The Federal Reserve Board could extend Electronic Funds Transfer Act protection to general purpose, reloadable prepaid cards, a move the Consumers Union argues may be the government's response to the recent breach at Heartland Payment Systems Inc. in which thieves stole payment card information, including prepaid card numbers.
Network-branded, reloadable prepaid cards would receive the same protection that Regulation E of the EFT Act provides employer-issued payroll cards, Ky Tran-Trong, an attorney in the Federal Reserve's division of consumer and community affairs, told attendees earlier this month at the ATM Industry Association's 10th Annual Conference and Forum in Nashville, Tenn.
Many companies, including McDonald's Corp., United Parcel Inc., Blockbuster Inc. and Coca-Cola Co., offer payroll cards to employees as an alternative to direct deposits into checking accounts or the distribution of more-expensive paper checks.
If an employer-issued payroll card is lost or stolen and fraudulent transactions occur on the card, Reg E limits the cardholder's liability to $50 if the card is reported lost with within two days, according to regulations promulgated by the Federal Reserve, says Gail Hillebrand, senior attorney for the West Coast office of Consumers Union of U.S. Inc. in San Francisco.
Consumers Union publishes Consumer Reports magazine and ConsumerReports.org.
The Fed extended Reg E protections to employer-issued payroll cards effective Jan. 1, 2007.
Reg E, however, does not offer any protection to individuals who purchase reloadable Visa, MasterCard, Discover or American Express cards or who have their payroll, Social Security payments and other funds automatically loaded into prepaid card accounts, Hillebrand says.
"The Fed's plan is long overdue," Hillebrand says. "If thieves steal their cards or unauthorized charges are made with the card, prepaid cardholders should not have less protection than credit cards, regular debit cards and payroll cards are accorded."
The regulation should be amended because it was written before the prepaid card market began to grow, she says.
At the time the Reg E was written, virtually all debit card accounts were assigned to individuals. Most issuers, but not all, assign prepaid debit cards to pooled accounts.
This is an important legal point because the EFT acts says debit card accounts must be for personal, family or household use, but lawyers disagree whether those standards apply to pooled accounts, Hillebrand says.
"The issuer knows how much money an individual cardholder has available on his card, but the available funds are kept in a pooled account tied to many individuals, not an account tied to one person," says Hillebrand, who wrote a 47-page paper for the Chicago-Kent Law Review Symposium titled "Rethinking Payments Law."
The paper discusses extending Reg E protections to consumers who purchase reloadable prepaid cards.
"I am not surprised [the Fed is] considering this," says Judith Rinearson, partner with Bryan Cave LLC, a New York-based law firm that has as a client the Network Branded Prepaid Card Association, an industry trade association. Rinearson is a member of the association's government relations working group.
"Only a small percentage of consumers use their general purpose reloadable prepaid cards as 'quasi-bank accounts'," Rinearson says. "The tricky part would be to draft a regulation that is focused on 'quasi-bank cards' without casting a net so broad that other general purpose reloadable cards are inadvertently caught by regulators."
Some consumers use prepaid cards for shopping or they use the cards to save for a vacation, she says.
Card networks already offer "zero-liability" protection on prepaid cards they support, but Hillebrand contends the protections are "riddled with holes."
For example, MasterCard drops its liability protection if there are three unauthorized charges on the card in 12 months, and Visa's protections only apply if the card is used for signature-debit purchases over the Visa network, she says.
Visa says that is not necessarily true. If prepaid card transactions are processed over Visa's PIN-based Interlink network, they also receive zero-liability protection, says a Visa spokesperson.
Visa's zero-liability policy may or may not apply if a person uses a Visa card for a PIN-debit purchase over the Pulse, NYCE or other PIN-debit networks, says the Visa spokesperson.
NYCE Payments Network LLC says issuers are responsible for Reg E protections.
"As a service provider to those institutions, NYCE's role is really to enable their compliance through products and services," Secaucus, N.J.-based NYCE says.
Reg E also would address the issue of lost and stolen cards. Prepaid cardholders usually do not complain about lost or stolen cards because many are unbanked, do not trust the financial system and do not speak English well, Hillebrand says.
However, the nation's credit crunch may extend interest and use of prepaid cards to a broader audience.
Although she does not offer any evidence to support her claim, Rinearson believes prepaid card use is growing because more merchants accept them, more employers offer them as payroll products and more universities offer them to students.
Rinearson adds that consumers who used subprime credit cards in the past may not be able to obtain such a credit card in this environment.
"It can be very difficult to get access to the U.S. payment system if you don't have a bank account or a credit card," she says. "A prepaid card is a convenient and secure way to get such access."
The Fed possibly will begin the process of amending Reg E later this year or early next year after discussing the matter with issuers, ATM&Debit News has learned. If the Fed believes protections are needed, it would write new regulations and offer them up for a period of public comment.
The Heartland breach may have been the catalyst to spark the Fed into action concerning protection for holders of reloadable prepaid cards, Hillebrand says.
"Although the media have written and talked about large numbers of credit card numbers that were stolen, thieves stole thousands of debit and prepaid card numbers," she says.
Fed officials did respond to inquiries from ATM&Debit News concerning whether the Heartland breach caused them to consider extending Reg E protections to holders of reloadable prepaid cards. ATM