FinCEN published proposed regulations that would expand the anti-money laundering obligations under the Bank Secrecy Act for providers and sellers of “prepaid access.” In issuing the proposal, FinCEN explained that the proposal, which is mandated under the Credit Card Accountability, Responsibility and Disclosure Act of 2009, is intended to address regulatory gaps that have resulted from the proliferation of, and innovations in, prepaid access devices over the last 10 years and their increasing use as accepted payment methods. Subject to certain exceptions, the proposal would apply to providers and sellers of a wide range of prepaid access devices, including gift cards, mobile phones, electronic serial numbers, key fobs and other mechanisms that provide a portal to funds that have been paid for in advance and are retrievable and transferable.
Under FinCEN’s current regulations, certain “issuers, “sellers,” and “redeemers” of “stored value” are considered to be “money services businesses” for purposes of FinCEN’s Bank Secrecy Act regulations. Such issuers, sellers and redeemers of stored value must establish written anti-money laundering programs and comply with currency transaction report filing obligations, but are not required to register as money services businesses with FinCEN or file suspicious activity reports. FinCEN explained that when initially adopting its money services business regulations in 1999 it deferred the application of these requirements to the stored value industry to avoid any unintended consequences that might result from applying the rules to an industry that was then in its infancy.
The proposal would impose additional obligations on “providers” and “sellers” of “prepaid access.” As explained below, certain types of prepaid access would be excluded from coverage by the proposal because they do not fit within the its definition of “prepaid program.” In addition, as with other categories of money services businesses, the proposal would not apply to prepaid access providers or sellers that are banks or are registered with, or regulated or examined by, the SEC or CFTC.
Definition of “Prepaid Access”
The proposal would replace the term “stored value” with “prepaid access,” which would be defined as an “[e]lectronic device or vehicle, such as a card, plate, code, number, electronic serial number, mobile identification number, personal identification number, or other instrument that provides a portal to funds or the value of funds that have been paid in advance and can be retrievable and transferrable at some point in the future.” The change in terminology from “stored value” to “prepaid access” reflects FinCEN’s understanding that prepaid value is not “stored” on a card, but instead stored in a location or a medium that can be accessed electronically through the card or an alternative device.
“Providers” And “Sellers” of Prepaid Access
A “provider” of prepaid access would be “the person with principal oversight and control over one or more prepaid programs,” as determined based on the facts and circumstances of the prepaid program’s transaction chain. As described in the proposal, activities that include "principal oversight and control" of a prepaid program include (1) organizing the prepaid program, (2) setting the terms and conditions and determining that the terms have not been exceeded, (3) determining the other businesses that will participate in the transaction chain underlying the prepaid access (which may include the issuing bank, the payment processor or the distributor), (4) controlling or directing the appropriate party to initiate, freeze or terminate prepaid access, and (5) engaging in activity that demonstrates oversight and control of transactions.
A “seller” of prepaid access would be defined as “any person that receives funds or the value of funds in exchange for providing prepaid access as part of a prepaid program directly to the person that provided the funds or value, or to a third party as directed by the person.” The “seller” of prepaid access would generally be the party with the most face-to-face contact with the purchaser and would typically be a general purpose retailer, such as a pharmacy, convenience store, supermarket or discount store.
The proposal would apply to entities that are providers or sellers with respect to “prepaid programs.” A “prepaid program” would generally be “an arrangement under which one or more persons acting together provide(s) a particular form of prepaid access.”
Recognizing that certain prepaid products and services are not conducive to money laundering, the proposal specifies that certain types of arrangements would not be considered prepaid programs, including, subject in each case to the requirements described below, (a) programs that use prepaid access to pay employee benefits and compensation, to pay government benefits, such as unemployment, child support, or disaster assistance, or to disburse reimbursement funds from pre-tax flexible spending accounts for health care and dependent care expenses; (b) prepaid products with a limited maximum value of $1,000, provided, among other things, that the maximum value is clearly visible on the prepaid access product; and (c) closed-loop prepaid access products (such as a specific retailer’s gift card).
To qualify for these exclusions from the definition of “prepaid program,” the prepaid product must not permit funds or value to be transmitted internationally or permit transfers between or among users of prepaid access, such as person-to-person transfers. In addition, unless it qualifies as closed loop prepaid access, the prepaid product cannot provide the ability to load monetary value from other non-depository sources.
Requirements Under the Proposal
As described above, issuers, sellers and redeemers of stored value are currently required to establish AML programs and comply with CTR filing obligations; under the proposal, providers and sellers of prepaid access would need to comply with these requirements. As part of their AML programs, providers and sellers of prepaid access would be required to have policies and procedures to verify the identity of customers who obtain prepaid access through a prepaid program and would have to retain customer identifying information, including name, date of birth, address and identification number, for five years. Providers and sellers of prepaid access also would become subject to the same SAR filing obligations as other types of money services businesses. In addition, providers of prepaid access (but not sellers) would need to retain for five years transactional records generated in the ordinary course of business by the payment processor or other party that facilitates prepaid access activation, loads, reloads, purchases, withdrawals, transfers, or other prepaid-related transactions.
Finally, providers of prepaid access would be required to register with FinCEN as a money services business. In registering with FinCEN, the provider of prepaid access would need to identify each prepaid program for which it is the provider of prepaid access. Sellers of prepaid access would not be required to register with FinCEN.
Comment PeriodComments on the proposal will be due 30 days after the proposal is published in the Federal Register, which is expected shortly. Click here for FinCEN’s related press release which includes a link to the proposal.