Filter Results CategoriesCart
Highlight Updates

1.4.2 The Role of Depository Financial Institutions and Payment Processors Beyond the Consumer’s Bank

Consumers are most familiar with the role of their own depository financial institution (bank or credit union26). This treatise primarily focuses on consumers’ rights vis-à-vis their own bank.

However, when a payment is taken from a consumer’s account (whether by check, electronic ACH payment, or debit card), there is almost always a second financial institution (and sometimes more) involved at the other end of the payment. Those institutions may also have duties and responsibilities that impact consumers.

The terms used to describe financial institutions, their roles, and their duties, depend on the payment system. As described in more detail in the following sections:

  • • In the check system, the bank on which the check is written is the “drawee bank,” and the bank into which a check is deposited is called the “depository bank.”
  • • In the ACH system, the bank that originates an ACH entry (deposit or debit) is the “originating depository institution” (ODFI) and the bank that receives and processes the entry is the “receiving depository institution” (RDFI).
  • • In the card networks (that is, Visa or MasterCard networks), the bank that issues a debit or credit card to the consumer is the “issuing bank” and the bank that enables a store or other merchant to accept and process card payments (whether over the card network or a PIN debit network) is the “acquiring bank.”

In addition to the consumer’s bank and the bank of the entity to whom the payment is ultimately made, a third (or fourth) bank or credit union may play an intermediary role, such as handling payments for payment processors that help merchants access the payment system.

Thus, the customers of these other financial institutions may be merchants or payment processors.

Bank regulators expect financial institutions to know their customers for purposes of ensuring compliance with the law, preventing fraud, and deterring money laundering. The USA Patriot Act heightened these mandates by amending the Bank Secrecy Act in 2001.27 Banks must collect specific information from their customers and verify their identities using prescribed procedures at the time of account opening.28 In addition, bank regulators require their institutions to conduct due diligence on their customers beyond the account opening stage in order to ensure that the account is being used in a legal manner.29

Bank regulators have paid particular attention to the duties of financial institutions when their customer is a payment processor, as discussed in the next section30—often focusing on who the customer’s customer is.

Bank regulators have also issued guidances focused on the institution’s role in the context of particular payment systems, which are discussed in subsequent chapters dealing with remotely created checks31, preauthorized ACH payments32, and credit or debit cards.33

Private litigation against financial institutions over illegal or fraudulent payments is also discussed in those chapters dealing with the applicable payment system.

Regardless of the payment system at issue, the themes are similar and generally all stem from the institutions’ know-your-customer duties and safety and soundness concerns, regardless of the payment system involved. Consequently, cases or guidances in one area may be helpful in another.

While the following subsections focus on payment processors and the financial institutions that have processor customers, many of the issues are also applicable to financial institutions that directly serve merchants.


  • 26 {25} The term “financial institution” typically refers to a depository financial institution—a bank, federal savings association, or a credit union. However, the term may be defined in some contexts, such as the Electronic Funds Transfer Act, to include nonbank entities. See, e.g., §, infra. As used in this section, the term refers only to depository institutions.

  • 27 {26} Pub. L. No. 107-56, 115 Stat. 272 (2001).

  • 28 {27} 31 U.S.C. § 5318; 31 C.F.R. § 1020.220.

  • 29 {28} See, e.g., Fed. Fin. Inst. Examinations Council (FFEIC), Bank Secrecy Act/Anti-Money Laundering Examination Manual 56–59 (2014), available at

  • 30 {29} See § 1.4.3, infra.

  • 31 {30} See § 3.13.3, infra.

  • 32 {31} See §§–, infra.

  • 33 {32} See §§, infra.