6. Regulatory Environment (12%)
Treasury Dept: Code of Federal Regulations (CFR)
*31 CFR Part 203* Electronic federal tax payments *31 CFR Part 208* Requires EFT option for federal benefit payments *31 CFR Part 210* Government ACH transactions *31 CFR Part 240* Treasury Checks *31 CFR 370* ACH transfers in connection with U.S. securities
Regulatory Requirements for Suspicious Activity Report (SAR)
*5 Key Components*: 1. Identification or alert of unusual activity 2. Managing alerts 3. SAR decision making 4. SAR completion and filing 5. Monitoring & SAR filing on continuing activity Must be reported to the Board (or designated committee)
FRB - Federal Reserve Bank Operating Circulars
*OC 1* FI account relationships with FRB *OC 3* Exchange of checks., images & IRDs *OC 4* CCD debits/credits sent thru the FED as Operator *OC 5* Electronic access to FRB services *OC 6* FedWire Services *OC 7* FedWire Securities
Legal Differentiations
*Payment transaction v. Credit transaction* • Debit card (Reg E) v. credit card (TILA, Reg Z) • Check (payment order) v. "note" (loan) *Credit transfer v. debit order* *Consumer EFT v. paper check or wire* • EFTA divides the world—consumer EFTs v transactions that start as checks or wires • Created a big question about ECI *Consumer specific v. non-consumer* • Consumer EFTs, TILA, v. EFAA funds availability
Debit Cards
*Reg E / EFTA* *Durbin and interchange -Regulation II* • Amendment to Dodd-Frank 2010 • Banks with over $10 billion in assets would have to charge debit card interchange fees that are "reasonable and proportional to the actual cost" of processing the transaction. • Allow retailers to refuse credit cards for small purchases and offer incentives for using cash or debit • Gives Federal Reserve the power to regulate debit card interchange fees *Card network specific rules* • Honoring cards • Chargeback rights • Authorization • Advertising
Regulation J
*Subpart A* Covers collection of checks and other items by Federal Reserve Banks Defines an image plus data as an "electronic item" and makes it just like a paper check *Subpart B* Covers Funds Transfers through Fedwire • Check • Wire
UCC - Uniform Commercial Code
*UCC Article 3* Negotiable instruments *UCC Article 4* Bank deposits & collections *UCC Article 4A Non-Consumer credit transfers
FFIEC History
1979: FFIEC was established, pursuant to title X of the Financial Institutions Regulatory and Interest Rate Control Act of 1978 (FIRA) Public Law 95-630. 1989: Appraisal Subcommittee (ASC) was established within the FFIEC, pursuant to title XI of the Financial Institutions Reform, Recovery and Enforcement Act (FIRREA) 2006: State Liaison Committee (SLC) was added to the Council as a voting member. The SLC includes representatives from: Conference of State Bank Supervisors (CSBS) American Council of State Savings Supervisors (ACSSS) National Association of State Credit Union Supervisors (NASCUS)
Regulation CC
1. Fed authority over check collection under EFAA 2. Availability of funds deposited in demand accounts, collection and return of checks A bank transferring a substitute check, or a Remotely Created Check (RCC) warrants it is authorized. • Check
Remotely Created Checks (RCCs)
Allows payee to create checks drawn on others' accounts. Also known as: • demand drafts (UCC) • remotely created checks (Reg CC) • preauthorized drafts Main characteristics: • Created by payee or payee's agent • Not signed by maker • Signature line says "No Signature Required", etc. • Deposited to payee's account
ECCHO Rule 8
Allows receiving Member to make a claim against sending Member for a *breach of the warranty* for an *unauthorized RCC* under *Reg CC.*
BSA/AML
Bank Secrecy Act / Anti-Money Laundering Act
Clearing House Rules
Clearing houses have developed rules that establish framework and set legal obligations of their members: • *ECCHO rules* • *SVPCO's CHECCS rules* (based on ECCHO rules) • *NCHA's Code of National Regulations*??? May still leave logistics and other details to participants to work out in supplemental agreements
31 CFR 370
ELECTRONIC TRANSACTIONS AND FUNDS TRANSFERS RELATING TO UNITED STATES SECURITIES ACH Credit and Debit transfers in connection with U.S. securities
Card Network Specific Rules
Each major brand has its own specific set of rules that merchants and issuers follow They are Private sector rules that are a condition of offering and accepting the specific card brand, including: • Honoring cards • Chargeback rights • Authorization • Advertising
Credit Cards: EMV fraud liability shift
Effective October 2015 Shifts liability for fraudulent POS card present transactions to merchant that does not have chip enabled readers ATM liability shift • Mastercard - October 2016 • VISA - October 2017 Fuel pump liability shift-pushed to October 2020
Check Clearing for the 21st Century Act
Effective October 28, 2004 • Subpart D to Regulation CC FACILITATES truncation and image exchange but DOES NOT GOVERN it Creates and governs use of negotiable instrument called a "substitute check" that can be used in place of original check without agreement of recipient Provides warranties and indemnities that flow with a substitute check and a copy or electronic representation of substitute check
Changes to Reg CC - Effective July 1, 2018
Ensures that a bank receives the same warranties regardless of whether a check is paper or electronic. "Electronic" = must be captured from a paper check. Presentments: *Same-Day Settlement (SDS) rule change* Existing SDS rule provides incentive for banks to negotiate electronic same-day settlement agreements. Existing rule was retained but with minor changes to reflect the existence of a single check processing region nationwide. Returns: *New condition for expeditious return liability* 1. Returned check must satisfy a modified version of the "two-day test": check is received by depositary bank no later than 2pm on the 2nd business day following the banking day when the check was presented to the paying bank 2. A paying bank and returning bank may be liable to a depositary bank for failing expeditious return requirements only if the depositary bank has arrangements in place to accept returned check electronically, directly or indirectly, by commercially reasonable means.
ACH Operator
Entity acting as a central facility for clearing, delivery, and settlement of Entries between or among Participating DFIs
Regulation E
Establishes rights, liabilities, and responsibilities of parties in electronic funds transfers and protects *consumers* when they use such systems • ACH • Debit Card • Wire
Regulation D
Federal Reserve reg that sets out *reserve requirements* for US banks. Imposes reserve requirements on certain deposits and liabilities solely for the purpose of implementing monetary policy. It specifies how DFIs must classify different types of deposit accounts for reserve requirements purposes
Payments System Risk Policy (PSR)
Federal Reserve's policy addressing the risks that payment systems present to the FRBs, the banking system and to other sectors of the economy A *daylight overdraft* occurs when there are *insufficient funds in an FI's FRB account* to cover: > outgoing funds transfers > incoming book-entry securities transfers *Net debit cap* the max $ amount of uncollateralized daylight overdrafts that an FI is authorized to incur in its FRB account. Generally = FI's capital times the cap multiple for its cap category
Electronic Funds Transfer Act (EFTA)
Federal law covering electronic funds transfers
Expedited Funds Availability Act of 1987 (EFAA)
Federal law that applies to making proceeds of deposits into bank accounts available to depositors Applies primarily to Check transactions but contains provision for availability of funds deposited by Wire transfer and ACH credit Subpart B is under purview of Consumer Financial Protection Bureau (CFPB) • ACH (credit) • Check • Wire
What Check 21 Does Not Do?
Govern electronic collection and return of imaged checks by banks Establish liability of truncating bank or truncating customer Apply to ACH transactions Mandate banks: • receive check images • send check images • give customers check images provide "substitute checks" upon customers' request; however, bank can still provide image copies of checks
Regulation R
Governs the treatment of *nonpublic personal information* about consumers by financial institutions for which the *Board has primary supervisory authority*
Regulation DD
Issued by the CFPB to implement the *Truth in Savings Act of 1991* Requires depository FIs to provide disclosures so that consumers can make meaningful comparisons among FIs
31 CFR Part 208
MANAGEMENT OF FEDERAL AGENCY DISBURSEMENTS Requires individuals to elect an EFT option for federal benefit payments ACH Fedwire Automated teller machines Point-of-sale terminals Credit card
Payment Systems Legal Structures: Real Time Payments
Network / operating rules
Final Changes to Reg CC
New indemnities provide a basic level of protection from unauthorized items and duplicate presentment: *Duplicate Presentments* *Electronically-Created Items (ECI)* not captured from a check A bank that transfers or presents an electronically-created item and receives settlement indemnifies the transferee bank, any subsequent collecting bank, the paying bank, and any subsequent returning bank.
FRB Operating Circular 1
OC 1 contains the terms for opening, maintaining, and terminating a master account with a Federal Reserve Bank, as well as general provisions regarding Reserve Bank services applicable to institutions whether or not they maintain a Reserve Bank account.
FRB Operating Circular 3
OC 3 applies to the handling of all items that FRB accepts for forward collection and all returned checks that are accepted for return. Covers exchange of items (paper, image and substitute checks) with the Federal Reserve Addresses Electronic Payment Orders (EPOs) by making sending bank warrant all images plus data sent for collection were captured from paper check • Check
FRB Operating Circular 4
OC 4 applies to clearing and settlement of *commercial ACH credit and debit items* by the Federal Reserve Banks, sending banks, and receiving banks. Covers ACH transactions sent through the Fed as Operator • ACH
FRB Operating Circular 5
OC 5 includes the terms under which an institution may access certain services and applications provided by a FRB by means of an electronic connection
FRB Operating Circular 6
OC 6, along with *subpart B of Regulation J*, applies to funds transfers made through the Fedwire Funds Service
FRB Operating Circular 7
OC 7 contains the terms under which the Federal Reserve Banks maintain securities accounts and effect transfers of book-entry securities for participants.
31 CFR Part 203
PAYMENT OF FEDERAL TAXES AND THE TREASURY TAX AND LOAN PROGRAM Prescribes the rules that FIs must follow when they process *electronic Federal tax payment transactions*. An FI is not required to be designated as a Treasury Tax & Loan (TT&L) depositary in order to process.
RDFI
Participating Depository FI with respect to Entries: (a) it receives from its ACH Operator to the accounts of Receivers, and (b) on which it is designated as the RDFI in accordance with: *Appendix Three (ACH Record Format Specifications)*. An ODFI is not considered an RDFI solely by reason of its receipt of Acknowledgment Entries, Return Entries, Extended Return Entries, or Notifications of Change
ODFI
Participating Depository FI with respect to Entries: (a) it Transmits directly or indirectly to an ACH Operator for Transmittal to an RDFI, and (b) on which it is designated as the ODFI in accordance with: *Appendix Three (ACH Record Format Specifications)*. An RDFI is not considered an ODFI solely by reason of its initiation of Acknowledgment Entries, Return Entries, Extended Return Entries, or Notifications of Change
Originator
Person who authorized an ODFI (directly or through a TPS) to Transmit, for the account of that Person, a credit Entry, debit Entry, or Non-Monetary Entry to the Receiver's account at the RDFI
Receiver
Person who authorized an Originator to initiate a credit, debit or Non-Monetary Entry to Receiver's account at RDFI. With respect to debit Entries, the term "Receiver" means all Persons whose signatures are required to withdraw funds from an account for purposes of the warranty provisions of Subsection 2.4.1 (General ODFI Warranties)
Payment Systems Legal Structures: Card (debit and credit)
Primarily governed by: *Card acceptance guidelines* *Consumer protection regulations* • TILA • EFTA • Durbin Amendment (Limits fees charged to retailers for debit card processing) *Operation Chokepoint* 2013 initiative of the USDoJ, which would investigate US banks in the United States and the business they do with companies believed to be at higher risk for fraud and money laundering.
31 CFR Part 240
INDORSEMENT AND PAYMENT OF CHECKS DRAWN ON THE U.S. TREASURY Legal equivalence of electronic checks Safekeeping of original checks.
Dodd Frank section 1073
Remittance = International Funds Transfer initiated by a U.S. Consumer
Credit Cards: Reg Z / TILA (Truth in Lending Act)
Required creditors to increase amount of notice consumers receive before rate on credit card account is increased or a significant change is made to account terms Allows consumers to reject increases and changes by informing creditor before increase or change takes effect Rules regarding interest rate increases, over-the-limit transactions, and student cards Addresses reasonableness and proportionality of penalty fees and charges and re-evaluation of rate increases Amended by Credit Card Accountability, Responsibility, and Disclosure Act of 2009 Constitutes what is considered to be a prepaid or general-use card
Regulatory Requirements for Data Breach Reporting
Security breach laws typical provisions: Who must comply (businesses, data/ information brokers, government entities, etc.) Definitions of "personal information" (name combined with SSN, drivers license or state ID, account numbers, etc.) What constitutes a breach (unauthorized acquisition of data) Requirements for notice (timing or method of notice, who must be notified) Exemptions (for encrypted information) 48 states, District of Columbia, Guam, Puerto Rico and Virgin Islands Legislation requiring private or governmental entities to notify individuals of security breaches of information involving personally identifiable information Must follow the rules for state where customer is located
ECCHO Rule 9
Sending member warrants to receiving member that: • signature is not forged or unauthorized • related physical check is not counterfeit Allows Paying Bank to file a claim on a fraudulent item *after the UCC midnight return deadline* The Rule shifts responsibility for counterfeit/forged items from the Paying bank to the depositor However, the loss remains with the Paying bank if there are insufficient funds in the depositor's account.
UCC Articles 3 and 4
State law governing Checks, bank deposits and collections - adopted by all states. 1990 revisions removed legal barriers to truncation and electronic presentment - adopted by all states, except New York UCC does not govern electronic transactions but leaves that for agreements The loop: deposit, transfer, presentment, posting or return; return processing/warranties
UCC Article 4A
State law governing Non-Consumer credit transfers using a "funds transfer system" • ACH credit • Wire
Regulation Z
Truth in Lending Act (TILA): Promotes informed use of consumer credit by requiring disclosures about terms and cost • Credit card
USA PATRIOT Act
Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 Office of Foreign Asset Control (OFAC)
Payment Systems Legal Structures: Non-bank payment services
Western Union, Money Gram, PayPal • Structured by agreements • Federally regulated
Payment Systems Legal Structures: ACH
• NACHA Operating Rules • Formats developed and owned jointly • All ops & svc by FedACH and The Clearing House • FRB OC 4 • EFTA / Reg E • UCC 4A
Payment Systems Legal Structures: ATM Network
• Structured by agreements and private sector "rules" • Overlay of federal consumer protection - EFTA
Payments Systems Legal Structures: Check (paper and electronic)
• UCC Article 3 & 4 • Reg CC • Reg J • OC 3 Private sector "rules" ECCHO
Payments Systems Legal Structures: Wire Transfer Systems
• UCC Article 4A • Reg J • OC 6 Private sector agreements and rules CHIPS & SWIFT FedWire
ECCHO - Electronic Clearing House Organization
A not-for-profit national check clearing house owned by its almost 3,000-member FIs Recognized across the U.S. as the national *provider of private sector* check image exchange rules. In an exchange under the Rules: *MICR info = Presentment Notice* Rules provide that the Electronic Image is an "item" and a "check" under the *UCC* and *Reg CC*, respectively.
31 CFR Part 210
FEDERAL GOVERNMENT PARTICIPATION IN ACH Governs all entries and entry data originated or received by an agency through the ACH network, except Federal tax payments (see Part 203) and U.S. securities (see Part 370).
Federal Financial Institution Examiners Council (FFIEC)
FFIEC is a formal inter-agency body empowered to prescribe uniform principles, standards, and report forms for federal examination of FIs, and to make recommendations to promote uniformity in the supervision of FIs FRB - Board of Governors/Federal Reserve System FDIC - Federal Deposit Insurance Corporation NCUA - National Credit Union Administration OCC - Office of the Comptroller of the Currency CFPB -Consumer Financial Protection Bureau