[House Hearing, 115 Congress]
[From the U.S. Government Publishing Office]
THE FEDERAL TRADE COMMISSION'S ENFORCEMENT OF OPERATION CHOKEPOINT
RELATED BUSINESSES
=======================================================================
JOINT HEARING
BEFORE THE
SUBCOMMITTEE ON NATIONAL SECURITY
AND THE
SUBCOMMITTEE ON
GOVERNMENT OPERATIONS
OF THE
COMMITTEE ON OVERSIGHT
AND GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED FIFTEENTH CONGRESS
SECOND SESSION
__________
JULY 26, 2018
__________
Serial No. 115-99
__________
Printed for the use of the Committee on Oversight and Government Reform
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Available via the World Wide Web: http://www.govinfo.gov
http://oversight.house.gov
_________
U.S. GOVERNMENT PUBLISHING OFFICE
31-425 PDF WASHINGTON : 2018
Committee on Oversight and Government Reform
Trey Gowdy, South Carolina, Chairman
John J. Duncan, Jr., Tennessee Elijah E. Cummings, Maryland,
Darrell E. Issa, California Ranking Minority Member
Jim Jordan, Ohio Carolyn B. Maloney, New York
Mark Sanford, South Carolina Eleanor Holmes Norton, District of
Justin Amash, Michigan Columbia
Paul A. Gosar, Arizona Wm. Lacy Clay, Missouri
Scott DesJarlais, Tennessee Stephen F. Lynch, Massachusetts
Virginia Foxx, North Carolina Jim Cooper, Tennessee
Thomas Massie, Kentucky Gerald E. Connolly, Virginia
Mark Meadows, North Carolina Robin L. Kelly, Illinois
Ron DeSantis, Florida Brenda L. Lawrence, Michigan
Dennis A. Ross, Florida Bonnie Watson Coleman, New Jersey
Mark Walker, North Carolina Raja Krishnamoorthi, Illinois
Rod Blum, Iowa Jamie Raskin, Maryland
Jody B. Hice, Georgia Jimmy Gomez, Maryland
Steve Russell, Oklahoma Peter Welch, Vermont
Glenn Grothman, Wisconsin Matt Cartwright, Pennsylvania
Will Hurd, Texas Mark DeSaulnier, California
Gary J. Palmer, Alabama Stacey E. Plaskett, Virgin Islands
James Comer, Kentucky John P. Sarbanes, Maryland
Paul Mitchell, Michigan
Greg Gianforte, Montana
Michael Cloud, Texas
Sheria Clarke, Staff Director
William McKenna, General Counsel
Sharon Eshelman, National Security Subcommittee Staff Director
Julie Dunne, Government Operations Subcommittee Staff Director
Sharon Casey, Deputy Chief Clerk
David Rapallo, Minority Staff Director
Subcommittee on National Security
Ron DeSantis, Florida, Chairman
Steve Russell, Oklahoma, Vice Chair Stephen F. Lynch, Massachusetts,
John J. Duncan, Jr., Tennessee Ranking Minority Member
Justin Amash, Michigan Peter Welch, Vermont
Paul A. Gosar, Arizona Mark DeSaulnier, California
Virginia Foxx, North Carolina Jimmy Gomez, California
Jody B. Hice, Georgia John P. Sarbanes, Maryland
James Comer, Kentucky Vacancy
Vacancy
------
Subcommittee on Government Operations
Mark Meadows, North Carolina, Chairman
Jody B. Hice, Georgia, Vice Chair Gerald E. Connolly, Virginia,
Jim Jordan, Ohio Ranking Minority Member
Mark Sanford, South Carolina Carolyn B. Maloney, New York
Thomas Massie, Kentucky Eleanor Holmes Norton, District of
Ron DeSantis, Florida Columbia
Dennis A. Ross, Florida Wm. Lacy Clay, Missouri
Rod Blum, Iowa Brenda L. Lawrence, Michigan
Bonnie Watson Coleman, New Jersey
C O N T E N T S
----------
Page
Hearing held on July 26, 2018.................................... 1
WITNESSES
Mr. Andrew Smith, Director of the Bureau of Consumer Protection,
U.S. Federal Trade Commission
Oral Statement............................................... 4
Written Statement............................................ 6
Mr. Jason Oxman, Chief Executive Officer, Electronic Transactions
Association
Oral Statement............................................... 18
Written Statement............................................ 21
Ms. Lauren Saunders, Associate Director, National Consumer Law
Center
Oral Statement............................................... 38
Written Statement............................................ 40
THE FEDERAL TRADE COMMISSION'S ENFORCEMENT OF OPERATION CHOKEPOINT-
RELATED BUSINESSES
----------
Thursday, July 26, 2018
House of Representatives,
Subcommittee on National Security, joint with the
Subcommittee on Government Operations,
Committee on Oversight and Government Reform,
Washington, D.C.
The subcommittees met, pursuant to call, at 10:30 a.m., in
Room 2154, Rayburn House Office Building, Hon. Ron DeSantis
[chairman of the Subcommittee on National Security] presiding.
Present from the Subcommittee on National Security:
Representatives DeSantis, Amash, Foxx, Comer, Lynch, and Welch.
Present from the Subcommittee on Government Operations:
Representatives Meadows, Hice, Massie, Connolly, and Maloney.
Mr. DeSantis. The Subcommittees on Government Operations
and National Security will come to order.
Without objection, the presiding member is authorized to
declare a recess at any time.
Mr. Meadows is not here yet. He does have an opening
statement. I think he is on his way. So if he wants to give it,
we will obviously do that.
I am second seat here, so I don't have one. So what I will
do is I will recognize the ranking member.
Mr. Connolly is not coming, right?
Mr. Lynch. I know he is around, but I know we have a lot
going on this morning.
Mr. DeSantis. Okay. So I will recognize the ranking member
on my subcommittee, Mr. Lynch, and I will let him do his
opening statement.
Mr. Lynch. Thank you very much. Mr. Chairman. I appreciate
the courtesy. I want to thank you for holding this hearing, and
I also want to thank the witnesses for helping us with our
work.
This hearing is to examine the anti-consumer-fraud efforts
undertaken by the Federal Trade Commission following the end of
Operation Chokepoint. I would also like to thank all of the
staff on both sides for preparing this hearing.
The Consumer Protection Branch at the Department of Justice
initiated the investigative and enforcement program known as
Operation Chokepoint in November of 2012. This operation
examined efforts of fraudulent practices perpetrated through
the U.S. banking system against bank customers by unscrupulous
merchants, financial institutions, and intermediaries referred
to as third-party payment processors.
As reported by the Department of Justice, fraudulent online
merchants would typically unlawfully direct their payment
processors to initiate debit transactions against consumer
accounts and transmit the money back to them.
In the most egregious cases, the payment processors had
full knowledge that merchant clients were committing those
fraudulent transactions and illegally siphoned money from
customer accounts anyway as some banks simply looked the other
way.
In furtherance of Operation Chokepoint, the Department of
Justice issued 60 administrative subpoenas from February 2013
through August 2013 to entities that are believed to have
evidence pertaining to consumer fraud schemes.
One of the most recent settlements that arose out of this
operation occurred in March of 2015 when the Department of
Justice announced that it had reached a $4.9 million settlement
with CommerceWest Bank of California.
The civil complaint in the case alleged that the bank had
ignored a series of red flags and facilitated consumer fraud by
permitting Las Vegas payment processors to make millions of
dollars in unauthorized withdrawals from consumer bank accounts
on behalf of fraudulent merchants.
The warning signs included an extremely high rate of
rejected debit transactions that were returned by customers and
their banks as well as inquiries that CommerceWest received
from other financial institutions about suspicious illegal
activity involving its payment processor.
I understand that some Members of Congress expressed
concern that the Department of Justice, in cooperation with the
financial regulators such as the Federal Deposit Insurance
Corporation, was unlawfully targeting certain categories of
legitimately operating businesses. In response, the House
Financial Services Committee, the House Judiciary Committee,
and this committee all conducted extensive investigations of
Operation Chokepoint, beginning back in the 113th Congress.
In December of last year, the House also passed H.R. 2706,
the Financial Institution Consumer Protection Act, by a
bipartisan vote of 395 to 2. I voted in favor of this
legislation, which seeks to address concerns stemming from the
facts surrounding Operation Chokepoint by prohibiting the FDIC
and other financial regulators from terminating their
relationship with specific customers without a valid and
written justification.
As underscored in a letter to Congress sent to the
Department of Justice in August of 2017, quote, ``All of the
Department's bank investigations conducted as part of Operation
Chokepoint are now over. The initiative is no longer in effect,
and it will not be undertaken again,'' close quote.
It is my understanding that the purpose of today's hearing
is to examine whether Operation Chokepoint has nevertheless
continued at the Federal Trade Commission despite its official
termination.
I greatly appreciate the willingness of our witnesses to
testify on this topic today. However, as ranking member of the
Subcommittee on National Security, it is my sincere hope that
during the remainder of the 115th Congress we will work
together on a bipartisan basis to conduct meaningful oversight
on those issues that are most pressing to the safety and
security of the American people, our dedicated military and
civilian personnel deployed overseas and our returning
veterans.
It simply does not serve the interest of national security
when the principal oversight committee in the House has held
more hearings on shark finning, believe it or not, shark
finning, and red snapper fishing in the Gulf of Mexico than it
has on the ongoing civil war in Syria--can you believe that?--
which is now entering its eighth year.
We currently have more than 2,000 American troops deployed
in a destabilized country that just witnessed a massive
offensive undertaken by the forces of Syrian President Bashar
al-Assad to recapture the southwestern city of Daraa. The
operation caused catastrophic damage to the city and displaced
more than 300,000 Syrians to the Syrian-Jordanian border in the
Golan Heights frontier. And just yesterday, Islamic State
militants launched a series of coordinated suicide bombings
across Sweida in southern Syria, killing more than 200 people.
So this committee has not held a single hearing on our
national security policy toward North Korea either. This issue
demands robust oversight following the statement of principles
on nuclear nonproliferation signed by President Trump and North
Korean President Kim Jong-un at their Singapore summit in June
and the initiation of diplomatic talks led by Secretary Pompeo.
We have held zero hearings on the state of our
counterterrorism operations in Africa, believe it or not. Our
American Green Berets, U.S. Navy SEALs, and other commandos are
currently on the ground in Africa under so-called section 127e
special ops authority. These units are undertaking perilous
counterterrorism raids with African partner forces in Nigeria,
Somalia, Libya, Tunisia, Kenya, and other nations, and their
safety necessitates rigorous oversight by this Subcommittee on
National Security.
And, of course, our ongoing military and counterterrorism
operation in Iraq and Afghanistan, where we still have an
estimated 6,000 and 15,000 American troops deployed,
respectively, should command our regular attention. While Iraqi
Prime Minister Haider al-Abadi declared final victory over the
Islamic State last December, the terrorist group is reemerging
across Kirkuk, Diyala, and Saladin provinces through a wave of
insurgent attacks and kidnapping.
The security environment in Afghanistan also continues to
deteriorate. This week alone, a suicide bomber carried out an
attack near Kabul Airport, killing 14 and wounding more than 50
individuals. Earlier this morning, a Taliban suicide bomber
attacked a security convoy of the Afghan National Intelligence
Agency.
So, Mr. Chairman, I respectfully request that we begin to
work on those issues and conduct oversight of those issues and
other critical national security issues going forward.
And, with that, I will yield the balance of my time. Thank
you.
Mr. DeSantis. The gentleman yields back.
I am pleased to introduce the witnesses. We have Mr. Andrew
Smith, the Director of the Bureau of Consumer Protection at the
FTC; Jason Oxman, chief executive officer of the Electronic
Transactions Association; and Ms. Lauren Saunders, associate
director of the National Consumer Law Center.
Welcome to you all.
Pursuant to committee rules, all witnesses will be sworn in
before they testify, so if you guys can please stand and raise
your right hand.
Do you solemnly swear or affirm the testimony you about to
give is the truth, the whole truth, and nothing but the truth,
so help you God?
All right. Please be seated.
All witnesses answered in the affirmative.
In order to allow time for discussion, please limit your
testimony to 5 minutes. Your entire written statement will be
made part of the record. As a reminder, the clock in front of
you shows the remaining time during your opening statement. The
light will turn yellow when you have 30 seconds left and red
when your time is up. Please also remember to press the button
to turn your microphone on before speaking.
And, with that, Mr. Smith, you are recognized.
WITNESS STATEMENTS
STATEMENT OF ANDREW SMITH
Mr. Smith. Thank you, Mr. Chairman and Ranking Member
Lynch. My name is Andrew Smith, and I am the Director of the
Bureau of Consumer Protection at the Federal Trade Commission.
My written statement submitted for the record represents
the views of the Commission, but this opening statement
represents my views alone and not necessarily the views of the
Commission or of any individual commissioner.
The FTC is the Nation's primary consumer protection agency.
We are a bipartisan and independent agency governed by five
commissioners, and we are dedicated to pursuing law enforcement
actions to stop unlawful practices, including fraud against
consumers.
In the last 10 years alone, the FTC has brought more than
600 cases in Federal court against companies and individuals
who engage in unfair and deceptive conduct, including countless
cases challenging fraudulent telemarketers and online scammers.
The FTC has returned hundreds of millions of dollars to
American consumers while obtaining strong injunctive relief to
protect consumers going forward.
When we bring a case against a fraudster, we routinely look
for others who knowingly facilitated the fraud, whether it be a
telemarketing boiler room, a robocalling platform, a lead
generator, or a payment processor who actively participated in
the fraudulent scheme.
In only 15 of these hundreds of fraud cases that we have
brought since 2008--in only 15 of these cases have we seen fit
to bring an enforcement action against a culpable payment
processor. And these 15 instances weren't the product of the
FTC staff acting on its own whim. The bipartisan Commission,
both Republicans and Democrats, approved each of these matters
by a unanimous and a public vote.
As these numbers demonstrate, the FTC doesn't take action
against payment processors lightly, and the 15 cases that we
have brought were not even remotely close calls. In each case,
we had specific evidence that these payment processors were
knowingly facilitating the misconduct of their merchants by
actively evading the antifraud protections of the national
payment system.
For example, we have sued payment processors who have
opened multiple, sometimes hundreds, of dummy merchant accounts
to hide fraudulent transactions, dilute consumer complaints and
charge-backs, and subvert the critical systems established by
banks and the card networks to monitor for illegal activity.
We also have seen payment processors that deliberately lie
to banks and the payment networks about the line of business of
their merchants, as well as payment processors engaging with
merchants in a high volume of sham payment transactions to
paper over the real but fraudulent transactions that resulted
in consumer charge-backs.
And I should note that the frauds perpetrated by the
merchants in these 15 cases were of the most egregious sort,
causing hundreds of millions of dollars of injury to consumers.
These constituted sham business opportunities, credit card
interest rate reduction scams, fraudulent online discount clubs
in which consumers never enrolled, and ``grandparent scams''
harming older Americans.
The FTC doesn't intend to impose on payment processors the
responsibility to police their customers, but we do expect
payment processors to follow the well-established rules of
their industry, and they must abide by the law. So when we see
evidence that a payment processor is knowingly facilitating a
fraudulent scheme, we will not hesitate to act to protect
consumers.
As the law enforcement numbers show, this isn't a game of
``gotcha'' for us at the FTC. We sue payment processors
sparingly and only where we have powerful evidence of their
complicity in the underlying fraud.
Thank you for the opportunity to testify. I welcome your
questions.
[Prepared statement of Mr. Smith follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. DeSantis. I thank the gentleman.
Mr. Oxman, you are up for 5 minutes.
STATEMENT OF JASON OXMAN
Mr. Oxman. Thank you, Mr. Chairman.
I am here representing ETA, the Electronic Transactions
Association. We are the trade association for the payments
industry, representing over 500 companies that offer electronic
transaction processing products and services to merchants.
ETA supports the enforcement of existing laws and
regulations by Federal agencies, including the Federal Trade
Commission, to stop fraud. But what we are deeply troubled
about is the FTC's use of Operation Chokepoint-style tactics to
hold payment processors responsible for fraud committed by bad
merchants.
The Department of Justice ended Operation Chokepoint in
2017 following congressional scrutiny and criticism. That
scrutiny demonstrated that holding payment processors liable
for merchant fraud has serious adverse consequences, including
processors abandoning lawful categories of merchants disfavored
by the government as well as higher prices for consumers.
Now, again, the payments industry is dedicated to fighting
fraud and ensuring that consumers have access to safe,
convenient, and affordable payment services. Consumers choose
electronic payments, indeed, because they have zero liability
for fraud.
ETA has worked hard as an industry representative to
develop guidelines on merchant and ISO underwriting and risk
monitoring. These guidelines provide more than 100 pages of
best practices to detect and halt fraudulent actors. ETA has
shared these draft guidelines with the Federal Trade
Commission, which has encouraged us to strengthen anti-fraud
efforts.
The FTC's targeting of the payments industry actually
predates Operation Chokepoint and, indeed, exceeded the
Department of Justice's efforts in scope but somehow has
managed to fly under the radar until today.
Many of our member companies receive what are called civil
investigative demands, CIDs, from the FTC asking for dozens of
categories of information about dozens of different merchants.
Many of our payment processor members receive multiple CIDs a
year, often part of a broader fishing expedition around a
particular industry.
Now, even though processors do their part to fight fraud
through robust underwriting and monitoring, payment processors
simply are not law enforcement. The fact is that sometimes
processors miss red flags or make unintentional mistakes. But
it is a big leap to suggest that a processor was intentionally
aiding and abetting a merchant in fraud and should be left to
cover the total cost of consumer injury caused by the merchant.
And that is exactly what the Federal Trade Commission does.
Specifically, the FTC seeks to hold payment processors and
even individual owners and employees financially responsible
for the total volume of sales transactions processed for a bad
merchant, even where the processor made just a penny on the
dollar for such transactions.
Emboldened by a recent but misguided decision in the 11th
Circuit entitled ``Universal Processing,'' the FTC's aggressive
use of joint and several liability threatens to put targeted
processors out of business or even to bankrupt individuals
based on the conduct of a single bad merchant out of a
processor's entire portfolio.
It is important to understand that the FTC uses the same
aggressive tactics in all cases, even where a processor
cooperates with the FTC to assist law enforcement activities.
The FTC's insistence on joint and several liability for payment
processors makes it financially impossible for a processor to
try to defend itself in court. A small processor that earns a
few thousand dollars processing for a merchant can't take the
risk of litigating a case where the FTC seeks to hold the
processor liable for millions of dollars.
When the FTC sends a CID to a processor regarding a
merchant, it tells the processor to maintain confidentiality
and to continue processing for the merchant. But then the FTC
inevitably turns on the processor and seeks to hold it
financially liable for all of the volume processed and all of
the merchant's sales, including those after the CID was issued.
Similarly, where a court appoints a receiver to manage a
merchant's assets, the FTC pressures the receiver to take
possession of a processor's reserves for the merchant, even
though those reserve accounts belong to the processor, not the
merchant. The processor is then forced to cover consumer
charge-backs out of its own funds.
The FTC refuses to discuss settlement of a case against a
processor until the processor or its individual owner provides
financial information.
The FTC also engages in aggressive prosecution of
individual officers and employees for assisting and
facilitating the conduct of a merchant employee, even where
they had no control over that conduct.
And the FTC regularly uses its CID process to request
information from third parties, when that information is
regularly available to the FTC itself.
The results of this enforcement approach is that payment
processors will have no choice but to increase prices for
services to merchants and, even worse, restrict access to
payment systems to certain categories of merchants to avoid
exposure for liability.
There is, however, a better path forward. Congress should
encourage the FTC to review and reconsider its overly
aggressive use of CIDs and questionable discovery and
enforcement tactics. Former FTC Chairman Ohlhausen in 2017
announced just such an effort. That effort should continue.
Congress should include a provision in the FTC's budget
authority limiting the FTC's ability to seek joint and several
liability against payment processors except where the processor
is actually an active part of a common enterprise with
merchants.
Congress should direct the FTC to halt enforcement actions
against processors until they engage in a public discussion of
Operation Chokepoint.
And Congress should support the FTC to encourage additional
industry self-regulation.
Thank you for the opportunity to appear here before you
today, and I look forward to your questions.
[Prepared statement of Mr. Oxman follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Meadows. [Presiding.] Thank you, Mr. Oxman.
Ms. Saunders, you are recognized for 5 minutes.
STATEMENT OF LAUREN SAUNDERS
Ms. Saunders. Thank you.
Chairman DeSantis, Ranking Member Lynch, Chairman Meadows,
Ranking Member Connolly, and members of the subcommittees,
thank you for inviting me to testify today. I am Lauren
Saunders, associate director of the National Consumer Law
Center, which works for economic justice for low-income and
other vulnerable consumers across the United States.
Fraud takes billions of dollars from people every year,
often from seniors and other vulnerable communities. Fraud also
imposes costs on businesses and many other people in the
country.
Fraudsters often do not act alone. Many fraudsters rely on
payment processors to take money out of consumers' accounts.
Responsible payment processors can stop fraud or make it more
difficult. Unfortunately, a very few outliers sometimes
willingly enable fraud.
The FTC's cases against payment processors are part of its
traditional bipartisan law enforcement work, unanimously
supported by both Republican and Democratic chairs and
commissioners. These cases go back over two decades and are
independent at the Department of Justice's former Operation
Chokepoint.
For example, in 1996, under Chairman Steiger, who was
appointed by the first President Bush, the FTC sued Windward
Marketing, which used remotely created checks to help a
magazine subscription scam bilk consumers of over $12 million.
In 2007, under Chairman Majoras, appointed by the second
President Bush, the FTC sued Your Money Access, which processed
more than $200 million on behalf of numerous fraudulent
telemarketers and internet-based merchants, accepting merchants
with facially false sales scripts and ignoring extremely high
return rates.
More recently, last year the FTC sued the payment processor
iStream Financial Services for processing discount club
transactions despite numerous fraud indicators, including
recommendations from the iStream's sister bank, independent
compliance auditors, and iStream's own compliance and risk
officers that the processing relationship be terminated due to
the high return rates and likelihood of fraud.
The FTC's work has been approved by courts, as in the
recent case against WV Universal Management, the credit card
processor for a fraudulent credit card interest rate reduction
scheme. The processor's president had personally approved
merchant accounts despite several glaring red flags, including
charge-backs so high that they came to the attention of
Mastercard, which noted the potential fraud risk.
The 11th Circuit Court of Appeals affirmed a position of
joint and several liability on the defendants but only after
observing that it was undisputed that Universal had violated
the telemarketing sales rule by providing substantial
assistance to the scammers despite knowing or consciously
avoiding knowing about the fraud.
The testimony from the Electronic Transaction Association
today criticizes the FTC's use of joint and several liability
but does not attempt to defend the conduct of the processor in
the Universal case.
And, indeed, as Mr. Smith pointed out, I haven't heard
anybody criticizing the cases they have brought. These are not
close cases. There is extensive evidence of complicity of the
payment processors in the very few cases that they bring.
The FTC targets bad apples and provides incentives for the
industry to police itself, spurring efforts like those of the
Electronic Transaction Association to help its members prevent
fraud and make enforcement unnecessary in most cases.
Vague and unsubstantiated claims have been made that the
FTC may be targeting entire classes of legal businesses, but
the evidence is that the FTC targets fraudulent activity, plain
and simple.
While I disagree with the characterizations of DOJ's
Operation Chokepoint, there is a key difference between that
operation and the FTC, and that is the FTC starts with the
scammer and then, like any good investigator, follows the
money.
Most of FTC's 600 fraud cases do not have a companion case
against a payment processor. But if the FTC finds evidence that
a payment processor was a willing participant and enabler, it
brings an enforcement action, which is especially important
because consumers cannot do this kind of investigation on their
own, and they rely on government to prevent this type of fraud.
The FTC's fraud work is especially important today, with
growing problems of identity theft, data breaches, and online
scams. Everyone, from individual consumers to legitimate
businesses benefits, when fraudsters and their collaborators
are held accountable.
Thank you for inviting me to testify today. I would be
happy to answer your questions.
[Prepared statement of Ms. Saunders follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Meadows. Thank you all for your testimony.
And the chair recognizes the gentleman from the 11th
District of Virginia, my good friend, Mr. Connolly, for his
opening statement.
Mr. Connolly. I thank the chair, and I thank our witnesses
for coming here today. I am a little late today because we had
a vote, and we are going to have some more votes very shortly.
Two days ago, during a full committee hearing on election
security in this very room, I made a motion for the Oversight
and Government Reform Committee to subpoena the Office of the
Director of National Intelligence to inform the committee and
the public about the extent of the Russian threat to our
country. That subpoena unfortunately was tabled by a vote of 17
to 15.
This morning, two Oversight and Government Reform
subcommittees are teaming up to discuss the urgent problem of
Operation Chokepoint, a program that no longer exists and a
program that the full committee conducted extensive oversight
of 4 years and two chairmen ago.
What is, one wonders, the urgent need for this hearing now,
when the administration is under legal compulsion to reunite
children that have been separated from their parents as part of
a zero tolerance policy at the border; when the deaths of
perhaps as many as 4,600 U.S. citizens in Puerto Rico have been
attributed to Hurricane Maria and the Federal Government's
inadequate response to it; when the Secretary of Commerce
apparently misled this committee on why a divisive question on
citizenship was hastily added to the 2020 census; when a member
of this committee, full committee, forthrightly wrote an op-ed
in The New York Times saying that the President of the United
States has been manipulated by Vladimir Putin?
These are all worthy of committee examination and open
hearings. So what could possibly be the reason for this hearing
today?
Congress conducted lengthy oversight of Operation
Chokepoint in 2013 and 2014. Congressional Republicans then
alleged that DOJ and the FDIC intentionally conspired--
intentionally--to mislead Congress about their partnership and
inappropriately targeted a list of high-risk merchants and
industries to conduct Operation Chokepoint.
The Committees on Financial Services and Judiciary also
held oversight hearings. The Oversight and Government Reform
Committee conducted an investigation under then-Chairman
Darrell Issa that produced not one but two staff reports.
Republicans got what they wanted. The two principal
agencies involved in Chokepoint, the DOJ and the FDIC, have
both ended their work on the operation. The FDIC ended its
involvement in Operation Chokepoint in January of 2015.
The DOJ issued a letter to the chairman of the House
Judiciary Committee in August that stated, and I quote, ``All
of the Department's bank investigations conducted as part of
Operation Chokepoint are now over. The initiative is no longer
in effect, and it will not be undertaken again,'' unquote.
Pretty definitive.
Yet here we are questioning the Federal Trade Commission,
an agency that played no role in Operation Chokepoint. And here
we are because the FTC has a broad mandate to protect consumers
from unfair, deceptive, or fraudulent practices in the
marketplace.
Some have concluded that this must mean a continuation of
Operation Chokepoint. That, it seems to me, is not the case. As
part of its work to protect consumers, the FTC works to stop
payment fraud, including taking action against payment
processors that knowingly or recklessly facilitate fraud. That
is their job. The FTC's cases against payment processors goes
back two decades and is not related to Operation Chokepoint,
which started much later and, as we have heard, no longer
exists.
Enforcement action against payment processors who knowingly
participate in fraudulent schemes or willfully ignore signs of
illegal activity has historically received bipartisan support.
These schemes often prey on vulnerable populations, such as
seniors, immigrants with limit English language, or families of
Active Duty military.
According to a survey by True Link, a company that provides
account monitoring software for elders and families, projected
that financial elder abuse costs families more than $36 billion
a year, of which $17 billion is linked to exploitation and
scams such as work-from-home schemes, misleading financial
advice, or reverse mortgages.
I can't speak for my colleagues, but I have to say: We
ought to be having hearings, it seems to me, about some of the
pressing issues of the day. And we could start with the list of
subpoena requests the Democrats have submitted to the full
committee and the full chairman. I think there are now 62 of
them outstanding. That would be some work worthy of our
enterprise.
I thank my friend from North Carolina for letting me have
this time for my opening statement and will try my best to
participate before we call votes.
Mr. Meadows. I thank the gentleman from Virginia. And, as
he well knows, on some of those items I am willing to advocate
in a bipartisan fashion to deal with some of those.
I would like to ask unanimous consent that my opening
statement be made part of the record without doing it. Any
objection?
Mr. Connolly. No objection.
Mr. Meadows. All right. So ordered.
Mr. Meadows. Also, I would like to recognize Charlie Kirk,
who is here.
Thank you for being here. You have done some work on this
particular issue, and we appreciate your work.
And so, with that, I will recognize the gentleman from
Florida, Chairman DeSantis.
Mr. DeSantis. Thank you, Mr. Chairman.
Thanks to the witnesses. I appreciate the work that you
guys do.
Mr. Smith, fraud is just a cottage industry, particularly
in my State of Florida. You know, you have seniors. And I think
we are by far, I think, the number-one State for complaints. So
I think it is very, very important. And the issues you site
where people are knowingly involved in fraud, I think that is a
no-brainer.
How would you respond to Mr. Oxman? Because there seems to
be a discrepancy here about how innocent processors are treated
by the FTC. Because I would say, if the people who are
committing fraud, that's where you would want to do the
government action. If people are simply processing this stuff
without being a part of it, then putting some of these
investigative demands on them raises the cost of doing
business, and that hurts consumers, too, because people don't
have access, the ability to do that.
So how would you respond to some of the things Mr. Oxman
pointed out?
Mr. Smith. Right. So in the 15 cases that we have brought,
I don't think there is any disagreement about complicity by the
payment processor. So there are issues raised by Mr. Oxman
about what I understand to be compulsory process issued by the
FTC to payment processors as a part of a broader investigation.
So we do this kind of third-party discovery, like any
litigant does and like any law enforcement agency does. We do
it routinely. We send third-party CIDs, civil investigative
demands, to telephone companies, to banks, to payment
processors, to internet registrars in order to gather
information for our investigations of----
Mr. DeSantis. Is there a threshold that is required before
you initiate that?
Mr. Smith. So any CID that we issue, whether it is to a
target or to a third party, has to be approved by a
commissioner and it has to articulate specific allegations of a
law violation in order for us to issue the CID. So we can't do
fishing expeditions to, you know, we want to investigate the
business opportunity industry and so this CID, we are sending
it to 100 companies as a part of that. We don't do that,
because we are not permitted to do that under our rules of
practice and our statute.
So we do send third-party process, though. All law
enforcement agencies do. And we are sensitive to the fact that
it is expensive to respond, and we appreciate that. And, as Mr.
Oxman noted, in 2017 the FTC undertook an effort to streamline
its CID processes to make them more manageable for businesses.
But the fact remains that we really need to get this
information from third parties. We frequently can't get it
anyplace else, either because the investigation is confidential
and we don't want to tip the target or because we get better
information from third parties than we get from the target. We
have frequently found instances where--remember, we are talking
about fraudsters here--where they have given us bad responses
to our CIDs and we have gotten better information from third
parties.
But we understand and respect that that presents an expense
for legitimate businesses, and we appreciate that and try to
factor that in to our targeting.
Mr. DeSantis. The idea of holding the person processing the
transaction responsible for the entire amount of the
transaction, unless there is evidence that they knowingly were
participating in the fraud, that would not be something that
you would support?
Mr. Smith. Right. So, in the 11th Circuit case that was
mentioned by Ms. Saunders, the court held that--and there are a
couple of other court decisions that have similar holdings--
that, in order to impose joint and several liability on a
payment processor, the FTC has to show that they knew of the
fraudulent scheme or they consciously avoided knowing it and
they actively facilitated the fraudulent scheme.
So, in that 11th Circuit case, what happened was that the
company president was complicit in sort of fast-tracking these
fraudulent transactions through, circumventing the underwriting
process and the monitoring process. And the company essentially
admitted liability. The question was, was there enough
knowledge, was there enough intent, in order to satisfy that
joint and several standard? And the court held that there was.
Mr. DeSantis. So, Mr. Oxman, how would you respond? Because
I think that, you know, Mr. Smith is saying, hey, there are
rare instances where there is active participation. And, look,
I mean, that is a totally different issue, if they are actively
engaged in fraud. You are raising concerns about kind of just
the normal course of business and having, you know, government
action really hurt the industry. So how would you respond to
what Mr. Smith has said?
Mr. Oxman. That is exactly right. And I think the reason
that both Mr. Smith and Ms. Saunders focus on those 15 cases is
we have no dispute with those cases, and we are not here to
discuss that.
What we are here to discuss and what we are raising
concerns about is what is happening at the FTC in all the cases
we don't know about.
So our member companies are telling us that there are an
unrelenting number of CIDs coming out of the FTC in cases where
the Commission appears to be looking--I call it a fishing
expedition--at particular merchant categories. They are sending
these CIDs out, sometimes dozens at a time, looking blanketly
across multiple industries and using the information gathered
to build cases.
And, as Mr. Smith noted, those CIDs don't need the approval
of the entire Commission. They need one commissioner. And what
we are looking for is a process where, as in those 15 cases,
the entire Commission is making sure that these actions are
justified and that the burden is not placed on processors to
take these actions in support of law enforcement where they are
legitimately going against bad merchants. That is the concern
that we have.
Mr. DeSantis. Great.
I am out of time, so I will yield back.
Mr. Meadows. The chair recognizes the gentleman from
Virginia, Mr. Connolly.
Mr. Connolly. Thank you, Mr. Chairman.
At this time, I would defer to my colleague, the brilliant
gentlelady from New York.
Mrs. Maloney. Thank you so much, Ranking Member and
Chairman, for holding this important hearing on consumers and
protection for them.
I want to commend and thank Ms. Saunders and the
organization she represents, the National Consumer Law Center,
for the initiatives that you have taken to protect
disadvantaged people, poor people, and, particularly, elderly
people from financial scams.
So, first, I would like to ask you, in your own words, at
the NCLC, what types of financial scams targeting the poor, the
elderly, or other vulnerable people have you seen and come
across?
Ms. Saunders. You know, the variation is really incredible.
We see a lot of ``grandparent scams.'' In fact, my own
father was subject to one of these that the FTC actually did a
little profile blog on. Somebody called up--and my father, who
is very competent, 88 years old, but he got a call, you know,
``Hi, this is Ben, and I've been arrested, and I need some
money to get out on bail.'' And even my own father, who, you
know, thought it didn't sound like his voice, you know, called
me up and said, ``Where is Ben?'' And, you know, I mean, he was
very scared, and the scammer wanted him to go and send the
money.
Mrs. Maloney. Wow.
Ms. Saunders. We see romance scams. We see lottery scams.
We see fake interest credit card reduction scams. And often
these scams do target seniors and people with limited English
proficiency and other--IRS scams. I get these calls all the
time, you know, ``I'm the IRS, I'm going to arrest you.'' Now,
I don't owe the IRS, so I'm not too scared when I get those
calls, but there are, you know, people who have trouble with
their back taxes, don't realize it is not the IRS on the other
end.
There are all sorts of scams. And a lot of these scams
require a method to take the money from consumers, to take the
money out of their pockets. And most payment processors, you
know, do their best to stop being willing participants, but
those who do are appropriately subject to enforcement. And the
FTC needs to investigate to figure out who is culpable and who
is not.
Mrs. Maloney. Okay. You have given some examples of people.
Could you give some examples of how the FTC is important in
protecting consumers against predatory third-party payor
processors, which Mr. Oxman seems to feel are being unfairly
targeted?
Ms. Saunders. Right. Well, you know, I mentioned the
iStream Financial Services case. This is a case where people
were signed up for discount clubs that they really didn't want
and money was taken out of their bank account. And----
Mrs. Maloney. They signed them up without their knowledge
and then took the money out of their account?
Ms. Saunders. Exactly.
Mrs. Maloney. How in the world can you do that? Isn't the
bank there to--how could they get into their accounts?
Ms. Saunders. Because people often provide their
information because they think they are signing up for
something else. They may think they are signing up for a payday
loan. They may think that they are getting a one-time, you
know, purchase of something. But once they have their bank
account information, they can use that. Maybe sometimes in the
fine print, in deceptive terms, you know, they sign them up for
something else.
Mrs. Maloney. Is this usual, that payment processors
participate in scams like this?
Ms. Saunders. Payment processors are often essential to
move the money, in order to take a credit card, a debit card,
to do an electronic payment. Now, again, they aren't all
complicit, but they are often a key part of how the scam works
and how the money gets from the consumer to the scammer.
Mrs. Maloney. Now, what would happen if consumers were
helpless, if there was no FTC there to help them in payment
scams or other scams?
I talked to some of the prosecutors in New York, and they
say a lot of their work in the district attorney's office is
just trying to protect people from scams all the time.
Ms. Saunders. Right. Absolutely.
Mrs. Maloney. So, if you didn't have the FTC, would there
be any protection for consumers in this area?
Ms. Saunders. You know, consumers do have some protection
against unauthorized charges, and they can go to their bank if
they can show that the charge is unauthorized.
And it actually imposes costs on banks, as well, especially
small banks. They are the ones who end up having to deal with
these things, and it costs them money to have to deal with the
consumer and reverse the charge. And sometimes they can't get
them reversed.
Mrs. Maloney. Now, I want to get to some of the other
witnesses.
Mr. Smith, how many enforcement actions has the FTC pursued
since 1996? And how many of these enforcement actions have
involved a third-party processing payment system?
Mr. Smith. Right. So we looked back 10 years to 2008, and
we counted up 639 enforcement actions. We decided just to focus
on the last 10 years because it would have taken us a long time
to count up until 1996. But in that 10 years, we have 639
enforcement actions generally and 15 against payment
processors.
And one quick thing I wanted to add is that we are focusing
a lot on the complicit payment processors, but the payment
processing industry--trillions of dollars of transactions
happen without event, right? So consumers should feel safe that
the payment processing industry is looking after their best
interests. It is just in these very few cases where we found a
need to drill down and hold the payment processor responsible.
Mrs. Maloney. Uh-huh.
May I just, Mr. Chairman, ask a question related to what he
just said?
Mr. Meadows. Very succinctly.
Mrs. Maloney. Okay.
So what is the estimated amount of financial harm consumers
have suffered in these 639 cases and 15 with--so we get a sense
of what is the economic impact on people and the economy.
Mr. Smith. Right.
Mr. Meadows. So you can answer briefly. The gentlewoman's
time has expired.
Mr. Smith. Okay. In the 15 cases, we had $700 million of
harm and we recovered $620 million for consumers.
Mrs. Maloney. Wow.
Mr. Meadows. Okay.
Mrs. Maloney. Uh-huh.
Mr. Meadows. The chair recognizes the gentleman from
Georgia.
Mr. Hice. Thank you, Mr. Chairman.
Mr. Smith, what was the role of the FTC in developing
Operation Chokepoint?
Mr. Smith. So I wasn't at the Commission at the time, but I
have spent a lot of time reviewing the OGR prior
investigations, and I have also spent a lot of time talking to
staff. And the FTC was a part of the Financial Fraud
Enforcement Task Force established by President Obama, along
with something like 30 other agencies--Securities and Exchange
Commission, the IRS, et cetera.
We also were a leader of the Consumer Protection Working
Group of that FFETF. And as the Nation's primary consumer
protection agency, that would only make sense. And there were
maybe another dozen agencies on the Consumer Protection Working
Group. So we communicated with DOJ and all of our law
enforcement partners regularly about fraud cases.
In terms of specific Operation Chokepoint activity, the
FTC, as I understand it, wasn't involved in that. It wasn't
involved in targeting, to the extent that there was any, of
particular industries. But I don't want to say that there
wasn't information being exchanged by the FTC with its law
enforcement partners, because we do that all the time pursuant
to our rules and approval by our general counsel.
Mr. Hice. Right. According to the memos about Chokepoint,
as I understand it, the FTC provided the DOJ with potential
leads for Operation Chokepoint investigations.
Mr. Smith. Don't--well, we provided the DOJ with names of
banks.
Mr. Hice. Right.
Mr. Smith. Don't know if that was for Chokepoint or for
something else.
One thing that is important to remember is that the FTC
doesn't have any jurisdiction over banks. That is specifically
carved out from our statute. DOJ does. So, to the extent that
there might be banks that have information or that may be
problematic, then that is a DOJ----
Mr. Hice. But as you came up with suspicious information,
that information was passed on as a potential lead, according
to memos, as I understand it.
So my question from that would be: How would the FTC
determine a particular companyor institution, whether or not
they should be investigated? What are they looking for?
Mr. Smith. So a particular company, we were looking for
strong evidence of fraud, and we would investigate the
merchant, right? So we would investigate the business
opportunity scam or the robocalling scam.
And in the course of that investigation, as Ms. Saunders
said, we follow the money, as all investigators do. So you go
to the payment processor, you go to the acquiring bank, you go
also to other third parties, like the telephone company and the
internet registrar, to gather up information.
And so, in the course of those investigations, there is a
process between the FTC and other law enforcers to share
information that we get----
Mr. Hice. So did the FTC actually participate in Operation
Chokepoint?
Mr. Smith. No, not as far as I know. I mean, there was--so
if you think of Chokepoint as the--it was defined earlier in
the hearing as these 60 subpoenas that were sent out, that is
not us.
Mr. Hice. All right.
Now, before your appointment to the FTC, you worked for a
law firm that represented companies against Operation
Chokepoint. Is that correct?
Mr. Smith. Yes.
Mr. Hice. Okay. I am curious of some of your experiences
with that. Did any of your clients have assets seized as a
result of Operation Chokepoint?
Mr. Smith. So my involvement with Operation Chokepoint--and
this is a matter of public record. I was a partner at the law
firm of Covington & Burling, and I represented a trade
association for online lenders who were impacted negatively by
Operation Chokepoint.
So the work was primarily on a policy level, working with
the agencies to determine how we can resolve Operation
Chokepoint. Because the problem was that legitimate companies
were losing their banking relationship----
Mr. Hice. Right. That is what I am aware of.
Mr. Smith. Right.
Mr. Hice. So, with that--and that was the whole problem
with this. So I take it that you did represent some companies
that had some assets seized. What----
Mr. Smith. No, not so much companies, but more this trade
association. So I don't know----
Mr. Hice. Okay. Were the seizures justified?
Mr. Smith. I don't know of any asset seizures for Operation
Chokepoint. The problem was the loss of the banking
relationship.
Mr. Hice. You don't know of any seizures as a result?
Because I certainly do.
Mr. Smith. Of Operation Chokepoint? No. I mean, I know that
the FTC--and, I mean, in the course of our law enforcement, we
will seize assets in order to return money to consumers. As far
as Operation Chokepoint is concerned--so at the top of the
hearing, it was defined as these 60 subpoenas, resulting in 3
actions against banks. And as far as asset seizures, that I
don't know. I think the banks were exposed to penalties,
perhaps for anti-money-laundering issues, but I don't know.
Mr. Hice. Well, so were companies.
And, unfortunately, my time has expired, Mr. Chairman, so I
will yield back.
Mr. Meadows. I thank the gentleman from Georgia.
The gentleman from Virginia is recognized.
Mr. Connolly. Thank you.
Ms. Saunders, I understand from your testimony you
certainly believe, in this context, consumers need some
protection.
Ms. Saunders. Absolutely.
Mr. Connolly. You need to speak closer to that microphone.
You can move it to you.
Ms. Saunders. Okay. Yes, absolutely. I think fraud would be
far, far worse if we didn't have the FTC and other law
enforcement agencies, you know, looking at this fraud and
finding everybody who is culpable.
Mr. Connolly. Right.
Now, one of the practices that has concerned me for a long
time: Certain payday lenders, for example, not all but some,
prey on vulnerable families of Active Duty military, especially
those who kind of ship overseas and their families are left
behind. They tend to be lower-income folks, and making ends
meet can be a real challenge.
Is that a problem, in your experience?
Ms. Saunders. Well, the Military Lending Act today does
prohibit high-cost loans to servicemembers. Certainly, payday
loans have been a problem with servicemembers and their
families and loved ones.
You know, that is not anything related at all to, you know,
the FTC's enforcement work against payment processors, but,
separately, we have pushed for protections for servicemembers
and all families against predatory lending, and payday lenders
are a big problem.
Mr. Connolly. Yeah. I guess the point I was just trying to
make is that, when we look at, sort of, financial predation, it
covers all kinds of classes of people--seniors, ordinary
consumers, and even our Active Duty military families who can
be taken advantage of in times of need. And they all need
someplace to go for protection.
Ms. Saunders. Right. Absolutely. And, certainly,
servicemembers and veterans are targets of fraud, you know,
like any other American, and they need the vigorous work of
government to stop those kinds of scams and to cut off these
scammers from the ability to take the money, as long as we, you
know, are going after the payment processors who are willing
participants.
Mr. Connolly. Right.
Now, you gave the example of your dad.
Ms. Saunders. Uh-huh. Who's a veteran.
Mr. Connolly. I'm sorry?
Ms. Saunders. Who is a veteran.
Mr. Connolly. Who is a veteran. Served this country.
I think all of us know the stories of sort of the unwitting
compliance--unwitting in that people are sometimes too trusting
or don't have their guards up. And none of us want to sort of
become, you know, jaundiced and cynical as a society, but, on
the other hand, trying to help folks who maybe are more
vulnerable to those kinds of schemes and threats and
manipulation.
And I mentioned that the best estimate we had was that
elder crime in this kind of category was $36 billion a year.
Sound right to you?
Ms. Saunders. I have heard that number, yes.
Mr. Connolly. So do you want to expand just a little bit in
terms of why senior citizens are maybe more vulnerable than
some others in society and more susceptible to this kind of
consumer fraud?
Ms. Saunders. Right. Well, seniors, you know, are often
more trusting. You know, those of us here in Washington tend to
be very cynical, but they do tend to be more trusting----
Mr. Connolly. Not on this committee, Ms. Saunders.
Ms. Saunders. Okay.
Mr. Connolly. Yeah.
Ms. Saunders. They are often lonely, and somebody who calls
them on the phone and is friendly and talks to them, you know,
can be very persuasive.
I have an uncle who was subject to a romance scam, and I
could not convince him that this woman, who--he was so lonely,
and this younger woman befriended him. I could not convince him
that, even after he wrote $30,000 worth of checks to her, that
she was a scammer. I could not convince him to go to the
police. He was later subject to identity theft as part of the
same, you know, problem.
Mr. Connolly. Yeah.
Ms. Saunders. And, you know, I had to go to a number of
banks who were innocent, you know, who had fraudulent accounts
created there, but I had to enlist their help.
Mr. Connolly. To what extent are some of these fraudsters
offshore, overseas? And does that complicate our ability to
regulate that?
Ms. Saunders. It does. I mean, they are often in boiler
rooms offshore, and sometimes the money is moved offshore. That
is why our anti-money-laundering laws and know-your-customer
rules are especially important, to stop this kind of fraud and
other movements of money overseas.
Mr. Connolly. Yeah. I think that is really important to
note, as well. Because I know of one, in particular,
headquartered in the Caribbean, and that scheme was to call you
up and say, you've won the lottery, the Jamaican lottery or
whatever lottery, and all you have to do is send us, you know,
your credit card number and $200 for processing and you're
going to be rich. And I couldn't believe how many people,
unfortunately, were prey to that scheme. So that is a whole
different dimension.
Thank you, Mr. Chairman.
Mr. Meadows. The gentleman from Kentucky is recognized, Mr.
Massie.
Mr. Massie. Thank you, Mr. Chairman.
Mr. Smith, in 2011, FDIC Quarterly Journal published a list
of 30 merchant categories that were high-risk endeavors. Among
these categories included what I consider to be very legitimate
commerce: ammunition sales, firearms sales, pharmaceutical
sales, surveillance equipment, and tobacco sales.
Does the FTC use this list or does the FTC have their own
list of high-risk categories? And is that publicly available?
Mr. Smith. We don't target our--we don't have a list of
high-risk merchants. We don't target our enforcement activity
based on high-risk merchants.
I will tell you, in all of the cases that we have brought
that we outlined here, the fraud cases where there have been
payment processors involved, involved telemarketing boiler
rooms essentially, you know, real hardened scams, situations
where merchants were debiting consumers' accounts without even
any authorization.
Mr. Massie. Okay. I just want to make sure you weren't
targeting firearms sales, ammunition sales, pharmaceutical
sales----
Mr. Smith. No. None of our cases have been brought
against----
Mr. Massie. I am not talking about cases that have been
brought but the things that are initiated in the way you look
for cases.
Mr. Smith. Right. We don't--okay. So, in terms of case
targeting, we look at things like consumer complaints,
consumers who have been defrauded. We conduct consumer surveys
to determine whether or not there are companies that are
engaged essentially in deceptive conduct.
Mr. Massie. Okay.
Mr. Smith. So that's our guide.
Mr. Massie. So when you think you've found it, do you have
a standard formula to fine or penalize the processing
companies, or do you just sort of ad hoc make it up as you go?
Mr. Smith. Well, we are looking for complicit--evidence
that these processors were complicit in the underlying fraud.
And, typically, what we--well, in fact, in every case that I
reviewed in preparing for this testimony, every case, we have a
situation where the payment processor was actively hiding the
misconduct from its banking partner and----
Mr. Massie. Right, right. But I'm assuming you've found
somebody who's guilty of something. Do you have a standard
formula for the penalty?
Mr. Smith. So, with respect to the underlying merchant, we
look for unfair----
Mr. Massie. Or the processor.
Mr. Smith. Okay. So our cases, we start with the underlying
merchant, and we typically, you know, prove up or allege fraud,
get a settlement sometimes with that merchant. So real fraud,
deceptive conduct that hurts consumers.
And then we follow the money. And in those couple of cases
where we've thought that the payment processor went, sort of,
beyond the pale--I mean, we're not pushing the envelope here.
We're talking about really bad conduct by payment processors.
In those cases, we've brought action.
Mr. Massie. But my question is, is there a standard policy
that guides when you're going to do that or what the penalty is
going to be?
Mr. Smith. We don't have a written----
Mr. Massie. Okay.
Mr. Smith. --policy for when we bring an action.
Mr. Massie. My next question is, I heard you say, I think--
and this is encouraging--that you acknowledge that the civil
investigative demands are a burden on the merchant. Is that----
Mr. Smith. On all third-party recipients. So the payment
processors aren't unique in this regard or uniquely burdened.
But any company, we routinely in the course of our
investigations--and this is true for all law enforcement
agencies, State, Federal, local--we will have to seek
information from third parties unconnected from the fraud. And
responding to that compulsory process is going to be expensive,
and we understand that and appreciate it and do our best to----
Mr. Massie. So it's almost like a tax, this added
regulatory compliance. So, given that, I think it's important
to know how many of these CIDs have been initiated. Can you
tell us--I think Mr. Oxman has alluded to an increased amount
or activity of CIDs. Can you give us the number of CIDs?
Mr. Smith. I don't have the number of third-party CIDs that
we've----
Mr. Massie. Are they going up or down or----
Mr. Smith. My guess is that they're going to be flat,
because I think that our enforcement activity is generally, you
know, a fairly steady pace. So, as an example, if you just look
at cases----
Mr. Massie. Instead of guessing, could you just give us
those numbers, like, how many CIDs? Could you give us that
later? I'm not asking for it today.
Mr. Smith. Yes. I'll ask the staff if we can get those
numbers.
Mr. Massie. Thank you.
I've got one last question in the last 30 seconds. I'm glad
to hear that you recovered money for people who have been
defrauded. But can you guarantee us that all the assets that
are seized by the FTC go to victims or consumers, that none of
it gets diverted to other things?
Mr. Smith. Well, there are severe legal limitations on our
ability to divert money. There's a----
Mr. Massie. So it never happens?
Mr. Smith. So there are cases where are administering a
redress program and there is money left over. And, in those
cases, sometimes----
Mr. Massie. So you've remunerated all of the victims and
they've all become whole and you've got money left over?
Mr. Smith. Sometimes, because not every victim----
Mr. Massie. Every victim has always been compensated?
Mr. Smith. We can't always find every victim. But what I'm
talking about here is a small amount of money, typically, in
the tens of thousands, and we disgorge that to the Treasury
Department.
Mr. Massie. So you can----
Mr. Smith. Because it's very difficult----
Mr. Massie. Do you know what they do with it? Just goes
back into the general----
Mr. Smith. It goes into the general fund.
Mr. Massie. So it's not diverted to any type of projects or
anything?
Mr. Smith. We're prohibited from that. I think it's called
the Miscellaneous Receipts Act. And we're prohibited from using
money that we recover for consumers for our own purposes.
Mr. Massie. All right.
My time has expired. Thank you, Mr. Chairman.
Mr. Meadows. I thank the gentleman for his insightful
questions.
The gentleman from Kentucky, Mr. Comer, is recognized.
Mr. Comer. Thank you, Mr. Chairman.
I have two questions for Mr. Smith.
First of all, has the Federal Trade Commission performed
any studies or research on whether holding processors
responsible for all alleged harm caused by a merchant will
result in higher processing costs for merchants and ultimately
consumers?
Mr. Smith. Well, so, first, I disagree with the premise
that we're holding all processors liable for all fraud. We're
bringing, as we said a couple of times, very few cases here.
But in answer to your question, no, we haven't conduct a study.
Mr. Comer. Does the FTC have a standard approach to
settlements?
Mr. Smith. To settlement with payment processors?
Mr. Comer. To settlements.
Mr. Smith. To settlement.
Mr. Comer. Yes.
Mr. Smith. So most of the cases that we bring we settle,
particularly in the fraud area. In some cases, the bad guys
don't show up for court, and so we get a default judgment. And
in the course of following the money to try to return money to
consumers, if we go to a payment processor, then most of those
cases are settled too. Of the however many that I mentioned, I
think four have been litigated.
Mr. Comer. What are ways in which the FTC can improve its
tactics to be less burdensome to law-abiding and legitimate
businesses?
Mr. Smith. Well, last year, the Commission undertook an
effort to streamline its CID process, and we've heard back from
industry that that's helpful. Of course, more always needs to
be done, and we are, you know, open to additional suggestions
about how to streamline the process.
Then the other aspect of that would just be to send fewer
third-party CIDs and try to get information from the targets
themselves. We sometimes have difficulty doing that because the
investigation is confidential or because the targets aren't
forthcoming, so we have to go to third parties. But we
appreciate that this imposes a burden on businesses, and we are
always looking for ways to lessen that burden.
Having said that, we badly need this information for our
law enforcement program. We badly need information from third
parties, whether it's payment processors, banks, telephone
companies, internet registrars, other folks who provide
services to the companies that are defrauding consumers.
Mr. Comer. Thank you, Mr. Chairman. I yield back.
Mr. Meadows. I thank the gentleman.
The chair recognizes himself for a series of questions.
Ms. Saunders, listen, I think all of us up here want to
make sure that consumers are protected. And the horrible
stories you hear--actually, I've been one that--you know, it's
interesting because occasionally I get these phone calls where
I've won unbelievable amounts of money, and they just want me
to call back, and so I do. And it's very interesting when we
have these dialogues with a Member of Congress. And so I've
called the FTC. So we want to protect it. And so I want to say
thank you for being an advocate for those consumers.
But there is an equal protection that has a concern, as a
business guy, as a small-business guy. And, Mr. Smith, you've
talked about only bringing a few small actions. But is it not
true that you many times will freeze assets and force companies
to settle without ever bringing them to trial?
Mr. Smith. So I think you're talking here about the issue--
--
Mr. Meadows. Well, you cast a wide net--so you get a
complaint. You cast a very wide net. And, literally, you freeze
their assets, so they don't have the ability to actually endure
long-term. Because you don't bring the case--actually, you
don't ever bring the case, but they holler, ``Olly, olly, oxen
free, please let me go''----
Mr. Smith. Right.
Mr. Meadows. --and so they settle the case.
Mr. Smith. We don't have the ability to freeze assets
without a court order. So here is how an asset freeze would
work. And typically we would----
Mr. Meadows. Yeah, but the power of the FTC is well-known.
And so you get a court order, and you cast a very wide net. Do
you not cast a wide net?
Mr. Smith. So we get a court order against a bad guy----
Mr. Meadows. Right.
Mr. Smith. --a temporary restraining order----
Mr. Meadows. And everybody that touches the bad guy.
Mr. Smith. --and a receiver-appointed--no. The money of the
bad guy, right? So we find the bad guy's accounts--or, more
appropriately, the receiver finds the bad guy's accounts and
freezes them. It is the receiver's job, who is appointed by the
court.
And within those accounts, when those accounts are held by
other people, then what the law says is that a constructive
trust is established over that money because it's money that is
being held for the merchant by its service providers. And so
the receiver may reach out to those other accounts that are
being held on behalf of the merchant by others.
Mr. Meadows. So, Mr. Oxman, maybe help clarify my question,
so Mr. Smith can understand it a little bit better.
Mr. Oxman. Yeah. Thanks, Mr. Chairman.
So this enforcement strategy that Mr. Smith calls ``follow
the money,'' here's how it works. So they'll go after a
legitimate fraudster. And, as you noted, Mr. Chairman, it's
very important that they do so. It's an important law
enforcement function.
Once they've established a case against the fraudster or
bad merchant, they then turn their sights on the payment
processor and say: Okay, you processed $40 million in
transactions for this merchant. They were bad, so we're going
to go after $40 million of your money.
And the processor says: Well, wait a minute, I only made
$5,000 off that, you know, less than a penny on the dollar from
that transaction.
And the FTC says: Well, no, you processed that money for
them, and you have a reserve account--which, by the way, is a
reserve account----
Mr. Meadows. To pay this.
Mr. Oxman. --to pay consumers.
Mr. Meadows. Right.
Mr. Oxman. ``Charge-backs'' they're called.
Mr. Meadows. Right.
Mr. Oxman. And instead of allowing the processor to take
those funds and reimburse consumers, the FTC says or directs a
receiver to say: No, we're going seize that money, we're going
to use it.
That is the ``follow the money'' strategy. And, as you've
noted, Mr. Chairman, that strategy punishes processors who
weren't even implicated in the process at all. It's like
holding a cash register responsible for taking money and going
after the manufacturer of the cash register, or holding AT&T
responsible if you and I have a phone call plotting a crime.
Going after the processor might seem easy because that's
where the money is. But when you're following the money to a
party that had nothing to do with the fraud, that's where the
problem comes. And that's where the issue of payment
processors, you know, having to shut off merchants unfairly,
having to raise their prices because of this FTC enforcement
strategy.
So what we would like to see the FTC do is follow the money
to the fraudster, don't bring in innocent parties like payment
processors and hold them financially responsible essentially as
an insurer for bad merchant behavior.
Mr. Smith. This is not----
Ms. Saunders. Could I respond?
Mr. Smith. --an issue of holding payment processors liable
for the full amount of the fraud. This is an issue of
marshaling the assets of the fraudster and freezing them. So
these reserve accounts are----
Mr. Meadows. So you're saying what he just said, freezing
the $40 million in his example----
Mr. Smith. We're not freezing $40 million.
Mr. Meadows. Well, hold on.
Mr. Smith. Reserve accounts don't have the full amount of
the fraud in them. The reserve accounts have whatever the
payments that the merchants or the processors----
Mr. Meadows. So are you saying there's not enough money in
the reserve accounts to pay the consumers? Is that your sworn
testimony here today?
Mr. Smith. What I'm saying is----
Mr. Meadows. No, I--yes or no, is there enough money in the
reserve accounts, like Mr. Oxman said, if you had the reserve
account, that would actually go to her father or whomever if it
was done improperly, is there enough money in the reserve
accounts----
Mr. Smith. There's never enough money in the reserve
accounts because it represents a fraction of the fraud. It's
just whatever money the payment processor is holding back for
the last 60, 90, 180 days, whatever the contract is between the
payment processor and the merchant.
Mr. Meadows. Okay. So why, then, if it's frozen, why would
you freeze that?
Mr. Smith. We would freeze it----
Mr. Meadows. Freeze the reserves.
Mr. Smith. We would freeze the reserve account so that we
can marshal all of the assets of the fraudster and make as
close to full recompense as we can to all of the customers.
Mr. Meadows. So let's assume that you're following the
money and the FTC follows the money and you freeze the assets.
What happens when they're innocent?
Mr. Smith. Well, we're not freezing the assets of anyone
who's innocent. We're freezing the assets of the fraudster that
are being held----
Mr. Meadows. So how do you know that they're guilty?
Mr. Smith. I'm sorry?
Mr. Meadows. How do you know that they're guilty?
Mr. Smith. Because a court has entered a temporary
restraining order----
Mr. Meadows. You've got a court order. That's different
than having an actual case.
Mr. Smith. Well, no, we have to make a strong showing to
the court--look, a TRO, an asset freeze----
Mr. Meadows. Right. Okay.
Mr. Smith. --the appointment of a receiver, these are
extraordinary remedies, and courts don't enter them lightly. We
go into court without giving an opportunity for the other side
to respond because the fear is that, if we do, the money, the
evidence, the people will be----
Mr. Meadows. Gotcha. Okay. That makes sense. That makes
sense.
So here's what I would ask of you, Mr. Smith, because
you've got a long career not just in your new job but at the
FTC, and, actually, I have found the people of the FTC to be
very capable Federal servants. I mean, they actually are a
great group. I actually, when I was a freshman, had a hearing
with the FTC and found the engagement to be delightful.
Here is the concern that we're hearing. So, just as awful
as some of those stories that Ms. Saunders has shared with us,
we're hearing some stories from people who believe that they've
had a disproportionate amount of attention based on through no
fault of their own. And so it'd be like me processing
something, and all of a sudden I find that I processed, through
millions of different people, I had one bad actor, and then all
of a sudden my entire business operation gets constrained. And
we've got to find a way to deal with that too.
Because what happens--and whether it's additional reserves,
whether it's actually looking at a more targeted approach.
Because if we're not dealing with that, Mr. Smith, what we're
doing is we're having a chilling effect on a number of
different small businesses. And as a small-business guy, that's
something that I'm not going to stand for.
And so I can tell by the way you're nodding that you're
willing to help us work through this. This is not my issue.
This is not one that, honestly, when I heard about it
originally, I said, well, how could that be going on? If you're
willing to come in and brief, you know, our staff or me
personally, I am willing to look at that.
And I think, as a small-business guy, hopefully what I can
do is help mediate the distance between Mr. Oxman, Ms.
Saunders, and you, Mr. Smith, where we can come together and
say, well, this is some good policy that we can change, and
figure out what part is legislative and what part of it is
administrative. Does that sound fair?
Mr. Smith. Yes.
And I would add that, in most instances where we're talking
about reserve accounts, that there is some sort of an
accommodation that's agreed to by the parties. The ultimate
issue over whether the receiver owns the reserve accounts is
one for the court, but it doesn't usually get there, and we're
able to reach some sort of an accommodation.
Mr. Meadows. So let me tell you what you may be getting a
little bit of side benefit. Obviously, Operation Chokepoint was
an issue that had a political agenda in some shape or fashion.
The other part that you're getting from me is seeing the FDIC
do similar things when it comes to banking regulations and what
they do. And so you may be getting a little bit of spillover,
because I have seen the long arm of the FDIC, at times, do
things that have an unbelievable chilling effect, that make
absolutely no business sense whatsoever, in the name of
protecting consumers.
And so I want to be fair to you. And so if--I see some of
your staff nodding that they're willing to come in, so I assume
that you're willing to bring your staff in to help, where we
can work through that.
And, Mr. Oxman, I would ask you to give me a few more
examples.
Ms. Saunders, if you will do the same from a consumer
standpoint.
Hopefully, we can come together and we can fix this without
another hearing. How about that? Does that sound good?
Mr. Smith. We'd be happy to work with your staff.
Mr. Meadows. All right.
So, with that, I'd like to thank all of you for appearing
today.
I think they're--well, they did call votes, and so
hopefully I'll make it.
The hearing record will remain open for the next 2 weeks
for any member who wants to submit an opening statement or
questions.
So you may get followup questions from some of the those
members.
Mr. Meadows. And if there's no further business before the
subcommittee, it stands adjourned.
[Whereupon, at 11:39 a.m., the subcommittees were
adjourned.]