Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Comments are moderated and will not appear until the moderator has approved them.
Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.
In addition, no off-topic remarks or spam is permitted.
November 7, 2022
More Highlights from the CFPB BNPL Report
My October 3 post on the Consumer Financial Protection Bureau's (CFPB) 2022 report on the buy now, pay later (BNPL) industry highlighted some of the key metrics from the CFPB's data collection efforts of the five major BNPL operators in the United States. In this post, I review some of the benefits, concerns, and planned actions identified in the report.
The report acknowledges several financial benefits of the "pay-in-four" BNPL loans to the consumer—primarily that they don't charge interest, which makes them an attractive alternative to other forms of credit. For example, the report cites data from a 2021 report on the consumer credit card market : the cost of credit in 2020 for revolving cardholders using general purpose cards was 17.7 percent.
The main sales pitch that BNPL firms present to the merchant is that BNPL increases the potential for incremental sales; with this option, the customers may purchase a more expensive product or additional products. While the CFPB report does not have any specific metrics on incremental sales, it does cite a number of claims from the BNPL firms about how BNPL could increase average sales amounts and attract new customers. The report mentions another benefit for merchants: the BNPL firm providing the credit assumes all the risk of nonpayment. As I mentioned in my earlier post, the firms reported that 3.8 percent of loans were charged off in 2021—up from 2.9 percent in 2020.
Any extension of credit risks consumers assuming more debt than they can afford. In particular, the report cites "loan stacking" as a possible danger. Loan stacking occurs when the customer obtains multiple BNPL loans from different lenders, "stacking up" the payment obligations of each loan on top of one another. BNPL firms try to minimize this danger by limiting initial loan amounts. However, since most BNPL providers don't report loan activity to the major credit reporting agencies, they can't know how many BNPL loans the consumer may have gotten from other BNPL firms and, therefore, they have no knowledge of the consumer's full debt. This concern is increased by the trend shown in the data that the repeated use of BNPL has increased over the last three years. In the fourth quarter of 2021, the five lenders surveyed reported an average usage rate per unique customer of 2.8 loans used during the quarter. This figure only reflects the number of loans with a particular lender. In the first quarter of 2019, this average was 1.9 loans.
Besides the risk of credit overextension, the report details other potential harms, including:
- a lack of clear and consistent disclosures
- inconsistent practices regarding merchandise disputes
- mounting late fees and bank fees for multiple representments of returned payments
- the requirement to use autopay or the difficulty in selecting another payment method
- the use of customer data for purposes other than handling the transaction
The next question is this: With this data in hand, what does the CFPB plan to do about rules or guidance for the BNPL industry? In a prepared statement issued in conjunction with the report's release, CFPB director Rohit Chopra outlined several actions the organization would take immediately, including continually monitoring the BNPL industry. The CFPB staff will identify potential guidance or rules that will require the same consumer disclosures and protection that credit cards are subject to. The CFPB will continue to encourage the development of processes for BNPL firms to work with the credit reporting agencies so that loan experiences are reported regularly and accurately and a consistent methodology is used to estimate the debt burden of a household.
The execution of supervisory examinations has been inconsistent due to the variety of the business structures of the BNPL firms. The CFPB is encouraging voluntary examinations but is also looking into its authority to mandate examinations. Related to consumer data protection and privacy, the CFPB plans to work with the Federal Trade Commission on developing rules that will be applicable to all businesses regarding using data for something other than the BNPL transaction itself.
While the BNPL industry is in its early stages, it is becoming a major part of the retail credit landscape. We will continue to follow and report on developments in this industry.
October 24, 2022
What the Payment Choice Act Means for Cash
Since the first paper bills emerged in the United States in 1690, cash has been a payment choice for governments, merchants, and consumers in our nation.
The pandemic, though, changed things for cash users. Notices appeared at merchant locations like coffee shops, restaurants, and other retail sites throughout the country: "Credit or Debit Card Only" or "We are going cashless!" Merchants may choose not to accept cash for a variety of reasons, including hygiene concerns, banking office closures or reduced hours that often made it harder to get cash for the till, and coin supply issues that made it hard to make change even when cash was accepted. Surprisingly, even as the pandemic's influence is lifting, some merchants still refuse to accept cash.
However, that may change with the Payment Choice Act of 2021 (H.R.4395), introduced on July 9, 2021, and sponsored by Rep. Donald M. Payne Jr. (D-New Jersey). The proposed legislation is designed "to prohibit retail businesses from refusing cash payments, and for other purposes." The bill passed in the house twice: first on June 21, 2022, as an amendment to the Financial Services Racial Equity, Inclusion and Economic Justice Act, and on July 14, 2022, as an amendment to the National Defense Authorization Act. The bill would need to be passed by the Senate to be enacted and we will keep an eye on its progress. A similar bill, Cash Always Should Be Honored, was introduced in 2019 by Rep. David Cicilline (D-Rhode Island), who was concerned that cashless businesses discriminate against customers who do not have access to a credit card. The bill did not move forward but the PCA captures the original intention.
Key points in the Payment Choice Act include:
- Requires retail businesses—those that sell or offer goods or services at retail to the public and accept in-person payments at a physical location—to accept cash as a form of payment for sales in amounts less than $2,000
- Prohibits them from charging cash-paying customers a higher price compared to customers not paying with cash
- Provides for enforcement through preventative relief and civil penalties
Our work in payments inclusion informs us that cash is a primary payment choice for about 7.1 million US households (5.4 percent) that choose not to use banks. These rates are highest among low-income, Black, Hispanic, Native Americans, and people with disabilities. When cash is not accepted, it can create a barrier that excludes primary cash users from the payments system and from getting needed goods and services. This can create hardship for people and may also result in loss of business for merchants.
But isn't cash acceptance a requirement? The answer is no. While cash is US legal tender, merchants don't have to accept it. According to the Board of Governors of the Federal Reserve System, "there is no federal statute mandating that a private business, a person, or an organization must accept currency or coins as payment for goods or services."
Some states and cities (New Jersey, Colorado, Washington, DC, New York City, Philadelphia, and San Francisco) have enacted similar merchant cash acceptance policies. Other states, like Georgia, have bills pending. These legislative actions create a mandate for businesses that may override their choice to not accept cash as a payment option while protecting consumers' preferences to use cash. What do you think?
July 18, 2022
Policy Updates Help Independent ATM Operators and Cash Users
Like many people, I take cash for granted. It's available when I need it, I can buy just about anything with it, and I can use it to pay anyone, anywhere. For me, the easiest way to get cash is at an ATM, and I take these machines for granted, too. They're everywhere: at all types of retail stores and shops, mall kiosks, standalone places all down the street, and banks.
Some recent Take On Payments posts focused on the importance of cash in times of crisis and the needs of people who are cash reliant and those who live in rural areas. In this latter post, we referred to a barrier some independent ATM deployers, or IADs, have faced. The barrier was rooted in banks sometimes closing existing IAD accounts or not allowing IADs to bank with them in the first place. This post picks up that thread, this time with some good news for the industry.
But first, what would make some banks reluctant to do business with IADs? Banks must comply with the Federal Financial Institutions Examination Council's (FFIEC) Bank Secrecy Act/Anti-Money Laundering (BSA/AML) rules. A previous edition of the BSA/AML Examination Manual used language indicating that ATM operators could be a fraud and money-laundering risk. But without a bank account, IADs can't operate. A sudden closure of an account causes business disruption at best, ultimate failure at worst. This was a real problem for the IAD providers who found themselves without an account and the people in communities that rely on cash but don't have access to a nearby ATM.
Late last year, thanks to efforts from ATM industry groups, the FFIEC, in consultation with the Financial Crimes Enforcement Network, recognized the efficiency of the controls that are in place for ATM transaction settlement and cash replenishment. Accordingly, the FFIEC revised the section in its manual on "Independent Automated Teller Machine (ATM) Owners or Operators" in a way that should help banks view ATM operator accounts more positively. It states that:
- financial institutions are "neither prohibited nor discouraged from providing banking services to independent ATM owner or operator customers..."
- an operator that maintains a separate cash settlement account with the bank for its ATMs presents a lower risk of money laundering, terrorist financing, or other illicit financial activity "because the bank knows the source of funds and can compare the volume of cash usage to EFT settlements to identify suspicious activity."
With access to cash remaining an important financial need nationwide and with a change in language that could help some IADs be more successful in running their businesses, perhaps more independent operators will contribute to serving populations nationwide. What do you think?
February 7, 2022
Data Privacy Legislation: Stuck on Pause?
How did you celebrate National Data Privacy Day on January 26? Oh, that celebration didn't make it onto your social calendar? Almost three years ago, I asked on this blog whether a federal privacy law would be passed in 2019. The short answer is no. Nor did a data privacy law pass in 2020 or 2021, despite numerous attempts by sponsors of both political parties. Some of the proposed bills provided comprehensive consumer protections for a business's use of personally identifiable information (PII). Others targeted specific elements of data privacy, such as requirements for businesses to protect data they collect or to notify customers in the event of a data breach.
It was thought that the European Union's passage of the General Data Privacy Regulation, or GDPR, which took effect in 2018, would spur federal activity in the United States. That same year, the state of California passed its comprehensive privacy law, the California Consumer Privacy Act. Some expected that Congress would head off state initiatives by passing federal laws to provide a consistent set of rights and responsibilities for all stakeholders. In the 117th US Congress, 30 data privacy/protection bills have been introduced, 12 in the House of Representatives and 18 in the Senate. Primary points of political disagreement have centered around preemption of state law and a private citizen's right to bring action against the offender rather than the enforcing governmental agency. No bill including either of these provisions has received bipartisan support. Social media platforms and their use of personal data have come under congressional scrutiny on several occasions over the last year with no formal action resulting from those hearings.
With little movement on the federal front, two states—Virginia and Colorado—followed California's lead in passing a comprehensive data privacy/protection law in 2021. Mississippi and Vermont recently introduced comprehensive data privacy legislation. Many other states have introduced some form of data privacy legislation addressing specific types of data such as healthcare or specific classes of people such as minors. The International Association of Privacy Protection provides an excellent source for tracking federal and state privacy legislation and news about data privacy issues.
We will continue to monitor developments on this important issue. In the meantime, place a candle in your choice of dessert, change your password, and have a belated celebration of National Data Privacy Day.
Take On Payments Search
- account takeovers
- data security
- digital currency
- financial inclusion
- identity theft
- payments risk
- payments studies/research
- TOP payments inclusion
- supervision and regulation
- workforce development