Spotlight Article: Work Continues on the Model Regulation of Virtual Currencies Act

Dana-Syracuse-with-captionOn April 2-3, 2016, the third meeting of the Uniform Law Commission (ULC) Drafting Committee on the Regulation of Virtual Currencies (the “Committee”) was held in Chicago, Illinois. Dana Syracuse was in attendance as an official Observer along with Committee members, industry stakeholders, thought leaders, and government representatives. The Committee’s work in Chicago reflects comments received in response to drafts generated in previous meetings in Washington, D.C. last fall and Palo Alto in February. The Committee’s primary goal is to establish a common set of standards regulating certain types of virtual currency companies, including transmitters, custodians, and exchangers of virtual currency.

Subsequent to that meeting the Committee released an updated Draft Model Act reflecting all comments received to date. The current version of the Draft Model Act is divided into eight articles, as summarized below.

Article 1 (General Provisions): This Article includes definitions, which are important for laying out the scope of the Draft Model Act. Of significance is the revised definition of “control,” which states that “control means possession of sufficient virtual currency credentials or authority on a virtual currency network to execute unilaterally or prevent indefinitely virtual currency transactions, but does not control possessing, for a reasonably time-limited period, virtual currency credentials sufficient to prevent virtual currency transactions to provide a service such as an escrow function or transaction management.” This definition is significant because it arguably takes some of the more interesting features of the blockchain, such as escrow functions and some multi signature implementations, outside of licensure. Other significant definitions include custody, storage, transfer, virtual currency, and virtual currency business activity. This Article also contains exemptions for certain categories of institutions including government agencies, banks charted under state law or the jurisdiction of the United States, certain payment systems, those dealing in foreign exchange, those engaged in personal use of virtual currency, miners, and those who fail to meet a minimum threshold of monetary activity. Read more…


Digital Insights & Trends: Potential Regulatory Pitfalls of the Mobile Payments Revolution

Dana-Syracuse-with-captionThe mobile payments revolution has provided consumers with unprecedented options at the checkout counter. In addition to cash, consumers have myriad payment options, including prepaid cards, debit cards, credit cards, virtual currency, gift cards, mobile phone billing, and person to person payment systems. While these different payment systems allow consumers convenient access to their money, there are numerous potential pitfalls, both for individuals and the industry, by way of regulatory gaps and inconsistencies. These issues are magnified by the fact that these different payment methods may be loaded onto and initiated by mobile devices, which can compound the regulatory, cybersecurity, data privacy, and consumer protection concerns.

  • Regulatory Concerns:  Depending on the payment method effectuated by the mobile device, consumers may find themselves with little or no right to redress and financial institutions may find themselves answerable to the FTC, CFPB, various state level regulators, or even the FCC.  As regulators become increasingly aware of these new forms of value transfer, new regulations will develop and existing regulatory gaps will close.  It is imperative that the financial institutions offering these services and products remain aware of all regulatory developments and adjust their compliance programs accordingly.
  • Cybersecurity Concerns:  Each transaction method has its own cybersecurity strengths and vulnerabilities which may expose sensitive consumer data and leave both the financial institution and consumer exposed.  The financial and reputational risks are great and must be met with robust cybersecurity protocols which, though they may not be required by law, will leave everyone more secure.
  • Data Privacy Concerns:  Mobile payment platforms may expose consumer data to both merchants and mobile payment providers.  Because this data is tied to a single individual, it is quite valuable and may be aggregated into databases and then sold.  As regulators become more attune to the risks presented, they are likely to step up efforts to implement privacy protection around mobile devices.
  • Consumer Protection Concerns: Though mobile payment platforms potentially offer lower fees and are therefore attractive to the young, underbanked, and unbanked, the multiple entities involved in these transactions may drive up fees and negatively impact the consumer.  The necessary fee disclosures may differ depending on  payment method and increased regulation in this area is likely.

The market for mobile payment platforms is growing and is on pace to supplant more traditional payment methods, especially as financial institutions shift away from brick and mortar and into an increasingly digital environment. Regulators are certain to monitor these developments and will focus on closing existing regulatory gaps and drafting new regulations where necessary. Equally, as industry adopts new products and technology, it must analyze whether their existing compliance functions are sufficient or must also be modernized.


Digital Insights & Trends: Clearing and Settlement Platforms to Watch in 2016

Andrew-Grant-caption2015 was the year that blockchain technology, initially used as the public ledger for tracking bitcoin, began to mature and expand beyond payments. While regulators focused on the risks associated with virtual currency, technology companies and financial institutions forged ahead with developing alternate uses for the blockchain.

Using blockchain technology offers many upsides, with one of the most notable being faster clearing and settlement functionality. Companies that can clear and settle transactions faster and at a reduced cost will have a competitive advantage.  Thus far, however, no dominant player has emerged.

There are a number of companies that are working on creating blockchain platforms for financial institutions to use to clear and settle trades. Below are just a few of note: Read more…


Digital Insights & Trends: Embracing EMV Technology for Fraud Reduction and Loss Prevention

Jeffrey Hydrick 5 x 7October 2015 represents a significant milepost in the migration of U.S. payments products to EMV chip technology. It also serves as a useful evaluation point as to what the technology achieves and where it falls short. By now, many U.S. cardholders have been issued EMV chip cards, the microprocessor-equipped cards that store the specific cardholder data on the embedded chip. For decades, U.S. payment cards stored cardholder data on a magnetic stripe on the back of the card, instead of a chip. Indeed most cards in the marketplace, including EMV cards, still contain the familiar “magstripe.” Unfortunately, the static nature of the data contained on the magstripe makes the production of counterfeit magstripe cards relatively easy. Once the cardholder data for a particular person is obtained, through “skimming” or other means, a usable counterfeit magstripe card can be produced and readily used at the point-of-sale, until the cardholder realizes that his or her data has been compromised. In contrast, EMV chip cards use a dynamic system of authentication at the point-of-sale, which makes the production of a counterfeit card with EMV chip technology much more difficult. As a result, merchants can safely conclude that an EMV chip card presented for payment in a point-of-sale transaction is authentic and not counterfeit, and card issuers should similarly experience smaller fraud losses.

The four major U.S. payment networks (Visa, MasterCard, American Express and Discover) have long-recognized the fraud-reduction potential of EMV chip cards and, individually and through their jointly-controlled EMVCo. consortium, have pushed for the implementation of EMV technology in the U.S. As part of their efforts to encourage increased EMV chip card issuance by card issuers and acceptance by merchants, beginning in October 2015 the networks shift liability for card-present fraud losses to the party (i.e., merchant, merchant acquirer or issuer) that is least compliant with EMV requirements. For example, if fraud loss results from the use of a counterfeit magstripe card at point-of-sale, where the merchant maintains certified EMV chip terminals but the card issuer has not reissued its magstripe cards as EMV chip cards, the loss will be assigned to the card issuer. On the other hand, card issuers that have issued EMC chip cards may be able to avoid liability that arises from fraudulent transactions where the accepting merchant lacks a EMV chip terminal to be used to process the transaction. Read more…


Digital Insights & Trends: Regulating Faster Electronic Payments – More Complexity or Improved Consistency?

David-Whitaker-webIn January of this year, the Federal Reserve System issued a white paper titled “Strategies for Improving the U.S. Payments System.”  The white paper notes that current technological developments (including the widespread availability of high-speed data networks, the ubiquity of mobile devices, and the increasing use of real-time commercial transaction processing) are outpacing the functional ability of the payments system to handle electronic payment authorization and processing.  In an effort to develop strategies for addressing this growing gap, the Federal Reserve has established a Faster Payments Task Force (“FPTF”).  The FPTF, which had its first meeting in June, seeks to engage a wide range of stakeholders to “identify and evaluate alternative approaches for implementing safe, ubiquitous, faster payments capabilities in the United States.”

A key question raised by such an initiative is this:  what should the legal and compliance requirements for a modern electronic payments system include, especially in connection with consumer transactions?  Current U.S. regulations for electronic fund transfers form a cumbersome patchwork — the rights and obligations of the parties to the transaction vary by the payment method used, and in some cases may change during the course of the transaction as the payment method is converted from one form to another (for example, the time frames within which a consumer may identify and reverse unauthorized or erroneous payments are often very different, depending on the form of payment).

The Consumer Financial Protection Bureau (“CFPB”), which is participating in the FPTF, has just issued a position paper on “Consumer Protection Principles” for faster electronic payments.  The CFPB has identified the following as key elements of the legal and compliance framework: Read more…