"I came here to drink milk and kick ass. And I've just finished my milk." - Moss, The IT Crowd

Thursday, June 16, 2011

Setting the Record Straight on Prepaid, Part 2

What’s the difference between reloadable and non-reloadable? And who’s got my money?

Let’s talk a bit about how prepaid cards work behind the scenes. For a given prepaid card brand, the company which processes the card transactions, arranges production of the physical cards, manages the distribution channels, provides the customer service, and levies the card fees, is the “program manager.” The program manager, as a rule, is not a bank, which means that the program manager does not serve as a repository for the customer’s funds. The customer’s funds are stored in an account at an actual bank, known as an “issuing bank.” The account the funds are stored in is known as the “custodial account” because the issuing bank is acting as the custodian of the funds.

Non-reloadable prepaid cards can be used much like GPR cards, in that you can swipe one for a signature purchase; the card will have the logo of a card association (e.g., Visa, MasterCard, American Express) and will typically be accepted by any merchant who accepts that card association’s debit cards. However, a non-reloadable card cannot be reloaded (obviously), it is non-personalized (that is, the cardholder’s name will not be embossed on it), it cannot be used at an ATM, and the identity of the cardholder is not validated by the program manager.

By contrast, for a customer to be able to reload a GPR card beyond the initial load and/or a relatively low dollar threshold (such as $500), the program manager must verify the customer’s identity in accordance with their Customer Identification Program, which is documented in writing and approved by the issuing bank. (The Customer Identification Program, or CIP, mandate was set out in the PATRIOT Act, and implementing regulations were promulgated by federal agencies in 2003. The CIP mandate is intended to fight money laundering and terrorist financing. CIP is the reason why customers are asked for information like Social Security number and date of birth on the card application.) The fact that the customer’s identity is verified, and that the customer can continue to load additional funds to the card account, are key to the different regulatory treatment of GPR cards.

The issuing bank may be state- or federally chartered and will typically be regulated by the Office of the Comptroller of the Currency or the Office of Thrift Supervision; and, if it is a state-chartered bank, by the relevant state-level banking regulators. I am not aware of any GPR programs which use an issuing bank that is not FDIC-insured. The custodial account is covered by the issuing bank’s FDIC insurance.

The issuing bank will be subject to regular examinations by the regulatory agencies which have jurisdiction over it, and any GPR card program for which the issuing bank holds a custodial account will be reviewed as appropriate during these examinations. If the program manager is failing to implement the GPR card program in accordance with consumer protection regulations, the issuing bank will suffer in the results of its regulatory exams. For that reason, issuing banks are highly motivated to ensure that their GPR card programs are conducted in accordance with all relevant state and federal consumer protection standards.

Go to Part 3.

No comments:

Post a Comment