[Federal Register Volume 75, Number 123 (Monday, June 28, 2010)]
[Proposed Rules]
[Pages 36589-36608]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-15194]
[[Page 36589]]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Part 103
RIN 1506-AB07
Financial Crimes Enforcement Network; Amendment to the Bank
Secrecy Act Regulations--Definitions and Other Regulations Relating to
Prepaid Access
AGENCY: Financial Crimes Enforcement Network (``FinCEN''), Treasury.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: FinCEN is proposing to revise the Bank Secrecy Act (``BSA'')
regulations applicable to Money Services Businesses with regard to
stored value or prepaid access. More specifically, the proposed changes
include the following: renaming ``stored value'' as ``prepaid access''
and defining that term; deleting the terms ``issuer and redeemer'' of
stored value; imposing suspicious activity reporting, customer
information and transaction information recordkeeping requirements on
both providers and sellers of prepaid access and, additionally,
imposing a registration requirement on providers only; and exempting
certain categories of prepaid access products and services posing lower
risks of money laundering and terrorist financing from certain
requirements.
The proposed changes are intended to address regulatory gaps that
have resulted from the proliferation of prepaid innovations over the
last ten years and their increasing use as an accepted payment method.
If these gaps are not addressed, there is increased potential for the
use of prepaid access as a means for furthering money laundering,
terrorist financing, and other illicit transactions through the
financial system. This would significantly undermine many of the
efforts previously taken by government and industry to safeguard the
financial system through the application of BSA requirements to other
areas of the financial sector. In this proposed rulemaking, we are
reviewing the stored value/prepaid access regulatory framework with a
focus on developing appropriate BSA regulatory oversight without
impeding continued development of the industry, as well as improving
the ability of FinCEN, other regulators and law enforcement to
safeguard the U.S. financial system from the abuses of terrorist
financing, money laundering, and other financial crime. In the course
of our regulatory research into the operation of the prepaid industry,
we have encountered a number of distinct issues, such as the
appropriate obligations of payment networks and financial transparency
at the borders, and we anticipate future rulemakings in these areas. We
will seek to phase in any additional requirements, however, as the most
prudent course of action for an evolving segment of the money services
business (``MSB'') community.
DATES: Written comments on the notice of proposed rulemaking must be
submitted on or before July 28, 2010.
ADDRESSES: You may submit comments, identified by RIN 1506-AB07, by any
of the following methods:
Federal e-rulemaking portal: http://www.regulations.gov.
Follow the instructions for submitting comments. Refer to Docket number
TREAS-FinCEN-2009-0007.
Mail: FinCEN, P.O. Box 39, Vienna, VA 22183. Include RIN
1506-AB07 in the body of the text.
Inspection of comments: Public comments received electronically or
through the U.S. Postal Service sent in response to a ``Notice and
Request for Comment'' will be made available for public review as soon
as possible on http://www.regulations.gov. Comments received may be
physically inspected in the FinCEN reading room located in Vienna,
Virginia. Reading room appointments are available weekdays (excluding
holidays) between 10 a.m. and 3 p.m., by calling the Disclosure Officer
at (703) 905-5034 (not a toll free call).
FOR FURTHER INFORMATION CONTACT: Regulatory Policy and Programs
Division, FinCEN (800) 949-2732 and select option 1.
SUPPLEMENTARY INFORMATION:
I. Introduction
A. Development of the Prepaid Industry
Prepaid products, also variously known as stored value, stored
value cards, or prepaid cards, have emerged in recent years into the
mainstream of the U.S. financial system. As consumers have embraced the
convenience and security of being able to transact many daily
commercial activities electronically, more and more areas of American
commerce explore ways to reap the advantages of electronic payment
delivery.
This migration to electronic delivery has escalated greatly in
recent years, most especially over the last 3-5 years.\1\ As consumer
comfort levels rise and technology costs fall, continued growth in all
types of electronic payment options appears likely. As the Federal
Reserve Board noted in its 2007 Payments Study, electronic payments
comprised over two-thirds of all non-cash payments.\2\
---------------------------------------------------------------------------
\1\ ``Study findings suggest * * * the market for open-loop
gift/prepaid cards is increasing * * * more than twice as many gift
card purchasers/receivers bought or were given a general purpose
gift card in 2008 as were in 2005.'' Hitachi Consulting ``Payments
Study Highlights Continued Growth in Credit, Debit Cards,'' February
2009.
\2\ Of electronic payments, ``[c]ard payments alone comprised
over half of non-cash payments.'' The 2007 Federal Reserve Payments
Study--Non-cash Payment Trends in the United States: 2003-2006, pg.
5.
---------------------------------------------------------------------------
By certain accounts,\3\ the launch of the first stored value/
prepaid product traces to the magnetic stripe-bearing gift cards
introduced by Blockbuster Video in 1995 to replace the company's former
paper gift certificates. The change allowed the merchant to offer the
purchaser a more attractive product that, unlike its paper-based
predecessor, could be issued in any denomination. The gift cards also
allowed the balance to be monitored and offered security features
against alteration or fraud. The Blockbuster Gift Card began the rapid
migration by most gift card sellers to plastic from paper.
---------------------------------------------------------------------------
\3\ CardTrak News, Blockbuster Giftcard press release, January
15, 1996.
---------------------------------------------------------------------------
Beginning in the year 2000, VISA, Inc. moved into the prepaid space
by introducing its Buxx card, targeted at the teen/young adult market
as a money management tool and a more secure way for parents to provide
college students with funds for living expenses. MasterCard launched a
competitor card (iGen) in 2001, and American Express began marketing
its prepaid card in October 2002 as a general purpose gift card that
was good anywhere that American Express was accepted. The convergence
of the initial retailer-exclusive gift cards \4\ such as Blockbuster,
Sears or Amazon.com with these ``branded'' cards, bearing a Visa,
MasterCard, American Express or Discover logo, meant that consumers
could easily find a gift card for any purpose and in virtually any
amount.
---------------------------------------------------------------------------
\4\ Retailer-specific prepaid products are generally
characterized as ``closed loop,'' meaning that there are a finite
number of locations at which the devices can be used. Closed loop
programs involve a known provider of goods or service at the time of
sale. Conversely, ``open loop'' refers to a type of prepaid access
device that can be used at any accepting retail location. Generally,
open loop cards are branded network cards, such as: VISA,
MasterCard, American Express and Discover. See also Footnote 34 in
this NPRM for a discussion of FinCEN's previous proposal of a
regulatory definition relating to closed loop stored value.
---------------------------------------------------------------------------
A simultaneous market development involved in-store gift card
kiosks, such as Gift Card Mall, launched in 2001 by Blackhawk Network,
a subsidiary of Safeway Stores, Inc. Blackhawk Network pioneered the
establishment of
[[Page 36590]]
in-store gift card retail centers, located in supermarkets and
convenience stores, which meant that the purchaser no longer had to
visit a particular retailer, restaurant, or entertainment center to buy
gift cards for department and discount stores, movie theaters, theme
parks, and on-line vendors such as iTunes. Although initial marketing
strategies for these ``malls'' targeted a specific consumer niche, the
varied vendors represented and the convenience appealed to a broader-
than-expected audience. A 2006 study \5\ undertaken by the American
Bankers Association (``ABA'') and Dove Consulting revealed strong
consumer preference for both giving and receiving retailer-specific
gift cards, deemed both more personal than cash and more valued by the
recipient.
---------------------------------------------------------------------------
\5\ 2005/2006 Study of Consumer Payment Preferences, published
October 2005.
---------------------------------------------------------------------------
Within the context of the above-referenced developments, there are
a myriad of factors that have spurred the growth of the prepaid
industry including: (1) The effort to market cost-effective financial
products to individuals who are either unbanked or underbanked; \6\ (2)
the effort by governmental entities, at Federal and State and local
levels, to deliver an increasing number of benefits through prepaid
cards, which can be used at ATMs as withdrawal devices or used at
points of sale (``POS'') to purchase goods and services; and (3) the
move by many employers to pay some workers, such as construction
workers, day laborers, and others, through cards, which they regularly
reload \7\ with scheduled earnings for as long as the individual
remains an employee. Generally, these cards can also be used at ATMs
and at retail POS.
---------------------------------------------------------------------------
\6\ ``A Tool for Getting By or Getting Ahead? Consumers' Views
on Prepaid Cards,'' by Center for Financial Services Innovation;
authors Gordon, Romich and Waithaka (2009), pg. 7. See also, FDIC
Survey of Unbanked and Underbanked Households (December 2009),
available at http://www.fdic.gov/householdsurvey/full_report.pdf.
\7\ ``Load'' and ``reload,'' as used in the prepaid access
context, refer to the initial provision of value and all subsequent
provisions of value to a prepaid access program.
---------------------------------------------------------------------------
With respect to the first factor, concerning the needs of the
unbanked and underbanked, the use of prepaid cards has been promoted by
various advocacy groups \8\ as an effective, lower-cost method to
deliver necessary financial services. For a variety of cultural or
educational reasons, or due to language barriers, some individuals have
found the traditional banking environment overly intimidating or
unsuited to their financial services needs. Many have never established
banking relationships, or have found them cost-prohibitive for their
limited needs, and have turned to the ``alternative financial service
provider'' marketplace,\9\ accessing businesses such as payday lenders,
pawnshops, and check cashing facilities. Often, the fees associated
with these alternatives may be high in relation to the dollar value of
the transaction.\10\ The development and promotion of prepaid cards
introduced a new non-traditional banking alternative for these
individuals. Many of the major industry members engaged in prepaid
access are aggressively courting this unbanked market segment by
increasing marketing efforts and by also lowering fees.\11\
---------------------------------------------------------------------------
\8\ See ``A Tool for Getting By or Ahead * * *,'' referenced in
footnote 6.
\9\ ``Alternative Financial Services: A Primer,'' FDIC
Quarterly, 2009, Vol. 3, No. 1.
\10\ See materials referenced in footnote 6.
\11\ American Banker, June 4, 2009, p. 1.
---------------------------------------------------------------------------
With respect to the latter two factors, concerning government and
employer payments, the use of a prepaid card replaces the issuance of
paper checks, offering benefits to the government entity or employer
such as lower transaction costs, accounting efficiencies, safeguards
against alteration or loss, and others. For the recipient, many of the
same security concerns are addressed, as well as the immediacy and
reliability of the payment, which no longer has to be sent by mail and
can be used without the need for negotiation at a bank or check cashing
facility.
As the general public has become more attuned to seeing plastic
where paper formerly dominated, it has been willing, and sometimes
eager, to accept transition to a card or similar convenient device,
such as a key fob.\12\ The advantages to the consumer include
eliminating the need to carry cash, security against loss/theft and the
ability to track and limit spending, among others. For the financial
services industry, it offers a profitable retail payment product whose
acceptance by the general public and the vast majority of the American
and global marketplace is attractive.
---------------------------------------------------------------------------
\12\ As used in this discussion, ``key fob'' refers to a type of
contactless payment device, typically attached to a key chain, which
might resemble a disc-shaped ornament or token. It contains an
electronic chip from which a compatible mechanism is able to
communicate payment instructions to the holder of the corresponding
account.
---------------------------------------------------------------------------
B. The Need for Rulemaking
Notwithstanding the benefits of prepaid access, based on
discussions with the law enforcement community, FinCEN believes that it
may be vulnerable to money laundering. Many of the same factors that
make prepaid access attractive to consumers make it vulnerable to
illicit activity. For example, the ease with which prepaid access can
be obtained combined with the potential for relatively high velocity of
money through accounts involving prepaid access and anonymous use, may
make it particularly attractive to illicit actors. These individuals
value the ability to receive and distribute a significant amount of
funds without being subject to many of the reporting requirements that
would apply to comparable transactions using cash or involving an
ordinary demand deposit account at a bank. FinCEN solicits comment on
the money laundering and terrorist financing vulnerabilities that
prepaid access products or services may pose. Depending on the
sensitivity of such information, this information may be maintained in
a confidential docket.
The purpose of this rulemaking is to establish clear requirements
under the BSA with respect to certain non-bank actors involved in the
provision of prepaid access. In doing so, FinCEN intends to bring an
appropriate degree of transparency to the sector; facilitate the
provision of valuable information to regulatory and law enforcement
agencies; and enhance the resilience of the prepaid industry against
illicit activity. While a limited degree of regulatory oversight over
the prepaid industry exists at present, we believe that it is now time
to bring this industry within the full ambit of the BSA. We believe
that our endeavors in this regard will be assisted by the fact that
many in industry already use automated fraud monitoring systems that
evaluate data points similar to those relevant to detect suspicious
transactions and other information relevant to the BSA.
In proposing this rule, FinCEN is also reiterating a clear
distinction that already exists in our regulations between money
services businesses and depository institutions, both of which play
roles in prepaid access transaction chains. Depository institutions are
already held responsible for a full slate of anti-money laundering
(``AML'') obligations, and those responsibilities will not change as a
result of this rulemaking. Further, these depository institutions are
subject to regular examinations by their Federal regulators where they
are assessed for compliance. Consequently, with this rulemaking, we
intend to bring non-bank entities in the prepaid sector under
regulatory treatment that is more consistent with other financial
institutions, such as depository institutions, subject to the BSA.
[[Page 36591]]
In this proposed rulemaking, we will attempt to address
vulnerabilities in the types of prepaid programs that present potential
for abuse, and to impose requirements on those within the transaction
chain that possess the greatest ability to control the program's
operations, either directly or through an oversight role, and those who
may have relevant consumer information. At the same time, we do not
want to stifle growth or innovation within the payments industry.
Finally, we recognize that, while we will frequently refer to the
``card'' in describing this payment method, it is becoming increasingly
apparent that the plastic card entails only one possible method of
enabling prepaid access. Accordingly, we intend for this rulemaking to
be as forward-looking and as technologically neutral as possible; today
prepaid access can be provided through a card, a mobile phone, a key
fob or any other object to which relevant electronic information can be
affixed. In some contexts, there may even be no physical object, as
access to prepaid value can be enabled through the provision of
information over the telephone or the Internet. We intend for our rule
to be applicable to whatever tomorrow's payment environment offers as
well. However, we seek comment on whether the rulemaking is
sufficiently technologically neutral, and if not, in what areas it can
be improved for these considerations.
FinCEN does not intend for this rule to have an impact on two other
payment methods that bear some outward similarities to prepaid access,
namely the use of credit cards or debit cards. The proposed terminology
in this rulemaking is meant to establish a clear difference between
those systems and prepaid access. FinCEN anticipates obtaining further
insight from the rulemaking and public comment process to ensure that
we employ the most accurate and precise terminology possible.
II. Background of This Rulemaking
A. Statutory and Regulatory Background
The BSA, Titles I and II of Public Law 91-508, as amended, codified
at 12 U.S.C. 1829b and 1951-1959, and 31 U.S.C. 5311-5314 and 5316-
5332, authorizes the Secretary of the Treasury (the ``Secretary'') to
issue regulations requiring financial institutions to keep records and
file reports that the Secretary determines ``have a high degree of
usefulness in criminal, tax, or regulatory investigations or
proceedings, or in the conduct of intelligence or counterintelligence
matters, including analysis to protect against international
terrorism.'' \13\ The Secretary's authority to administer the BSA and
its implementing regulations has been delegated to the Director of
FinCEN.\14\ FinCEN has interpreted the BSA through implementing
regulations (``BSA regulations'' or ``BSA rules'') that appear at 31
CFR part 103.
---------------------------------------------------------------------------
\13\ 31 U.S.C. 5311.
\14\ See Treasury Order 180-01 (Sept. 26, 2002).
---------------------------------------------------------------------------
FinCEN has defined the BSA term ``financial institution'' to
include ``money services businesses,'' \15\ a category that includes: A
currency dealer or exchanger; a check casher; an issuer, seller, or
redeemer of traveler's checks, money orders, or stored value; and money
transmitter.\16\ FinCEN is authorized to deem any business engaged in
an activity determined by regulation to be an activity similar to,
related to, or a substitute for these activities a ``financial
institution.'' \17\
---------------------------------------------------------------------------
\15\ ``MSB'' is a term FinCEN created that refers to certain
non-bank financial institutions that offer specific services (often
in combination) and are without a Federal functional regulator.
\16\ 31 CFR 103.11(uu) implementing 31 U.S.C. 5312(a)(2)(J),
(K), (R) and (V).
\17\ 31 U.S.C. 5312(a)(2)(Y).
---------------------------------------------------------------------------
The Director of FinCEN, through delegated authority, has issued
regulations under the BSA implementing the recordkeeping, reporting,
and other requirements of the BSA. Like other financial institutions
under the BSA, MSBs must implement AML programs, make certain reports
to FinCEN, and maintain certain records to facilitate financial
transparency. MSBs are required with some exceptions to: (1) Establish
written AML programs that are reasonably designed to prevent the MSB
from being used to facilitate money laundering and the financing of
terrorist activities; \18\ (2) file Currency Transaction Reports
(``CTRs'') \19\ and Suspicious Activity Reports (``SARs''); \20\ and
(3) maintain certain records, including records relating to the
purchase of certain monetary instruments with currency,\21\ relating to
transactions by currency dealers or exchangers, and relating to certain
transmittals of funds.\22\ Most types of MSBs are required to register
with FinCEN \23\ and all are subject to examination for BSA compliance
by the Internal Revenue Service (``IRS'').\24\
---------------------------------------------------------------------------
\18\ See 31 CFR 103.125.
\19\ See 31 CFR 103.22.
\20\ See 31 CFR 103.20. Check cashers and transactions solely
involving the issuance, sale or redemption of stored value are not
covered by the SAR requirement. See 31 CFR 103.20(a)(1) and (a)(5).
\21\ See 31 CFR 103.29.
\22\ See 31 CFR 103.33(f)-(g).
\23\ See 31 CFR 103.41.
\24\ See 31 CFR 103.56(b)(8).
---------------------------------------------------------------------------
B. Past Public Meetings With the MSB Industry
In 1997, FinCEN held public meetings at various locations
throughout the country to give members of the financial services
industry an opportunity to discuss the proposed MSB regulations and any
impact they might have on operations. In drafting the final rules
defining the MSB categories, FinCEN relied on the contributions from
these public forums.
The proceedings of those meetings, with respect to stored value and
money transmission, reveal a shared acknowledgement by FinCEN and
industry that the prepaid business existed only in an early
developmental stage at that time, and that it was important not to
stifle innovation. Although the industry was in its infancy, many
issues surrounding prepaid products today were discussed and debated
then, such as establishing appropriate audit trails and the need for
information gathering on certain customers. Among other conclusions,
these meetings resulted in the following pronouncements:
The money transmission definition should be sufficiently
flexible to encompass the traditional concept of wiring funds, while
also capturing alternative types of payments, both electronic and
manual.\25\
---------------------------------------------------------------------------
\25\ Transcript of FinCEN meeting, held in New York City, NY. A
FinCEN official in attendance stated, ``Just as a point of
clarification, again, under our definitions, as proposed in our
rules, and also our intent, is not to restrict money transmitters to
those businesses that only provide currency, cash, to customers, and
the notion of a money transmittal will take place regardless of
whether the form is in checks or in money orders or in travelers
checks, or the more traditional notion of wire transfer credits to
an existing bank account.''
---------------------------------------------------------------------------
FinCEN officials acknowledged that the use of the term
``stored value'' might be somewhat imprecise, and lead to the
conclusion that only ``value or representation of value that is stored
either on a chip or on a hard drive somewhere'' was correctly labeled
stored value. Despite these misgivings, the term stored value was
chosen as the best available at the time.\26\
---------------------------------------------------------------------------
\26\ Transcript of FinCEN meeting, held in San Jose, CA. A
FinCEN official in attendance stated, `` * * * the concept is that
there is a new something which we called fundamental monetary value
represented in digital format and stored or capable of storage on
electronic media in such a way as to be retrievable and transferable
electronically. We called that stored value, because frankly we
couldn't think of anything else to call it * * *. We were kind of
aware that when we used the term, people were going to think we were
only talking about stored value cards. And we decided to take that
risk.''
---------------------------------------------------------------------------
We find the proceedings of these meetings informative and
persuasive in guiding the current rulemaking. Not only did these forums
occur at various
[[Page 36592]]
locations around the country, but they also involved a number of
different perspectives from throughout the financial services industry.
Early entrants into the stored value marketplace, seasoned banking
professionals, Federal and State regulators and service providers such
as data processing representatives were all either in attendance or
represented. There was considerable discussion among the participants
that illustrated the struggle to define the shifting payments
environment as it was only beginning to take full advantage of new
technologies.\27\
---------------------------------------------------------------------------
\27\ Transcript of FinCEN meeting, held in San Jose, CA. An
industry member in attendance stated, ``* * * these products are all
* * * evolving * * *. The ACH system is old * * * batch processing,
it's clunky * * *. We are working very hard to develop new systems
that work better, that are more efficient, that are faster * * * ''
---------------------------------------------------------------------------
C. The Terms ``Stored Value'' and ``Prepaid Access''
A FinCEN official in attendance at the 1997 meetings observed that
the term ``stored value'' was imprecise for the meaning being ascribed
to it. The concept at issue, as he described it, involved monetary
value represented in digital format that was stored or capable of being
stored on electronic media in such a way as to be retrievable and
transferable electronically.\28\
---------------------------------------------------------------------------
\28\ See supra note 26.
---------------------------------------------------------------------------
The key distinction to be drawn from his observation is that the
``value'' to which he refers is not ``stored'' on the card; rather, the
value is stored in a location or a medium that can be accessed
electronically through the card or an alternative device. Given the
nascent nature of the stored value industry approximately ten years
ago, the limitations of descriptive terms are easily understood. The
term ``stored value'' gained a foothold following FinCEN's publication
of the 1999 MSB regulation, which included issuers, sellers and
redeemers of stored value in the definition of MSB.\29\
---------------------------------------------------------------------------
\29\ 31 CFR 103.11(uu)(3), (4).
---------------------------------------------------------------------------
In this Notice of Proposed Rulemaking (``NPRM''), we intend to
replace the terms ``issuer'' and ``redeemer'' of stored value. These
terms are not useful as the primary focal point for our regulatory
efforts with respect to this industry for the following reasons:
``Issuers'' are generally banks, which means that, by
definition, they cannot be deemed MSBs under our rules.\30\
Additionally, the activities of banks are covered under other BSA
regulations.
---------------------------------------------------------------------------
\30\ 31 CFR 103.11(uu).
---------------------------------------------------------------------------
``Redeemers'' is a term formerly used in the context of
several MSB definitions that FinCEN is seeking to eliminate.
Instead, we propose to introduce the terms ``prepaid access'' and
``provider of prepaid access,'' with the latter used to characterize a
distinct category of MSB and a primary focus of our regulatory
efforts.\31\ We believe that these terms offer a more accurate
characterization of the role and the payment product which we seek to
bring more fully within the scope of the BSA.
---------------------------------------------------------------------------
\31\ For the remainder of this document, and in the accompanying
rule text, we will use the terms ``prepaid access'' and ``provider
of prepaid access.'' However, as noted in the final paragraph of
this section, we solicit public comment for the best term for the
payment mechanism at issue.
---------------------------------------------------------------------------
Although considerable discussion occurred in 1997 regarding
divergent strategies for chip-enabled cards vs. magnetic stripe-bearing
cards, developments over the last twelve years reveal a far more
harmonized evolution. The magnetic-stripe card continues to be the
technology used most in the United States.\32\ Even in situations where
a card or other device is characterized as ``chip-based,'' this chip
principally transfers the magnetic stripe functionality to a smaller
unit of information. The miniaturized size allows for installation in
any number of various devices such as cell phone screens and key chain
tokens. Whether magnetic stripe or chip-based, the value to which the
payment device gives access remains in an account; not in any way
``stored'' on the card. Therefore, we find the purported dichotomy
forecast in 1997 to be unpersuasive for purposes of this rulemaking. We
consider this proposed rule to encompass cards and all other emerging
payment devices, such as mobile phones, currently in the marketplace
and on the horizon.
---------------------------------------------------------------------------
\32\ A repeated question raised with respect to chip-based cards
concerns those in use in Europe and Asia, and whether that variety
will migrate to use in the United States. At present, there appears
to be little appetite for installing the necessary payments
infrastructure to enable such use at the point of transaction. In
the event that such developments occur in the future, we believe
that our rule text employs the necessary flexibility to encompass
any such new payment devices.
---------------------------------------------------------------------------
We seek public comment regarding the terms ``prepaid access'' and
``provider of prepaid access,'' and whether they offer the best, most
meaningful description of the product(s).
D. May 12, 2009 Money Services Business NPRM
On May 12, 2009, FinCEN published an NPRM entitled ``Amendment to
the Bank Secrecy Act Regulations--Definitions and Other Regulations
Relating to Money Services Businesses'' in the Federal Register.\33\
Comments concerning the 2009 MSB NPRM from the industry and public were
accepted through the close of the comment period on September 9, 2009.
---------------------------------------------------------------------------
\33\ 74 FR 22129 (May 12, 2009) (hereinafter 2009 MSB NPRM).
---------------------------------------------------------------------------
In the 2009 MSB NPRM, FinCEN proposed to revise the MSB definition
by describing with more clarity the types of financial activity that
will subject a business to the BSA implementing rules. The proposal
incorporated past FinCEN rulings and policy determinations into the
regulatory text and sought to make it easier for MSBs to determine
their responsibilities.
FinCEN also solicited comments on a number of stored value/prepaid
questions in an effort to garner information regarding the accurate
definition(s) or terminology for this payment device, to determine the
appropriate treatment as an MSB component, and to identify the various
participants comprising the numerous prepaid business models. Those
comments have assisted FinCEN in drafting the current proposed
rulemaking.
The comments covered a significant range of opinions. A consumer
rights organization and an association of State regulatory agencies
urged a more rigorous regulatory scheme, encompassing any and all types
of prepaid business models. The comments received from business
entities in the prepaid industry generally suggested that closed loop
products \34\ should not be encompassed within the proposed rulemaking
because they posed very minimal money laundering risk. They asserted
that stored value/prepaid products are often wrongly categorized as
monetary instruments and, while more closely allied with money
transmission, they most accurately deserve a separate category as a
form of money transmission.
---------------------------------------------------------------------------
\34\ In its 2009 MSB NPRM, FinCEN proposed a definition for
closed loop stored value as ``Stored value that is limited to a
defined merchant or location (or a set of locations) such as a
specific retailer or retail chain, a college campus, or a subway
system.'' 74 FR 22129, 22141 (May 12, 2009). In the present
rulemaking, FinCEN is proposing a similar definition for closed loop
prepaid access.
---------------------------------------------------------------------------
E. Credit CARD Act of 2009
On May 22, 2009, the President signed Public Law 111-24, the Credit
Card Accountability Responsibility and Disclosure (CARD) Act of 2009
(CARD Act). Section 503 of the CARD Act requires the following:
[[Page 36593]]
1. No later than 270 days from the date of enactment, the Treasury
Secretary, in consultation with the Secretary of the Department of
Homeland Security (``DHS''), must issue final regulations regarding the
sale, issuance, redemption, or international transport of stored value,
including stored value cards.
2. The regulations regarding international transport may include
reporting requirements pursuant to Sec. 5316 of title 31, United
States Code.
3. The regulations shall take into consideration current and future
needs and methodologies for transmitting and storing value in
electronic form.
III. Current Regulatory Scheme
Under the current rules, FinCEN addresses traveler's checks, money
orders, and stored value under two separate definitions: ``issuers''
under 31 CFR 103.11(uu)(3) and ``sellers or redeemers'' of those
products under 31 CFR 103.11(uu)(4). The regulations currently include
an activity threshold of $1,000 for any person in any one day, which
applies to all MSB categories except money transmitters.\35\ Money
transmitters are not subject to any dollar level threshold at all.
Accordingly, an issuer, seller or redeemer of stored value, as defined
by our regulations, is required to file CTRs \36\ and to establish a
written AML program, including policies, procedures, and internal
controls commensurate with its activities and reasonably designed to
prevent it from being used to facilitate money laundering and the
financing of terrorist activities.
---------------------------------------------------------------------------
\35\ 31 CFR 103.11(uu). This activity based threshold of $1,000
has remained the same since 1999. See Definitions Relating to and
Registration of, Money Services Businesses, 64 FR 45438 (Aug. 20,
1999).
\36\ See 31 CFR 103.22; reporting of cash transactions exceeding
$10,000.
---------------------------------------------------------------------------
In 1999, when FinCEN issued its final MSB rule,\37\ it deferred
certain requirements for the prepaid or stored value arena based on its
complexity and the desire to avoid unintended consequences with respect
to an industry then in its infancy. Therefore, unlike most other
categories of MSB, an issuer, seller, or redeemer of stored value is
not required to register as an MSB with FinCEN or to file SARs.
Consistent with a regulatory delegation of examination authority \38\
the IRS currently examines money services businesses, including those
falling within the scope of FinCEN's regulations with respect to stored
value, for compliance with the BSA, as these entities are not otherwise
subject to more general supervision by a Federal functional regulator.
---------------------------------------------------------------------------
\37\ Definitions Relating to, and Registration of, Money
Services Businesses, 64 FR 45438 (Aug. 20, 1999).
\38\ 31 CFR 103.56(b)(8).
---------------------------------------------------------------------------
In the 2009 MSB NPRM, we proposed folding all of stored value into
one category so that issuers of stored value and sellers or redeemers
of stored value would be in the same category. In the 2009 MSB NPRM,
FinCEN did not propose making any substantive changes to the definition
of this category. After further consideration of the issue, however, we
now offer a substantive change to the definition of the category, and
thus to the overall regulatory scheme, by shifting our focus from
issuers and redeemers to ``providers'' of prepaid access, while
retaining regulatory focus on retail ``sellers'' in this arena.\39\
---------------------------------------------------------------------------
\39\ Please refer to regulatory text for 103.11(uu)(4), wherein
we propose further amendments to the revisions proposed in the May
2009 MSB NPRM.
---------------------------------------------------------------------------
IV. Prepaid Access as a Distinct Form of Money Transmission
Prepaid access involves the transmission from one point to another
of funds that have been paid in advance. It is empirically similar to
activity engaged in by persons defined as ``money transmitters,'' but
the mechanisms for directing that the money be transmitted are
different. Based on this understanding, as well as on some of the
concepts brought forward in the responses to our 2009 MSB NPRM, FinCEN
is proposing to treat providers of prepaid access as a distinct
category of MSB, keeping it separate from the category established for
money transmitters, while at the same time acknowledging prepaid access
should be regulated in a similar fashion.\40\ While distinct, many
responsibilities imposed on money transmitters and other MSB categories
generally would be imposed on prepaid access providers: there would be
a requirement to file SARs and to register with FinCEN as an MSB.
Separate requirements would be imposed with respect to sellers of
prepaid access.
---------------------------------------------------------------------------
\40\ Though the regulatory requirements may be similar, or even
identical, the effects of those requirements on the two types of
MSBs may differ, depending on their different prevailing business
models. For example, the business models of most providers of
prepaid access currently appear to involve the use of electronic
funds transfers subject to the Electronic Funds Transfer Act
(``EFTA''), 15 U.S.C. 1693 et seq. So long as that is the case, the
Funds Transfer Rule, 31 CFR 103.33(f), and the Travel Rule, 31 CFR
103.11(jj), should not impose specific recordkeeping requirements on
providers of prepaid access, because electronic funds transfers
subject to the EFTA are exempt from the Funds Transfer Rule and the
Travel Rule.
---------------------------------------------------------------------------
V. Reporting on International Transportation of Prepaid Access
As noted previously, Section 503 of the CARD Act authorizes
Treasury to establish reporting requirements with respect to stored
value pursuant to 31 U.S.C. 5316 \41\ and requires the consideration of
current and future needs and methodologies for transmitting and storing
value in electronic form. 31 U.S.C. 5316 and corresponding FinCEN
regulations require persons transporting or shipping currency and
monetary instruments across the U.S. border in an aggregate amount over
$10,000 to provide a report of such transportation or shipment.\42\ We
have consulted extensively with our law enforcement colleagues and are
seeking information, including but not limited to, risk assessments
evaluating the likelihood of illegal action. Depending on the
sensitivity of such information, this information may be provided in a
confidential docket.
---------------------------------------------------------------------------
\41\ Section 503 of the CARD Act requires Treasury to issue
regulations ``regarding the sale, issuance, redemption, or
international transport of stored value,'' which FinCEN in this NPRM
interprets to be essentially synonymous with ``prepaid access.''
Section 503 also provides that regulations regarding international
transportation ``may include reporting requirements pursuant to [31
U.S.C. 5316].'' The implementing regulation for 31 U.S.C. 5316 is 31
CFR 103.23.
\42\ 31 CFR 103.23.
---------------------------------------------------------------------------
Presently, there is no similar requirement to report the
transportation of prepaid access products across the border. FinCEN
recognizes the value of collecting information on international
transactions and payment flows, and is engaging with the Department of
Homeland Security and other members of the law enforcement community in
an attempt to identify appropriate solutions. We invite comment on any
aspect of the international transport issue as part of this effort. We
seek comment from the law enforcement officials and the greater public
on the risks prepaid access transactions pose and the types of
transactions that are particularly vulnerable to money laundering,
terrorist financing, and other illicit transactions through the
financial system. We also seek comment on the activity threshold for
prepaid access transactions.
VI. A Shift in Regulatory Obligations
A difficulty in regulating prepaid access is determining which
entity or entities involved should be responsible for compliance with
BSA requirements. The prepaid landscape includes a number of different
types of actors with different roles. These actors and roles are not
consistent throughout the
[[Page 36594]]
industry and some entities perform multiple roles. Given the difficulty
in identifying the provider and the changing nature of the industry, it
is vital that a provider of prepaid access be defined on the basis of
its activities.
FinCEN is proposing removing ``issuers'' and ``redeemers'' from the
definition of money services business and imposing AML program,
reporting, and recordkeeping obligations on the business entity that
engages in activity that demonstrates the most control and oversight of
transactions--what FinCEN proposes to define as the ``provider of
prepaid access.''
The provider is the entity that FinCEN believes is in the best
position to file CTRs and SARs, maintain or have access to transaction
records, and establish and maintain AML programs because it is likely
to have business relationships with most or all of the other
participants in the transaction chain. Accordingly, it has the relevant
information or access to the information to make and file relevant and
meaningful BSA reports and records. Centralizing primary BSA
obligations in the prepaid provider will unify an otherwise fragmented
transaction chain where it is likely that no single player has the
necessary financial transparency to comply adequately with BSA
requirements. Shifting the requirements to one player may enrich the
information available, provide greater financial transparency for
appropriate regulators and administrators, and allow law enforcement to
obtain relevant information with respect to various aspects of a
prepaid access transaction chain without having to seek it from
multiple sources.
Providers of prepaid access should anticipate developing AML
programs that relate to their role as the centralized point in the
chain for relevant information. These programs should include elements
such as (a) internal policies and procedures that contemplate the
collection and processing of information to be used for the evaluation,
completion, and submission of SARs and CTRs; and (b) training programs
for other industry members with whom it contracts for prepaid support
services to be able to identify suspicious activity to inform the
program provider. FinCEN seeks comment on the costs that may be
associated with developing these policies, procedures, and training
programs. FinCEN also seeks comment on the costs that may be associated
with developing information technology systems and anti-money
laundering programs.
VII. Participants in the Prepaid Environment
As discussed previously in this NPRM, the historical background
surrounding the early regulation of the MSB industry involved the
effort to identify the many participants who collectively comprised the
non-bank financial services universe. A shift that occurred with the
issuance of the 1999 regulation was to focus more intensively on the
activity being performed in the movement of funds, or the execution of
a transaction. Where previous statutory and regulatory anti-money
laundering efforts generally targeted the entity, commonly banks,
thrifts, credit unions, et al., the new policy direction required an
understanding that, in many cases, the delivery of a financial service
was only a single component of many different lines of business for a
particular business entity.
For example, a convenience store might offer retail grocery
products, gasoline, an on-premises fast food establishment, a car wash,
and the sale of money orders. Similarly, a travel agency might offer
extensive consumer and business booking services, guided tours, trip
planning and, for customer convenience, also deal in foreign exchange
and the sale of traveler's checks. In these and similar situations, it
is the particular financial services activity that is intended to be
captured by regulation, not the universe of convenience stores or
travel agencies.
As we seek to more precisely define the duties and the responsible
party among the parties in the prepaid operating environment, we are
again focused specifically on the activities executed. We appreciate
that executing a prepaid transaction almost necessarily involves
greater technological complexity and the involvement of more
participants in a transaction chain than would check cashing or the
sale of money orders. Despite the multiple parties involved, however,
we consider it imperative to center our primary regulatory
responsibilities on the party exercising the principal degree of
oversight and control that we believe exists in any prepaid program. We
are also mindful that, among all the typical parties, a very important
role is that of the seller. The seller alone has face-to-face dealings
with the purchaser and is privy to information unavailable elsewhere in
the transaction chain. For that reason, we believe the seller to be
secondarily important among all the entities involved in the program.
The prepaid marketplace has evolved over time without developing a
universally-accepted set of labels or categories to describe its
participants. In some cases, this may be attributable to individuals or
companies operating in multiple capacities, thus blurring conceptually
what parameters may or may not exist for a particular role. For other
reasons, such as multiple points of entry to this line of business or
widely disparate purposes for initiating a prepaid program, the
participants may choose no actual titles or labels for the functions
they perform. The roles are defined and executed strictly according to
the contractual terms established.
While our proposed rule text will confer responsibilities on the
``provider of prepaid access,'' using no current industry term of art,
we believe it is important to provide context to understand how we came
to choose this term, and to describe how we see the comprehensive
prepaid industry landscape. In the Section-by-Section analysis,
following the discussion of the role of the ``provider of prepaid
access,'' we also describe the various industry members that we
understand to be standard participants in a prepaid program.
VIII. Alternative Regulatory Approaches To Consider
We believe that our approach for imposing regulatory obligations on
the central player in the prepaid program offers the advantages of
simplicity and efficiency for regulatory and law enforcement purposes.
Centralizing BSA duties and recordkeeping in a particular party would
enable law enforcement officials acting in time-critical situations to
direct requests to a single party.
We also look to the seller as an important link in the transaction
chain. The seller is uniquely situated to see the first step in the
establishment of a prepaid relationship, and to interact directly with
the purchaser who may, or may not, be the ultimate end-user of the
card. The requirements of this party to maintain records over a five-
year time period and to report suspicious activity, also serve law
enforcement's needs.
We have reviewed the viability of requiring each participant along
the prepaid access chain to be subject to the BSA recordkeeping and
reporting requirements. In balancing the burdens verses the benefits of
this approach, we believe that providing central points along the
transaction chain, i.e., the provider and seller of prepaid access,
offers the most utility to law enforcement and the least burden to the
industry.
We appreciate, however, that such an approach is not the only
approach and we request comments on alternative methods to achieve the
same ends. The
[[Page 36595]]
many participants in the transaction chain likely bring specialized
knowledge to the program. By imposing a separate, stand-alone
obligation on each party along the transaction chain, we may facilitate
the collection of more detailed information, not filtered through any
secondary perspective. As FinCEN may consider such an alternate
approach, we seek comment on which prepaid program participants offer
the most meaningful information, such as transaction information,
purchaser information, or card holder information.
In determining whether an entity offering money services is an MSB
for purposes of the BSA implementing regulations, entities are not
required to aggregate transactions across distinct money service
categories to any person on any day (in one or more transactions) in
determining whether thresholds apply. In its 2009 MSB NPRM, FinCEN
sought comment on whether it should reconsider its previous position
with respect to transactions involving multiple MSB services, and
require that such multiple services be aggregated for purposes of
determining whether definitional thresholds have been met. We received
industry comments on this issue generally opposed to such a
development. FinCEN is still considering the matter and welcomes any
further comments on this issue, particularly with respect to the
inclusion of the sale of prepaid access in connection with other money
service business products.
IX. Parameters of This Rulemaking
This NPRM pertains only to non-banks. As noted earlier, this
rulemaking does not establish new requirements and does not change
existing requirements for banks. Banks may participate in the provision
of prepaid access in a variety of ways and may enlist the services of a
variety of agents acting on their behalf. As also stated earlier, banks
are subject to the full panoply of BSA/AML program, recordkeeping and
reporting requirements. Similarly, as discussed in more detail herein,
this rulemaking neither establishes new requirements nor changes
existing requirements for persons registered with, and regulated or
examined by, the Securities and Exchange Commission (``SEC'') or the
Commodity Futures Trading Commission (``CFTC'').
This rulemaking establishes the categories of MSBs that will be
regulated in the prepaid arena. It also identifies which actors will
not be regulated where their activities are confined to those that
present less opportunity for misuse by illicit actors seeking to
launder money or finance illicit activities. As discussed further
herein, such categories of actors may include those dealing solely in
the provision of payroll or job and health benefits through prepaid
access.
This rulemaking departs from FinCEN's previous stance on closed-
loop prepaid access in one respect. Historically, FinCEN's regulatory
interpretations \43\ have held that the traditional ``gift cards'' that
are redeemable only by a single retailer pose limited risk for money
laundering or evading financial transparency. In this rulemaking,
FinCEN proposes subjecting providers and sellers of closed loop prepaid
access to BSA requirements in such circumstances that involve
international use or person to person payments. Because financial
transparency can be obscured, if the prepaid access product can be used
internationally and other persons or non-depository sources can add or
deplete the funds associated with it, FinCEN is proposing a regulatory
construct under which certain providers and sellers of closed loop
prepaid access would be subject to the BSA implementing rules.\44\
---------------------------------------------------------------------------
\43\ FinCEN Ruling 2003-4 (Definition of Money Transmitter/
Stored Value--Gift Certificates/Gift Cards) (Aug. 15, 2003).
\44\ In several contexts, FinCEN has articulated the heightened
money laundering and terrorist financing vulnerabilities associated
with international transactions. The concern about international use
is consistent with FinCEN's frequently repeated position that the
specific geographic locations at which a financial product or
service is offered must be taken into account in assessing the risks
associated with that product or service. See, e.g., Bank Secrecy
Act/Anti-Money Laundering Act Examination Manual for Money Services
Businesses (December 2008), p. 21. The concern about person-to-
person transfers is consistent with guidance that FinCEN has issued
with respect to intra-institutional transfers of value from one
subaccount to another by other types of financial institutions. See,
e.g., FIN-2008-G008 (September 10, 2008), Application of the
Definition of Money Transmitter to Brokers and Dealers in Currency
and Other Commodities.
---------------------------------------------------------------------------
We believe that this treatment is warranted given information
provided by our law enforcement colleagues, maintained in a
confidential docket, that closed loop gift cards have a strong appeal
for criminal enterprises to launder cash proceeds in trade
(merchandise). The criminals focus particularly on merchants who
maintain retail locations both within and outside of the United States.
The ability to redeem the value placed on the card on either side of
the border is a convenient, anonymous method to move and masquerade
illicit funds freely. The proposed rule would clarify that providers of
prepaid closed loop access that can be used within and outside our
borders are within the scope of BSA regulatory requirements.
We question whether it might now be appropriate to revisit the
rationale that we have previously applied to closed loop prepaid access
even when such prepaid access is limited solely to domestic use. Are
there inherent vulnerabilities in closed loop prepaid access that
require our consideration? Is closed loop prepaid access that allows
use at more than a single retail facility (for example, to a shopping
mall) more vulnerable to abuse than a traditional closed loop product?
FinCEN solicits comment on whether and how it should reconsider its
existing interpretation with respect to closed loop gift cards.
X. Consideration of Examination Authority
As noted earlier, the IRS has been delegated the authority to
examine money services businesses for compliance with the BSA, given
that there is not a Federal functional regulator with broad supervision
over money services businesses. With respect to providers of prepaid
access, FinCEN seeks comment on any particular aspects of the prepaid
access sector that should be considered when making a decision about
whether and how to delegate examination authority.
XI. Future Rulemakings Contemplated
We acknowledge that the proposed revisions to the regulatory text
do not address the full array of regulatory considerations raised by
the marketing and use of prepaid access. FinCEN recognizes that despite
its many positive aspects, as with any innovation in the delivery of
monetary value, prepaid access can be misused. Our goal is to recognize
these vulnerabilities and to assist law enforcement in promoting
transparency throughout the financial system. Our further goal is to
undertake this effort while mindful of the many legitimate, beneficial
uses of these payment products.
The prepaid environment is no longer limited to simply commercial
business uses; increasingly, the Federal government is making
widespread use of prepaid access in delivering benefits to individuals
such as certain Social Security payments and disaster relief
assistance. By no means do we intend to curtail the growth or migration
to prepaid access where there are regulatory controls in place. Where
all of the parties and transactions can reveal a legitimate audit
trail, FinCEN and its law enforcement colleagues raise no objection.
We believe that there may be other areas and aspects concerning the
[[Page 36596]]
prepaid business environment that warrant future regulatory scrutiny.
As noted earlier, we intend to engage in a rulemaking on instituting
reporting requirements on the international transport of prepaid
access. If there are other areas in need of consideration for future
rulemaking, we ask for the public to offer comment.
XII. Section-by-Section Analysis
Pursuant to FinCEN's authority to interpret the provisions of 31
U.S.C. 5312, this document proposes to amend 31 CFR part 103, primarily
by revising the definition of ``stored value'' as stated below. These
proposed changes include the following: (1) Renaming ``stored value''
as ``prepaid access'' and defining that term; (2) deleting the terms
``issuer and redeemer'' of stored value; (3) imposing suspicious
activity reporting, customer information and transaction information
recordkeeping requirements on both providers and sellers of prepaid
access and, additionally, imposing a registration requirement on
providers only; and (4) exempting certain categories of prepaid access
products and services posing lower risks of money laundering and
terrorist financing from certain requirements.
A. Meaning of the Term ``Closed Loop Prepaid Access''
The proposed term ``closed loop prepaid access'' is defined as
prepaid access to funds or the value of funds that is limited to a
defined merchant or location (or a set of locations) such as a specific
retailer or retail chain, a college campus, or a subway system. This
proposed definition supersedes the definition proposed in FinCEN's 2009
MSB NPRM.\45\ It is similar to the previous proposed definition, but it
replaces the term ``stored value'' with ``prepaid access'' and uses
more precise language.
---------------------------------------------------------------------------
\45\ 74 FR 22129, 22141 (May 12, 2009).
---------------------------------------------------------------------------
B. Meaning of the Term ``Provider of Prepaid Access''
1. In General
In general, this term will apply to any person that serves in the
capacity of oversight and control for a prepaid program. The
determination of the applicability of this term to any given player in
the program's transaction chain will be a matter of facts and
circumstances; we do not ``assign'' this term to any particular role.
We recognize that there may be situations in which no single party
alone exercises exclusive control. However, we do believe that there
will always be a party in the transaction chain with the predominant
degree of decision-making ability; that person plays the lead role
among all the others, and is in the best position to serve as a conduit
for information for regulatory and law enforcement purposes.
We wish to state clearly and emphatically that identifying the
provider of prepaid access is not simply an arbitrary decision by the
program participants. As with other MSBs, the role of the provider of
prepaid access is determined through the facts and circumstances
surrounding the activity; no single act or duty alone will be
determinative. While not exhaustive, we consider the following
activities to be strong indicators of what entity acts in a principal
role:
The party in whose name the prepaid program is marketed to
the purchasing public. For example, whose press release trumpets the
launch of a new product? Whose name is used in print, on-line
advertisements, and on the face of the card/device itself ? In legal
parlance, the individual or entity who ``holds himself out'' as the
lead player will be a very important determining characteristic.
The party who a ``reasonable person'' would identify as
the principal entity in a transaction chain--the principal decision-
maker.
The party to whom the issuing bank looks as its principal
representative in protecting its network relationship and its brand
integrity.
The party who determines distribution methods and sales
strategies.
The party whose expertise in the prepaid environment is
recognized by the others, particularly by the issuing bank, as
instrumental in bringing together the most appropriate parties for the
delivery of a successful program.
We intend for these enumerated characteristics to illustrate that
there is no one single determinant; the provider of prepaid access need
not do, or refrain from doing, any single activity. The totality of the
facts and circumstances will identify the provider of prepaid access.
(a) Organizing the Prepaid Program
A logical first step in the determination of the party to be deemed
the provider of prepaid access is to look to the initiation and
establishment of the program itself. This may involve actions or
activities as diverse as identifying the need for a prepaid program,
developing a business plan, or obtaining financing and contracting with
other principals. This step alone, however, is not dispositive in
determining that a party is appropriately deemed a provider of prepaid
access.
We can easily foresee situations where the initiator of a prepaid
program recognizes early in the process that unique skills and industry
expertise are necessary to carry the program through to fulfillment;
for example, when a corporation's human resources department decides to
transfer its payroll distribution from paper checks to reloadable
prepaid cards. In that case, although the human resources department
may well have identified the need for a prepaid program, and may have
established some threshold parameters, it may choose to cede the
program to an expert in the industry by contracting with an outside
third party. Most likely, under these circumstances, the party assuming
these duties from the corporation's human resources officials will step
into the role of the provider of prepaid access. The totality of the
circumstances remains the basis for this determination.
(b) Setting the Terms and Conditions and Determining That the Terms
Have Not Been Exceeded
Principally, this element in the determination of the status of a
provider will concern the technical specifications involved in
establishing and operating the prepaid program. For example, the terms
and conditions may encompass a range of decisions ranging from sales
locations for prepaid access, fees assessed for activation and
reloading, and avenues to access customer service assistance and myriad
others.
While there may be many considerations that factor into
establishing the terms and conditions, such as cost considerations,
marketing partnerships and demographic targets, the provider of prepaid
access will be the party best situated to understand the entire prepaid
landscape. The provider of prepaid access brings its industry
understanding to the program, and should be in a position to convey the
pros and cons of varying business decisions to the other parties in the
program.
(c) Determining the Other Businesses That Will Participate in the
Transaction Chain, Which May Include the Issuing Bank, the Payment
Processor, or the Distributor
As discussed in (b) above, the provider of prepaid access possesses
the inside industry understanding, and presumably the industry contacts
and relationships as well, to identify the other parties necessary for
a prepaid program. Our understanding of the industry is that some
issuing banks and
[[Page 36597]]
processors are particularly well-known as market leaders in the prepaid
environment. Given this specialization, it may be that a provider of
prepaid access will be more likely to seek out and to strike agreements
with such specialty organizations. Or, a provider of prepaid access may
choose its operating partners with an eye toward geographic proximity,
or specialized expertise in a particular line of prepaid access, such
as payroll programs. As with the four other factors enumerated herein,
this element should not be considered in isolation but as one
determinant when identifying a provider.
(d) Controlling or Directing the Appropriate Party To Initiate, Freeze,
or Terminate Prepaid Access
As one of the five criteria enumerated in determining the provider
of prepaid access in a prepaid operating environment, the ability to
affect the movement of funds between parties and/or entities is very
important. We understand that the provider of prepaid access may
exercise this authority alone, in tandem with other principals or at
the direction of law enforcement or judicial authority. It is a key
ability that demonstrates an element of oversight and decision-making
power that is less apparent, and much less discretionary, among the
other program participants.
We believe that there will be situations, in the operation of any
prepaid program, that require a central decision-maker to determine
whether a particular transaction should be disallowed or, in the
alternative, to approve an otherwise irregular transaction due to
mitigating circumstances. The provider of prepaid access will be the
logical decision-maker in these situations, given its primacy in the
prepaid program. The contractual agreements among the parties may even
require the sharing of information with a central point of contact for
this specific purpose. While the processor may flag the transaction
and/or deactivate the card, and the issuing bank and the network may
confer about authorization, it is generally at the direction of the
provider of prepaid access that these decisions are made and these
actions are taken, absent some other compelling reason for the
processor, issuing bank or network to act unilaterally.
Additionally, if a SAR filing is warranted, it is the provider of
prepaid access who possesses the most comprehensive ``big picture''
perspective and is in the best position to provide the most meaningful
information. It is precisely the provider's relationship to all of the
parties in the transaction chain which is of great value to law
enforcement.
We acknowledge that the above may be a very basic illustration of a
far more complex series of communications and actions. But, we believe
that, ultimately, there is a party who must be in the dominant position
to harmonize the duties and responsibilities of the other participants.
The determination of the identity of the provider of prepaid access
will be influenced considerably by the element of oversight and control
it can freely exercise.
(e) Engaging in Activity That Demonstrates Control and Oversight of
Transactions
This criterion among the five is intended to capture situations
where the party exercising control and oversight may be evidenced by
activities that do not fit squarely within items a through d,
preceding. To the extent that both the prepaid industry and our
understanding of it continue to evolve, this criterion provides the
flexibility needed to ensure reasonable longevity for the rule.
2. Distinguishing the Role of Banks and Certain Non-MSB Financial
Institutions Under This Rulemaking
By definition under FinCEN's regulations, MSBs exclude banks and
entities registered with, and regulated or examined by the SEC or the
CFTC.\46\ Accordingly, while banks in particular often play a critical
role with respect to prepaid access, banks (and persons registered with
and regulated or examined by the SEC or the CFTC) cannot be providers
of prepaid access under the rule proposed in this NPRM.
---------------------------------------------------------------------------
\46\ 31 CFR 103.11(uu).
---------------------------------------------------------------------------
The record collection processes proposed in this MSB rulemaking do
not apply to banks. In situations where a bank functions like a
provider of prepaid access as defined under this proposed rulemaking,
FinCEN expects that the bank's compliance with its pre-existing
regulatory obligations \47\ under the BSA, including responsibility for
understanding thoroughly the nature and activities of, and the
information collected by, the various other actors in the bank's
program, satisfies the policy goals that underlie this NPRM. FinCEN
also expects that, in such situations, the bank is responsible for
providing timely, comprehensive information to requests posed by law
enforcement.
---------------------------------------------------------------------------
\47\ The Federal banking agencies have addressed banks'
responsibilities when involved in prepaid programs in a number of
different circulars and guidance pieces, e.g. OTS Memo to CEOs
254 ``Guidance on Gift Card Programs'' (February 28, 2007);
OCC Advisory Letter AL 2004-5, Payroll Card Systems (May 6, 2004),
and the FFIEC Examination Manual, ``Expanded Examination Overview
and Procedures for Products and Services; Electronic Cash, Overview;
subsection Prepaid Cards/Stored Value Cards'' (April 2010 update).
---------------------------------------------------------------------------
Generally, FinCEN believes that such bank-driven prepaid programs
are not prevalent within the payments industry. Most often, the bank's
role appears limited to providing the link to the network brand as the
issuing bank, holding funds that will be accessed through a prepaid
program, and supporting the decisions made by its partners for the
establishment and operation of the prepaid program. Moreover, FinCEN is
not aware of any entities registered with and regulated or examined by
the SEC or CFTC that are actively engaged in the prepaid access
industry in such a way as to approach the equivalent of a provider or
seller of prepaid access, and solicits comment on the extent to which
such entities are engaged in the prepaid access industry. We reiterate,
however, that even if situations existed in which any such entity
functioned like a provider or seller of prepaid access, this entity
would not be a provider or seller of prepaid access under the rule
proposed in this NPRM, because of the general exclusion of such
entities from the definition of MSB under FinCEN's regulations.\48\
---------------------------------------------------------------------------
\48\ Id.
---------------------------------------------------------------------------
As described earlier in this NPRM, in beginning this rulemaking
process we sought to understand the prepaid industry comprehensively,
including its many participants along the transaction chain. To provide
the reader with context, in the following, we attempt to identify the
component parties and to briefly describe their role. To the degree
that our sketch of the landscape is inaccurate or incomplete, we seek
guidance and clarification from the commenting public:
Program Sponsor: The entity that establishes the program
relationship(s), identifies and procures the necessary parties and sets
contractual terms and conditions. FinCEN expects that in many instances
the program sponsor will be the provider of prepaid access, but given
that this term is currently not employed in a uniform fashion across
industry, there are also situations in which a program sponsor may not
meet the description of the provider of prepaid access.
Program Manager: A common term of art used in the prepaid industry.
We characterize the Program Manager as the entity that functions as an
operations ``control center'' for the program. This function ensures
that the program's day-
[[Page 36598]]
to-day operations flow smoothly, and will troubleshoot problems as they
arise (e.g., computer outages, card functionality problems, network
authorization issues), either firsthand or by delegating to the
appropriate party within the prepaid program.
Network: Any of the payment networks, including MasterCard, VISA,
Discover and American Express.
Distributor: The entity, as distinct from the network, that
``brands'' the card with its business identity. It may also play a
central role in marketing the card through its regular communications
with customers.
Processor: The entity that conducts the transaction processing and
facilitates funds management and tracking. As defined by an industry
trade group,\49\ the ``core processing functions'' consist of:
---------------------------------------------------------------------------
\49\ The Network Branded Prepaid Card Association (NBPCA)
``Recommended Practices for Anti-Money Laundering Compliance for
U.S.-Based Prepaid Card Programs,'' (2008) pg. 7.
---------------------------------------------------------------------------
i. Card account set-up and card activation;
ii. Provision of authorizations for card transactions;
iii. Value load and reload processing; and
iv. Security/fraud control and reporting.
The processor's role in loading and reloading value is largely
ministerial, executed pursuant to instructions from the card network,
the ACH or the reload facility handling a cash transaction. For the
other enumerated duties, the processor receives operating instructions
from the program manager or other program authority.
Issuer, Issuing Bank: The depository institution whose contractual
involvement is required in order to invoke the network brand (Visa,
MasterCard, Discover, American Express) and which also may serve as the
holder of funds that have been prepaid and are awaiting instructions to
be disbursed.
Retailer and/or Reload Facility: The various retail locations,
including, among many others, convenience stores, drugstores, and
supermarkets where an individual consumer can purchase a prepaid card.
Typically, the cards are maintained on a retail ``j-hook'' display
fixture, from which the consumer can select the product of his choice
and purchase onsite. The card's value may be inaccessible until the
purchaser subsequently activates the card through a prescribed
verification system, often a toll-free phone call; or, a very low
dollar amount may be accessible to the card purchaser prior to
verification.
The Reload function varies, but the evolving model appears to be a
self-operated kiosk at locations such as Western Union offices and Wal-
Mart MoneyCenters.
C. Meaning of the Term ``Prepaid Program''
There may be circumstances where prepaid access products or
services, or even the entire prepaid program(s) of a specific provider
of prepaid access, are organized in such a way, or are of such minimal
risk, that those products, services or provider need not fall within
the regulatory strictures of the BSA. A prepaid access program whose
operations fall squarely within one or more of the limitations
described below in (1)-(5) will not bear characteristics conducive to
money laundering or illicit behavior under the BSA. A provider of a
range of products and services, only some of which fall within the
exemptions, will be subject to regulation as a provider of prepaid
access and as an MSB, but the exempt products and services will not be
subject to certain BSA requirements. The types of prepaid programs
considered outside the parameters of this rulemaking are:
1. The Payment of Benefits, Incentives, Wages, or Salaries Through
Payroll Cards or Other Such Electronic Devices for Similar Purposes
We believe that in most employer--employee relationships, the
necessary personal details regarding the employee (such as full name,
address, date of birth and a government identification number) are
known to the employer. In those situations, where the individual
employees paid under the program are identified by the employer, and
where this information is shared with (or made available to) the
provider of prepaid access, there are sufficient checks on possible
money laundering abuse to warrant exclusion for this type of program.
These payroll programs, in addition to regularly scheduled wage and
benefits payments, may also include bonus or incentive payments paid at
intervals outside the norm. This limitation applies only when the
employer (or appropriately designated third parties), and not the
employee, can add to the funds to which the payroll card or other such
electronic device provides access. The payment of employees generally
does not represent an opportunity for the placement of ill-gotten funds
into the financial system. This exemption does not contemplate
scenarios in which an employer does not have a direct relationship with
an employee and works through a third party to pay the employee, such
as in certain instances with a freelance employee.
We understand that some members of law enforcement would prefer to
subject all prepaid payroll programs to the full range of BSA
obligations. They assert that criminals often establish shell companies
and use these fictitious entities and non-existent employees as
conduits to launder illicit funds. They believe that the potential for
abuse of prepaid payroll cards is considerable and have voiced their
concerns to us.
We therefore seek public comment regarding the need to institute
additional safeguards and/or conditions prior to excluding prepaid
access to payroll funds from the full extent of BSA responsibilities.
What qualifications must a payroll program establish to ensure that the
employer obtains all the necessary information regarding each employee
participant, and that the information is kept current? Are there
methods to ensure that the company and employees are legitimate, and
that the program is valid?
2. Payment of Government Benefits Such as Unemployment, Child Support,
and Disaster Assistance Through Electronic Devices
These types of benefits, payable at the State and Federal level,
currently range across a great many areas including unemployment, child
support, disability, Social Security, veterans' benefits and disaster
relief assistance. Additionally, this category of prepaid program may
include provision of public transit benefits. Given governmental
oversight over these programs and the source of the funds, we see
minimal opportunity for the placement or layering of illicit funds into
the financial system.
Our research into Federal benefit payments reveal that there are
some unique programs currently employing branded prepaid access as the
delivery mechanism for the payment of benefits. Upon verification of
the individual's eligibility for a benefit payment, the Federal agency
refers the individual to an issuing bank for account establishment and
program enrollment. To date, the programs have operated very
successfully, and the members of the public receiving such benefits
report a high degree of satisfaction based on the superior physical
security of prepaid access as compared to paper checks, the reliability
of periodic payment delivery and the broad commercial acceptance of
prepaid access. FinCEN solicits comment on whether such Federal
government prepaid programs are of such a low risk for money laundering
abuses that even if the prepaid product
[[Page 36599]]
or service can be used internationally, or meets other criterion which
invalidates an exemption, the programs should continue to be exempt.
3. Disbursement of Reimbursement Funds From Pre-Tax Flexible Spending
Accounts for Health Care and Dependent Care Expenses
Generally administered by a central payor, these programs are pre-
funded by employee and/or employer contributions to an account
maintained by the payor. Any monies not reimbursed to the employee by
the end of the calendar year (or allowed grace period) are forfeited to
the Internal Revenue Service.\50\ There are maximum annual dollar
limits established for these accounts, and the funds can only be
accessed as reimbursement for defined, qualifying expenses. We believe
that these types of highly-controlled, low risk accounts are of minimal
value to potential money launderers as a means of placing or layering
funds. For this reason, we do not include these prepaid programs within
the scope of the current rulemaking.
---------------------------------------------------------------------------
\50\ Any flexible spending programs, or other similar health
expense-related programs, must receive the same tax treatment by the
IRS, or they will not be considered to fall within this limitation.
---------------------------------------------------------------------------
4. Providing Prepaid Access to Funds Subject to Limits That Include a
Maximum Value as Indicated Below, Where Such Maximum Value Is Clearly
Visible on the Prepaid Access Product: (a) At the Point of Initial
Load, the Load Limit Cannot Exceed $1,000; (b) At Any Point in the
Lifecycle of the Prepaid Access, No More Than $1,000 in Total Maximum
Value May Be Accessed; and (c) On Any Given Day, No More Than $1,000
Can Be Withdrawn With the Use of the Prepaid Access
The foregoing dollar maximums associated with this particular
limitation are intended to distinguish the many situations where
prepaid products are purchased solely as a one-time gift or convenience
choice. In these situations, the purchaser wants simply to substitute
prepaid access for currency, generally in modest amounts. As long as
the dollar maximum accessible by the prepaid access is clearly visible,
and no subsequent loading or reloading can increase the funds beyond
the stated maximum, we believe that the potential for misuse is slight.
Under these circumstances, the prepaid program would not fall within
the scope of this regulation. FinCEN wishes to emphasize that tying the
threshold to the requirement of having the maximum amount clearly
indicated on the product is a departure from the current regulations,
and that it is meant to encourage industry to take steps towards
greater transparency in this arena.
We have chosen a $1,000 maximum for this provision for a number of
reasons: (1) Industry research findings for average and maximum initial
loads; (2) consistency with thresholds established for other MSB
categories; and (3) dollar level yielding greatest utility of
information for law enforcement, while posing minimal burden to
consumers and the prepaid access industry.
We request public comment on the following considerations regarding
this section of the proposed rule:
We seek comments from the public on whether the $1,000
activity-based threshold is appropriate. Please provide us with
comments regarding alternative dollar limits, higher or lower than this
proposal, daily or otherwise, and tied to a clearly delineated dollar
amount or not. What merits are derived and what vulnerabilities are
created by increasing or decreasing the threshold? Would an additional
activity limit threshold, such as annual multi-thousand thresholds that
exist in some European countries, have benefits over our use of a daily
dollar level?
What is the technological feasibility of these
requirements? What cost implications and practical burdens are raised
by these requirements for the provider of prepaid access, the
processor, or any other parties in the transaction chain to enable the
application of the exemption?
What practical implications and what technological
challenges arise if different limits are established for transfers,
aggregate value, withdrawals, and velocity?
5. Providing Closed-Loop Prepaid Access
We believe that closed-loop prepaid access, whose use is limited to
a small range of acceptance, for a very specific type of good or
service, also appropriately falls outside the parameters of this
rulemaking. Closed-loop providers, who are explicitly known to the
purchaser at the point of sale, generally operate with considerable
oversight of the full extent of the transaction chain, with the
generation of a substantial audit trail to validate such. The effort
required to use closed-loop products for the placement, layering or
integration of funds makes them unattractive and unlikely vehicles for
moving large sums of money efficiently.
However, a closed-loop provider could be subject to the BSA
implementing rules under this proposal if the prepaid access is no
longer limited in range. A departure from current regulatory policy,
this NPRM would subject a closed-loop provider to the BSA rules if the
prepaid access product could be used internationally or if other
persons and non-depository sources had access and could transfer the
value of the funds. The exceptions to the limitations are more fully
discussed below.
The explanations provided in the preceding sections for allowing
certain prepaid access programs to fall outside of the requirements of
proposed 31 CFR part 103.11(uu)(4)(iii) can also serve to bring
otherwise excluded programs under the BSA rules if the risk factors
change. Specifically, in situations where the provider administers a
prepaid program with features that introduce an increased level of risk
and serve to diminish financial transparency, that program may be
subject to the full extent of obligations under proposed 31 CFR
103.11(uu)(4)(iii), even if the other program characteristics fall
squarely within 1 through 5, above. The determination of whether the
provider must comply with all BSA requirements must be analyzed for all
of the program's attendant facts and circumstances.
We believe that the characteristics cited under proposed 31 CFR
103.11(uu)(4)(ii)(B)(1)-(3),
Funds or value transmitted internationally;
Internal transfers within a program between individual
cardholders; or
For anything that does not qualify as closed-loop prepaid
access, the ability to load funds or the value of funds from non-
depository sources allows for an element of anonymity that obscures the
financial transparency necessary to ameliorate regulatory and law
enforcement concerns. While not inherently suspect, the risks
associated with these types of transactions diminish the clarity and
audit trail that is generally found in payroll, flexible spending
accounts, government benefits and closed loop systems.
Additionally, inherent risk is associated with any international
prepaid transaction simply because it invokes governmental authority
outside our domestic boundaries. The phrase ``international prepaid
transaction'' is intended to capture a domestic-issued prepaid product
used outside of the United States. ``International prepaid
transaction'' could also include a foreign-issued prepaid product that
is marketed or used in the United States.
[[Page 36600]]
In such an instance, the provider of prepaid access could be a foreign-
located MSB subject to the BSA implementing rules.\51\
---------------------------------------------------------------------------
\51\ 2009 MSB NPRM, 74 FR 22129, 22133 (May 12, 2009).
---------------------------------------------------------------------------
Our law enforcement stakeholders have warned of the potential use
in an underregulated environment of prepaid access products transported
across our borders to effect high volume, high velocity movement of
funds in a manner that may be extremely attractive to those engaged in
criminal activity. Although not all international transactions involve
criminal behavior, we believe that these transactions impose a level of
risk that requires full BSA compliance, regardless of the type of
prepaid program in which the provider is engaged.
We have identified the above five types of prepaid programs as
being of less risk based on our current understanding of comparative
vulnerabilities. FinCEN seeks comment from law enforcement, industry,
and the general public concerning their own assessment for money
laundering and terrorist financing risks posed by these prepaid
programs or prepaid programs in general.
D. Meaning of the Term ``Seller of Prepaid Access''
The seller of prepaid access is the party with the most face-to-
face purchaser contact and thus becomes a valuable resource for
capturing information at the point of sale, unlike any other party in
the transaction chain. Typically, the seller is a general purpose
retailer, engaged in a full spectrum product line through a business
entity such as a pharmacy, convenience store, supermarket, discount
store or any of a number of others. Precisely because this party deals
face-to-face with the purchaser, and has the ability to capture unique
information in the course of completing the transaction, we believe the
seller should fall within the regulation's direct reach.
Because the seller's role is complementary with, but not equal to,
the authority and primacy of the provider of prepaid access, we choose
not to require registration with FinCEN.\52\ The seller, we believe, is
generally acting as an agent on behalf of the provider and this
treatment is consistent with other agents under the MSB rules. However,
the seller's agency does not excuse compliance with the other
responsibilities assigned under this proposed rule: (1) The maintenance
of an effective AML program, (2) SAR reporting, and (3) recordkeeping
of customer identifying information and transactional data.
---------------------------------------------------------------------------
\52\ With respect to certain business models, FinCEN expects
that a provider of prepaid access may also be a seller of prepaid
access. In such contexts, as in other areas where regulatory overlap
exists, the more expansive of the two competing applicable
regulations will apply. For example, a provider of prepaid access
will not be absolved from a registration requirement simply because
it is also a seller of prepaid access. In noting that a provider of
prepaid access may also be a seller, FinCEN is not implying that all
providers of prepaid access will also be sellers. FinCEN notes that
with respect to some prepaid programs, such as those pertaining to
government benefits, and payroll, there may be no seller or retail
outlet associated with the program.
---------------------------------------------------------------------------
Coverage of sellers under this definition does not include
situations where applicable exemptions to the scope of covered prepaid
programs apply. Thus, a retailer who sells only those prepaid access
products that fall within the scope of the exemptions to the definition
of prepaid programs will have no BSA responsibilities under this
rulemaking. Such retailers will, however, still have responsibilities
under the BSA with respect to filing reports on the receipt of currency
in excess of $10,000 in the course of engaging in a trade or
business.\53\ While this reporting requirement will ensure some
transparency within the context of the sale of prepaid access that
otherwise falls outside the scope of BSA regulations, FinCEN is
actively considering whether this level of reporting is enough to
detect and deter abuse of prepaid access by illicit actors that might
seek to launder funds through the bulk purchase of such prepaid access
products.
---------------------------------------------------------------------------
\53\ These reports, filed on FinCEN Form 8300, are required
under 31 CFR 103.30.
---------------------------------------------------------------------------
FinCEN is considering whether to include as an addition to the
proposed definition of seller of prepaid access, an activity-based
threshold, similar to such thresholds that we have used in other
contexts. Consistent with these other approaches, FinCEN is considering
whether to include within the definition of sellers of prepaid access
those entities that sell any form of prepaid access, regardless of its
inclusion in a BSA covered prepaid program, in an amount over $1,000 to
any person on any day in one or more transactions. FinCEN believes
there may be merit in having greater transparency for all high-value
prepaid access above $1,000. Such a threshold would trigger suspicious
activity reporting and other obligations on covered sellers to enhance
transparency and deter illicit use. Imposing reporting requirements on
such sellers would also lead to the ability of the law enforcement
community to pursue persons deemed to have structured transactions to
avoid a report required of a financial institution.
E. Meaning of the Term ``Prepaid Access''
The current regulations use the term ``stored value.'' 31 CFR
103.11(vv) defines the term as funds or the value of funds represented
in digital electronic format (whether or not specially encrypted) and
stored or capable of storage on electronic media in such a way as to be
retrievable and transferable electronically. The use of the term
``stored value,'' as discussed previously in section II-B of the
Preamble, was known from its inception to be a less-than-perfect label
for this payment mechanism, given that no value is actually ``stored''
on the card. Very shortly after the publication of the MSB final rule
in 1999, the term ``prepaid'' emerged as the more common industry term.
We now revise our term to correspond to the more accurate and the more
prevalent term in the marketplace.
This proposal is an opportunity to employ more precise terminology
while still striving for regulatory flexibility so that the rule will
not become obsolete with the next innovative product. We believe the
proposed language has the necessary regulatory elasticity to survive
future technological advancements. Specifically, we propose defining
``prepaid access'' as an ``electronic device or vehicle, such as a
card, plate, code, number, electronic serial number, mobile
identification number, personal identification number, or other
instrument that provides a portal to funds or the value of funds that
have been paid in advance and can be retrievable and transferable at
some point in the future.''
1. Removal of Exemption of Stored Value Transactions From Suspicious
Activity Reporting
FinCEN proposes to revise the regulation implementing 31 U.S.C.
5318(g) which requires MSBs to report certain suspicious activity. In
particular, FinCEN proposes to remove the exemption that previously
accorded issuers, sellers and redeemers of stored value a lighter BSA
regime by not requiring them to report suspicious activity under 31 CFR
103.20. The implementing regulation currently states:
[e]very money services business described in Sec. 103.11(uu)(1),
(3), (4), (5), or (6), shall file with the Treasury Department * * *
a report of any suspicious transaction relevant to a possible
violation of law or regulation. * * * Notwithstanding the provisions
of this
[[Page 36601]]
section, a transaction that involves solely the issuance, or
facilitation of the transfer of stored value, or the issuance, sale,
or redemption of stored value, shall not be subject to a reporting
under this paragraph (a), until the promulgation of rules
specifically relating to such reporting.
The proposed definition will remove the stored value exemption from
paragraph (a)(5) of 31 CFR 103.20. When the current regulation was
implemented, it contemplated that issuers, sellers, and redeemers of
stored value were among the institutions that could provide valuable
information concerning suspicious transactions.\54\ However, FinCEN
determined that it was not appropriate to specifically require issuers,
sellers, and redeemers of stored value to file SARs because of the
infancy of the use of stored value products in the United States.\55\
---------------------------------------------------------------------------
\54\ 62 FR 27900, 27904 (May 21, 1997).
\55\ Id.
---------------------------------------------------------------------------
The reasons for exempting transactions solely involving stored
value from SAR reporting are no longer applicable. Moreover, the
reasons for requiring the reporting of these transactions have
increased. Since the implementation of the SAR rule for MSBs, the
growth of the industry has made it an attractive medium through which
money launderers can conduct illicit transactions. Prepaid access is
easily transportable and, in some cases, can be loaded from a number of
different locations.
In developing their programs, providers of prepaid access have
often implemented technological solutions to combat fraud and to
increase transaction efficiencies. These same technology solutions can
logically provide additional information that may prove useful in
identifying suspicious activity that will have a high degree of
usefulness in criminal, tax, and regulatory investigations and
proceedings. Therefore, the proposed regulation will remove the
exemption for providers from filing SARs.
We believe that prepaid access sellers also serve a potentially
valuable role in reporting suspicious activity through SAR filings.
Although they may not employ the same sophisticated technology
solutions as many providers, their position as the uniquely-situated
customer contact point offers information at least as important. These
sellers represent the first step in the transaction chain. Such a
direct, hands-on role is unique and potentially highly valuable to the
law enforcement community.
2. Requirement That Prepaid Access Providers Retain Transaction
Information
Our discussions with the law enforcement community have revealed
the utility of detailed records and recordkeeping on the part of
regulated financial institutions, over a substantial period of time,
generally five years. This facilitates investigations in which law
enforcement is attempting to reconstruct a pattern, or a history of
transaction activity, that substantiates criminal behavior involving
prepaid products or services. In Sec. 103.125, we discuss
recordkeeping related to the customer involved in the initial purchase
of the prepaid access product. Under Sec. 103.40, we seek
recordkeeping related to the actual usage, the transaction history,
surrounding a prepaid product over a five year time period.
We emphasize, however, that records to be retained under this
section are only those generated in the ordinary course of business by
a business entity involved in transaction processing. We believe that
these records would routinely reflect (1) type of transaction (ATM
withdrawals, POS purchase, etc.), (2) amount and location of
transaction, (3) date and time of transaction, and (4) any other unique
identifiers related to transactions. These records need not be kept in
any particular format, or by any particular entity in the transaction
chain. The provider of prepaid access bears the responsibility,
however, to establish these recordkeeping requirements either
internally or on the part of a third party entity. Additionally, the
records must be easily accessible and retrievable upon the appropriate
request of law enforcement or judicial order. Although we are currently
proposing that records of relevant transactions may be kept in various
locations at the direction of the provider of prepaid access, FinCEN is
also considering whether there should be a requirement that the
provider of prepaid access maintain all such records in a central
location. FinCEN seeks comment on the costs and benefits of such a
requirement to maintain transaction records more centrally.
3. Removal of Registration Exemption for Issuers, Sellers and Redeemers
of Stored Value
FinCEN proposes to revise the regulation implementing 31 U.S.C.
5330 that requires MSBs to register with FinCEN. Specifically, FinCEN
proposes to amend 31 CFR 103.41 by removing the exemption from
registration accorded to issuers, sellers, and redeemers of stored
value. The implementing regulation currently states, ``* * * each money
services business * * * must register with the Department of the
Treasury* * *'' It states further, ``[t]his section does not apply to *
* * a person to the extent that the person is an issuer, seller, or
redeemer of stored value.''
FinCEN is proposing to revoke the exemption from registration
previously accorded to issuers, sellers, and redeemers of stored value.
Since the initial exemption, the stored value industry has experienced
rapid growth and market maturity; FinCEN no longer feels that
regulation will inhibit the successful development of the industry.
Additionally, the lack of a registration requirement may result in a
market imbalance between providers of prepaid access and other MSBs
that offer competing services. By removing the exemption, providers of
prepaid access will now be required to register as MSBs with FinCEN.
The rule makes it clear that for every prepaid program there must be a
non-bank provider of prepaid access registered with FinCEN.\56\ We wish
to emphasize, however, that like all other MSB agents, sellers of
prepaid access are not required to register.
---------------------------------------------------------------------------
\56\ By virtue of the regulatory definition of a money services
business, neither a bank nor any other participants in the bank-
centered prepaid program would be required to register with FinCEN.
In addition, if applicable, entities registered with, and regulated
by or examined by the SEC or the CFTC would not be required to
register with FinCEN.
---------------------------------------------------------------------------
FinCEN anticipates that identifying information about the component
entities involved in a prepaid program will be fundamentally important
to the law enforcement community. We believe that the most efficient
way to obtain this information and make it available for law
enforcement use is via the registration process, and FinCEN will be
considering ways in which the MSB Registration form, FinCEN Form 107,
can be updated to accommodate such information. We solicit comments on
the use of the form to collect this information.
4. Requirement That Providers and Sellers of Prepaid Access Retain
Customer Information
FinCEN proposes to revise the regulation implementing 31 U.S.C.
5318(h) that requires MSBs to maintain an adequate anti-money
laundering program. Specifically, FinCEN proposes to amend 31 CFR part
103.125(d)(1) by prescribing that, as a minimum standard of their anti-
money laundering program, providers of prepaid access and sellers of
prepaid access must have policies
[[Page 36602]]
and procedures for the retention of customer identifying information.
In implementing 31 CFR 103.125, FinCEN stated that the uniqueness
of each financial institution required the adaptation of policies,
procedures, and internal controls to a level commensurate to the risks
in its business model, including geography and customer base.
Therefore, it was not intended that the standards established in 31 CFR
103.125 would create specific identical requirements for all MSBs.
Based on inherent risks, some businesses would be required to implement
more policies, procedures, and internal controls than others.
The proposed regulation will add paragraph (d)(1)(iv) stating ``[a]
money services business that is a provider or seller of prepaid access
must establish procedures to verify the identity of a customer of a
prepaid program and must retain such customer identifying information,
including name, date of birth, address, and identification number, for
five years.'' FinCEN believes that such customer information capture
and retention is necessary for greater financial transparency of the
purchasers of the prepaid products or services. We anticipate that
retaining such records will not only assist the providers and sellers,
but may be of great value to law enforcement. FinCEN seeks comment on
the value of retaining such records.
For providers and sellers of prepaid access, this proposed customer
identification requirement is linked to and narrowed by the proposed
definition of ``prepaid program.'' Accordingly, providers and sellers
of prepaid access involved in the delivery and sale of a form of
prepaid arrangement not deemed a prepaid program under 31 CFR
103.11(uu)(4)(ii), would not be required to obtain customer information
under this part.
As we have discussed this matter with our law enforcement
colleagues throughout the rulemaking process, we have often heard that
a standard ``data set'' of information, typically including name,
address, date of birth and a form of government-issued identification
containing a unique identifying number should be required at a minimum.
FinCEN also believes that the information proposed to be retained will
be highly useful in the investigation and prosecution of criminal, tax,
and regulatory investigations and proceedings. Without the requirement
that this information be retained, law enforcement may likely be
missing valuable information.
FinCEN recognizes, however, that verifying and retaining
information on every applicable transaction could be time consuming and
expensive. Such costs might be alleviated if the precise type of
information that an institution had to collect was left to the
determination of the provider or seller of prepaid access based on an
assessment of their risks, in a manner consistent with other FinCEN
regulations. We seek public comment as to the merits of incorporating a
risk-based standard into the rule, instead of the proposed combination
of a risk-based approach with a mandatory set of minimum information
collection standards.
The provider and seller are reminded that the AML program developed
for their prepaid program or prepaid services should accurately reflect
their business operations. The program must be sufficiently detailed
with standards and criteria specified for how the information is to be
collected, verified, and retained. There should also be provisions
addressing its communication throughout the employee ranks and for the
training of any individuals/entities acting on its behalf.
XIII. Questions for Public Comment
FinCEN invites comments on all aspects of the proposal to regulate
prepaid access. The following represents a compilation of all of the
questions presented earlier in the preamble text. They have been
aggregated here for the convenience of the commenting public.
1. Proposed Terminology for This Rulemaking
We seek public comment regarding the terms ``prepaid access'' and
``provider of prepaid access,'' and whether they offer the best, most
meaningful description of the product(s).
2. International Transport To Be Addressed in a Subsequent Rulemaking
FinCEN intends to undertake a subsequent rulemaking proposal on the
international transport of prepaid access. In the interim, we invite
comment on any aspect of the international transport issue that we
should consider in the context of a future reporting requirement
directed at this type of payment mechanism.
3. Alternate Approach to Designation of a Single, Central ``Provider''
The many parties in the transaction chain each bring specialized
knowledge to the program. By imposing a separate, stand-alone
obligation on each party along the transaction chain, we may facilitate
the collection of more detailed information not filtered through any
secondary perspective. As FinCEN considers such an alternate approach,
we seek comment on which prepaid program participants offer the most
meaningful information, such as transaction information, purchaser
information, or card holder information.
4. $1,000 Threshold Aggregation
In its 2009 MSB NPRM, FinCEN sought comment on whether transactions
involving multiple MSB services should require aggregation for purposes
of determining whether definitional thresholds had been met. We
received industry comments on this issue generally opposed to such a
development.
FinCEN is still considering the matter and welcomes any further
comments on this issue, particularly with respect to the inclusion of
the sale of prepaid access in connection with other money services
business products.
5. Closed Loop Prepaid Access, Generally
We question whether it might now be appropriate to revisit the
rationale that we have previously applied to closed loop prepaid access
even if such prepaid access is limited solely to domestic use. Are
there inherent vulnerabilities in closed loop prepaid access that
require our consideration? Is closed loop prepaid access that allows
use at more than a single retail facility (for example, at a shopping
mall) more vulnerable to abuse than a traditional closed loop product?
FinCEN solicits comment on whether and how it should reconsider its
existing interpretation with respect to closed loop gift cards.
6. Consideration of Examination Authority
With respect to providers of prepaid access, FinCEN seeks comment
on any particular aspects of the prepaid access sector that should be
considered when making a decision about whether and how to delegate
examination authority.
7. Future Rulemakings Contemplated
As noted earlier, we intend to engage in a rulemaking on
instituting reporting requirements on the international transport of
prepaid access. If there are other areas in need of consideration for
future rulemaking, we ask for the public to offer comment.
8. SEC and CFTC-Regulated Entities; Involvement in Prepaid Access
Sector
FinCEN is not aware of entities registered with, and regulated or
examined by the SEC or CFTC that are actively engaged in the prepaid
access
[[Page 36603]]
industry in such a way as to approach the equivalent of a provider or
seller of prepaid access, and solicits comment on the extent to which
such entities are engaged in the prepaid access industry.
9. Description of Participants in the Prepaid Access Transaction Chain
To the degree that our sketch of the landscape is inaccurate or
incomplete, we seek guidance and clarification from the commenting
public.
10. Employer Use of Prepaid Access Program for Payroll Purposes
We understand that some members of the law enforcement community
would prefer to subject all prepaid payroll programs to the full range
of BSA obligations. They assert that criminals often establish shell
companies and use these fictitious entities and non-existent employees
as conduits to launder illicit funds. They believe that the potential
for abuse of prepaid payroll cards is considerable and have voiced
their concerns to us. We therefore seek public comment regarding the
need to institute additional safeguards and/or conditions prior to
excluding prepaid access to payroll funds from the full extent of BSA
responsibilities. Are there methods to ensure that the company and
employees are legitimate, and that the program is valid?
11. Requirements Placed on Limited Value Prepaid Access To Enable
Exclusion From Regulation
We request public comment on the following considerations regarding
this section of the proposed rule:
Please provide us with comments regarding alternative
dollar limits, higher or lower than this proposal, daily or otherwise,
and tied to a clearly delineated dollar amount or not. What merits are
derived and what vulnerabilities are created by increasing or
decreasing the threshold? Would an additional activity limit threshold,
such as annual multi-thousand thresholds that exist in some European
countries, have benefits over our use of a daily dollar level?
What is the technological feasibility of these
requirements? What cost implications and practical burdens are raised
by these requirements for the provider of prepaid access, the
processor, or any other parties in the transaction chain to enable the
application of the exemption?
What practical implications and what technological
challenges arise if different limits are established for transfers,
aggregate value, withdrawals, and velocity?
12. Information Regarding the Prepaid Access Program To Be Derived
Through Registration Process
FinCEN anticipates that identifying information about the component
entities involved in a prepaid program will be fundamentally important
to the law enforcement community. We believe that the most efficient
way to obtain this information and make it available for law
enforcement use is via the registration process, and FinCEN will be
considering ways in which the MSB Registration form, FinCEN Form 107,
can be updated to accommodate such information. We solicit comments on
the use of the form to collect this information.
13. Capture and Retention of Customer Information
FinCEN believes that such customer information capture and
retention is necessary for greater financial transparency of the
purchasers of the prepaid products or services. We anticipate that
retaining such records will assist not only the providers and sellers
but may be of great value to law enforcement. FinCEN seeks comment on
the value of retaining such records.
14. Mandatory Data Set of Customer Information vs. Risk-Based
Assessment of Necessary Information Variables
FinCEN recognizes that verifying and retaining information on every
applicable transaction could be time consuming and expensive. Such
costs might be alleviated if the precise type of information that an
institution had to collect was left to the determination of the
provider or seller of prepaid access based on an assessment of their
risks, in a manner consistent with other FinCEN regulations. We seek
public comment as to the merits of incorporating a risk-based standard
into the rule instead of the proposed combination of a risk-based
approach with a mandatory set of minimum standards.
15. Certification of Regulatory Burden
FinCEN's research has revealed that AML and customer
identification requirements are currently imposed on providers of
prepaid access (and through them, to sellers of prepaid access) by the
partner bank that is authorized to issue the prepaid access by the
payment network. FinCEN solicits confirmation of this fact, and any
substantial divergence between the current contractual obligations of a
provider or seller, and the requirements specified by the proposed
rule.
Please provide comment on any or all of the provisions in
the proposed rule with regard to (a) the impact of the provision(s)
(including any benefits and costs), if any, in carrying out
responsibilities under the proposed rule and (b) what alternatives, if
any, FinCEN should consider.
XIV. Proposed Location in Chapter X
As discussed in a previous Federal Register Notice, 73 FR 66414,
Nov. 7, 2008, FinCEN is separately proposing to remove Part 103 of
Chapter I of Title 31, Code of Federal Regulations, and add Parts 1000
to 1099 (``Chapter X''). If the notice of proposed rulemaking for
Chapter X is finalized, the changes in the present proposed rule would
be reorganized according to the proposed Chapter X. The planned
reorganization will have no substantive effect on the regulatory
changes herein. The regulatory changes of this specific rulemaking
would be renumbered according to the proposed Chapter X as follows:
(a) 103.11 would be moved to 1010.100;
(b) 103.20 would be moved to 1022.320;
(c) 103.33 would be moved to 1010.410;
(d) 103.40 would be moved to 1020.420;
(e) 103.41 would be moved to 1022.380; and
(f) 103.125 would be moved to 1022.210.
XV. Regulatory Flexibility Act
When an agency issues a rulemaking proposal, the Regulatory
Flexibility Act (RFA) requires the agency to ``prepare and make
available for public comment an initial regulatory flexibility
analysis'' which will ``describe the impact of the proposed rule on
small entities.'' (5 U.S.C. Sec. 603(a)). Section 605 of the RFA
allows an agency to certify a rule, in lieu of preparing an analysis,
if the proposed rulemaking is not expected to have a significant
economic impact on a substantial number of small entities.
Estimate of the number of small entities to which the proposed rule
will apply:
For the purpose of arriving at an estimated number of providers of
prepaid access, FinCEN is relying on information regarding the
industries as identified by their North American Industry
Classification System (``NAICS'') \57\ codes. In particular,
[[Page 36604]]
FinCEN finds that prepaid providers will be listed as NAICS code 522320
(Financial transaction processing, reserve and clearinghouse
activities). The United States Census Bureau estimates there are about
3000 entities in this classification. However, this classification
includes services that are outside of those provided by prepaid
providers (i.e. check validation services, bank clearinghouse
associations, and credit card processing services). Because prepaid
providers utilize electronic funds transfers systems to conduct
business, FinCEN narrowed the estimated industry to those entities that
are within NAICS code 522320 and perform either electronic funds
transfers or electronic financial payment services. FinCEN was unable
to obtain a number for these entities from the United States Census
Bureau and therefore relies on commercial database information. Based
on this information, FinCEN estimates that there are 700 entities that
share this classification.\58\ Within this classification those
entities that have less than 7 million dollars in gross revenue are
considered small. FinCEN estimates that 93% of the affected industry is
considered a small business, and that the proposed regulation will
affect all of them.
---------------------------------------------------------------------------
\57\ NAICS was developed as the standard for use by Federal
statistical agencies in classifying business establishments for the
collection, analysis, and publication of statistical data related to
the business economy of the U.S. NAICS was developed under the
auspices of the Office of Management and Budget (OMB), and adopted
in 1997.
\58\ Dun and Bradstreet, D&B Duns Market Identifiers Plus (US)
(Accessed on Nov 19, 2009) (Search of Codes NAICS 522320 with
removal of outlying institutions).
---------------------------------------------------------------------------
For the purpose of identifying sellers, FinCEN is unable to rely on
NAICS codes because sellers, including grocery stores, convenience
stores, and department stores, will be classified under the primary
services that they provide. Therefore, to arrive at an estimated number
of sellers of prepaid access, FinCEN is relying on information about
distribution channels obtained through informal consultations with
members of the prepaid industry. In addition, FinCEN is relying on
prepaid access selling patterns identified through the 2005 Money
Services Business Industry Survey Study conducted by KPMG.
FinCEN estimates that there are 70,000 sellers of prepaid access
operating within prepaid card programs, as defined under our proposed
rule. The inclusion of these sellers as small businesses for regulatory
purposes would depend, in great part, on the corporate organization of
each sales outlet.\59\ In consideration of the discussions above, for
the purposes of the Regulatory Flexibility Act, FinCEN stipulates that
it is affecting a substantial number of small businesses.
---------------------------------------------------------------------------
\59\ Nearly 70% of the individual sales outlets of prepaid
access covered within the scope of this proposed regulation belong
to a national or regional chain (such as a convenience store,
drugstore, or supermarket chain). If the corporation bases its
distribution strategy on a branch network, the single, unified
nation- or region-wide corporation is considered the seller of
prepaid access, the gross annual revenue would probably exceed the
threshold for consideration as a small business, and the number of
sellers of prepaid access decreases significantly. On the other
hand, if the corporation bases its distribution strategy on
franchises, then each individual franchisee becomes a seller of
prepaid access, and its individual gross annual revenue might
qualify it as a small business.
---------------------------------------------------------------------------
Description of the projected reporting and recordkeeping
requirements of the proposed rule:
The proposed rule will require prepaid providers and sellers to
implement the same BSA requirements with which other MSBs are already
complying. By requiring this, FinCEN is addressing vulnerabilities in
the United States financial system and is leveling the playing field
among MSBs. Currently, all MSBs are required to maintain AML programs,
report certain currency transactions, and maintain certain records.
Also, MSBs, except check cashers and issuers, sellers, and redeemers of
stored value, are currently required to file reports on suspicious
transactions. The proposed rule will require prepaid providers and
sellers to comply with these same requirements. The proposed rule will
require only prepaid providers, not sellers, to register with FinCEN.
Additionally, prepaid providers and sellers will be required to
maintain records about customer identification and transaction
information. As discussed below, FinCEN does not foresee a significant
impact on the regulated industry from these requirements.
AML Program Requirement in General
The proposed rule will require prepaid providers and sellers to
maintain AML programs. Sellers that transact in amounts greater than
$1000 per person per day are already required to maintain AML programs.
The majority of providers have not been previously required by
regulation to maintain AML programs. However, through discussions with
industry and representations from a prepaid card association, FinCEN
has determined that prepaid providers are already maintaining AML
programs, typically as part of their contractual obligations to their
partner banks or credit card networks. When an issuing bank partners
with a prepaid provider to reduce reputational and operational risk the
bank will require that the provider maintain an AML program
commensurate with the bank's risk tolerance. To assist these prepaid
providers, prepaid card associations publish reports on AML best
practices. Similarly, for those sellers that transact in ways that
would subject them to the proposal, the proposed rule would require the
maintenance of an AML program. Because these sellers are agents of
either the provider or issuing bank or both, they have been
contractually obligated to maintain AML programs to assure their
principal that AML risks are mitigated. Therefore, since providers and
sellers are already contractually obligated to fulfill the requirement
of maintaining an AML program as proposed in this rule, FinCEN
estimates that the impact of this requirement will be minimal.
Currency Transaction Reporting
The proposed rule will require prepaid providers and sellers to
report transactions in currency in amounts greater than $10,000. As
stated in FinCEN's 1999 MSB rulemaking, sellers that transact in
amounts greater than $1,000 per person per day are already required to
report these transactions.
Providers and sellers that transact in amounts of $1,000 or less
per person per day have not been required to report transactions in
currency in amounts greater than $10,000. However, because the average
load amounts for prepaid cards are well below the $10,000 threshold and
the majority of prepaid loads above $1,000 are deposited through direct
deposit, FinCEN does not foresee a significant burden in this
requirement. In support of this assertion, several prepaid providers
have stated to FinCEN that they have rarely if ever encountered a
transaction of over $10,000 in currency per person per day associated
with their prepaid programs.
Suspicious Activity Reporting
The proposed rule will require prepaid providers and sellers to
report on transactions of $2,000 or more which they determine to be
suspicious. Prepaid providers and sellers have not been previously
required to comply with such a requirement under regulation. It is
important to highlight that these reports are not required to be filed
unless a transaction is suspicious and is for an amount of $2,000 or
more. The average transaction amount for a point-of-sale debit is about
$40.\60\ This is substantially less than the $2,000 threshold.
Additionally, through an
[[Page 36605]]
overview of currently operating programs, FinCEN has determined that
few prepaid programs allow a customer to withdraw more than $1,000 from
an automated teller machine in a day. Lastly, in discussions with the
industry, prepaid providers indicated that they rarely encountered
transactions for which they would file a SAR if required by regulation.
Therefore, FinCEN estimates that the number of SARs that will be filed
by prepaid providers and sellers will be low.
---------------------------------------------------------------------------
\60\ Cheney, Julia ``An Update on trends in the Debit Card
Market,'' Payment Cards Center, June 2007, pg. 3 (citing The Nilson
Report Issue 865); available at http://www.phil.frb.org/payment-cards-center/publications/discussion-papers/2007/D2007JuneUpdateDebitCardMarketTrends.pdf.
---------------------------------------------------------------------------
FinCEN understands that the costs in SAR reporting go beyond the
actual cost in filing the report. These costs also include developing
systems to monitor transactions for suspicious activity. Because of the
inherent risk of fraud that exists in the prepaid industry or any
payment industry for that matter, prepaid providers already utilize
fraud monitoring systems. These systems monitor transactions of
individual cards to detect patterns that would indicate suspicious
behavior that could be fraud. To detect fraud these systems rely on
various data points including transaction velocity, transaction volume,
and transaction location which are compared to a customer profile.
These same data points can be used to detect suspicious behavior beyond
fraud.
Customer Identification Information
The proposed rule will require prepaid providers and sellers to
implement procedures to collect and retain customer information
relating to prepaid access within the proposed definition of a
``prepaid program.'' As part of their current AML programs, sellers
that transact in amounts greater than $1000 per person per day are
already required to have policies and procedures to maintain customer
information for certain transactions. Other prepaid sellers and
providers have not been required to retain this information by
regulation.
Similar to the discussion of AML programs above, prepaid providers
are currently required to obtain and retain customer identification
information through contractual obligations with the bank partners.
Since the implementation of Sec. 326 of the USA PATRIOT Act, banks
have been required to obtain customer identification for each account
they open. Through discussions with prepaid industry members and
associations, FinCEN has determined that, to mitigate risks, banks have
extended this requirement to their prepaid provider partners through
contractual obligations. Therefore, prepaid providers are already
obtaining and maintaining information on their customers to comply with
contractual obligations. Beyond these obligations, prepaid providers
are maintaining this information to assist in their fraud monitoring
and targeted marketing programs. Sellers of prepaid access also obtain
and maintain this information as agents of their principal banks and
providers. Because it is the sellers that have direct communication
with the customer, the obligation to collect customer identification
information has been extended to them by their principals.
Transaction Records Generated in the Ordinary Course of Business
The proposed rule will require prepaid providers and sellers to
retain transaction specific records generated in the ordinary course of
business. Currently, providers and sellers are not required to maintain
these records by regulation. However, because these records are
necessary for data processing and transaction look-backs, these
institutions already retain such records in the ordinary course of
business.
Registration of Providers
The proposed rule will require prepaid providers to register with
FinCEN. Sellers will not be required to register as they are agents of
the providers. The FinCEN registration form is two pages and must be
filed once every two years. Under OMB control number 1506-0013, FinCEN
estimates that the annual burden from reporting and recordkeeping
associated with this registration is 2.5 hours.\61\
---------------------------------------------------------------------------
\61\ The estimated average annual burden associated with the
recordkeeping requirement in 31 CFR 103.41 is 30 minutes per
recordkeeper for the completion, filing, and recordkeeping of
registration forms, and an additional 120 minutes for the
completion, filing, and recordkeeping of the list of prepaid
programs subject to the regulation.
---------------------------------------------------------------------------
Certification
Most of the requirements in the proposed rule reflect contractual
obligations already imposed on both prepaid providers and sellers or
the codification of a requirement to maintain records that are already
maintained in the ordinary course of business. The additional burden
proposed by the rule is a registration requirement and a SAR filing
requirement. As discussed above, FinCEN estimates that the impact from
these requirements will not be significant. Accordingly, FinCEN
certifies that the proposed rule will not have a significant impact on
a substantial number of small entities.
Questions for Comment
1. FinCEN's research has revealed that AML and customer
identification requirements are currently imposed on providers of
prepaid access (and through them, to sellers of prepaid access) by the
partner bank that is authorized to issue the prepaid access by the
payment network. FinCEN solicits confirmation of this fact, and any
substantial divergence between the current contractual obligations of a
provider or seller, and the requirements specified by the proposed
rule.
2. Please provide comment on any or all of the provisions in the
proposed rule with regard to (a) the impact of the provision(s)
(including any benefits and costs), if any, in carrying out
responsibilities under the proposed rule and (b) what alternatives if
any, FinCEN should consider.
XVI. Paperwork Reduction Act Notices
The collections of information contained in this proposed rule are
being submitted to the Office of Management and Budget for review in
accordance with the Paperwork Reduction Act of 1995 (44 U.S.C.
3507(d)). Comments on the collection of information should be sent to
Desk Officer for the Department of the Treasury, Office of Information
and Regulatory Affairs, Office of Management and Budget, Paperwork
Reduction Project (1506), Washington, DC 20503, fax (202/395-6974), or
by the Internet to oira_submission@omb.eop.gov, with a copy to the
Financial Crimes Enforcement Network by mail. Comments on the
collection of information should be received by August 27, 2010.
In accordance with the requirements of the Paperwork Reduction Act
of 1995, 44 U.S.C. 3506(c)(2)(A), and its implementing regulations, 5
CFR part 1320, the following information concerning the collection of
information is presented to assist those persons wishing to comment on
the information collection. The information collections in this
proposal are contained in 31 CFR 103.20, 31 Part 103.40, 31 CFR 103.41,
and 31 CFR 103.125.
AML Program for Providers and Sellers of Prepaid Access
Anti-money laundering programs for money services businesses (31
CFR 103.125). Office of Management and Budget Control Number: 1506-
0020.
This information is required to be retained pursuant to 31 U.S.C.
5318(h) and 31 CFR 103.125. The collection of information is mandatory.
[[Page 36606]]
The information collected pursuant to 31 CFR 103.125(c) will be
used by examiners to determine whether providers of prepaid access
comply with the BSA. By defining providers and sellers of prepaid
access as MSBs, the proposal will increase the estimated number of
entities by 70,700. However, by removing issuers, sellers, and
redeemers of stored value from the definition of MSB, the proposal will
reduce the estimated number of entities by 10,000. Overall, the
proposal will increase the number of entities that collect information
under 31 CFR 103.125(c) by 60,700.
Description of Recordkeepers: MSBs as defined in 31 CFR
103.11(uu)(4).
Estimated Number of Recordkeepers: The proposal increases the
number of recordkeepers to 60,700.
Estimated Average Annual Burden Hours per Recordkeeper: The
estimated average annual burden associated with the recordkeeping
requirement in 31 CFR 103.125(c) is one hour.
Estimated Total Annual Recordkeeping Burden: The current burden
will be reduced by 10,000 hours and increased by 70,700 hours, for a
net increase to the current burden of 60,700 hours.
Customer Identification Requirement for Providers and Sellers of
Prepaid Access
The information collected pursuant to 31 CFR 103.125(d) will be
used by law enforcement agencies in the enforcement of criminal and
regulatory laws. The proposal affects an estimated 70,700 providers and
sellers of prepaid access. The proposal requires two minutes of
collection burden per issuance of prepaid access product or service.
Description of Recordkeepers: MSBs as defined in 31 CFR
103.11(uu)(4).
Estimated Number of Recordkeepers: The proposal increases the
number of recordkeepers to 70,700.
Estimated Average Annual Burden Hours per Recordkeeper: The
estimated average annual burden associated with the recordkeeping
requirement in 31 CFR 103.125(d) is two minutes per issuance of a
prepaid access device. At any given moment, there are an estimated 7.5
million network branded prepaid cards in the marketplace. FinCEN
estimates that the average lifespan of a prepaid card is three years.
Therefore, FinCEN estimates that there are 2.5 million new prepaid
cards or products issued each year. However, we seek comment from the
public on whether the three-year average lifespan of a prepaid card is
a reasonable assumption.
Estimated Total Annual Recordkeeping Burden: The burden will be
83,300 hours.
SAR Filing for Providers and Sellers of Prepaid Access
Suspicious activity reports for money services businesses (31 CFR
103.20). Office of Management and Budget Control Number: 1506-0015.
This information is required to be provided pursuant to 31 U.S.C.
5318(g) and 31 CFR 103.20. This information will be used by law
enforcement agencies in the enforcement of criminal and regulatory laws
and to prevent money services businesses from engaging in illegal
activities. The collection of information is mandatory. The proposal
will increase the number of recordkeepers by 70,700.
Description of Recordkeepers: MSBs as defined in 31 CFR
103.11(uu)(4).
Estimated Number of Recordkeepers: On an annual basis there are
approximately 700 Providers of prepaid access and 70,000 sellers of
prepaid access. Therefore, the number of recordkeepers would be
increased by 70,700.
Estimated Average Annual Burden Hours per Recordkeeper: The
estimated average annual burden associated with the recordkeeping
requirement in 31 CFR 103.20 is 90 minutes per report.
Estimated Total Annual Recordkeeping Burden: The proposal should
increase the estimated annual burden by 144,900 hours.
Registration of Providers of Prepaid Access
Registration for money services businesses (31 CFR 103.41). Office
of Management and Budget Control Number: 1506-0013.
This information is required to be provided pursuant to 31 U.S.C.
5330 and 31 CFR 103.41. The information will be used by law enforcement
and regulatory agencies in the enforcement of criminal, tax, and
regulatory laws and to prevent money services businesses from engaging
in illegal activities. The collection of information is mandatory. As
only providers of prepaid access need register and list the prepaid
programs subject to the proposed regulation, the number of
recordkeepers will be increased by 700.
Description of Recordkeepers: Providers of prepaid access as
defined in 31 CFR 103.11(uu)(4).
Estimated Number of Recordkeepers: The number of recordkeepers
would be increased by 700 MSBs.
Estimated Average Annual Burden Hours per Recordkeeper: The
estimated average annual burden associated with the recordkeeping
requirement in 31 CFR 103.41 is 60 minutes per recordkeeper for the
completion, filing, and recordkeeping of registration forms, and an
additional 90 minutes for the completion, filing, and recordkeeping of
the list of prepaid programs subject to the regulation.
Estimated Total Annual Recordkeeping Burden: We will increase the
number of burden hours under this collection by 1,750 hours.
Recordkeeping and Retrieval Requirement
Customer and Transactional Data Recordkeeping Requirements (31 CFR
103.33, 103.38, 103.40, and 103.125). Office of Management and Budget
Control Number: 1506-0009.
This information is required to be provided pursuant to Section 21
of the Federal Deposit Insurance Act (12 U.S.C. 1829) and 31 CFR
103.33, 103.38, 103.40, and 103.125. This information will be used by
law enforcement agencies in the enforcement of criminal, tax, and
regulatory laws and to prevent money services businesses from engaging
in illegal activities. Prepaid providers would be required to retain
information in a format that allows for its retrieval upon request.
Both providers and sellers of prepaid access are responsible for the
recordkeeping of customer and transactional data that would routinely
be captured and maintained in the ordinary course of business under the
proposed regulation, the number of recordkeepers will be increased by
70,700.
Description of Recordkeepers: MSBs as defined in 31 CFR
103.11(uu)(4).
Estimated Number of Recordkeepers: The number of recordkeepers
would be increased by 70,700 MSBs.
Estimated Average Annual Burden Hours per Recordkeeper: The
estimated average annual burden associated with the recordkeeping
requirement in 31 CFR 103.33, 103.38, 103.40, and 103.125 is 16 hours
per recordkeeper for the maintenance of customer and transactional data
that would routinely be captured and maintained in the ordinary course
of business under prepaid programs subject to the proposed regulation.
Estimated Total Annual Recordkeeping Burden: We will increase the
number of burden hours under this collection by 1,131,200 hours.
An agency may not conduct or sponsor, and a person is not required
to respond to, a collection of information unless the collection of
information displays a valid OMB control number. Records required to be
retained under
[[Page 36607]]
the Bank Secrecy Act must be retained for five years.
Request for Comments: We specifically invite comments on: (a)
whether the proposed recordkeeping requirements are necessary for the
proper performance of the mission of the Financial Crimes Enforcement
Network, and whether the information shall have practical utility; (b)
the accuracy of our estimate of the burden of the proposed
recordkeeping requirement; (c) ways to enhance the quality, utility,
and clarity of the information required.
XVII. Executive Order 12866
This proposed rule is a significant regulatory action, and has been
reviewed by the Office of Management and Budget in accordance with
Executive Order 12866 (``Regulatory Planning and Review''). Most of the
entities that would be affected by this rulemaking are already
contractually obliged to maintain AML programs, verify customer
identification, and keep records of transaction information in order to
fulfill their contractual obligations to banks and transaction
processors. Additionally, FinCEN understands that many of these
entities already use automated fraud monitoring systems that evaluate
data points similar to those relevant to detect suspicious
transactions. The imposition of apparently new compliance obligations
under this proposed rule would therefore likely not impose significant
new costs on regulated entities in this regard.
As discussed in the RFA certification, FinCEN estimates that
because of the low transaction limits for prepaid access products and
services neither SARs nor CTRs will be required to be filed often.
Lastly, FinCEN estimates the registration requirement proposed by the
rule will require 2.5 hours of employee time annually. FinCEN expects
that the new reporting requirements imposed by this proposed rule would
therefore likely have a modest overall operational and economic impact.
FinCEN solicits comment on the economic impact of this proposed
rule. FinCEN will use this feedback to conduct additional analysis.
Given the difficulty in quantifying or monetizing the important
incremental benefits of a Regulation, FinCEN is considering OMB
guidance and Circular A-4 with respect to conducting a threshold or
``break-even'' analysis. According to OMB Circular A-4 this analysis
would answer, ``How small the value of the non-quantified benefits
could be (or how large would the value of the non-quantified costs need
to be) before the rule will yield zero net benefits.'' \62\
---------------------------------------------------------------------------
\62\ See OMB Circular A-4 (September 17, 2003), p. 2.
---------------------------------------------------------------------------
XVIII. Unfunded Mandates Act of 1995 Statement
Section 202 of the Unfunded Mandates Reform Act of 1995 (``Unfunded
Mandates Act''), Public Law 104-4 (March 22, 1995), requires that an
agency prepare a budgetary impact statement before promulgating a rule
that may result in expenditure by the State, local, and tribal
governments, in the aggregate, or by the private sector, of $100
million or more in any one year. If a budgetary impact statement is
required, section 202 of the Unfunded Mandates Act also requires an
agency to identify and consider a reasonable number of regulatory
alternatives before promulgating a rule. Taking into account the
factors noted above and using conservative estimates of average labor
costs in evaluating the cost of the burden imposed by the proposed
regulation, FinCEN has determined that it is not required to prepare a
written statement under section 202.
List of Subjects in 31 CFR Part 103
Administrative practice and procedure, Banks, banking, Brokers,
Currency, Foreign banking, Foreign currencies, Gambling,
Investigations, Penalties, Reporting and recordkeeping requirements,
Securities, Terrorism.
Proposed Amendments to the Regulations
Accordingly, 31 CFR part 103 is proposed to be amended as follows:
PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND
FINANCIAL TRANSACTIONS
1. The authority citation for part 103 continues to read as
follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314,
5316-5332; title III, secs. 311, 312, 313, 314, 319, 326, 352, Pub.
L. 107-56, 115 Stat. 307.
2. Section 103.11, as proposed to be amended on May 12, 2009 (74 FR
22129), is proposed to be further amended as follows:
a. Revising paragraph (i);
b. Revising paragraph (uu)(4);
c. Adding paragraph (uu)(8); and
d. Revising paragraph (vv).
The revisions and addition read as follows:
Sec. 103.11 Meaning of terms.
* * * * *
(i) Closed loop prepaid access. Prepaid access to funds or the
value of funds that can be used only in transactions involving a
defined merchant or location (or a set of locations) such as a specific
retailer or retail chain, a college campus, or a subway system.
* * * * *
(uu) * * *
(4) Provider of prepaid access--(i) In general. The term ``provider
of prepaid access'' means the person with principal oversight and
control over one or more prepaid programs. Which person exercises
``principal oversight and control'' is a matter of facts and
circumstances. Activities that indicate ``principal oversight and
control'' include:
(A) Organizing the prepaid program;
(B) Setting the terms and conditions and determining that the terms
have not been exceeded;
(C) Determining the other businesses that will participate in the
transaction chain underlying the prepaid access which may include the
issuing bank, the payment processor, or the distributor;
(D) Controlling or directing the appropriate party to initiate,
freeze, or terminate prepaid access; and
(E) Engaging in activity that demonstrates oversight and control of
transactions.
(ii) Prepaid program. For the purposes of this section and subject
to the limitations set forth in this paragraph (uu)(4)(ii), a prepaid
program is an arrangement under which one or more persons acting
together provide(s) a particular form of prepaid access. However, an
arrangement is not a prepaid program if:
(A) The prepaid access provided is limited to one of the following:
(1) Payment of benefits, incentives, wage or salaries through
payroll cards or other such electronic devices for similar purposes;
(2) Payment of government benefits such as unemployment, child
support, and disaster assistance through electronic devices;
(3) Disbursement of reimbursement funds from pre-tax flexible
spending accounts for health care and dependent care expenses;
(4) Providing prepaid access to funds subject to limits that
include a maximum value as indicated in paragraphs(uu)(4)(ii)(A)(4)(i)
through (iii) of this section, where such maximum value is clearly
visible on the prepaid access product:
(i) Not to exceed $1,000 maximum value that can be initially loaded
at the time of purchase of the prepaid access;
[[Page 36608]]
(ii) Not to exceed $1,000 maximum aggregate value (such as through
multiple transfers of value to a single prepaid access product) that
can be associated with the prepaid access at any given time; and
(iii) Not to exceed $1,000 maximum value that can be withdrawn from
the prepaid access device on a single day; or
(5) Providing closed-loop prepaid access; and
(B) It does not permit:
(1) Funds or value to be transmitted internationally;
(2) Transfers between or among users of prepaid access within a
prepaid program such as person-to-person transfers; or
(3) Unless it qualifies as closed loop prepaid access, the ability
to load monetary value from other non-depository sources onto prepaid
access.
* * * * *
(8) Seller of prepaid access. The term ``seller of prepaid access''
means any person that receives funds or the value of funds in exchange
for providing prepaid access as part of a prepaid program directly to
the person that provided the funds or value, or to a third party as
directed by that person.
(vv) Prepaid access. Electronic device or vehicle, such as a card,
plate, code, number, electronic serial number, mobile identification
number, personal identification number, or other instrument that
provides a portal to funds or the value of funds that have been paid in
advance and can be retrievable and transferable at some point in the
future.
* * * * *
3. Amend Sec. 103.20 by:
a. Revising the first sentence of paragraph (a)(1); and
b. Removing paragraph (a)(5).
The revision reads as follows:
Sec. 103.20 Reports by money services businesses of suspicious
transactions.
(a) General. (1) Every money services business, described in Sec.
103.11(uu), (1), (3), (4), (5), (6), or (8), shall file with the
Treasury Department, to the extent and in the manner required by this
section, a report of any suspicious transaction relevant to a possible
violation of law or regulation. * * *
* * * * *
4. Add new Sec. 103.40 to subpart C to read as follows:
Sec. 103.40 Additional records to be maintained by providers of
prepaid access.
With respect to transactions relating to providers and sellers of
prepaid access described in Sec. 103.11(uu)(4) and (8) that are
subject to the requirements of part 103, each provider of prepaid
access shall maintain transactional records for a period of five years.
The provider, as defined in Sec. 103.11(uu)(4), shall maintain
transactional records generated in the ordinary course of business by
the payment processor or other party that facilitates prepaid access
activation, loads, reloads, purchases, withdrawals, transfers, or other
prepaid-related transactions.
5. Amend Sec. 103.41 by revising paragraph (a)(1) to read as
follows:
Sec. 103.41 Registration of money services businesses.
(a) Registration requirement--(1) In general. Except as provided in
paragraph (a)(2) of this section, relating to agents, and except for
sellers as defined in Sec. 103.11(uu), to the extent that they are not
already agents, each money services business (whether or not licensed
as a money services business by any State) must register with FinCEN
and, in the case of a provider of prepaid access, identify each prepaid
program for which it is the provider of prepaid access. Each money
services business must, as part of its registration, maintain a list of
its agents as required by 31 U.S.C. 5330 and this section. This section
does not apply to the United States Postal Service, to agencies of the
United States, of any State, or of any political subdivision of a
State. With respect to prepaid programs, each prepaid program must have
a provider of prepaid access registered with FinCEN.
* * * * *
6. Amend Sec. 103.125 by:
a. Revising paragraph (d)(1)(i); and
b. Adding new paragraph (d)(1)(iv).
The revision and addition read as follows:
Sec. 103.125 Anti-money laundering programs for money services
businesses.
* * * * *
(d) * * *
(1) * * *
(i) Policies, procedures, and internal controls developed and
implemented under this section shall include provisions for complying
with the requirements of this part including, to the extent applicable
to the money services business, requirements for:
(A) Verifying customer identification, including as set forth in
paragraph (d)(1)(iv) of this section.
(B) Filing Reports;
(C) Creating and retaining records;
(D) Responding to law enforcement requests.
* * * * *
(iv) A money services business that is a provider or seller of
prepaid access must establish procedures to verify the identity of a
person who obtains prepaid access under a prepaid program, obtain
identifying information concerning such a person, including name, date
of birth, address, and identification number, and retain such
identifying information for five years after the termination of the
relationship.
* * * * *
Dated: June 17, 2010.
James H. Freis, Jr.,
Director, Financial Crimes Enforcement Network.
[FR Doc. 2010-15194 Filed 6-25-10; 8:45 am]
BILLING CODE 4810-02-P