Digital Wallets: A Deep Dive into the New CFPB Rule

Lori Breitzke, E&S Consulting LLC, Double Diamond Group

Buried within the 1,689-page Consumer Financial Protection Bureau (CFPB) “final rule,” or Prepaid Access Rule, are provisos that pertain to digital wallets. In a previous article, I shared the basic outlines of the rule itself and how it relates to digital payments. But how worried should payment facilitators who operate a digital wallet be?

Let’s get down to the nitty-gritty of what is actually contained within the portions of the Prepaid Access Rule regarding digital wallets – and how much concern they should be to payment facilitators.

Let’s do a quick review of this “final rule” to put things into context and perspective. The rule, which goes into effect on October 1, 2017, amends the provisos of Regulation E (the Electronic Funds Transfer Act of 1978) and Regulation Z (a component of the Truth in Lending Act of 1968 that promulgates rules designed to protect consumers against misleading practices by the lending industry) to cover not just prepaid and reloadable cards, but also digital wallets, person-to-person (P2P) payment platforms, tax refund cards, payroll cards, cards for student financial aid, and some government benefit cards.

Exclusions include gift cards that are “marketed and labeled” as such, merchant-specific store cards, and loyalty/promotional rewards cards. The rules mandate free consumer access to account information (or periodic statements as with traditional accounts), $50 liability limits for unauthorized transactions on lost or stolen cards when loss or theft is promptly reported, fee disclosures in easy-to-read standard form, and credit protections similar to those of traditional credit cards.

It Just Doesn’t Compute

In the text of the rule, the CFPB defines both digital wallets and mobile wallets (i.e., digital wallets accessible by consumers using a mobile device, like a smartphone) as “similarly” storing “one or more of the consumer’s payment credentials electronically.” Other than this short definition, there is no detail provided about these digital wallets.

Even more importantly, in order to meet the definition of “prepaid account”—and therefore be subject to the rule—a product, including a digital wallet, must be either an account that is marketed or labeled as “prepaid” and is redeemable upon presentation at multiple unaffiliated merchants or usable at ATMs.

Alternatively, it must meet all of these criteria: is issued on a prepaid basis in a specified amount or is capable of being loaded with funds after issuance; has a primary function of enabling consumers to conduct transactions with multiple, unaffiliated merchants for goods or services, to conduct transactions at ATMs, or to conduct person-to-person (P2P) transfers; and is not a checking account, a share draft account, or negotiable order of withdrawal (NOW) account.

Merchant-specific wallets are not intended for use at multiple unaffiliated merchants—only at one merchant (think WalmartPay, Starbucks, CVSPay, KohlsPay, etc.). So they don’t pass the test.

What’s more, in the text of the rule, digital wallets and mobile wallets alike are referred to specifically as “consumer” accounts. The implied concern in the rule is that, were such wallets to fall into the wrong hands, trouble would ensue. There is a section within the ruling where the CFPB states its position that digital wallets that can hold funds operate in large part in a manner similar to physical or online prepaid accounts.

The CFPB goes on to say that “a consumer can load funds onto a digital wallet, spend the multiple funds at multiple, unaffiliated merchants or conduct peer-to-peer transfers, and reload the account once the funds are depleted.” The text also spells out the bureau’s belief that “consumers who transact using digital wallets deserve the same protections as consumers who use other prepaid accounts. Indeed, as with other prepaid accounts, a consumer’s digital wallet could fall victim to erroneous or fraudulent transactions.”

The Bottom Line

The key takeaways here are that not all wallets meet the prepaid definition set forth in the rule, and the rule refers only to consumer digital wallets. Consumer digital wallets fall outside the scope of payment facilitators’ responsibilities and functions. PFs are involved only with digital wallets into which proceeds from merchants selling goods or services are deposited. And these merchant-funded wallets simply are not referenced—even in an implied fashion—in the Prepaid Access Rule.

In short, in my opinion, the rule does not affect payment facilitators because it does not include this type of depository wallet. One word of caution, however—the bureau could extend the rule to other “similar” digital wallets, ultimately bringing payment facilitators under the Prepaid Access Rule umbrella. But that would mean developing an entirely new set of digital wallet definitions and a new portion of the rule, which could take quite a long time to push through the appropriate channels, if we use the new rule as our guide.

So when it comes to digital wallets, let’s not sweat it. As I mentioned in my initial blog about the Prepaid Access Rule, I don’t think the rule is going to stymie financial technology (fintech) innovation, but rather, that the thousands of fintech companies out there will be innovating further and looking for prepaid as a base of opportunity.

Let’s keep our eyes on that ball, and leave the concern about digital wallets to others. As the saying goes, not your monkeys, not your circus.