Regulating the cross-border movement of prepaid cards
The Authors
Courtney J. Linn, US Department of Justice, Sacramento, California, USA
Acknowledgements
The author is an Assistant US Attorney in the Eastern District of California and formerly served on detail to the Legal Policy Unit of the Asset Forfeiture and Money Laundering Section of the Criminal Division, US Department of Justice. The author's views do not necessarily reflect those of the US Department of Justice or its agencies. Thanks also to Ivy Nowinski for her help in researching the paper, and David Muradyan for his help in editing it. Thanks also to Lesley Kinsely at the National Drug Intelligence Center and Lori A. Cole at US Customs and Border Protection for their helpful comments. And, special thanks to Patrice Motz who provided insightful comments on several drafts of this paper.
Abstract
Purpose – The term “prepaid card” refers to the pre-payment of value process, i.e. pay now and extract value later, and describes most of the prepaid/stored value products available today. These cards have largely supplanted paper gift certificates and travelers checks, and are used as alternatives for traditional paper-based transactions such as payroll payments, cross-border remittances, and government assistance or welfare benefit programs. However, the same attributes that make open-system prepaid cards attractive to legitimate customers make them attractive to money launderers. The purpose of this paper is to make the case for subjecting certain prepaid card products (but not all) to Report of International Transportation of Currency or Monetary Instruments (CMIR) requirements.
Design/methodology/approach – Addresses how the US law-enforcement agencies might reconstruct the CMIR enforcement regime to address the unique challenges that prepaid card products present.
Findings – The money laundering threat posed by these products is not immediate, but it is not conjectural either. US law-enforcement agencies (and perhaps ultimately the courts) will be required to address the fourth amendment and privacy issues that may arise when a customs officer “searches” a prepaid card by swiping it and ascertaining the value of the funds associated with that card.
Originality/value – The paper is of value by showing that problem issues can be surmounted, provided the enforcement regime is narrowly targeted to include only those prepaid card products that bear the closest resemblance to currency, and provided the funds associated with those products are maintained in pooled accounts.
Article Type:
Research paper
Keyword(s):
Money laundering; United States of America; Electronic funds transfer systems; Data handling.
Journal:
Journal of Money Laundering Control
Volume:
11
Number:
2
Year:
2008
pp:
146-171
Copyright ©
Emerald Group Publishing Limited
ISSN:
1368-5201
1 Introduction
Prepaid cards (sometimes referred to as stored value cards) have emerged as an alternative means of exchange, rapidly supplanting travelers checks, money orders, and even currency. For the estimated 40 million unbanked or underbanked households in the USA, prepaid cards provide an attractive way to pay for goods and services without resort to traditional depository institutions. Indeed, in a sign that prepaid cards may even supplant traditional demand deposit accounts, Wal-Mart announced this past June, three months after it abandoned its bid to offer traditional banking services in the USA, that it would begin selling prepaid VISA cards to its customers who are unbanked or underbanked.
A prepaid card is an attractive product because it provides a degree of fungibility comparable to currency. The most fungible “open-system” prepaid card products – so-called general spend prepaid cards – can be loaded, reloaded, and used to access currency from virtually any automated teller machine (ATM) in the world
The same attributes that make open-system prepaid cards attractive to legitimate customers make them attractive to money launderers. In the Western Hemisphere, Mexican and Colombian drug trafficking organizations (DTOs) generate, remove and launder between $8.3 billion and 24.9 billion in wholesale drug proceeds annually from the USA, including through transnational bulk shipments of currency
Recognizing the potential for money launderers to exploit prepaid card products, the Department of Justice transmitted to Congress, in June 2007, a legislative package – the Violent Crime and Anti-Terrorism Act of 2007 – that includes a provision relating to prepaid (stored value) cards (US Department of Justice, 2007). That provision would require the Secretary of Treasury to promulgate regulations treating “stored value cards or other similar devices” as a form of monetary instrument subject to currency and monetary instrument reporting (CMIR) laws
If enacted, and given effect by implementing regulations with the same focus as the current rules for cross border movement of currency and monetary instruments, the law would require each person to file a report (similar to a CMIR) each time such person transports, mails or ships prepaid cards at one time into or out of the USA having an aggregate value of more than $10,000
In this paper, I maintain that Congress should enact this legislation and that regulators should begin to treat certain prepaid cards as a form of “monetary instrument” subject to CMIR laws. Regulators should subject to CMIR-type reporting requirements those prepaid card products that most closely share the characteristics of currency, i.e. so-called “open-system” prepaid cards. For certain, those open-system prepaid cards that allow for worldwide ATM access, and for which few if any legal requirements for customer identification procedures exist, should be subject to CMIR-type requirements. I also address how the US law-enforcement agencies might reconstruct the CMIR enforcement regime to address the unique challenges that prepaid card products present. As the authors of a 2006 Financial Action Task Force (FATF) report alertly observed, “unlike currency, the value held on prepaid cards is not apparent to customs and border officials[.]”
Finally, I conclude that if the CMIR-enforcement regime reaches only certain kinds of open-system prepaid cards, and excludes debit cards linked to demand deposit-type accounts, law-enforcement agents should be able to ascertain the value of funds associated with the cards without a search warrant and without implicating privacy laws such as the Right to Financial Privacy Act (RFPA) and the Gramm-Leach-Bliley Act (GLBA)
2 Description of different prepaid card products
2.1 Open versus closed system
The term “prepaid card” refers to the prepayment of value process, i.e. pay now and extract value later, and describes most of the prepaid/stored value products available today (Federal Reserve Board, 2005, hereinafter Summary of Roundtable Discussion). These cards have largely supplanted paper gift certificates and travelers checks, and thus are used as alternatives for traditional paper-based transactions such as payroll payments, cross-border remittances, and government assistance or welfare benefit programs
Prepaid cards are of two general types. The first type is a closed-system card used for only well-defined purposes (FATF Report, 2006, p. 4). Merchant gift cards, prepaid long distance service cards, and mass transit system cards, are examples of such closed-system cards (FATF Report, 2006). A true closed-system card is one that can be used only with a single merchant or service provider (Rinearson and Woods, 2004). A variation on the closed-system card is the semi-closed system card. Such cards are accepted not simply by one merchant, but by several merchants – for example, all merchants located at a particular shopping mall (Woods, 2005; Rinearson and Woods, 2004). By most accounts, closed-system cards present a low-money laundering threat when compared to open-system cards (discussed below)
A second type of prepaid card is a multipurpose or open-system prepaid card that can be used at any merchant that accepts a card that operates on a particular payment system or network such as an association network or an owned network (FATF Report, 2006, p. 4). Here again, there are two categories. Some open-system prepaid cards function like a credit card and allow for use at various merchant locations. These cards are sometimes referred to as “semi-open” in the sense that they cannot be used to acquire goods and services but cannot be used to access currency through an ATM (Woods, 2005, p. 212; Rinearson and Woods, 2004). In contrast, a true (as opposed to “semi”) open-system prepaid card can be used not only to purchase goods and services, but to access cash through an ATM (Woods, 2005, pp. 211-12). Regardless of category, the most prevalent forms of open-system prepaid cards are those branded by companies such as VISA, MasterCard, Discover, and American Express. These are the so-called “network branded” prepaid cards
Network branded prepaid cards take many forms. The network branded prepaid debit card industry generally categorizes these cards according to their funding source: corporate, government, and consumer. The first two categories of cards – corporate and government – arguably present lower money laundering risks than the consumer category. The money laundering risk associated with a corporate card may turn, for example, on the bona fides of the entity funding the card. Typically, the cards are funded by government or businesses using some combination of corporate checking account, ACH transactions, or other traceable funding source (Albers, 2007, pp. 369-70). In these transactions, the underlying bank accounts that fund the prepaid cards are likely to be subject to the Bank Secrecy Act's Anti-Money Laundering (AML) and customer identification program (CIP) requirements. Moreover, many (but not all) of these cards are registered, meaning that the transaction activity on the card is linked to an individual for whom the issuing has collected and recorded identifying information
Within the consumer-funded category there are two generally recognized subcategories. In one subcategory there is the general purpose or “general spend” reloadable card; and in the other there is the gift card. An example of the former is a VISA Buxx or VISA Travel money card. In its marketing, VISA targets the VISA Buxx card to parents as prepaid card for teenagers. VISA also markets a VISA TravelMoney card. This card allows travelers to access travel funds at any VISA ATM in any local currency. In the current regulatory climate, these products pose a substantial money laundering threat mainly because the customer identification procedures that apply to these products are not well defined. Like credit cards, these products can be issued without photo identification or other customer identification procedures associated with demand deposit accounts (Letter from Irene S. Hernandez, 2007). But assuming the existence of regulations that imposed CIP requirements comparable to those that exist for demand deposit accounts, these general spend cards would present a money laundering threat comparable to a demand deposit account. The source of the funds, e.g. a parent's bank account, would be traceable, and the transaction data would return to a person whose identity has been verified
The term “gift” card generally refers to a card that is sold in a retail environment, is not reloadable, and is not personalized in any way. Of all of the different kinds of cards that have been discussed, the gift card arguably presents the greatest money laundering threat. Unlike corporate or government-issued cards, gift cards can be funded from comparatively anonymous sources, e.g. currency, money orders or cashier's check. Issuers of disposable, fixed denomination gift cards are not required to identify their customer
Gift cards are typically sold to consumers through an issuing bank's web site or branch location, or through a retailer such as a grocery store. Perhaps, in recognition of the heightened money laundering risks posed by these gift card products at least four major payment networks (VISA, MasterCard, Discover and American Express) have, as a matter of corporate policy, imposed added restrictions
Whether the card is a gift card, a general purpose reloadable card, or a government or corporate prepaid card, the card has a common characteristic. The funds associated with it are typically maintained in a pooled account held in the name of a program manager or third-party processor managing the card program for the issuing bank
This feature highlights the critical difference between prepaid cards and debit cards. Where the funds associated with a debit card are tied to a bank account belonging to a specific banking customer, prepaid cards usually are linked to a single pooled account at a bank with the value associated with the card tracked separately by card number Woods (2005, p. 213).
As discussed below, the pooled account feature of prepaid cards is also critical to keep in mind when discussing privacy issues that arise when the government seeks to ascertain the value of the funds associated with it.
2.2 The transaction process
The transaction process for an open-system prepaid card that operates on a payment card network resembles the process for any other network-based debit or credit card transaction
Before approving a transaction, the issuing bank makes sure the funds are available and confirms that the card has not been reported lost or stolen. In the case of a prepaid card transaction, no information is conveyed to the merchant except whether the transaction has been approved or disapproved. At the end of the business, day each merchant collects its charge transactions and transmits the data electronically to the processor that serves that merchant and the acquiring bank of that merchant. Funds are moved in settlement between the issuing bank of the prepaid card (or the bank of the program manager) and the acquiring bank of the merchant at the instruction of the respective processor (the issuing bank's processor or the acquiring bank's processor); the pooled account (or settlement account) of the issuing bank is debited and the settlement account of the acquiring bank is credited. Firms such as VISA and MasterCard facilitate settlement by establishing the procedure and rules for transactions and settlements and by controlling the entities that are authorized to process transactions and settlements.
3 The existing CMIR enforcement regime
A provision of the Bank Secrecy Act (31 U.S.C. § 5316) requires, inter alia, that a person or agent or bailee of the person shall file a report when the person, agent or bailee knowingly transports, is about to transport, or has transported, monetary instruments of more than $10,000 in aggregate value at one time into or out of the USA
The CMIR statute does not define the term “monetary instruments.” Instead, the definition is found in the regulations. The regulations define “monetary instruments” to include:
- Currency.
- Traveler's checks in any form
[29] . - All negotiable instruments (including personal checks, business checks, official bank checks, cashier's checks, third-party checks, promissory notes (as that term is defined in the Uniform Commercial Code) and money orders) that are either in bearer form, endorsed without restriction, made out to a fictitious payee (for purposes of § 103.23) or otherwise in such form that title thereto passes upon delivery).
- Incomplete instruments (including personal checks, business checks, official bank checks, cashier's checks, third-party checks, promissory notes (as that term is defined in the Uniform Commercial Code), and money orders) signed but with the payee's name omitted.
- Securities or stock in bearer form or otherwise in such form that title thereto passes upon delivery
[30] .
The CMIR statute is enforced primarily through two criminal statutes. First, Section 5324(c) of Title 31, US Code, makes it a crime to do any of the following acts for the purposes of evading the CMIR requirements to:
- fail to file a CMIR report or cause or attempt to cause a person to fail to file a CMIR report;
- file or cause or attempt to cause a person to file a CMIR report that contains a material omission or misstatement of fact; or
- structure or assist in structuring, or attempt to structure or assist in structuring, any importation or exportation of monetary instruments
[31] .
Second, Section 5332 of Title 31, US Code, makes it a crime to engage in “bulk cash smuggling,” that is, to knowingly conceal more than $10,000 in currency or other monetary instruments on the person of such individual or in any conveyance, article of luggage, merchandise, or other container, and transport or transfer or attempt to transport or transfer such currency or monetary instruments into or out of the USA with the intent to evade the CMIR requirements
As discussed in greater detail below, the US Government has effectively conceded – albeit not always in consistent terms – that the existing regulatory definition of a “monetary instrument” is too narrow to bring prepaid cards within the ambit of CMIR requirements and the criminal penalty provisions described above. The 2005 National Money Laundering Threat Assessment concedes the point, but only as to closed-system cards. “Closed system cards are not currently subject to CMIR reporting when moved across US borders” (Money Laundering Threat Assessment, 2005, p. 21). The 2006 NDIC Report concedes the same point, but in broader terms:
According to the US Department of Treasury and the US Department of Justice Asset Forfeiture and Money Laundering Section, CMIRs are not applicable to the cards, because they are not considered to be monetary instruments under 31 U.S.C. § 5316 (Prepaid Stored Value Cards, 2006, p. 7).
As indicated above, the US Department of Justice has now proposed a legislative “fix” to Section 5316, signaling the belief that the existing CMIR regime needs to be modified if it is to reach prepaid card products
4 The case for extending CMIR requirements
4.1 To certain prepaid card products
The US Department of Justice's recent legislative proposal to treat prepaid card (or “stored value”) products as monetary instruments for purposes of CMIR enforcement follows a long line of tentative first steps by US financial regulators. In the late 1990s, the Financial Crimes Enforcement Network (FinCEN) implemented regulations imposing a limited number of Bank Secrecy Act obligations on stored value issuers, sellers and redeemers, but backed away from imposing more extensive regulatory requirements citing the “chilling effect” that such regulation might have on the technology industry
The US Government's studied reluctance to burden issuers of prepaid cards with extensive regulation makes sense to a point. The industry is still taking shape, and the products are so varied that they are difficult to regulate with precision. But as the industry has matured, the government has gained a better grasp of the varying levels of risk associated with different products. Not just the 2005 US Money Laundering Threat Assessment and the 2006 NDIC Report, but also a 2006 Financial Action Task Force (FATF) Report, and a 2007 National Drug Threat Assessment call attention to the money laundering risks posed by stored value or prepaid cards in terms that make it clear that the government has identified critical distinctions between different products
FinCEN, in coordination with the Federal banking regulators and the industry, will issue guidance and develop regulatory definitions and requirements under the BSA for stored value products and payment systems” (2007 National Money Laundering Strategy, 2007; Orack, 2007).
And now, with the transmission to Congress of the Violent Crime and Anti-Terrorism Act of 2007, the Department of Justice has placed its own call to action to Congress and financial regulators: promulgate regulations that treat certain prepaid card products as monetary instruments for purposes of CMIR reporting.
The US Government's assessment of the money laundering threats posed by prepaid cards has evolved over time. It has been articulated in several public reports. Attempts at official assessments have been articulated in several formal public reports, including an international study conducted by FATF. The findings and conclusions of each of these reports are summarized below.
4.2 2005 US National Money Laundering Threat Assessment
The 2005 US Money Laundering Threat Assessment (the “Threat Assessment”) examined the risks posed by what it termed “stored value cards.” The Threat Assessment generally concluded that closed-system cards, primarily store gift cards, present more limited opportunities to move monetary value outside the country, and thus pose a lower threat (2005 National Money Laundering Strategy, 2005). Open-system cards, particularly those that allow for ATM access, pose a higher risk of abuse (2005 National Money Laundering Strategy, 2005). The Threat Assessment notes that the Drug Enforcement Administration (DEA), Immigration Customs and Enforcement (ICE), and the Internal Revenue Service-Criminal Investigation (IRS-CI) have all found prepaid cards used in conjunction with bulk cash smuggling (2005 National Money Laundering Strategy, 2005, pp. 22-3).
The Threat Assessment juxtaposes the regulation of stored value cards with the regulation of debit cards:
Banks and other depository financial institutions are obligated to have a customer identification program (CIP) and to report large or suspicious transactions (SARs). “Issuers, sellers, and redeemers of stored value” are classed as an MSB under the relevant regulations and are required to have an AML program but are not required to file SARs or to register with FinCEN (2005 National Money Laundering Strategy, 2005, p. 23).
The Threat Assessment concludes by observing that a byproduct of the global market for stored value products indicates that domestic action alone will not adequately address the threats (2005 National Money Laundering Strategy, 2005).
4.3 2006 FATF Report
In 2006, the Financial Action Task Force issued a Report entitled: “Report on New Payment Methods” (hereinafter the “2006 FATF Report”). The 2006 FATF Report examined the money laundering risks posed by open-system prepaid cards and other new payment methods using a common sense approach. It measured the money laundering risks by comparing how closely a prepaid card matched the attributes of cash (FATF Report, 2006, p. 10). According to the 2006 FATF Report, cash represents the extreme money laundering risk based on five factors: it provides for no means of identification, has no value limits, can be funded anonymously and without an intermediary or transaction record, has virtually no geographic limits, and no usage limit (FATF Report, 2006, pp. 10-11).
Taking these factors into account, many open-system prepaid cards share a similar risk profile to cash. Some such products allow for cardholder anonymity and anonymity of funding sources. Moreover, some issuers set high card value limits and high limits on the number of cards an individual may purchase, thereby increasing the risk that these products may substitute for bulk cash smuggling (FATF Report, 2006, pp. 11-12, 18). As the 2006 FATF Report observes, these new payment methods, including prepaid cards, may be superior to cash in that they are less bulky for criminals to transport (FATF Report, 2006, p. 10).
The FATF Report (2006, p. 25) concluded that the FATF Forty Recommendations and Nine Special Recommendations “provide an appropriate framework to address the vulnerabilities associated with these new methods of payment[.]”. Nonetheless, the FATF Report (2006) recommends future actions, including guidance to jurisdictions as to what preventative measures may be taken to limit the risk posed by these new payment methods.
4.4 2006 NDIC Report
Of the government studies, the 2006 NDIC Report is the most urgent in tone. It notes that the prepaid card industry is exploding in growth, that prepaid cards “provide an ideal money laundering instrument,” and that it is “very likely that drug traffickers and criminals alike are exploiting and will increasingly exploit the convenience and anonymity of prepaid stored value cards to launder and move funds associated with illicit enterprises” Prepaid Stored Value Cards (2006, p. 1).
The NDIC Report pays particular attention to the use of stored value cards as an alternative to bulk cash smuggling. Prepaid cards cannot be seized for CMIR violations, may replace bulk cash smuggling under certain conditions, and are an advantageous alternative to bulk cash smuggling via package delivery services or couriers on board commercial conveyances (Prepaid Stored Value Cards, 2006). The NDIC Report also articulates the need to include prepaid cards within the definition of monetary instruments for CMIR purposes, hinting at the practical problems that may exist in creating a CMIR enforcement regime. Customs agents need to be able to distinguish between traditional debit cards and network-branded prepaid stored value cards, perhaps by insisting on a requirement designed to distinguish the appearance of open and semi-open-system cards, and agents need some form of “card reader” to ascertain the value of funds associated with the cards.
Shortly after its release, the NDIC Report drew a forcefully worded response from the National Branded Prepaid Card Association (NBPCA). The NBPCA claimed that the NDIC Report is:
[…] overbroad, contains serious misconceptions, and omits critical information about network branded prepaid cards that will cause uninformed readers to draw incorrect conclusions and may lead to legislative or regulatory actions that are inappropriate and ineffective (NBPCA Letter, 2006, p. 2).
Of particular interest for purposes of this paper is the NBPCA's statement concerning problems law-enforcement agents may face in ascertaining the value of the funds associated with a prepaid card. That response is as follows:
Card readers cannot be used to determine the value loaded onto network branded prepaid debit cards, because the magnetic stripe on the cards does not contain the value of the card. Card readers can only provide the card number and the bank identification number. It is important to note that the card is simply an access device to the pooled account in which the funds are held at the financial institution. The overwhelming majority of prepaid cards have a toll-free number and/or a web site information printed on the reverse side that can be used to contact the issuer to determine the amount of funds remaining. [A card reader would only be useful in those rare circumstances in which “white plastic” cards are found by law enforcement, encoded with “skimmed data,” and bearing no telephone number/web site URL or any record of a card number or bank issuer. In this situation a card reader could be used to identify the financial institution whose cards were skimmed] (NBPCA Letter, 2006).
The NDIC replied to the NBPCA's response by letter dated January 17, 2007. The reply takes issue with many of NBPCA's criticisms of the initial NDIC Report. Of particular interest here, it responds to the NBPCA's assertion about the utility of card readers to law-enforcement agents attempting to ascertain the value of funds associated with prepaid cards. The reply clarifies that the NDIC had in mind a card reader that would allow law-enforcement agents to access the same databases used to process prepaid card transactions:
NDIC Response: While the value associated with any particular stored value card is clearly not available from the magnetic stripe, a card – coupled with a card reader connected to the payment networks – can be used to access processor data in order to determine the general value of the card. For example, by authorizing a specific amount, law enforcement officials could determine whether that card is worth more or less than the amount authorized. This function would be especially valuable to law enforcement if stored value becomes included in the definition of Reports of International Transportation of Currency or Monetary Instruments (Letter from Irene S. Hernandez, 2007).
4.5 2007 National Drug Threat Assessment
The 2007 National Drug Threat Assessment includes a section devoted to drug money laundering. It documents the means drug money launderers in Canada, the USA, Mexico and Colombia use to generate, remove and launder wholesale distribution proceeds (2007 National Drug Threat Assessment, 2007, p. 24). Most of the methods are familiar. Bulk cash smuggling is a principal method, but launderers also use wire remittances, and the Black Market Peso Exchange.
However, the report goes on to explain that anti-money laundering regulatory and law-enforcement measures “will drive some launderers to seek alternative methods to launder drug proceeds, and new technologies – such as stored value cards and on line payment systems [.] (2007 National Drug Threat Assessment, 2007, pp. 25-6)”. For example, open-system stored value cards are superior to the use of money remitters or bulk cash smuggling because the cards can be used without fear of documentation, identification law enforcement suspicion or seizure (2007 National Drug Threat Assessment, 2007, p. 26). Of all prepaid card products, the report identifies open-system cards as posing the greatest threat:
Open-system stored value cards have the greatest utility for money laundering related to wholesale-level drug trafficking, as they are similar to traditional credit and debit cards and can be used anywhere that the major credit card parent brand is accepted, frequently including worldwide automated teller machines (ATMs).
The report adds: “Unlike cash, the cards cannot be seized by law enforcement personnel for a Currency or Money Instrument Report (CMIR) violation” (2007 National Drug Threat Assessment, 2007).
4.6 The 2007 National Money Laundering Strategy
In May 2007, the US Departments of Justice, Treasury and Homeland Security released the 2007 National Money Laundering Strategy (2007). The report advances a “robust strategy for combating money laundering, deterring criminals, and addressing areas vulnerable to exploitation.” The National Money Laundering Strategy calls for FinCEN, in coordination with the Federal banking regulators and the industry, to “issue guidance and develop regulatory definitions and requirements under the BSA for stored value products and payment systems” (2007 National Money Laundering Strategy, 2007).
5 Obstacles to extending CMIR requirements to prepaid card products
5.1 Overcoming practical obstacles
As the 2006 NDIC Report indicates, the threshold problem a law-enforcement agent faces when confronted with a traveler carrying a suspected prepaid card or cards is how to differentiate an open-system prepaid card from a traditional debit card
Assuming a scheme in which a customs officer could differentiate an open-system prepaid card from a debit card, problems remain. Information about the amount of funds associated with the prepaid card is not itself “stored” on the card (NBPCA Letter, 2006, pp. 4-5). The only information stored on the card is a 16-digit number (15 in the case of AMEX) that serves as an access device. A customs officer seeking to query the card could access an online system and use the 16 digit number to access a pooled account maintained by the bank and identify the value of funds associated with the card. Alternatively, the customs officer could, as the NBPCA association suggests, telephone the issuing bank (or the bank's third-party processor) using a 1-800 number. Beyond this problem, a government agent would need to have the means to “seize” the value of the funds associated with the prepaid card if such funds are subject to seizure for any legally cognizable reason, e.g. based on a CMIR violation (discussed further below).
A way to overcome these obstacles might be to establish the government as a kind of merchant authorized to conduct queries with each of the major card networks that support prepaid cards – namely, VISA, MasterCard, American Express and Discover. In such a scheme, if a customs officer sought to ascertain the value of funds associated with a prepaid card, the officer could “swipe” the prepaid card through a point of sale-type device and ask the following questions of the issuing bank or its program manager. Question 1: Is this a prepaid card, e.g. one for which the funds associated with the card are maintained in a pooled account? If the answer to this question is “no,” then the transaction could terminate. If the answer is “yes,” then the customs officer could ask a second question: Does the value of the funds associated with this prepaid card (or cards) exceed $10,000? If the answer is “no,” then the transaction could again terminate. If the answer is “yes,” then the customs officer would be authorized to conduct the equivalent of a merchant transaction in which all of the funds on the card(s) would be debited from the pooled account according to the transaction process described in Section 2.2 above, and deposited into a designated account maintained by the USA pending further proceedings.
As discussed in greater detail below, the critical question will be whether the debit card is one for which the funds associated with the card are maintained in a pooled account. If the card does not meet that criterion then any further “search” of the card without a subpoena or a search warrant potentially raises serious privacy issues.
5.2 The definition of a “monetary instrument”
Congress enacted the CMIR requirement because it perceived that undisclosed currency that moved across national boards was being used in organized crime, drug trafficking, money laundering and other crimes
With this background in mind, the case for expanding the regulatory definition of “monetary instruments” to include prepaid cards rests on at least two considerations. First, many open-system prepaid cards share the “bearer” characteristic of the instruments currently included within the definition of “monetary instrument” subject to CMIR reporting. Prepaid cards are like bearer instruments in the sense that the bearer of the card (and any related security code) can access the funds in the pooled account associated with such card. In the hands of a money launderer, an open-system prepaid card may offer the same degree of fungibility as a traveler's check, an incomplete instrument, and other similar instruments that evidence “bearer” characteristics and are therefore subject to reporting under the current CMIR regime. In fact, prepaid cards have to a great extent supplanted many of these older, paper based, forms of monetary instruments
Second, the use of prepaid card products has exploded in recent years. One estimate projects that the number of prepaid cards issued annually will surge from 6.2 million in 2002 to almost 40 million in 2007 (Judith Rinearson, 2006, p. 41). Another estimate suggests that there were $79.04 billion in gift card transactions in 2004 and that the figure was expected to grow to $94.84 billion in transactions in 2005 (Hughes et al., 2006). If even a fraction of these amounts move transnationally in any given year, then such movement has the potential to impact the proper functioning of the monetary system. This is a core governmental concern that lies at the heart of the Bank Secrecy Act's provisions, and one implicated by the explosive growth in prepaid card products
Arguments against extending the definition of “monetary instrument” to include prepaid cards are not well developed. One opponent has argued that prepaid products are so flexible and varied in forms that if the definition of monetary instruments was expanded to include prepaid cards it could expose the innocent traveler to civil and criminal penalties. To support this argument, the opponent offers an example: “a student studying abroad may have a prepaid card onto which her parents have loaded funds without the student's knowledge, sending the card's balance over the $10,000 limit.”
5.3 Fourth amendment issues
5.3.1 Is it a search when a customs officer swipes a prepaid card to ascertain its balance?
The Supreme Court has defined a Fourth Amendment “search” as government action that violates an individual's reasonable or legitimate expectation of privacy
A prepaid card is a form of a “container;” it contains information that allows the user to access funds electronically. But in this context, the analogy between containers that house private information and a prepaid card has its limits. First, unlike the search of a locked desk draw or computer hard drive, a search of a prepaid card does not intrude into private information. A merchant that swipes a prepaid card in a commercial transaction can only ascertain whether the issuing bank authorizes the transaction, in other words, whether there is sufficient value associated with the card to fund the transaction. Similarly, a customs agent that swipes a prepaid card can only learn the card's balance. The customs officer cannot acquire personal information about the person possessing it, such as personal financial information or transaction history. Instead, other analogies are more apt. In many ways, the swiping of a prepaid card to ascertain its balance is akin to a police officer initiating a check on a vehicle identification number or even a license plate. Federal courts have uniformly held that license plate checks are not a “search” for purposes of the Fourth Amendment
Second, unlike the information contained in a locked desk drawer or a computer hard drive, the information that is accessed when a prepaid card is swiped does not belong to the card holder. The information belongs to the issuing bank, and is usually maintained by a third-party processor or program manager. Thus, for the same reasons that a bank account holder does not have constitutionally protected expectation of privacy in the business records of a bank, so too a card holder does not have a reasonable expectation of privacy in the information accessed using a prepaid card
5.3.2 Assuming it is a search, can the search be conducted without suspicion?
Even if we assume for sake of discussion that the “search” of a prepaid card to ascertain the balance maintained on the card constituted a Fourth Amendment “search,” if conducted by a customs officer pursuant to the officer's border search authority such a “search” would not require a search warrant or a even a modicum of suspicion.
CMIR-related border searches of persons or property are governed in the first instance by the Constitution. In the case of border searches, the Fourth Amendment strikes a more favorable balance for the government than it would if the same search had been conducted within the USA
While the initial search for the unreported prepaid card may rightly be characterized as routine, one must consider whether what follows next can be considered part of the routine border search. To ascertain the value of funds loaded on the prepaid card, a customs agent will need to “swipe” the card and use the card's unique 15 or 16 digit number to gain access to the card issuer's online computer database. But such a “search” is akin to the kinds of suspicionless routine border searches that courts have consistently upheld. Although the Supreme Court has been reluctant to delineate exactly what a routine search involves, it has held that the government's authority to conduct suspicionless inspections at the border includes the authority to remove disassemble, and reassemble a vehicle's fuel tank
There are, to be sure, serious Fourth Amendment issues that can arise when a customs officer searches computers or storage disks. Courts are divided over the constitutionality of these kinds of searches
5.4 Right to financial privacy act
In response to the Supreme Court's holding in United States v. Miller establishing that a bank customer has no protected Fourth Amendment interest in customer records maintained by the bank, Congress enacted the RFPA
The issue arises whether a search of a prepaid card (at the border or otherwise), would trigger the protections of the RFPA. In other words, would a customs agent have to obtain a subpoena or a search warrant before asking the issuing bank how much value is associated with an open-system prepaid card or cards found in the possession of an inbound or outbound traveler? For prepaid cards of the kind in which the funds are held in a pooled account the answer is “no.” The most salient feature of the RFPA is the narrow scope of the entitlement it creates. In enacting the RFPA Congress sought to “minimize the risk that a customers' objections to subpoenas will delay or frustrate agency investigations.”
[…] “customer” means any person or authorized representative of that person who utilized or is utilizing any service of a financial institution, or for whom a financial institution is acting or has acted as a fiduciary, in relation to an account maintained in the individual customer's name
The term “person” is elsewhere defined as an “individual or partnership of five or fewer individuals.” Thus, the act is limited to individual customers and small partnerships; corporations are not protected. A person who obtains, possesses, or uses an open-system prepaid card has no standing under the RFPA. Such person is not a “customer” because the funds associated with that card are maintained in a pooled account held by either the issuing bank or its third party processor
It could be argued that the prepaid card purchaser is a beneficiary of the pooled account. However, such an argument would likely fail. As a general rule, the protections of the RFPA do not extend to third parties who may be beneficiaries of an account relationship maintained in another person or entities' name
Moreover, the query that the government would make of a prepaid card issuer or program manager is limited, most likely falls at least partly within an exception to the RFPA. The RFPA's provisions do not prohibit “the disclosure of any financial records or information which is not identified or identifiable as being derived from the financial records of a particular customer.”
5.5 Gramm-Leach-Bliley act
The RFPA imposes obligations on the government when gaining access to financial information. A separate federal statute, the GLBA, imposes restraints on a financial institution's disclosure of “nonpublic personal information” about consumers and customers to non-affiliated third parties
The application of the GLBA to stored value products raises several difficult issues, none of which need to be broached here
[…] stop and search, at the border and without a search warrant, any vehicle, vessel, aircraft, or other conveyance, any envelope, or other container, and any person entering or departing from the USA (italics added)
Though not specifically defined, the statutory term “container” aptly describes how a prepaid card functions. It contains information allowing the user to access funds remotely. For purposes of CMIR enforcement it is as much a “container” of currency as a wallet, purse, envelope, or Federal Express package
5.6 Foreign banks and prepaid cards
With two exceptions, the USA may not unilaterally compel a foreign bank to produce records located abroad
A second exception is more controversial. Section 5318(k) of Title 31 authorizes the Secretary of Treasury or the Attorney General to issue a summons or subpoena to any foreign bank that maintains a correspondent account in the USA and requests records related to such correspondent account, including records maintained outside of the USA relating to the deposit of funds into the foreign bank. So, great is the risk that a subpoena under this provision could affect the law-enforcement relationship with a foreign country that this provision, which was added with the USA Patriot Act, has seldom been used and there are no reported decisions addressing it.
Suppose a traveler enters the USA carrying a stack of prepaid cards issued by a foreign bank under a license from VISA. Suppose further that the funds associated with the prepaid card are maintained in a pooled account. Can the customs officer swipe the cards and ask:
- Are these open-system prepaid cards?
- Does the monetary value of the funds associated with these cards aggregate to more than $10,000?
More fundamentally, could the agent seize funds, which are held in a pooled account maintained by or on behalf of a foreign issuing bank?
The answer to these questions may depend on where the bank information and pooled account reside. If, as will often be the case, the information resides with a third-party processor or program manager in the USA then the query of that card is probably permissible. In terms of foreign relations, such a query would be less invasive than “Bank of Nova Scotia” subpoenas that courts have generally upheld. Likewise, if the pooled account itself resides in the USA then the seizure of funds might be a permissible. Section 981(k) of Title 31 authorizes the USA to forfeit funds maintained by a foreign bank in a correspondent account maintained at a US bank when forfeitable funds are deposited into an account at the foreign bank
If, however, the information or funds is maintained abroad, then the issue becomes more difficult. It is uncertain whether the USA would have to communicate through formal diplomatic channels to query the foreign bank for the relevant information. Some bank secrecy jurisdictions, for example, Switzerland might take exception if an US Government agent queried information about the value of funds maintained in a pooled account maintained in Switzerland for the benefit of a Swiss bank. In the absence of foreign cooperation, the USA could devise a unilateral scheme – analogous to the provisions of Section 5318(k). For example, the US Government could compel the card network to require a member of the network (i.e. the foreign bank) to produce the records of its cardholder in relation to cards issued outside the USA but used inside the USA
6 Conclusion
This paper makes the case for subjecting certain prepaid card products (but not all) to CMIR requirements. The money laundering threat posed by these products is not immediate, but it is not conjectural either. The more success US law-enforcement agencies have in interdicting the massive amounts of cash moving from the USA across the Mexican and Canadian borders the greater the risk that drug money launderers will resort to prepaid cards to move that monetary value. Those cards, particularly open-system cards, have many of the advantage of the currency without cash's chief disadvantage – its bulk.
An effective enforcement regime, however, is going to depend on the ability of law enforcement officers to differentiate those prepaid cards that are subject to CMIR regulation from those prepaid cards and other debit products that are not. It will also require US law-enforcement agencies (and perhaps ultimately the courts) to address the Fourth Amendment and privacy issues that may arise when a customs officer “searches” a prepaid card by swiping it and ascertaining the value of the funds associated with that card. I maintain in this paper that those issues can be surmounted, provided again that the enforcement regime is narrowly targeted to include only those prepaid card products that bear the closest resemblance to currency, and provided the funds associated with those products are maintained in pooled accounts.
References
2005 National Money Laundering Strategy (2005), 2005 National Money Laundering Strategy 20, available at: www.ustreas.gov/offices/enforcement/pdf/mlta.pdf (accessed December 2005), .
2007 National Drug Threat Assessment (2007), 2007 National Drug Threat Assessment 24, United States Department of Justice, National Drug Intelligence Center, available at: www.usdoj.gov/ndic/pubs21/21137/21137p.pdf (accessed October), .
2007 National Money Laundering Strategy (2007), 2007 National Money Laundering Strategy 3, available at: www.treas.gov/press/releases/docs/nmls.pdf, .
Albers, J.T. (2007), "Stored value cards: should we know the holder?", 11 N.C. Banking Inst. 363, 364 n. 12, March, .
Cheney, J.S. (2005), Fed. Reserve Bank of Philadelphia Payment Cards Ctr., Payment Cards and the Unbanked: Prospects and Challenges 5, available at: www.philadelphiafed.org/pcc/PaymentCardsantheUnbankedSummary.pdf (accessed July 14, 2005), .
Digital Transactions (2007), "FDC exits money orders as prepaid cards, walk-in bill pay makes gains", available at: www.digitaltransactions.net/newsstory.cfm?newsid = 1257 (accessed February 22), .
FATF Report (2006), Financial Action Task Force, Report on New Payment Methods, available at: www.bka.de/profil/zentralstellen/geldwaesche/pdf/report_payment.pdf (accessed October 10), .
Federal Reserve Bank of New York (2004), "Stored value cards: an alternative for the unbanked?", available at: www.ny.frb.org/regional/stored_value_cards.html, .
Federal Reserve Board (2005), A Summary of the Roundtable Discussion on Stored-value Cards and Other Prepaid Products, available at: www.federalreserve.gov/paymentsystems/storedvalue (accessed January 12), .
FFIEC (2006), BSA/AML Examination Manual, Federal Financial Institutions Examination Council, Arlington, VA, July, pp.202-4.
Furletti, M.J. (2007/2008), "Why prepaid cards should not be classified as monetary instruments", 1 PayBefore Magazine, Winter, pp. 123, 125, .
H.R. Rep. No. 975, 91st Cong. 2d Sess. (1970), H.R. Rep. No. 975, 91st Cong. 2d Sess., .
Hughes, S.J., Middlebrook, S.T., Peterson, B.W. (2006), "Developments in the law concerning stored value and other prepaid payment products", 62 Bus. Lawyer 229, 230, November, .
Kerr, O.S. (2005), "Searches and seizures in a digital world", 119 Harv. L. Rev. 531, 549 n. 79, .
Launder, W. (2007), "New Haven immigrant ID also a stored value card", American Banker, August 13, .
Letter from Irene S. Hernandez (2007), letter from Irene S. Hernandez, pp.6-7.
Money Laundering Threat Assessment (2005), Money Laundering Threat Assessment, Working Group, Department of the Treasury, Department of Justice, Department of Homeland Security, Board of Governors of the Federal Reserve System, and United States Postal Service, available at: www.ustreas.gov/offices/enforcement/pdf/mlta.pdf (accessed December 20), .
Moore, B. (2007), "ATM cards tied to virtual worlds a money launderer's dream say consultants", Moneylaundering.com News, available at: www.moneylaunderin.com/NesBriefDisplay (accessed November 20, 2007), .
Motz, P. (2006), "Application of the bank CIP rule under the bank secrecy act to prepaid card programs", Journal of Payment Systems Law, Vol. 2 No.4, pp.367.
Motz, P. (2007), "Money laundering and terrorist financing on prepaid cards", E-finance & Payments Law & Policy, March, .
NBPCA Letter (2006), letter from Anil D. Aggarwal, .
O'Brien, P.T. (1990), "Tracking Narco-dollars: the evolution of a potent weapon in the drug war", U. Miami Inter-Am. L. Rev., Vol. 21 No.29, pp.637-43.
OCC Bulletin (2006), "Gift card disclosures", OCC Bulletin, OCC 2006-34, August 14, .
Office of Thrift Supervision (2007), Office of Thrift Supervision, Gift Card Programs, p. 3, available at: www.ots.treas.gov/docs/7/777012.html (accessed February 28, 2007), .
Orack, B. (2007), "Banks, vendors face AML regulations for stored value cards, say consultants", Moneylaundering.com, available at: www.moneylaundering.com/NewsBriefDisplay.aspx?id = 1399 (accessed September 11, 2007), .
Prepaid Stored Value Cards (2006), "Prepaid stored value cards: a potential alternative to traditional money laundering methods 1, 3", US Department of Justice, National Drug Intelligence Center, available at: www.nbpca.com/docs/NMLAFC_Jan2007.pdf (accessed October 2006), .
Rinearson, J. (2004), "Beware strangers bearing gift cards", 14 Bus. L. Today, December, Vol. 57.
Rinearson, J. (2006), "Prepaid cards: coming of age", S&P's Review of Banking and Financial Services, April 1, n. 11, pp.41.
Rinearson, J., Woods, C. (2004), "Beware strangers bearing gift cards", Bus. Law Today, Vol. 57 pp.63.
Rosenberg, A.S. (2006), "Better than cash? Global proliferation of payment cards and consumer protection policy", 44 Colum. J. Transnat'l L. 520, .
Sienkiewicz, S. (2007), "Prepaid cards: vulnerable to money laundering?", Federal Reserve of Philadelphia, available at: www.philadelphiafed.org/pcc/index.html (accessed February 2-3), .
US Department of Justice (2007), "Attorney General Alberto R. Gonzalez announces expansion of justice department efforts and proposes new legislation to help prevent and combat violent crime", available at: www.usdoj.gov/opa/pr/2007/June/07_ag_398.html (accessed June 1), .
Wall Street Journal (2007), "Wash cycle – ATMs become handy tool for laundering dirty cash – with small deposits, couriers outwit banks; bag of money in Queens", Wall Street Journal, September 21, .
Woods, C.B. (2005), "Stored value cards", 59 Consumer Fin. L.Q. Rep. 211, 211-212, Fall, .
Corresponding author
Courtney J. Linn can be contacted at: courtney.linn@usdoj.gov