Developments in the Law Affecting Electronic Payments and Financial Services

[co-author: Sarah Jane Hughes]

This article originally was published in The Business Lawyer, Vol. 74, Winter 2018-2019

This survey reports on developments in the law relating to electronic payments.

Part II addresses legal challenges to federal and state regulation of e-payments products. Part III discusses the amendment (again) of federal rules regulating prepaid accounts and a state court decision regarding New York’s payroll card regulation, which decision has resulted in chaos. Part IV discusses federal and state authorities’ articulation of ethical standards for lawyers working in the cryptocurrency space. Part V addresses regulatory enforcement actions that allege unfair and deceptive practices against financial technology (“FinTech”) companies. Part VI discusses enforcement actions by the Securities and Exchange Commission (“SEC”) concerning two Initial Coin Offerings (“ICOs”). Finally, Part VII addresses litigation against cryptocurrency intermediaries, which demonstrates the need for uniform legislation defining their obligations.

LAWSUITS

A. THE “FINTECH” NATIONAL BANK CHARTER SURVIVES CHALLENGES

BUT FUTURE REMAINS UNCERTAIN

Although the Office of the Comptroller of the Currency (“OCC”) did not issue any non-depository, FinTech bank charters (“FinTech charters”) since our last survey [1] , the prospect of FinTech charters remains alive—with a report on chartering apparently in progress as of May 2018. [2]

Since last year’s survey, two challenges to the OCC’s FinTech-charter plans have been dismissed. The challenge brought by the New York State Department of Financial Services (“DFS”) was dismissed on December 12, 2017, for lack of standing and ripeness. [3] The challenge brought by the Conference of State Bank Supervisors was dismissed on April 30, 2018, also on standing and ripeness grounds. [4] Neither dismissal was with prejudice, so we expect that the plaintiffs will refile when the OCC issues a charter.

B. NEW YORK’S BITLICENSE SURVIVES CHALLENGE AS A TRICKLE OF APPLICANTS ARE APPROVED

The DFS continues to grant BitLicenses to virtual-currency businesses based on its June 2015 regulation. [5] Among the most recent recipients of a BitLicense is Genesis Global Trading, whose application was granted in May 2018. [6] Critics of DFS’s pace of granting BitLicenses continue to charge that the BitLicense regulator favors better-funded applicants over start-ups. [7] As of May 25, 2018, only five businesses have received a BitLicense: Circle, Ripple, Coinbase, BitFlyer, and Genesis Global Trading. [8]

On December 27, 2017, the New York Supreme Court granted a motion to dismiss a lawsuit brought by Theo Chino that had challenged New York’s authority to regulate virtual currencies. [9] No other challenge to the BitLicense or to any other state regulation of virtual-currency businesses was pending during the survey year.

The Consumer Financial Protection Bureau [10] (“CFPB”) issued prepaid accounts regulations in 2016 [11] , amended the regulations in 2017 [12] , and modified them again in 2018. [13] Among the most recent changes, CFPB amended the regulations to provide that the error resolution and limited liability requirements of Regulation E do not apply to prepaid accounts that have not successfully completed the financial institution’s customer identification and verification processes. [14] In addition, for accounts where the consumer’s identity is later verified, the issuer does not have to provide error resolution or limited liability protections for transactions that occurred prior to identity verification. [15] These changes will prevent fraudsters from obtaining cards on which the underlying funds have already been spent and then claiming the spending transactions were unauthorized.

Last year’s survey discussed the invalidation of the New York Department of Labor’s (“DOL”) regulation of payroll cards by the state’s Industrial Board of Appeals (“IBA”). [16] Subsequently, the DOL appealed the ruling, and a state court “annulled” the IBA’s decision. [17] The court noted that the IBA’s decision was based upon a finding that the DOL had exceeded its authority and intruded into the regulation of banking and that the IBA had urged DOL to consult with the DFS. [18] Relying on documents not included in the administrative record before the IBA, the court found that the DOL had consulted with the DFS and that the financial services regulator did not object to the payroll card rules. [19]

In early 2018, the Chairman of the SEC and the Chairman of the Commodity Futures Trading Commission put the world on notice that their agencies were closely monitoring cryptocurrency and, in particular, were concerned by the role some participants, including lawyers, were playing in the developing market. “[W]e are disturbed by many examples of form being elevated over substance, with form-based arguments depriving investors of mandatory protections.” [20]

SEC Chairman Clayton spoke more specifically about the ICOs that some virtual currency companies use to raise capital from investors:

[M]ost disturbing to me, there are ICOs where the lawyers involved appear to be, on the one hand, assisting promoters in structuring offerings of products that have many of the key features of a securities offering, but call it an “ICO,” which sounds pretty close to an “IPO.” On the other hand, those lawyers claim the products are not securities, and the promoters proceed without compliance with the securities laws, which deprives investors of the substantive and procedural investor protection requirements of our securities laws. [21]

Lawyers advising cryptocurrency clients, especially regarding securities and commodities issues, should heed the agencies’ warning and be sure their advice is substantive and appropriate.

Nebraska issued an ethics advisory opinion allowing an attorney to receive digital currencies as payment for legal services if the attorney follows certain guidelines. [22] The opinion requires the attorney to convert the digital currency to U.S. dollars at market rates upon receipt in order to “mitigate the risk of volatility and possible unconscionable overpayment.” [23] An attorney also may hold Bitcoin and other digital currency in escrow or trust for a client, as long as the virtual currency is held separate from the attorney’s property and kept with commercially reasonable safeguards. [24]

The U.S. Office of Government Ethics (“OGE”) issued guidance for executive-branch employees on reporting holdings in virtual currency on their annual financial disclosure forms. [25] The OGE concluded that virtual currencies were property held for income or investment purposes and, consequently, such holdings must be included on a federal employee’s disclosure report if they meet reporting thresholds. [26] OGE also noted that some virtual currencies may be securities, and, given that transactions in securities are reportable, purchases and sales of such virtual currencies also should be reported. [27] The Committee on Ethics of the U.S. House of Representatives issued a memorandum offering similar guidance to House employees, concluding that cryptocurrencies should be treated as “other forms of securities” for purposes of congressional reporting requirements. [28] The guidance noted that the Stop Trading on Congressional Knowledge Act restricts congressional employees’ participation in an initial public offering (“IPO”) of securities. [29] Because it is “unclear” whether an ICO falls within the IPO prohibition, the Committee “strongly encouraged” employees to contact ethics staff before participating in one. [30] The memorandum also concluded that revenue derived from cryptocurrency mining activity would constitute “outside earned income,” which is subject to certain limitations and reporting requirements. [31]

A. CFPB ENFORCEMENT ACTION AGAINST SOFTWARE PROVIDER

In November 2017, the CFPB entered into a consent order with Conduent Business Services, LLC (“Conduent”) settling charges that software errors caused inaccurate information about more than a million consumers to be reported to credit reporting agencies (“CRAs”). [32] Conduent operates and customizes software that automates many of the processes needed to service auto loans, including the furnishing of consumer information to CRAs. [33] However, loan-servicing software defects caused Conduent’s five auto lender clients to furnish inaccurate information, including the date on which a borrower first became delinquent and whether a consumer’s car was voluntarily surrendered or involuntarily repossessed. [34] The CFPB found that Conduent failed to timely fix defects identified by its clients. [35] Furthermore, when defects were identified and fixed for one client, Conduent did not notify its other clients about known defects, causing erroneous reporting to persist for years longer than it would have otherwise. [36]

Asserting its jurisdiction over “service providers” of “covered persons,” [37] the CFPB assessed a $1.1 million civil money penalty, [38] and imposed conduct provisions to remediate harm and prevent similar issues in the future. [39] This outcome should remind attorneys of the broad jurisdiction of the CFPB and the value of robust change-management policies and procedures.

B. FTC’S ENFORCEMENT ACTION AGAINST A PEER-TO-PEER PAYMENT SERVICE

In May 2018, the Federal Trade Commission (“FTC”) finalized a settlement with PayPal, Inc. regarding its privacy, security, and disclosure practices related to its popular peer-to-peer payment service, Venmo. [40] Capping a multi-year investigation into some of the same practices that resulted...