On March 24 FinCEN issued a second set of the Frequently Asked Questions meant to clarify key questions that have persisted regarding compliance with the Prepaid Access Rule.
The FAQs covered five questions. Three focus on application of the closed-loop exemption from the definition of prepaid program, which is one basis for an exception from FinCEN requirements for sellers and providers of prepaid access. Another question elaborates on the policies and procedures reasonably adapted to avoid the $10,000 threshold for “seller of prepaid access,” and the last addresses the requirement for providers of prepaid access to list sellers in their MSB agent list.
BACKGROUND: WHO IS A “SELLER” OR “PROVIDER” OF PREPAID ACCESS?
“Seller of Prepaid Access” and the “Closed-Loop” Exclusion
A company is a “seller of prepaid access” if it receives funds or the value of funds in exchange for loading or reloading prepaid access and does either of the following:
- Sells prepaid access offered under a “prepaid program” that can be used before verification of customer identification under the customer identification procedure requirements applicable to MSBs. However, the definition of “prepaid program” exempts, among other items, closed loop prepaid access products where no more than $2,000 can be associated with the product in a single day.
- Sells prepaid access (including closed loop prepaid access) to funds that exceed $10,000 to any person during any day, and has not implemented policies and procedures reasonably adapted to prevent this type of sale.
“Provider of Prepaid Access”
A “provider of prepaid access” is a participant within a prepaid program that agrees to serve as “the principal conduit for access to information from its fellow program participants.” As with sellers of prepaid access, closed loop prepaid access products holding fewer than $2000 are exempt from the definition of prepaid program.
NEW PREPAID ACCESS FAQs
In the FAQs FinCEN concludes:
A retailer selling closed loop gift cards in multiple states can establish a single de minimis cash amount that it will refund customers and still keep its closed-loop exclusion under the Prepaid Access Rule if it sets the refund level at the highest fixed amount required by the states in which the retailer does business.
The issue here is the interplay between the definition of “closed loop prepaid access” for purposes of an exclusion from the definition of “prepaid program” and the laws of certain states that require refunds of de minimis amounts in cash to holders of a closed loop card. The regulatory definition of closed loop prepaid access is limited to prepaid access to funds that can be used only to purchase goods or services, which creates a tension in those states that require refunding de minimis amounts in cash to closed loop card holders. In the July 2011 Prepaid Access Rule, FinCEN had concluded that de minimis cash refunds required under state laws do not negate the exclusion of closed loop prepaid access meeting the $2,000 limit from the definition of a prepaid program. This new FAQ confirms that a retailer operating in multiple states can set a standard dollar level for de minimis cash refunds that equals the highest required cash refund amount in the states where the retailer does business without losing the closed loop prepaid access exclusion.
Like government programs allowing drivers to purchase transponders for their vehicles that will automatically deduct funds from the driver’s account to pay tolls, commercial parking lot and similar programs where payment is made using a smartphone QR code or similar technology qualify for the closed-loop exception if all required standards are satisfied.
FinCEN interprets state government programs allowing drivers to purchase and affix a transponder to their vehicles for use on toll roads and bridges from which the appropriate trip fee is deducted from drivers’ accounts to be closed loop prepaid access. In this new FAQ, FinCEN concludes that similar arrangements for other services around the country, such as commercial parking lots, can also satisfy the closed loop prepaid access definition even if smartphone quick response (QR) codes or similar technology is used to pay for the service.
As with the transponder roadway programs, the QR code or other technology would need to be limited to the service being advertised. In addition, the arrangement must be restricted to a “defined merchant or location (or set of locations).” A participating defined merchant could be made known to the public by use of distinct signage, logos, symbols or mobile communication to potential customers, for example.
“Defined Merchant” in the definition of closed loop prepaid access is not limited to a single merchant and its affiliates and can include additional merchants joined for the limited purpose of providing a particular closed loop prepaid access program.
Closed loop prepaid access includes “prepaid access to funds or the value of funds that can be used only for goods or services in transactions involving a defined merchant or location (or set of locations).” An example of “defined merchants” noted in the new FAQs from the July 2011 Prepaid Access Rule Preamble is an entertainment company enlisting other unaffiliated merchants to combine services to offer a vacation package that includes theme park admission, lodging, dining and travel arrangements. Provided the parameters of these kinds of deals are “distinctly drawn” and explicitly known to the purchaser through avenues such as media promotions, websites or marketing materials, they will qualify as a closed loop prepaid access program. Further, as with other closed-loop programs, it must meet the $2,000 maximum-value requirement to be covered by the exclusion.
To satisfy the exception from the “seller of prepaid access” definition that requires a retailer have “policies and procedures reasonably adapted to prevent” more than $10,000 in sales of prepaid access to an individual in a day, a retailer does not need to collect identification information from every customer.
One way a retailer can avoid being a “seller of prepaid access” is to implement policies and procedures “reasonably adapted” to prevent sales of prepaid access to funds exceeding $10,000 to any person during any one day. This “reasonably adapted” requirement has led to many questions in the last few years.
FinCEN noted that some persons and businesses are interpreting this requirement as imposing the equivalent of a strict liability standard, and perhaps collecting more information than FinCEN intended. The FAQ states:
In effecting compliance, some retailers are requesting purchaser information at the point of sale for each and every sale of prepaid access; this information has, on occasion, included social security numbers and driver’s license numbers. Purchasers may be confused and reluctant to provide such personal information, particularly in situations where the purchases are of low dollar value and/or exclusively closed loop products.
FinCEN noted that a policy “reasonably adapted” to prevent sale of more than $10,000 policy actually includes:
Developing an internal policy regarding sales of prepaid access in excess of $10,000 to a single individual in a day. A good policy will be risk-based and consider the company’s lines of business, its customer base and target market, sales volume and other factors unique to its operation.
Articulating this policy to the appropriate personnel within the organization. The policy should set an operating standard for the business that is well understood and followed by all members of the organization.
Monitoring activity, through mechanisms appropriate to the retailer’s size and type of operating structure, to avoid sales in excess of $10,000 to a single individual in a day. FinCEN reiterated its November 2011 FAQ stating that a retailer occasionally selling more than $10,000 in prepaid access to one person in a single day does not necessarily mean that the retailer becomes a seller of prepaid access if the right policies are in place to prevent those sales from occurring routinely.
However, a retailer may still have other legitimate legal or business reasons for collecting customer identification information, although this FAQ indicates that it is not required for meeting this “seller of prepaid access” exemption.
A provider of prepaid access is required to list an entity selling its prepaid product on the provider’s MSB agent list only when the agent meets the “seller of prepaid access” definition. An entity not meeting the definition is not required to be on the provider’s agent list.
This FAQ is not quite as clear as the others. FinCEN implies that a seller of a prepaid product is not an “agent” unless it satisfies the regulatory definition of “seller of prepaid access”, but the FAQ does not say that expressly. The FAQ only states that such persons need not be included in the MSB’s agent list. In light of the FinCEN guidance on requirements for MSB principals to monitor their agents, also released this month, this new FAQ leaves unanswered whether those principals should be monitoring these sellers that are not “sellers of prepaid access.”
A cautious MSB principal would at least want to monitor these sellers to confirm periodically that they have not become “sellers of prepaid access.” That could happen, for example, if the company regularly sold prepaid access exceeding $10,000 to one person on one day, because that might demonstrate that the seller was not maintaining procedures reasonably adapted to avoiding those sales.
It also should be noted that the FAQ does not say that an MSB is never required to include these sellers on its agent list. All the FAQ clarifies is that a person selling the prepaid products would not need to be included in the MSB’s agent list as a result of such sales provided those selling activities do not cause the company to be a “seller of prepaid access.” A provider is still required to list an entity as an agent if it is the provider’s agent for other MSB reasons, such as by selling money orders on behalf of the principal MSB.
The full FAQs are available here.