Portals and Rails, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Portals and Rails and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
January 21, 2014
Online Payday Lenders: An Illustration of the Importance of Bank Due Diligence
Because of a series of incidents involving illegal payday loans, online payday lenders have been featured in news articles of late. They've also been the focus of increasing enforcement actions to ensure that adequate consumer protection is in place. States are stepping up their enforcement actions against online payday lenders that violate state laws, and federal regulators are stepping up enforcement of federal and state laws. Meanwhile, online lenders and their third-party payment processors are defending their roles in providing this borrowing option to consumers.
The recent uptick in attention on online payday lenders is an impetus for us to stress the importance of banks conducting their due diligence process for any payment processor or business for which they provide payment services. It's useful to look at this due diligence as a three-legged stool, with regulatory compliance, know your customer (KYC), and know your customer's customer (KYCC) all working together to keep the stool upright.
In an August 2013 post, we examined the risks incurred by banks that originate payments for online payday lenders. Much debate has focused on whether online payday lenders—and those who provide services to them—are unfairly targeted by regulators and enforcement agencies. The reality is that businesses that comply with state and federal law are not the reason for increased guidance and enforcement.
When it comes to online payday lending, the law—one leg of the stool—is quite complex. At the state level, laws can significantly differ from state to state. Some states, including Georgia, do not even allow online payday lending. But many online payday lenders operate virtually, and are therefore more likely to operate nationally, which can add to the confusion about complying with all relevant state and federal laws. When conducting their due diligence processes, banks should always consider their customers' ability to operate within the law.
KYC and KYCC are also two very important components of a bank's due diligence process with any customer for which they originate transactions. The better the bank understands the business lines of its originator from the very beginning, and the better they understand it over time by way of continuous monitoring, the greater their chance to quickly identify and address any problems.
Like any business, online payday lenders can use the services of a third-party payment processor. As we explained in a September 2013 post, payment processors are a bank's direct customer in providing payment services to businesses . This adds another layer to the bank's due diligence processes. With this kind of relationship, banks now need to know their customer's customer—in this case, the online payday lender.
Banks should use the recent attention to online payday lenders as a reminder to review and improve their due diligence practices for all their customers. They should make sure that all three legs—KYC, KYCC, and compliance with the law—are in place so that the stool doesn't topple.
What lessons has your bank learned from the recent attention to payday lenders?
By Deborah Shaw, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
TrackBack URL for this entry:
Listed below are links to blogs that reference Online Payday Lenders: An Illustration of the Importance of Bank Due Diligence :
- Under Pressure: The Fate of the Independent ATM Operators
- What’s Unsettled in Faster Payments?
- Consumer Prepaid Protections May Be Catching Up with Prepaid Use
- Virtual Currency Environment Still Fluid after Latest Rulings
- ISO 20022 in the United States: What, When, Why, and How?
- Let's Talk Tokens, Part III: What Problem Does Tokenization Solve?
- Mobile Biometrics: Ready or Not, Here They Come
- Starting Off on the Right Note with Mobile Enrollment
- Let's Talk Token, Part II: Distinguishing Attributes
- New ACH Return Rate Threshold on the Horizon
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud