As published in the Independent Community Bankers of South Dakota newsletter, February 2017 edition.  Sign up for ICBSD e-news here.

The Consumer Financial Protection Bureau (CFPB) has broad powers to take action when it perceives that consumers of financial services have experienced unfair, deceptive, or abusive practices.  This month the CFPB exercised those powers by ordering UniRush and Mastercard to pay $13 million for account service disruptions.  ICBSD LogoUniRush administers the RushCard—a prepaid debit card used by customers to receive direct deposit paychecks and government benefits.  In October 2015, RushCard transitioned from its former payment processor to Mastercard.  This transition, however, encountered serious issues.  Customer accounts were wrongly suspended for fraud; cards were incorrectly declined; direct deposits were improperly returned, delayed, and posted multiple times; and debits were applied late.  Tens of thousands of economically vulnerable consumers were left without accurate balance information and in some instances entirely without access to money which had been prepaid into their accounts.  For some customers these issues lasted weeks.

The issues were compounded by UniRush’s customer service.  It was unprepared to handle the increased number of customer complaints.  The CFPB determined that customer agents “were not sufficiently trained, which meant they often were unable to resolve people’s questions and complaints.”  Further, without notice to its customers, UniRush used consumers’ subsequent deposits and cash loads to recover funds if consumers had spent more money than was available on their RushCard.

The CFPB determined that these issues were unfair, deceptive, or abusive practices and all arose from failures that UniRush and Mastercard should have anticipated and prevented.  Further, it concluded that UniRush’s treatment of accounts after the transition caused consumers substantial harm.  In addition to ordering UniRush and Mastercard to pay approximately $10 million in restitution to affected consumers, the Bureau ordered the companies to pay a civil money penalty of $3 million.  It noted that the penalty was intended to act “as further deterrence to avoid such problems in the future.”

This action is relevant not only to processing relationships for prepaid cards, but also to banks that rely on third-party providers to offer services to customers.  Banks routinely enter into service contracts with third parties who create bank platforms and serve as back-office processors.  These services allow banks to manage and track customer information, accounts, withdrawals, deposits, and loans.  Banks also often rely on third-party service providers to offer customer products such as bill pay, mobile banking, and remote deposit capture.  Each of these relationships involves risk.

These risks should be considered at all times by banks, but especially so when selecting potential service providers, negotiating contracts, correcting service disruptions, and discussing service providers’ wind-down obligations.  Further, if you are considering transitioning third-party service providers—beware!  It is imperative to adequately prepare for any transition.  Systems must be sufficiently tested in advance to anticipate and troubleshoot potential failures; contingency plans must be ready and in place; and if failures do occur, customers must receive adequate communication and assistance.  Banks have always been aware that irate customers, potential reputational damage, and possible claims for damages can be the consequences of a botched conversion or subpar performance by a third-party service provider; now banks can add potential enforcement actions and civil money penalties to the list.

Davenport, Evans, Hurwitz & Smith, LLP, located in Sioux Falls, South Dakota, is one of the state’s largest law firms. The firm’s attorneys provide business and litigation counsel to individuals and corporate clients in a variety of practice areas. For more information about Davenport Evans, visit