Filter Results CategoriesCart
Highlight Updates The Direct Regulation and Obligations of Payment Processors

Payment processors may be covered under state money transmitter laws (also known as money services business laws).60 In addition, some state lending or debt collection laws may be broad enough to cover payment processors. Payment processors that interact direct with consumers may be covered by some aspects of the EFTA.61

Bank regulator guidances and enforcement activities do not directly apply to third-party payment processors. Oversight largely flows indirectly through supervision of financial institutions, but that oversight can impact the obligations of payment processors.62 Standards set by bank regulators can also impact direct claims against payment processors.

Payment processors may be directly bound by the rules of the payment systems under which they operate, such as NACHA rules63 and Visa and MasterCard rules.64 These rules may not be directly enforceable by consumers,65 but they may provide evidence of unfair or deceptive acts or practices.

Payment processors may be the target of legal claims when they facilitate illegal activity, whether through use of remotely created checks and payment orders66, ACH transactions67, credit or debit card payments68, or another payment mechanism.

For that reason, legitimate payment processors may limit the types of transactions that they will process for their clients.69 For example, some payment processors and card networks have rules prohibiting or strictly limiting the processing of payments for certain high-risk industries, including payday lending, telemarketing, credit repair, and debt collecting.70

The FTC and the CFPB have authority over payment processors and have taken enforcement actions against them. The FTC has sued payment processors for unfair and deceptive practices when the processor used RCCs or RCPOs or the ACH system to debit consumer accounts unlawfully on behalf of merchant clients or ignoring high return rates and other warning signs that the payments were unauthorized.71 The CFPB has also brought a number of enforcement actions against payment processors, including for failing to conduct appropriate due diligence on the identity of the merchant or the nature of the business and for failing to monitor the account.72 The CFPB’s actions against payment processors have generally been taken under its authority over unfair, deceptive, or abusive acts and practices (UDAAP) and over entities that provide substantial assistance to others’ UDAAP violations.73

The Justice Department has also brought criminal and other enforcement actions against payment processors that enable fraudulent activity.74

Some state laws make it an unfair and deceptive practice to process or originate payments for lenders that violate state law (for example, online payday lenders).75 State payday loan laws or regulations may also prohibit efforts to collect payments on illegal loans,76 a ban that could apply to payment processors.

The role of payment processors is also discussed in the context of the particular payment system used, such as systems involving remotely created checks,77 ACH payments78 or card payments.79


  • 60 {59} See § 6.6.4, infra.

  • 61 {60} See Ch. 5, infra.

  • 62 {61} See §, supra.

  • 63 {62} See §§,, infra.

  • 64 {63} See §, infra.

  • 65 {64} See, e.g., § 5.17.5, infra.

  • 66 {65} See §§ 3.13, 3.13.3, infra.

  • 67 {66} See §§ 5.1.6,,, infra.

  • 68 {67} See §§, infra.

  • 69 {68} See also §, infra (describing card network and payment processor rules on payments they will process through card networks).

  • 70 {69} See, e.g., ProPay, ProPay High Risk Transactions/Acceptable Use Policy (revised May 11, 2015), available at; Visa, Chargeback Management Guidelines for Visa Merchants 40 (2014) (listing direct marketers, adult content, online pharmacies, gambling merchants, outbound telemarketers, travel services as high-risk merchants), available at; Zift, High Risk Transactions/Acceptable Use Policy (listing payday loans, debt collection, credit repair, and many other categories as prohibited activities), available at See also White v. Square, Inc., 2016 WL 4791748, at *1 (N.D. Cal. Sept. 14, 2016) (granting payment processor’s motion to dismiss claim that Square violates California Unruh Civil Rights Act by prohibiting certain types of businesses, including bankruptcy attorneys engaged in collection of debt, from using its services).

  • 71 {70} See 80 Fed. Reg. 77,520, 77,528–77,531, n.109 (Dec. 14, 2015) (detailing enforcement actions and noting that FTC “filed more than 300 cases involving violations of the [Telemarketing Sales Rule], many of which have included fraudulent or unauthorized remotely created checks”); Fed. Trade Comm’n v. Direct Benefits Grp., L.L.C., 2013 WL 3771322 (M.D. Fla. July 18, 2013) (describing scheme wherein internet payment processer acted as payday loan broker and, after obtaining consumers’ bank account information, charged consumers for unrelated products and services; finding the facts supported a ruling that defendants committed unfair and deceptive acts; issuing permanent injunction and awarding equitable monetary relief); Fed. Trade Comm’n v. Neovi, Inc., 598 F. Supp. 2d 1104 (S.D. Cal. 2008) (defendants had actual knowledge of fraud related to check processor but failed to implement adequate measures to combat unauthorized check-writing); Fed. Trade Comm’n v. InterBill Ltd & Thomas Well, No. CVS-06 (D. Nev. 2007) (FTC alleges payment processor debited consumers’ accounts despite indications that its customer, Pharmacycards, had no authorization from consumers to debit their accounts); Press Release, Fed. Trade Comm’n, Payment Processor Agrees to Give Up More Than $1 Million to Settle FTC Charges it Assisted, Facilitated Telemarketing Scammers (June 11, 2014), available at (including links to related June 5 press release and to pleadings in Fed. Trade Comm’n v. Innovative Wealth Builders et al., No. 813-cv-00123-VMC-EAJ (M.D. Fla.)) (alleging that credit card payment processor knew high chargeback rates rose to 40%; also alleging that payment processor knew or consciously avoided knowing key facts about merchant’s debt relief business); Press Release, Fed. Trade Comm’n, FTC Settlements Crack Down on Payment Processing Operation that Enabled “Google Money Tree” Scammers to Charge Consumers $25 Million in Hidden Fees (Nov. 18, 2013), available at (also providing links to pleadings in FTC v. Process Am., Inc. No. 2:14-cv-00386-PSG-VBK(C.D. Cal.)); Press Release, Fed. Trade Comm’n, FTC Action Bans Payment Processor from Using a Novel Payment Method to Debit Accounts (Jan. 5, 2012), available at (including links to pleadings in FTC v. Landmark Clearing, Inc. et al.); Press Release, Fed. Trade Comm’n, Cross-Border Lottery Scam Halted; Payment Processor Settles (Feb. 7, 2001), available at (including links to Fed. Trade Comm’n v. Cordeiro d.b.a. Quick-Checks (N.D. Cal. 2001)).

  • 72 {71} See Press Release, Consumer Fin. Prot. Bureau, Consumer Financial Protection Bureau Sues Payment Processor for Enabling Unauthorized Withdrawals and Other Illegal Acts by Clients (June 6, 2016) (providing summary and link to Order Granting Motion to Dismiss, Consumer Fin. Prot. Bureau v. Intercept Corp., No.3:16-cv-144 (D.N.D. Mar. 17, 2017); note that the complaint in this case was dismissed without prejudice on grounds that the CFPB did not adequately plead facts to support UDAP allegations) (available online as companion material to this treatise); Press Release, Consumer Fin. Prot. Bureau, CFPB Sues Participants in Robo-Call Phantom Debt Collection Operation (Apr. 8, 2015) (providing summary and link to CFPB v. Universal Debt & Payment Solutions, L.L.C. et al., No. 1:15-CV-0859 (N.D. Ga. filed Mar. 26, 2015); alleging that payment processors enabled fraudulent debt collectors to accept credit and debit card payments, ignoring numerous red flags of illegal conduct, including consumer disputes and high return rates) (available online as companion material to this treatise); Press Release, Consumer Fin. Prot. Bureau, CFPB Takes Action Against Meracord for Processing Illegal Debt-Settlement Fees (Oct. 3, 2013) (providing summary of and link to complaint and consent decree in Consumer Fin. Prot. Bureau v. Meracord, L.L.C. & Linda Remsberg, No. 3:13-cv-05871 (W.D. Wash. Oct. 3, 2013)) (available online as companion material to this treatise).

  • 73 {72} 12 U.S.C. §§ 5531, 5536(a)(1).

  • 74 {73} See Press Release, U.S. Dep’t of Justice, California Payment Processing Company Owner Pleads Guilty to Fraud (July 16, 2015) (regarding United States v. Godrey, No. 15-CR-00285 (E.D. Pa. filed June 29, 2015)), available at; Press Release, U.S. Dep’t of Justice, Justice Department and Law Enforcement Partners Announce Civil and Criminal Actions to Dismantle Global Network of Mass Mailing Fraud Schemes Targeting Elderly and Vulnerable Victims (Sept. 22, 2016) (describing several actions against Canadian payment processor and money services business, PacNet Services, Ltd., that, for more than twenty years, helped dozens of international fraudsters gain access to U.S. banks and take money from victims through mass-mailing fraud campaigns),; Blake Ellis & Melanie Hicken, Exposed: The Secret Powerhouse Processing Millions in Global Fraud, CNN Money (Sept. 22, 2016), available at (describing scam in more detail).

  • 75 {74} See, e.g., Me. Stat. tit. 9-A, § 5118(4) (unlawful to initiate or process payment when bank or payment processor “receives notice from a regulatory, law enforcement or similar governmental authority, knows from its normal monitoring and compliance systems or consciously avoids knowing,” that lender is violating state law); Vt. Stat. Ann. tit. 9, § 2481w(c) (unfair and deceptive practice for payment processor to process payment in connection with a loan unless lender is in compliance with state law or is exempt from it).

  • 76 {75} See National Consumer Law Center, Consumer Credit Regulation § 9.3 (2d ed. 2015), updated at

  • 77 {76} See § 3.13.3, infra.

  • 78 {77} See §§–, infra.

  • 79 {78} See §, infra.