The FTC announced a settlement with a payment processor resolving an action brought by the FTC alleging that the payment processor violated the FTC Act by debiting millions of dollars from consumers’ bank accounts without their consent. The FTC’s complaint alleged that the payment processor: (1) encouraged its customers to utilize remotely created payment orders because they were not subject to the same level of scrutiny and oversight as ACH transactions, (2) failed to take reasonable steps to ensure that it was not debiting consumers’ accounts without their consent despite being on notice through high return rates and consumer complaints that debits were fraudulent and (3) instructed its customers on methods of avoiding detection to conceal its fraudulent and unauthorized debiting.
The settlement requires the payment processor to pay monetary relief and permanently bars the payment processor, as well as two of its officers, from engaging in payment processing in the future or referring its clients to other processors for money. Of import to the FTC’s action against the payment processor was the relationship and activities with two merchants that marketed reloadable prepaid cards. The merchants were under prior FTC orders resulting from, among other things, debiting consumers’ accounts without authorization. The FTC noted that the two merchants had consistently high return rates of 85% and 86%, compared to an average industry total return rate for ACH transactions of 1.5%. The FTC also noted that the specific reasons for the high return rates (e.g., "not authorized," "NSF," and "bad account") were indicative of fraud and unauthorized debiting.