of prepaid access would need to identify each prepaid program for which it is the provider of prepaid access. Sellers of prepaid access would not be required to register with FinCEN.
Comment PeriodComments on the Proposed Regulations must be submitted on or before July 28, 2010.