Is Your Currency Current . . . Virtual, Digital, Crypto?

In recent months, “virtual currency” has been making headlines. Most of us don’t really think about what “virtual” currency means and often confuse it with other forms of money. That said, there is good reason for confusion and concern. Like many other technology-driven innovations, lines are blurring and we know blurring lines means opportunity and danger. So Legal Bytes will tackle this in two parts. The first (below) attempts to describe what all these new terms mean and how they are used. Legal Bytes part two (later this week) will summarize current events – the confusion and concern over exactly what all this means to our economy and why you should care.

Virtual currencies got their start in virtual economies that exist in virtual worlds. For example, in massively multi-player online role-playing games (MMORPGs) such as World of Warcraft, players “earn” credits and have the ability to exchange, use or “spend” this virtual “value” in the game environment, to acquire virtual tools, weapons, skills and game items that may be recreationally fun and integral to game play; but virtual currency never bought you food to eat or housing to shelter you in the real world. HOWEVER, what happens when real people start buying, selling and exchanging virtual currency, and create markets that interact with the real world?

First, let’s get our terms straight. Digital currency is not “virtual.” Digital currency represents a real alternative to government-issued currency. It originated with accounts or promises to pay that were used primarily online. One of the most familiar paper-based examples of a non-government promise to pay is the American Express® Travelers Cheque. More than 100 years old, these payment instruments are backed purely by the full faith and credit of American Express – and not the government of any nation. They aren’t backed by gold or silver or precious jewels or even bananas – just a corporate obligation to repay you, based on a contract (the purchase application form) you sign when they are purchased! As you might have noticed, there are multiple forms of these types of digital promises – one, like its paper-based cousin, is simply a digital promise to pay: numbers representing value backed by the issuer – electronic gift cards, a promotional advertisement that can initiate or enhance a digital music subscription, are examples. In other instances, digital money may be based on some real “deposit” (e.g., using a traditional debit or credit or checking account) in which the transferred funds are held in an electronic account, uniquely identified to the user and more closely resembling a “bank account,” with which most consumers are familiar.

In most jurisdictions, companies that issue digital versions of payment instruments (e.g., Travelers Cheques) or that hold digital financial accounts (e.g., PayPal®) often fall within some banking or financial regulation. For example, in the United States, PayPal is considered a payment intermediary, regulated as a money transmitter under the U.S. Federal Code of Regulation and the various state laws that apply to money transmitters. That said, PayPal is not technically regulated by the Truth-in-Lending Act (TILA) or its implementing Regulation Z, nor by the Electronic Funds Transfer Act, implemented by Regulation E; and although PayPal takes great pains to protect against fraud, in the United States, unless you use a credit card (or debit card) to fund a PayPal transaction, consumers have no technical legal or regulatory protection from fraud by a seller. In Europe, PayPal (Europe) Ltd., was licensed by the Financial Services Authority (FSA) as an Electronic Money Issuer, and in 2007 transferred all of its European accounts to Luxembourg to a new entity PayPal (Europe) Sàrl et Cie SC, which is regulated by the Commission de Surveillance du Secteur Financier.

Some of you history buffs will remember DigiCash (originated by David Chaum in 1990), which sought to anonymize financial transactions using cryptography. Well over the past few years, a company named BitCoin (and others such as Litecoin and PPCoin, which are to a greater or lesser extent based on, inspired by, or technically comparable to BitCoin), have launched and popularized a form of digital currency that is often confused with and referred to as “virtual.” This form of digital currency is referred to by financial and security experts as “cryptocurrency.” Cryptocurrency is a digital currency that uses encryption technology to create and manage the digital currency. They are peer-to-peer and decentralized in nature and, at least for now, all are pseudonymous.

As you can guess, all of these confusing terms and the fact that virtual currency in games, gaming, online social media and networking platforms, and virtual world environments began interacting with the real world, has become not merely confusing but alarming. Look at Second Life, a virtual world that allows the purchase and sale of “Linden Dollars,” the in-world official currency, in exchange for real money through third-party websites. Second Life accords both virtual “real estate” and intellectual property real value in its virtual environment; enables “residents” (avatars) to creatively enhance and customize the resources available in-world; allows some property rights to be exclusive or limited (think supply and demand); and permits the exchange and purchase and sale of virtual property rights in-world; and one’s property remains one’s property (and one retains Linden Dollars until spent or given away or used) throughout the life of one’s avatar – at least as long as Linden Laboratories continues to maintain the Second Life virtual world environment.

These are many of the same conditions that affect real financial systems. No wonder that what started as a curiosity – online digital playgrounds with no real money or value being exchanged – have become complex economic environments that financially interact with real world economic systems and are causing concern among legislators, regulators and courts around the world. In part two, Legal Bytes will review recent developments and try to describe the challenges facing legal, financial, security and business professionals.

…And Now a Word from Your Hedge Fund

This post was written by Frederick Lah.

This past Wednesday (July 10), the SEC voted 4-1 to approve amendments to Rule 506, lifting the 80-year ban on advertising for hedge funds and certain other investments (See, SEC Votes to Ease 80-Year-Old Ban on Private-Investment Ads.) Rimon previously reported these amendments when they were initially proposed in August 2012, and you can read our earlier analysis, SEC Regs Amended To Allow Hedge Funds To Advertise: Potential Data Privacy Implications.

Under the revised Rule 506, hedge funds and other issuers seeking to conduct private offers may now use general solicitation and advertising to offer their securities, provided that: (1) the issuer takes reasonable steps to verify that the purchasers are accredited investors; and (2) all purchases of the securities fall within one of the categories of persons who are accredited investors, or the issuer must reasonably believe that the investors fall within one of the categories at the time of the sale.

To be an accredited investor, the individual’s net worth must exceed $1 million, excluding the value of a primary residence, or the individual’s annual income must exceed $200,000. According to the SEC, the determination of the reasonableness of the steps taken to verify that the investors are accredited is an “objective assessment” by an issuer. An issuer is required to consider the facts and circumstances of each investor and the transaction. The final rule provides a non-exhaustive list of methods that an issuer may employ for verification.

As noted in our previous analysis, it is unlikely we’ll see hedge funds competing with large consumer brands for prime advertising space. Instead, given the target audience, we’ll likely see more tailored efforts, such as email marketing campaigns, direct phone marketing, and targeted online advertising. We are also likely to see new strategies from issuers such as speaking about funds in public and posting details on websites (which may represent quite a change considering many issuers don’t even have websites). As issuers enter into the world of marketing, they will also have to deal with the reality that the SEC is not the only regulatory agency on their radar; these issuers will need to make sure that they’re not engaging in unfair or deceptive marketing practices and drawing the ire (and an investigation or enforcement action) of the FTC.

The amendments become effective 60 days after publication in the Federal Register. For more information on this issue, please contact Frederick H. Lah, the author, or Joseph I. Rosenbaum, editor and publisher of Legal Bytes.

Mobile Money, Mobile Risk – The Future of ePayment Systems

Earlier this week, the editorial staff of the UK-based publication e-Finance & Payments Law & Policy, interviewed Joseph I. Rosenbaum, New York-based partner and Chair of Rimon’s global Advertising Technology & Media law practice, in connection with its cover story for the January 2013 issue. The stimulus for the initial story was the release late last year of a report by the U.S. Federal Deposit Insurance Company (FDIC) regarding the risks attendant to the growth and evolution of the mobile payment industry, and the use of mobile contactless payment technology by consumers and merchants in routine purchase transactions (e.g., NFC, Bluetooth, RFID, SMS, Wi-Fi, and WAP enabled devices generally.)

While the cover story is still in the process of being edited for publication, the editorial staff felt that publishing the full interview separately was itself newsworthy. So follow this link and you can read the full text of the e-Finance & Payments Law & Policy interview with Joseph I. Rosenbaum, partner at Rimon LLP.

You can also read the FDIC report, issued in its Supervisory Insights – Winter 2012 release, right here: Mobile Payments: An Evolving Landscape.

Of course, if you need help or more information, contact Joseph I. Rosenbaum (joseph.rosenbaum@rimonlaw.com), who also leads the ATM Mobile Marketing initiative, or feel free to call upon any of the Rimon lawyers with whom you regularly work. We are happy to help.

MasterCard & Visa to Merchants: Let’s Settle This the Old Fashioned Way!

Whether you are a payment instrument (think credit, debit, gift, stored value, prepaid cards and more) expert or a retail merchant, a corporate purchasing manager or, like the rest of us, a consumer, you cannot have escaped the news, announced this past Friday (Friday the 13th), that Visa and MasterCard have agreed to settle a lawsuit brought by some merchants in connection with the fees merchants pay to be permitted to "accept" credit cards. I certainly couldn’t escape it. In fact, Joe Rosenbaum (that’s me) is quoted in yesterday’s American Banker article "‘We Won’ vs. ‘You Lost’: Reactions to Credit Card Settlement" written by Maria Aspan and Victoria Finkle.

While the settlement must still be approved by the court and provides billions of dollars in payments to merchants, the most contentious piece of this settlement relates to the so-called "interchange fees" (sometimes referred to as a "discount rate" – no pun intended) that refers to the charge imposed on merchants by the credit card associations and owners for their right to accept their branded credit cards from consumers.

When a merchant accepts a credit card, that merchant must have a relationship with the "brand" on the card (e.g., American Express®, Discover®, JCB®, MasterCard®, Visa®, Diners Club®, etc.), either directly or through a member institution. Because the brand owners operate vast settlement and transaction processing networks that allow you to use your card to buy a suit in Hong Kong or King Kong at a toy store, they charge merchants an interchange fee for the privilege of riding their networks – card acceptance translates into more business, say the brand owners.

If the settlement is approved, it will see MasterCard and Visa modify their operating rules to permit merchants to charge the consumer more to pay with a card. Merchants will have the right to "surcharge" the use of a card, rather than if you use cash or another payment method.

Where will this lead – it’s complicated. Stay tuned. The National Association of Convenience Stores has announced it has already retained counsel to challenge approval of the proposed settlement. The association says the settlement doesn’t go far enough and, for example, doesn’t put a limit on how high the brand associations can raise the interchange fees charged to merchants. Whether approved or whether the law suit goes forward, or some other settlement is reached – it’s complicated.

So, if you need lawyers to help you navigate the charted and uncharted waters of the financial seas ahead, talk to us. It’s what we do. Contact me, Joseph I. ("Joe") Rosenbaum, or any of the lawyers at Rimon you routinely work with. Our FIG (Financial Industry Group) lawyers are experienced in virtually every aspect of the law or finance, financial institutions and payment systems – from privacy and GLB, to chargebacks and B2B. Call us, you’ll like us.

CFPB Proposes Nonbank Risk Supervision

This post was written by Robert M. Jaworski and Joseph I. Rosenbaum.

The Dodd-Frank Act granted to the newly created Consumer Financial Protection Bureau (“CFPB”) supervisory authority over a wide array of financial entities, including large depository institutions and their affiliates, as well as various nonbank “covered persons,” such as residential mortgage originators and servicers, private education lenders, payday lenders, and “larger participants” in other markets and their respective service providers. To prevent “bad actors” from escaping through cracks in the CFPB’s supervisory reach, Dodd-Frank gave the CFPB broad authority to supervise other nonbank covered persons if CFPB has “reasonable cause to determine, by order … and after a reasonable opportunity to respond” that such nonbank covered person “… is engaging, or has engaged, in conduct that poses risks to consumers with regard to the offering or provision of consumer financial products or services” (“Additional Authority”). The CFPB has now taken its first step toward fleshing out this Additional Authority and providing a framework for this type of supervisory authority.

On May 20, 2012, the CFPB suggested rule was published in the Federal Register, proposing to establish procedures by which it will supervise any nonbank covered person that is not already subject to CFPB supervision. The most significant of these procedures would:

  • Require the CFPB to provide such unsupervised person with a Notice of Reasonable Cause, informing them that the CFPB believes it has a reasonable basis upon which to assert supervisory authority and providing facts that support that belief
  • Give the unsupervised person an opportunity to respond to the Notice, in writing within 20 days, either contesting the assertions or voluntarily consenting to supervision
  • Allow an unsupervised person to contest the assertion of such supervisory authority, in writing, but also through informal arguments in a supplemental oral response (typically by telephone), which would not constitute a hearing on the record, and neither discovery nor testimony of witnesses would be permitted. Following any contest and submissions, the Assistant Director for Nonbank Supervision would be required to make a recommendation, with the Director authorized to issue the final decision and Order as to whether or not the unsupervised person shall be subject to CFPB supervision.
  • Allow the unsupervised person, once becoming subject to CFPB supervision, to petition the Director after two years (and no more than annually thereafter) for termination of the Order. FYI, an unsupervised person that voluntarily consents to CFPB supervision would not have a right to file such a petition.

Issuance of a Notice does not mean charges have been filed against the unsupervised person, it simply triggers the procedures outlined in the CFPB rules. However, if the CFPB issues a notice of charges, it can choose, in its sole discretion, to utilize more formal adjudicatory procedures (including some variations) that are described in 12 C.F.R. 1081.200. Comments on the proposed rules are due by July 24, 2012, and you can read the entire proposed CFPB rule directly at Procedural Rules To Establish Supervisory Authority Over Certain Nonbank Covered Persons Based on Risk Determination.

If you need more information about these proposed rules, or want help determining if you should submit comments and the best way to approach the substance and form of those comments, please contact Robert M. Jaworski (rjaworski@rimonlaw.com). Of course, you can always find out more or get the assistance you need by contacting me, Joe Rosenbaum, or the Rimon attorney with whom you regularly work.

Let’s be Frank! Actually, Let’s Be Dodd-Frank. Can You Hear Me Now?

Financial institutions need to worry about Dodd-Frank (the Dodd-Frank Wall Street Reform and Consumer Protection Act). After all, “Wall Street,” “Reform” and “Consumer Protection” don’t exactly conjure up images of phone, gas and electric lines being inspected and regulated by auditors wearing suits and carrying briefcases.

If you have been a loyal Legal Bytes reader, you probably know the next line:

Well guess what?

A section of the Dodd-Frank Act amended a section of the Fair Credit Reporting Act (the “FCRA”). The amendment, which becomes effective today, July 21, 2011, requires that anyone who issues a risk-based pricing notice to a consumer (a notice required when a credit report and credit score are used in connection with the extension of credit to a consumer) must now include the applicant’s credit score directly in or with the notice. So when a company sends you a notice under the FCRA in order to comply with the requirements of the Equal Credit Opportunity Act (“ECOA”), it needs to tell consumers it has used a credit report, “a record of your credit history” and “information about whether you pay your bills on time and how much you owe creditors.”

Public utilities, telecommunications companies and many others use credit scoring models, and even though these may not be based on your general credit history, the FTC is now taking the position that these companies are subject to the provisions of Dodd-Frank, and credit scores must be disclosed to the consumer.

Hey, don’t take my word for it. Read the entire Rimon Client Alert [PDF] authored by our experts: Roberta G. Torian in Philadelphia, Robert M. Jaworski in Princeton and Mark F. Oesterle in Washington, D.C. Then you will see how really complicated it is and can call them for help.

Of course, you can always contact me or the Rimon attorney with whom you regularly work, if you have any questions or require legal counsel or assistance.

Payment Card Industry Takes a Swipe at Virtual Security

Someone in the payment instrument, payment processing, or payment systems environment must be living under a rock if he or she has not heard of or been affected by the Data Security Standards (DSS), or “PCI-DSS” as it has been referred to in the industry, promulgated and released by the Security Standards Council of the Payment Card Industry Association (PCI). Although the original impetus for the credit-card-driven security standards was combating identity theft and credit card fraud in the wake of the data breaches and compromised (or potentially compromised) databases containing sensitive consumer payment account information, the standards have become the de facto starting point for any compliance security standard in the payment industry.

Last week, the PCI Security Standards Council released new comprehensive guidelines for PCI compliance in virtual card holder data environments dealing with consumer payment system and payment transaction security in a virtual environment. Rimon lawyers who work in this area consistently and who have a wealth of experience with information security and financial services, have put together a client alert entitled: "Is the PCI Security Standards Counsel Preparing for Cloudy Weather?"

Credit, debit and prepaid cards; smart cards and chip cards; gift cards and stored value cards; co-branded cards and loyalty rewards programs; corporate cards, fleet cards and purchasing cards; data protection and privacy; information security, identity theft and data breaches; micro, digital and virtual payment systems – E Commerce; The Fair Credit Reporting Act; Regulation E; Regulation Z; Credit Card Act of 2009 (see Credit Card Act of 2009: Act I, Scene 1 or just search the Legal Bytes blog)! Do any of these terms apply to you? Talk to us. It’s what we do. Contact any of the lawyers listed in the Alert, contact me, or contact the lawyer at Rimon with whom you routinely work, and we will make sure we help you or connect you to someone at Rimon who will be happy to do so.

Transcending the Cloud – Financial Services: Show Me the Money!

This post was written by Joseph Rosenbaum, Adam Snukal and Leonard Bernstein.

Welcome to the New Year. As they do each year, clouds, together with some sunshine (and a cold winter blast periodically in our Northern Hemisphere), roll in, too.

Last year we published a number of topical updates to our Cloud Computing initiative – new chapters and white papers intended to provoke thought, stimulate ideas and, most of all, demonstrate the thought leadership Rimon attorneys bring to bear when innovative and important trends and initiatives in the commercial world give rise to new and interesting legal issues.

So here, from Adam Snukal, Len Bernstein, and Joe Rosenbaum, is a glimpse at some issues that apply to the world of financial services arising from Cloud Computing. This next chapter in Rimon’s on-going series, “Transcending the Cloud: A Legal Guide to the Risks and Rewards of Cloud Computing,” is titled “Look, Up in the Cloud, It’s a Bird, It’s a Plane, It’s a Bank.” This white paper examines the issues that arise within financial services institutions in the wake of complex and evolving regulation and scrutiny, and we hope it provides some insight into the considerations and concerns that apply, even while the industry and the regulatory landscape are still evolving. A special note of thanks to Anthony S. Traymore, an Advertising Technology & Media associate and a good friend and colleague, who has now joined the legal department of a Rimon client. Anthony was instrumental in helping put the initial topical white paper draft together while at Rimon, and we like to give credit where credit is due – both here and in the white paper itself. Thanks Anthony.

As we do each time, we have updated the entire work so that, in addition to the single “financial services” white paper, you can access and download a PDF of the entire “Transcending the Cloud: A Legal Guide to the Risks and Rewards of Cloud Computing” compendium, up to date and including all of the previous chapters in one document.

Of course, feel free to contact Adam Snukal, Len Bernstein or Joe Rosenbaum directly if you have any questions or require legal counsel or assistance related to financial services. Make sure you subscribe via email or get the Legal Bytes RSS Feed so you are always in touch with our latest information. And if you ever have questions, you can always contact any Rimon attorney with whom you regularly work.

Rosenbaum on CNNMoney.com

Joe Rosenbaum was featured on CNNMoney.com in the Small Business section in connection with a question about an individual cardholder’s liability for business-related charges on a business/corporate card issued while the individual was an employee.

For the answer, you’ll have to read the entire blog post on CNNMoney Small Business Q&A. Of course you can always contact Joe for the answer.

FINRA Issues Guidance in New Social Media Websites Notice

In November, Legal Bytes reported (Regulators Poised to Give Financial Institutions a Slap in the Facebook) that Richard Ketchum, Chief Executive of the Financial Industry Regulatory Authority (FINRA), acknowledged Wall Street is eager to use social media to interact with customers. In the course of his remarks at a recent meeting of the Securities Industry and Financial Markets Association (SIFMA), he noted, “We continue to witness the advent of technologies that will challenge your ability to ensure compliance with regulatory requirements,” and “Social networking is one such innovation.

Now, supplementing existing FINRA Rules, FINRA has released a notice concerning online media rules (you can download and read a copy of the notice below) whose key components include requirements that securities firms:

  • Must develop policies and require its employees to comply with the new regulatory requirements
  • Must retain records of communications (a compliance requirement of the Securities Exchange Act of 1934) when social media is used to communicate
  • Must ensure that recommendations made through social media are suitable to all investors to whom the recommendation is made (e.g., by limiting or filtering access based on investor/consumer qualifications)

FINRA’s notice takes the position that securities firms must adapt existing rules to social media and essentially mirror the 2003 FINRA definition of “public appearance.” This definition noted that chat room postings were no different than if a firm representative was in a room making statements to a room filled with investors. FINRA’s current notice indicates that information posted or content placed online (static information) is subject to these same rules and must be approved by a firm principal – presumably, even information about individuals in the firm that may be part of an individual’s profile on the firm’s website or in social media platforms. But online interactions that are occurring on the fly (e.g., in real time), while subject to supervisory requirements (e.g., they must be supervised, perhaps even monitored), do not require such approvals.

You can read or download the FINRA Regulatory Notice 10-06 (Social Media Web Sites) [PDF] here.

As mentioned in the Legal Bytes November post, SEC disclosure rules apply to Tweets, blog postings, wall postings and other communication platforms provided by social media sites, and other regulatory agencies are seeking to address the use of social media sites by the entities they regulate (e.g., the FCC, the New York State Insurance Department). So if any of this is of interest and if you need to know more or need help, please contact me, Joseph I. Rosenbaum, or the Rimon attorney with whom you regularly work. We are happy to help.

Update:  Rimon lawyers Christopher P. Bennet, Amy J. Greer, Jacob Thride and Kevin Xu have prepared a Client Alert on the subject which you can read by going to: FINRA Issues Notice for Financial Firms Using Social Media.