[Federal Register Volume 72, Number 192 (Thursday, October 4, 2007)]
[Proposed Rules]
[Pages 56680-56699]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 07-4914]
=======================================================================
-----------------------------------------------------------------------
FEDERAL RESERVE SYSTEM
12 CFR Part 233
[Regulation GG; Docket No. R-1298]
DEPARTMENT OF THE TREASURY
31 CFR Part 132
RIN 1505-AB78
Prohibition on Funding of Unlawful Internet Gambling
AGENCIES: Board of Governors of the Federal Reserve System and
Departmental Offices, Department of the Treasury.
ACTION: Notice of joint proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: This notice is published jointly by the Departmental Offices
of the Department of the Treasury (the ``Treasury'') and the Board of
Governors of the Federal Reserve System (the ``Board'') (collectively,
the ``Agencies'') and proposes rules to implement applicable provisions
of the Unlawful Internet Gambling Enforcement Act of 2006 (the
``Act''). In accordance with the requirements of the Act, the proposed
rule designates certain payment systems that could be used in
connection with unlawful Internet gambling transactions restricted by
the Act. The proposed rule requires participants in designated payment
systems to establish policies and procedures reasonably designed to
identify and block or otherwise prevent or prohibit transactions in
connection with unlawful Internet gambling. As required by the Act, the
proposed rule also exempts certain participants in designated payment
systems from the requirements to establish such policies and procedures
because the Agencies believe it is not reasonably practical for those
participants to identify and block, or otherwise prevent or prohibit,
[[Page 56681]]
unlawful Internet gambling transactions restricted by the Act. Finally,
the proposed rule describes the types of policies and procedures that
non-exempt participants in each type of designated payment system may
adopt in order to comply with the Act and includes non-exclusive
examples of policies and procedures which would be deemed to be
reasonably designed to prevent or prohibit unlawful Internet gambling
transactions restricted by the Act. The proposed rule does not specify
which gambling activities or transactions are legal or illegal because
the Act itself defers to underlying State and Federal gambling laws in
that regard and determinations under those laws may depend on the facts
of specific activities or transactions (such as the location of the
parties).
DATES: Comments must be received on or before December 12, 2007.
ADDRESSES: You may submit comments by any of the following methods:
Board: You may submit comments, identified by Docket Number R-1298,
by any of the following methods:
Agency Web site: http://www.federalreserve.gov. Follow the
instructions for submitting comments at http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm.
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
E-mail: [email protected]. Include docket
number in the subject line of the message.
Fax: (202) 452-3819 or (202) 452-3102.
Mail: Jennifer J. Johnson, Secretary, Board of Governors
of the Federal Reserve System, 20th Street and Constitution Avenue,
NW., Washington, DC 20551.
All public comments are available from the Board's Web site at
http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm, as
submitted, unless modified for technical reasons. Accordingly, your
comments will not be edited to remove any identifying or contact
information. Public comments may also be viewed electronically or in
paper in Room MP-500 of the Board's Martin Building (20th and C
Streets, NW.) between 9 a.m. and 5 p.m. on weekdays.
Treasury:
Federal eRulemaking Portal-- ``Regulations.gov'': Go to
http://www.regulations.gov, select ``Department of the Treasury--All''
from the agency drop-down menu, then click ``Submit.'' In the ``Docket
ID'' column, select ``Treas-DO-2007-0015'' to submit or view public
comments and to view supporting and related materials for this notice
of proposed rulemaking. The ``User Tips'' link at the top of the
Regulations.gov home page provides information on using
Regulations.gov, including instructions for submitting or viewing
public comments, viewing other supporting and related materials, and
viewing the docket after the close of the comment period.
Mail: Department of the Treasury, Office of Critical
Infrastructure Protection and Compliance Policy, Room 1327, Main
Treasury Building, 1500 Pennsylvania Avenue, NW., Washington, DC 20220.
Instructions: You must include ``Treas-DO'' as the agency name and
``Docket Number Treas-DO-2007-0015'' in your comment. In general, the
Treasury will enter all comments received into the docket and publish
them without change, including any business or personal information
that you provide such as name and address information, e-mail
addresses, or phone numbers. Comments, including attachments and other
supporting materials, received are part of the public record and
subject to public disclosure. Do not enclose any information in your
comment or supporting materials that you consider confidential or
inappropriate for public disclosure.
You may view comments and other related materials by any of the
following methods:
Viewing Comments Electronically: Go to http://www.regulations.gov, select ``Department of the Treasury--All'' from
the agency drop-down menu, then click ``Submit.'' In the ``Docket ID''
column, select ``Treas-DO-2007-0015'' to view public comments for this
notice of proposed rulemaking.
Viewing Comments Personally: You may personally inspect
and photocopy comments at the Department of the Treasury Library, Room
1428, Main Treasury Building, 1500 Pennsylvania Avenue, NW.,
Washington, DC. You can make an appointment to inspect comments by
calling (202) 622-0990.
Commenters are requested to submit copies of comments to both
Agencies.
FOR FURTHER INFORMATION CONTACT:
Board: Christopher W. Clubb, Senior Counsel (202/452-3904), Legal
Division; Jack K. Walton, II, Associate Director (202/452-2660),
Jeffrey S. Yeganeh, Manager, or Joseph Baressi, Financial Services
Project Leader (202/452-3959), Division of Reserve Bank Operations and
Payment Systems; for users of Telecommunication Devices for the Deaf
(TDD) only, contact 202/263-4869.
Treasury: Charles Klingman, Deputy Director, Office of Critical
Infrastructure Protection and Compliance Policy; Steven D. Laughton,
Senior Counsel, or Amanda Wise, Attorney-Advisor, Office of the
Assistant General Counsel (Banking & Finance), 202/622-9209.
SUPPLEMENTARY INFORMATION:
I. Background and Introduction
The Act prohibits any person engaged in the business of betting or
wagering (as defined in the Act) from knowingly accepting payments in
connection with the participation of another person in unlawful
Internet gambling. Such transactions are termed ``restricted
transactions.'' The Act generally defines ``unlawful Internet
gambling'' as placing, receiving, or otherwise knowingly transmitting a
bet or wager by any means which involves the use, at least in part, of
the Internet where such bet or wager is unlawful under any applicable
Federal or State law in the State or Tribal lands in which the bet or
wager is initiated, received, or otherwise made.\1\ The Act states that
its provisions
[[Page 56682]]
should not be construed to alter, limit, or extend any Federal or State
law or Tribal-State compact prohibiting, permitting, or regulating
gambling within the United States.\2\ The Act does not spell out which
activities are legal and which are illegal, but rather relies on the
underlying substantive Federal and State laws.\3\
---------------------------------------------------------------------------
\1\ From the general definition, the Act exempts three
categories of transactions: (i) Intrastate transactions (a bet or
wager made exclusively within a single State, whose State law or
regulation contains certain safeguards regarding such transactions
and expressly authorizes the bet or wager and the method by which
the bet or wager is made, and which does not violate any provision
of applicable Federal gaming statutes); (ii) intratribal
transactions (a bet or wager made exclusively within the Indian
lands of a single Indian tribe or between the Indian lands of two or
more Indian tribes as authorized by Federal law, if the bet or wager
and the method by which the bet or wager is made is expressly
authorized by and complies with applicable Tribal ordinance or
resolution (and Tribal-State Compact, if applicable) and includes
certain safeguards regarding such transaction, and if the bet or
wager does not violate applicable Federal gaming statutes); and
(iii) interstate horseracing transactions (any activity that is
allowed under the Interstate Horseracing Act of 1978, 15 U.S.C. 3001
et seq.).
The Department of Justice has consistently taken the position
that the interstate transmission of bets and wagers, including bets
and wagers on horse races, violates Federal law and that the
Interstate Horseracing Act (the ``IHA'') did not alter or amend the
Federal criminal statutes prohibiting such transmission of bets and
wagers. The horse racing industry disagrees with this position.
While the Act provides that the definition of ``unlawful Internet
gambling'' does not include ``activity that is allowed under the
Interstate Horseracing Act of 1978,'' 31 U.S.C. 5362(10)(D)(i),
Congress expressly recognized the disagreement over the interplay
between the IHA and the Federal criminal laws relating to gambling
and determined that the Act would not take a position on this issue.
Rather, the Sense of Congress provision, codified at 31 U.S.C.
5362(10)(D)(iii), states as follows:
It is the sense of Congress that this subchapter shall not
change which activities related to horse racing may or may not be
allowed under Federal law. This subparagraph is intended to address
concerns that this subchapter could have the effect of changing the
existing relationship between the Interstate Horseracing Act and
other Federal statutes in effect on the date of enactment of this
subchapter. This subchapter is not intended to resolve any existing
disagreements over how to interpret the relationship between the
Interstate Horseracing Act and other Federal statutes.
\2\ 31 U.S.C. 5361(b).
\3\ See H. Rep. No. 109-412 (pt. 1) p.10.
---------------------------------------------------------------------------
The Act requires the Agencies (in consultation with the U.S.
Attorney General) to designate payment systems that could be used in
connection with or to facilitate restricted transactions. Such a
designation makes the payment system, and financial transaction
providers participating in the system, subject to the requirements of
the regulations.\4\ The Act further requires the Agencies (in
consultation with the U.S. Attorney General) to prescribe regulations
requiring designated payment systems and financial transaction
providers participating in each designated payment system to establish
policies and procedures reasonably designed to identify and block or
otherwise prevent or prohibit restricted transactions. The regulations
must identify types of policies and procedures that would be deemed to
be reasonably designed to achieve this objective, including non-
exclusive examples. The Act also requires the Agencies to exempt
certain restricted transactions or designated payment systems from any
requirement imposed by the regulations if the Agencies jointly
determine that it is not reasonably practical to identify and block, or
otherwise prevent or prohibit the acceptance of, such transactions.
---------------------------------------------------------------------------
\4\ The Act defines ``financial transaction provider'' as a
creditor, credit card issuer, financial institution, operator of a
terminal at which an electronic fund transfer may be initiated,
money transmitting business, or international, national, regional,
or local payment network utilized to effect a credit transaction,
electronic fund transfer, stored value product transaction, or money
transmitting service, or a participant in such network or other
participant in a designated payment system.
---------------------------------------------------------------------------
Under the Act, a participant in a designated payment system is
considered to be in compliance with the regulations if it relies on and
complies with the policies and procedures of the designated payment
system and such policies and procedures comply with the requirements of
the Agencies' regulations. The Act also directs the Agencies to ensure
that transactions in connection with any activity excluded from the
Act's definition of ``unlawful Internet gambling,'' such as qualifying
intrastate transactions, intratribal transactions, or interstate
horseracing transactions, are not blocked or otherwise prevented or
prohibited by the prescribed regulations.
The regulation being proposed by the Agencies in this notice: (i)
Sets out definitions for terms used in the regulation; (ii) designates
payment systems that could be used by participants in connection with,
or to facilitate, a restricted transaction; (iii) exempts certain
participants in certain designated payment systems from requirements of
the regulation; (iv) requires the participants performing non-exempt
functions in a designated payment system to establish and implement
policies and procedures reasonably designed to prevent or prohibit
restricted transactions, such as by identifying and blocking such
transactions; (v) provides non-exclusive examples of policies and
procedures for non-exempt participants in each designated payment
system; and (vi) sets out the regulatory enforcement framework.
Comments on all aspects of the proposed regulation are welcome;
however, the Agencies are, in particular, seeking comment on the issues
noted in the section-by-section analysis below.
The Agencies desire to achieve the purposes of the Act as soon as
is practical, while also providing designated payment systems and their
participants sufficient time to adapt their policies and practices as
needed to comply with the regulation. The Agencies propose that the
final regulations take effect six months after the joint final rules
are published, and request comment on whether this period is
reasonable. Commenters requesting a shorter period should explain why
they believe payment system participants would be able to modify their
policies and procedures, as required, in the shorter period. Similarly,
commenters requesting a longer period should explain why the longer
period would be necessary to comply with the regulations, particularly
if the need for additional time is based on any system or software
changes required to comply with the regulations.
II. Section by Section Analysis
A. Definitions
The proposed regulation provides definitions for terms used in the
regulation. Many of the definitions (such as ``bet or wager,''
``financial transaction provider,'' ``Internet,'' ``money transmitting
business,'' ``restricted transaction,'' and ``unlawful Internet
gambling'') follow or refer to the Act's definitions. The proposed rule
does not attempt to further define gambling-related terms because the
Act itself does not specify which gambling activities are legal or
illegal and the Act does not require the Agencies to do so. The Act
focuses on payment transactions and relies on prohibitions on gambling
contained in other statutes under the jurisdiction of other agencies.
Further, application of some of the terms used in the Act may depend
significantly on the facts of specific transactions and could vary
according to the location of the particular parties to the transaction
or based on other factors unique to an individual transaction. The
purpose of the proposed regulations is to implement the provisions of
the Act that instruct the Agencies to require participants in
designated payment systems to establish policies and procedures
reasonably designed to identify and block or otherwise prevent or
prohibit restricted transactions. For these reasons, and in
consultation with the Department of Justice, the Agencies' preliminary
view is that issues regarding the scope of gambling-related terms
should be resolved by reference to the underlying substantive State and
Federal gambling laws and not by a general regulatory definition.
The proposed rule includes definitions for some payment system
terms (such as ``automated clearing house system,'' ``card system,''
``check collection system,'' ``check clearing house,'' ``money
transmitting business,'' ``money transmitting service,'' and ``wire
transfer system'') because they relate to the designated payment
systems, exemptions, and required policies and procedures. The
definitions of most of these payment system terms are based on existing
regulatory or statutory definitions, such as the Board's Regulation CC
(12 CFR Part 229) or the Uniform Commercial Code (UCC).\5\ Terms used
in the context of particular payment systems are intended to be
consistent with how those terms are used in those systems. The proposed
rule incorporates by reference relevant definitions of terms regarding
the automated clearing house (ACH) system as published in ``2007 ACH
Rules: A Complete Guide to Rules & Regulations Governing the ACH
Network'' (the ACH Rules) by the
[[Page 56683]]
National Automated Clearing House Association (NACHA). In accordance
with the Act, the definitions of ``money transmitting business'' and
``money transmitting service'' have the meanings given the terms in the
Bank Secrecy Act,\6\ determined without regard to any regulations
prescribed by the Treasury thereunder.\7\
---------------------------------------------------------------------------
\5\ The Uniform Commercial Code is a model commercial law
developed by the National Conference of Commissioners on Uniform
State Law (NCCUSL) in conjunction with the American Law Institute.
NCCUSL is a non-profit organization that promotes the principles of
uniformity by drafting and proposing specific statutes in areas of
law where uniformity between the States is desirable. No uniform
statute is effective until a State legislature adopts it as part of
its State law.
\6\ 31 U.S.C. 5330(d).
\7\ The Agencies believe that this cross-reference does not
otherwise require the Act and the Bank Secrecy Act to be interpreted
in light of each other.
---------------------------------------------------------------------------
In addition, the proposed regulation defines the term ``participant
in a designated payment system'' as an operator of a designated payment
system, or a financial transaction provider that is a member of, has
contracted for services with, or is otherwise participating in, a
designated payment system. The proposed regulatory definition clarifies
that an end-user customer of a financial transaction provider is not
included in the definition of ``participant,'' unless the customer is
also a financial transaction provider otherwise participating in the
designated payment system on its own behalf.
The Agencies request comment on all of the terms and definitions
set out in this section. In particular, the Agencies request comment on
any terms used in the proposed regulation that a commenter believes are
not sufficiently understood or defined.
B. Designated Payment Systems
Section 3 of the proposed regulation designates the following
payment systems as systems used by a financial transaction provider
that could be used in connection with, or to facilitate, a restricted
transaction: automated clearing house systems; card systems (including
credit, debit, and pre-paid cards or stored value products); check
collection systems; money transmitting businesses; and wire transfer
systems. The broad range of the payment systems designated by the
regulation reflects the fact that a restricted transaction may be made
through many different payment systems. The designated payment systems
are described in more detail below.
1. Automated Clearing House System
The ACH system is a funds transfer system, primarily governed by
the rules and guidelines published by NACHA, that provides for the
clearing and settlement of batched electronic entries for participating
financial institutions.\8\ ACH transfers can be either credit or debit
transfers and can be either recurring or one-time transfers. Recurring
ACH transfers typically occur on a set schedule and are pre-authorized
by the individual or entity whose account is being credited or debited.
Recurring credit transfers include payroll direct deposit payments,
while recurring debit transfers include mortgage and other bill
payments. One-time ACH transfers are authorized at the time the payment
is initiated. One-time credit transfers include bill payments made
through the bill payer's bank, while one-time debit transfers include
bill payments made through the biller's payment site.
---------------------------------------------------------------------------
\8\ A primer on the ACH network is provided in the ACH Rules.
---------------------------------------------------------------------------
The designation of the originating and receiving institution in ACH
terminology is based on the participants that initiate and receive the
ACH entries, rather than the direction of the flow of funds. The
originator of an ACH transfer generally sends the payment instruction
to its bank, the originating depository financial institution (ODFI),
so that the payment instruction can be entered into the ACH system. The
ODFI combines the payment instructions with payment instructions from
its other customers and sends them to an ACH operator for processing.
The ACH operator will then sort and deliver the payments to the
appropriate receiving depository financial institutions (RDFIs) and
complete the interbank settlement process. The RDFIs then post the
payments, either credits or debits, to the receivers' accounts. The
fundamental difference between the ACH credit and debit transfers is
that for ACH credit transfers funds are ``pushed'' to an account at the
institution receiving the message, while in ACH debit transfers funds
are ``pulled'' from an account at the institution receiving the
message. In other words, for credit transfers, the originator is
requesting that funds be credited to the receiver (the funds move in
the same direction as the payment instruction), while for debit
transfers, the originator is requesting that funds be debited from the
receiver (the funds move in the opposite direction from the payment
instruction).
In some instances, a ``third-party sender'' acts as an intermediary
between an originator and an ODFI with respect to the initiation of ACH
transactions where there is no contractual agreement between the
originator and the ODFI. Under the ACH Rules, a third-party sender
assumes the responsibilities of an originator and is obligated to
provide the ODFI with any information the ODFI reasonably deems
necessary to identify each originator for which the third-party sender
transmits entries. The use of third-party senders in ACH transactions
poses particular risks because the ODFI does not have a direct
relationship with the originators.
The ACH Rules also include particular provisions governing cross-
border ACH payments made in cooperation with another country's national
payment system. Under the ACH Rules, the U.S. segment of a cross-border
ACH transaction is settled separately between the U.S. participants and
the U.S. gateway operator. The interface between the two national
payment systems is commonly accomplished through an ``originating
gateway operator'' in the originator's country and a ``receiving
gateway operator'' in the receiver's country. Both the originating and
receiving gateway operators are participants in their respective
national payment systems and capable of clearing and settling payments
in their respective systems. In the United States, the gateway operator
can be an ODFI (for ``inbound'' transactions), an RDFI (for
``outbound'' transactions), or, with the appropriate agreements in
place, an ACH operator. Additionally, a third-party sender may have
proprietary arrangements with a foreign counterparty and accept
instructions to submit cross-border ACH entries to the appropriate ACH
operator or ODFI.
In the case of inbound transactions, the ``originating gateway
operator'' in the country of the originator receives the entry from its
national payments network and then transmits the entry to a receiving
gateway operator in the receiving country. The receiving gateway
operator then transmits the entry into its national payments system for
delivery to the intended RDFI. If a U.S. ODFI acts as a receiving
gateway operator, it would be the first U.S. institution involved in
the transaction and would submit the transaction to its U.S. ACH
operator for further processing. Under the ACH Rules, a U.S. receiving
gateway operator for a particular cross-border transaction must make
warranties expected of an ODFI for that transaction and assumes
liability for breaches of those warranties to every RDFI and ACH
operator, so in effect it becomes the ODFI for the U.S. segment of the
transaction.\9\ Similarly, a U.S. depository financial institution or
third-party sender receiving instructions to originate cross-border ACH
entries directly from a foreign counterparty would be the first U.S.
participant involved in the transaction and would originate the ACH
entry in the U.S. ACH system.
---------------------------------------------------------------------------
\9\ See ACH Rules, Operating Rules Sec. Sec. 11.6 and 11.7.
---------------------------------------------------------------------------
[[Page 56684]]
2. Card Systems
Card systems are systems for clearing and settling transactions in
which credit cards, debit cards, pre-paid cards, or stored value
products are used to purchase goods or services or to obtain a cash
advance. In a typical card system transaction, there are three
components to the transaction: Authorization, clearance, and
settlement.
The transaction begins when the payor provides his card or card
number to the payee, either in person or through the Internet or
telephone. The payee uses that information to create a card payment
authorization request, which it sends to its bank (the ``merchant
acquirer'') or the bank's agent. The merchant acquirer sends an
authorization request through the card system network to the bank that
issued the payor's card (the ``card issuer'') or its agent.\10\ The
authorization request includes, amongst other information, the card
number, the transaction amount, a merchant category code, and a
transaction code. The merchant category code describes generally the
nature of the payee's business and the transaction code describes
whether the card was present at the point of transaction (i.e., a
point-of-sale transaction) or not present (i.e., a transaction over the
Internet or telephone). The card issuer or its agent either authorizes
or declines the transaction and the payee is immediately notified of
the decision through the card network. If authorization is granted,
then the payee completes the underlying transaction with the payor;
otherwise, the transaction is cancelled.
---------------------------------------------------------------------------
\10\ This discussion generally relates to the card processing
model of Visa and MasterCard, in which the merchant acquirer, the
card network, and the card issuer are separate entities. Other card
companies, such as American Express, may employ a model in which one
company owns the card processing network and performs all major
functions involved in issuing cards and acquiring merchants to
accept its cards.
---------------------------------------------------------------------------
After the transactions have been authorized, they must then be
cleared. The clearing process for personal identification number (PIN)-
based debit card transactions is different from the process for credit
card and signature-based debit card transactions. For PIN-based debit
card transactions, the authorization and clearing occur at the same
time and thus a separate clearing transmission by the payee to the
merchant acquirer is not necessary. For credit cards and signature-
based debit cards, the payee batches its authorized transactions and
transmits them, typically at the end of the business day, to the
merchant acquirer to be cleared through the card network. Depending on
the card type, card issuer banks memo-post or charge transactions to
their customers' accounts when the transactions are either authorized
or cleared. Once the transactions have been cleared, they are settled
at a time specified by the card network and the merchant acquirer and
the card issuer are, respectively, credited and debited.
3. Check Collection Systems
A check collection system is an interbank system for collecting,
presenting, returning, and settling checks or an intrabank system for
settling checks deposited and drawn on the same bank (i.e., ``on-us
checks''). A typical check transaction is initiated by the payor
writing a check to the order of a payee and giving the signed check to
the payee as payment. The payee deposits the check with its bank (the
bank of first deposit or the ``depositary bank''). Except for on-us
checks, the depositary bank will then send the check to the bank on
which it is drawn (the ``paying bank'') for payment.
The depositary bank may present the check for payment directly to
the paying bank, may use a check clearing house, or may use the
services of an intermediary bank, such as a Federal Reserve Bank or
another correspondent bank (a ``collecting bank'').\11\ These
intermediaries handle large volumes of checks daily and typically rely
on three pieces of information: The routing number of the bank from
which it received the check; the routing number of the bank to which
the check is destined (i.e. the paying bank); and the amount of the
check. Upon presentment, the paying bank settles with the presenting
bank for the amount of the check and debits the amount of the check
from the account of the payor.
---------------------------------------------------------------------------
\11\ Check clearing houses generally provide a facility or
mechanism for banks to exchange checks for collection and return.
The services provided by check clearing houses vary. Some merely
provide space for banks to exchange checks. Others provide the
capability to exchange between banks in electronic form. A check
clearing house generally also facilitates settlement of the checks
exchanged through it. Check clearing houses are not considered
collecting or returning banks.
---------------------------------------------------------------------------
Checks may be cleared cross-border through correspondent banking
relationships. If a U.S. payor writes a check to the order of an
offshore payee, the payee will likely deposit the check in its home
country bank. The home country bank may have a correspondent
relationship with a U.S. bank for check collection and deposit the
check with its U.S. correspondent bank. The U.S. bank will then collect
the check through the U.S. check collection system. The first banking
office located in the United States that receives a check from outside
the United States for forward collection inside the United States is
defined as the depositary bank for that check.\12\ Accordingly, if a
foreign office of a U.S. or foreign bank sends checks to its U.S.
correspondent for forward collection, the U.S. correspondent is the
depositary bank for those checks.
---------------------------------------------------------------------------
\12\ 12 CFR 229.2(o) commentary. Foreign offices of U.S. and
foreign banks are not included in Regulation CC's definition of
``bank.'' 12 CFR 229.2(e) commentary.
---------------------------------------------------------------------------
4. Money Transmitting Businesses
A money transmitting business is a person (other than a depository
institution) that engages as a business in the transmission of funds,
including any person that engages as a business in an informal money
transfer system or any network of people that engage as a business in
facilitating the transfer of money domestically or internationally
outside of the conventional financial institutions system. Money
transmitters commonly will facilitate money transmissions through agent
locations, by phone, or through an Internet website and can be used for
payments to some businesses as well as money transfers to individuals.
This term includes networks such as Western Union and MoneyGram, on-
line payment systems such as PayPal, and other electronic systems that
engage in the business of transmitting funds.
Money transmitting businesses use various operational models. In
networks with operations similar to Western Union and MoneyGram, the
payor initiates the transaction in person at the money transmitting
business's location, by phone, or through the money transmitting
business's Internet site and generally can use cash, a credit card, or
a debit card to fund a transfer. The money transmitter obtains
identification from the payor, as well as identifying information for
the intended payee and the location to which the payment should be
sent. The money transmitter may provide the payor with a reference
number that the payee will need in order to pick up the payment. Large
money transmitters, such as Western Union or, MoneyGram, typically
transmit the payment instructions through an internal proprietary
system. The payor or the money transmitter notifies the payee of the
availability of the payment. The payee goes to one of the money
transmitting business's physical locations, provides the necessary
information (such as personal identification and perhaps the
transaction reference number), and receives the funds. Alternatively,
some
[[Page 56685]]
money transmitting businesses will transfer money directly into a
payee's bank account in certain circumstances, such as when the
recipient is a business that has been approved to receive funds through
the money transmitting business (a ``commercial subscriber'').
Settlement between the sending and receiving accounts or locations is
effected based on rules established by the money transmitting business.
Other money transmitters may follow the PayPal-type operational
model and provide Internet electronic payment services to facilitate
purchases over the Internet, either from vendors or through auctions.
In such a model, a consumer establishes an account with the money
transmitting business and uses a debit card, credit card, or ACH
transfer to fund the account. In order to fund a purchase from a vendor
with an account with the same money transmitting business, the consumer
instructs the money transmitting business to transfer the funds to the
vendor, identifying the vendor by e-mail address. The money
transmitting business sends an e-mail notification to the vendor and
transfers the funds from the consumer's account to the vendor's
account. The vendor may keep the funds in its account with the money
transmitting business (and subsequently use them to effect payments
through the system) or may transfer the funds from its account to its
bank account, such as through an ACH credit transaction.
Other money transmitting businesses may use operational models
different than those set out above. The Agencies intend to apply the
term ``money transmitting business'' to cover businesses that meet the
definition of the term as used in the Act, regardless of operational
model.
5. Wire Transfer Systems
A wire transfer system is a system through which the sender of a
payment transmits an unconditional order to a bank to pay a fixed or
determinable amount of money to a beneficiary upon receipt (or on a day
stated in the order) by electronic or other means through a network,
between banks, or on the books of a bank. Wire transfer systems are
generally designed for large-value transfers between financial
institutions, but financial institutions also send lower-value,
consumer-initiated payment orders through wire transfer systems.
In a typical consumer-initiated wire transfer transaction, the
consumer would initiate the transfer after obtaining wire transfer
instructions from the intended beneficiary (such as the bank to which
the beneficiary would like the funds transferred and the beneficiary's
account number at the bank). The consumer provides that information in
the payment order to its bank (the ``originator's bank'') to initiate
the wire transfer. The originator's bank may transfer the payment
directly to the beneficiary's bank if the banks have an account
relationship.
Alternatively, the originator's bank may use the services of a wire
transfer network, such as the Federal Reserve Banks'' Fedwire system or
The Clearing House's CHIPS system, to send the transfer either to the
beneficiary's bank or to an intermediary bank that has an account
relationship with the beneficiary's bank. In an automated wire transfer
system such as Fedwire or CHIPS, typically the information used in
processing the payment order is the routing information of the sending
bank, the routing information of the receiving bank, and the amount of
the wire transfer. Although additional information may be, and in some
cases is required to be, included in fields of the payment order
message format (such as the names of the originator and the
beneficiary, their account numbers, and addresses), this information is
not relied upon by the intermediary bank to process the transfer.
Wire transfer transaction proceeds may be sent cross-border through
correspondent banking relationships. The last U.S. bank in the outgoing
transaction may either have a correspondent banking relationship with
the beneficiary's foreign bank or a foreign intermediary bank for
further delivery to the beneficiary's bank. Alternatively, the U.S.
bank may have a branch in the home country of the beneficiary and can
make an ``on-us'' transfer to the branch for further processing through
the beneficiary's home country national payment system.
6. Other Payment Systems
The Agencies request comment on whether the list of designated
payment systems in the proposed regulation is too broad or too narrow.
In particular, the Agencies request comment on whether there are non-
traditional or emerging payment systems not represented in the proposed
regulation that could be used in connection with, or to facilitate, any
restricted transaction. If a commenter believes that such a payment
system should be designated in the final rule, the commenter should
describe policies and procedures that might be reasonably designed to
identify and block, or otherwise prevent or prohibit, restricted
transactions through that system.
C. Exemptions
The Act directs the Agencies to exempt certain restricted
transactions or designated payment systems from any requirements
imposed under the regulations if the Agencies find that it is not
reasonably practical to identify and block, or otherwise prevent or
prohibit the acceptance of, such transactions. Section 4 of the
proposed rule provides such an exemption for certain participants in
ACH systems, check collection systems, and wire transfer systems. The
proposed regulation is structured to impose requirements on
participants in designated payments systems with respect to the
segments of particular transactions that those participants handle.
Therefore, rather than exempting entire categories of restricted
transactions or entire payment systems, the Agencies have structured
the exemptions to apply to particular participants in particular
payment systems as described in greater detail below. The Agencies
believe that this limited application of their exemption authority
better serves the Act's purposes of preventing the processing of
restricted transactions.
The Agencies are proposing to exempt all participants in the ACH
systems, check collection systems, and wire transfer systems, except
for the participant that possesses the customer relationship with the
Internet gambling business (and certain participants that receive
certain cross-border transactions from, or send certain such
transactions to, foreign payment service providers, as discussed
further below). The exemptions for these participants reflect the fact
that these systems currently do not enable the exempted participants to
reasonably identify and block, or otherwise prevent or prohibit,
restricted transactions under the Act. While other systems, such as the
card systems, have developed merchant category and transaction codes
that identify the business line of the payee (e.g., the gambling
business) and how the transfer was initiated (such as via the
Internet), so that the systems are able to identify and block certain
types of payments in real time, the ACH systems, check collection
systems, and wire transfer systems do not use such codes. Moreover, as
a general matter, a consumer can make payment by check, ACH, or wire
transfer to any business with an account at a depository institution.
This is in contrast to card systems and money transmitting businesses,
in which consumers can make direct payments only to those businesses
that have explicitly agreed to
[[Page 56686]]
participate in those payment systems. As a result, the preliminary view
of the Agencies is that it is not reasonably practical for the exempted
participants in ACH systems, check collection systems, and wire
transfer systems discussed below to identify and block, or otherwise
prevent or prohibit, restricted transactions under the Act. The
Agencies intend to monitor technological developments in these payment
systems and will consider amending the exemptions if, in the future,
the technology prevalent in these payment systems permits such
participants to identify and block, or otherwise prevent and prohibit,
those restricted transactions.
No designated payment system is completely exempted by the proposed
rule. The Agencies intend that the participant with the customer
relationship with the Internet gambling business would have the
responsibility in the ACH systems, check collection systems, or wire
transfer systems to prevent or prohibit restricted transactions from
being credited to the account of the gambling business through that
particular payment system. The Agencies request comment on all aspects
of the exemptions, but in particular, whether the exemptions for
certain participants in the ACH systems, check collection systems, and
wire transfer systems discussed in more detail below are appropriate.
Commenters that believe that these participants should not be exempted
from the requirements of the regulation should provide specific
examples of policies and procedures that such participants could
establish and implement that would be reasonably designed to identify
and block, or otherwise prevent or prohibit, restricted transactions.
1. ACH systems
With regard to an ACH system, the proposal provides an exemption
from the regulation's requirements for the ACH system operator, the
originating depository financial institution (ODFI) in an ACH credit
transaction, and the receiving depository financial institution (RDFI)
in an ACH debit transaction (except with respect to certain cross-
border transactions discussed below). The proposal does not exempt the
institution serving as the ODFI in an ACH debit transaction or the RDFI
in an ACH credit transaction because these institutions typically have
a pre-existing relationship with the customer receiving the proceeds of
the ACH transaction and could, with reasonable due diligence, take
steps to ascertain the nature of the customer's business and ensure
that the customer relationship is not used to receive restricted
transactions.
The proposal would provide an exemption for the ACH system operator
because it is not reasonably practical for the operator to identify and
block a particular ACH transfer as a restricted transaction. The ACH
system operator's function is to act as the central clearing facility
for ACH entries. The ACH operator sorts the entries by RDFI routing
information and transmits the payment information to the appropriate
RDFI for posting. The ACH system operator would not have any direct
interaction with either the gambler or the Internet gambling business
and would not be in a position to obtain the necessary information to
analyze individual transactions to determine whether they are
restricted transactions. In addition, ACH operators use highly-
automated systems to sort large volumes of ACH entries without manual
intervention. A requirement to analyze each ACH entry manually to
determine whether it is a restricted transaction would substantially
increase processing times for all ACH entries, including entries that
are not restricted transactions, and reduce the efficiency of the ACH
system. Moreover, even if the payee information on an ACH entry is
analyzed manually, it is very difficult for an ACH operator to
determine whether the ACH entry is related to a restricted transaction.
The proposal also would provide an exemption for the RDFI in an ACH
debit transaction. In this case, the exempted participant would not
have any direct interaction with its customer prior to processing the
transaction. In a restricted transaction using an ACH debit
transaction, a gambler could authorize the unlawful Internet gambling
business to debit his account for the restricted transaction and the
RDFI would not have an opportunity to obtain information from its
customer (the gambler in this case) to determine whether the entry was
in connection with a restricted transaction. Also, as discussed below,
information obtained from the customer may be of limited value.
In addition, the proposal would provide an exemption for the ODFI
in an ACH credit transaction. The Agencies carefully considered whether
such an exemption would be warranted. Typically, a consumer would
initiate an ACH credit transaction on-line with the ODFI, so there
could be an opportunity for the ODFI to design a procedure to obtain
information on an outgoing ACH credit transaction to determine whether
it is a restricted transaction. For example, for each ACH credit
transaction, the ODFI could require the originator to submit a
statement that the ACH credit transaction is not a restricted
transaction and/or a description of the nature and purpose of the
transaction.
The Agencies' preliminary view, however, is that, while it may be
possible at least in some cases for an ODFI in an ACH credit
transaction to obtain information from the originator regarding whether
the ACH credit transaction is a restricted transaction under the Act,
any associated benefits would likely be outweighed by the associated
costs that would be borne by ODFIs. Specifically, any process requiring
the customer to describe the nature of the transaction and/or state
that the transaction does not involve unlawful Internet gambling may be
of limited value, either because a customer may knowingly
mischaracterize the actual nature of the transaction in order to avoid
the transaction being rejected or blocked, or because the customer may
not actually know whether an Internet gambling transaction is a
restricted transaction under the Act. The Agencies also believe that
the ODFI would generally be unable to determine whether the
originator's characterization of the transaction is accurate. Moreover,
the burden on ODFIs in developing the necessary systems to obtain the
information and determine whether to reject or block a transaction
would likely be substantial.
The Agencies specifically request comment on whether it is
reasonably practical to implement policies and procedures (including,
but not limited to, those discussed above) for an ODFI in an ACH credit
transaction, whether such policies and procedures would likely be
effective in identifying and blocking restricted transactions, and
whether the burden imposed by such policies and procedures on an
originator and an ODFI would outweigh any value provided in preventing
restricted transactions and a description of such burdens and benefits.
If a commenter believes that an ODFI in an ACH credit transaction
should not be exempted, the Agencies request that the commenter provide
examples of policies and procedures reasonably designed for an ODFI in
an ACH credit transaction to identify and block or otherwise prevent or
prohibit restricted transactions in the ACH system.
2. Check Collection Systems
With regard to check collection systems, the proposed rule would
provide an exemption from the regulation's requirements for a check
[[Page 56687]]
clearing house, the paying bank (unless it is also the depositary
bank), any collecting bank (other than the depositary bank), and any
returning bank. The proposal does not exempt the institution serving as
the depositary bank (i.e., the first U.S. institution to which a check
is transferred, in this case the institution receiving the check
deposit from the gambling business) in a check transaction. The
depositary bank is typically in a position, through reasonable due
diligence, to take steps to ascertain the nature of the customer's
business and ensure that the customer relationship is not used for
receiving restricted transactions.
The proposed rule would provide an exemption for the check clearing
house because the check clearing house generally does not have a direct
relationship with either the payor or the payee and would not be in a
position to obtain information from either party regarding the
transaction that would permit the check clearing house to determine
whether a particular check was a restricted transaction.
For similar reasons, the proposal would provide an exemption for a
collecting bank (other than the depositary bank) and a returning bank
in a check collection transaction. Collecting banks (other than the
depositary bank) and returning banks are intermediary banks that
generally do not have a direct relationship with either the payor or
the payee in the check transaction and would not be in a position to
obtain information from either party that would permit them to
determine whether a particular check was a restricted transaction.
The proposal would also provide an exemption for the paying bank
(unless the paying bank is also the depositary bank). The paying bank
is generally the bank by or through which a check is payable and to
which the check is sent for payment or collection. In a restricted
transaction, this would generally be the bank holding the gambler's
checking account. While the paying bank would have a direct
relationship with the payor, it would not be in a position to obtain
information from the payor prior to the transaction being settled.
Checks are processed and paid by a paying bank's automated systems
according to the information contained in the magnetic ink character
recognition (MICR) line printed near the bottom of the check. The MICR
line commonly includes the bank's routing number, the customer's
account number, the check number, and the check amount, but does not
contain any information regarding the payee. A requirement to analyze
manually each check with respect to the payee would substantially
increase processing times for all checks, including checks that are not
restricted transactions, and reduce the efficiency of the check
collection systems. Moreover, even if the payee information on checks
is analyzed manually, it is very difficult for a paying bank to
determine whether the check is related to a restricted transaction. If
the paying bank is also the depositary bank (i.e., an ``on-us''
transaction), the institution would still be required to comply with
the regulations as a depositary bank.
3. Wire Transfer Systems
With regard to wire transfer systems, the proposal provides an
exemption from the regulation's requirements for the originator's bank
(i.e., the depository institution sending the wire transfer on behalf
of the gambler) and intermediary banks (other than the bank that sends
the transfers to a foreign respondent bank as discussed below). The
proposal does not exempt the institution serving as the beneficiary's
bank (i.e., the institution receiving the wire transfer on behalf of
the gambling business) in a particular wire transfer system. The
beneficiary's bank typically has a pre-existing relationship with the
customer receiving a particular wire transfer and, accordingly, is in a
position, through reasonable due diligence, to take steps to ascertain
the nature of the customer's business and assess the risk that the
customer may be involved in restricted transactions.
The proposal would provide an exemption for intermediary banks
because it is not reasonably practical for institutions serving in this
capacity in a wire transfer system to identify and block a particular
wire transfer as a restricted transaction under the Act. The
information normally relied upon by intermediary banks' automated
systems in processing a wire transfer does not typically include
information that would enable those systems to identify and block
individual transfers as restricted transactions under the Act. In
addition, intermediary banks process tremendous volumes of wire
transfers in seconds or less on an automated basis, without manual
intervention. A requirement to analyze each transaction manually to
determine whether it is a restricted transaction would substantially
increase processing times for all wire transfers, including transfers
that are not restricted transactions, and reduce the efficiency of the
wire transfer systems. Moreover, even if the beneficiary information in
a wire transfer payment message is analyzed manually, it is very
difficult for an intermediary bank to determine whether the wire
transfer is related to a restricted transaction.
The Agencies also carefully considered whether to grant an
exemption for portions of a wire transfer system involving the
originator's bank. Similar to an ODFI in an ACH credit transaction, the
originating customer in a particular wire transfer generally has some
direct interaction with the originating institution, so there could be
an opportunity for the originating institution to design a procedure to
review an outgoing wire transfer to determine whether it is a
restricted transaction. For example, for each wire transfer (or for
each transfer originated by a consumer), the originator's bank could
require the originator to submit a statement that the wire transfer is
not a restricted transaction and a description of the nature and
purpose of the transaction. This two-part submission could be made in
writing for in-person originations, orally for phone originations, or
on-line for automated originations. For the casual or impulse gambler,
requiring such a statement may cause the gambler to consider carefully
(or to investigate) whether the payment is legal and even whether
engaging in gambling is prudent in light of the gambler's personal
circumstances.
The Agencies' preliminary view is that, while it may be possible,
at least in some cases, for an originating bank to obtain such a
submission from the originator, any associated benefits would likely be
outweighed by the associated costs for reasons similar to those
described above regarding the exemption for ODFIs in ACH credit
transactions.
The Agencies specifically request comment on whether it is
reasonably practical for an originator's bank and an intermediary bank
in a wire transfer system to implement policies and procedures
(including, but not limited to, those discussed above) that would
likely be effective in identifying and blocking or otherwise prevent or
prohibit restricted transactions; whether the burden imposed by such
policies and procedures on an intermediary bank, an originator, and an
originator's bank would outweigh any value provided in preventing
restricted transactions and a description of such burdens and benefits;
and whether any policies and procedures could reasonably be limited
only to consumer-initiated wire transfers and, if so, a description of
any costs or benefits of so limiting the requirement. If a commenter
believes that the originator's bank or an intermediary bank should not
be exempted, the Agencies request that the commenter provide examples
of
[[Page 56688]]
policies and procedures reasonably designed for institutions serving in
those functions to identify and block or otherwise prevent or prohibit
restricted transactions in a wire transfer system.
D. Processing of Restricted Transactions Prohibited
Section 5 of the proposed regulations expressly requires all non-
exempt participants in the designated payment systems to establish and
implement policies and procedures in order to identify and block, or
otherwise prevent or prohibit, restricted transactions. In accordance
with the Act, section 5 states that a participant in a designated
payment system shall be considered in compliance with this requirement
if the designated payment system of which it is a participant has
established policies and procedures to prevent or prohibit restricted
transactions and the participant relies on, and complies with, the
policies and procedures of the designated payment system. In other
words, the Act and the proposed rule permit non-exempt participants in
a designated payment system to either (i) Establish their own policies
and procedures to prevent or prohibit restricted transactions; or (ii)
rely on and comply with the policies and procedures established by the
designated payment system, so long as such policies and procedures
comply with the regulation.
Section 5 also imports the Act's liability provisions, which state
that a person that identifies and blocks, prevents, prohibits, or
otherwise fails to honor a transaction is not liable to any party for
such action if (i) the transaction is a restricted transaction; (ii)
such person reasonably believes the transaction to be a restricted
transaction; or (iii) the person is a participant in a designated
payment system and prevented the transaction in reliance on the
policies and procedures of the designated payment system in an effort
to comply with the regulation.
Finally, section 5 implements the Act's requirement that the
Agencies ensure that transactions in connection with any activity
excluded from the Act's definition of unlawful Internet gambling are
not blocked or otherwise prevented or prohibited by the regulations
(the ``overblocking'' provision). Section 5 makes clear that nothing in
the regulation requires or is intended to suggest that non-exempt
participants should block or otherwise prevent or prohibit any
transaction in connection with any activity that is excluded from the
definition of ``unlawful Internet gambling'' in the Act, such as
qualifying intrastate or intratribal transactions, or a transaction in
connection with any activity that is allowed under the Interstate
Horseracing Act of 1978 (15 U.S.C. 3001 et seq.).\13\ As noted above,
it also seems clear that the Act was not intended to change the
legality of any gambling-related activity in the United States.\14\
Consequently, the proposed regulations neither require nor are intended
to suggest that participants in designated payment systems should
establish policies and procedures to prevent any Internet gambling
transactions that are legal under applicable Federal and State law.
---------------------------------------------------------------------------
\13\ See the discussion of the interplay between the Interstate
Horseracing Act and federal gambling statutes contained in Footnote
1.
\14\ 31 U.S.C. 5361(b).
---------------------------------------------------------------------------
Some payment system operators have indicated that, for business
reasons, they have decided to avoid processing any gambling
transactions, even if lawful, because, among other things, they believe
that these transactions are not sufficiently profitable to warrant the
higher risk they believe these transactions pose.\15\ The Agencies
believe that the Act does not provide the Agencies with the authority
to require designated payment systems or participants in these systems
to process any gambling transactions, including those transactions
excluded from the Act's definition of unlawful Internet gambling, if a
system or participant decides for business reasons not to process such
transactions. The Agencies request comment on the proposed approach to
implementing the Act's overblocking provision.
---------------------------------------------------------------------------
\15\ Designated payment system representatives have informally
indicated to the Agencies that many participants in their systems
prefer not to process gambling-related transactions because they
have experienced higher-than-usual losses due, for example, to
assertions that gambling transactions were ``unauthorized.''
---------------------------------------------------------------------------
E. Reasonably Designed Policies and Procedures
Section 6 of the proposed regulations sets out for each designated
payment system examples of policies and procedures the Agencies believe
are reasonably designed to prevent or prohibit restricted transactions
for non-exempt participants in the system. Generally, under the
proposed rule, non-exempt participants in each designated payment
system should have policies and procedures that (i) Address methods for
conducting due diligence in establishing and maintaining a commercial
customer relationship designed to ensure that the commercial customer
does not originate or receive restricted transactions through the
customer relationship; and (ii) include procedures reasonably designed
to prevent or prohibit restricted transactions, including procedures to
be followed with respect to a customer if the participant discovers the
customer has been engaging in restricted transactions through its
customer relationship. These procedures are discussed in more detail
below.
1. Due Diligence
The Agencies would expect non-exempt participants' policies and
procedures addressing due diligence to be consistent with their regular
account-opening practices. The Agencies anticipate that participants
would use a flexible, risk-based approach in their due diligence
procedures in that the level of due diligence performed would match the
level of risk posed by the customer. The due diligence is intended to
apply to a participant when the participant is directly establishing or
maintaining a customer relationship, but not with respect to entities
with which the participant does not have a direct relationship. For
example, if a card network operator does not act as the merchant
acquirer in the network, the operator would not be expected to conduct
due diligence on the merchant customers. This function should be
performed by the member institutions of the network that are acting as
merchant acquirers. However, if a card network operator also acted as
the merchant acquirer, it should conduct the appropriate due diligence
on its merchants in establishing or maintaining the customer
relationship. The Agencies expect that the most efficient way for
participants to implement the due diligence procedures in the proposed
rule would be to incorporate them into existing account-opening due
diligence procedures (such as those required of depository institutions
under Federal banking agencies' anti-money laundering compliance
program requirements).\16\
---------------------------------------------------------------------------
\16\ See, e.g., 12 CFR 208.63.
---------------------------------------------------------------------------
The due diligence requirements for a participant establishing a
customer relationship in an ACH system also apply to the establishment
of a relationship with any third-party sender. Before establishing a
relationship with a third-party sender, a participant should conduct
appropriate due diligence with respect to the third-party sender. A
third-party sender should conduct due diligence on its customers to
ensure that it is not transmitting restricted transactions through an
ODFI, and the ODFI should confirm that the third-party sender conducts
such due diligence on its
[[Page 56689]]
originators. In maintaining the customer relationship with the third-
party sender, the participant should ensure that there is a process to
monitor the operations of the third-party sender, such as by audit.
The Agencies request comment as to the appropriateness of
participants incorporating into their existing account-opening
procedures the due diligence provisions of the proposed rule. The
Agencies also request comment on whether, and to what extent, the
proposed rule's examples of due diligence methods should explicitly
include periodic confirmation by the participants of the nature of
their customers' business.
2. Remedial Action
The Agencies also would expect a non-exempt participant to have
policies and procedures to be followed if the participant becomes aware
that one of its customer relationships was being used to process
restricted transactions. These policies and procedures could include a
broad range of remedial options, such as imposing fines, restricting
the customer's access to the designated payment system or the
participant's facilities, and terminating the customer relationship by
closing the account. In addition, as provided in section 5(e) of the
proposed rule, nothing in the proposed rule modifies any existing legal
requirement relating to the filing of suspicious activity reports with
the appropriate authorities. The Agencies request comment on the
appropriateness of the proposed rule's examples of a participant's
procedures upon determining that a customer is engaging in restricted
transactions through the customer relationship, and whether any
additional such procedures should be included as examples.
A participant also would be expected to take appropriate remedial
action with respect to a business engaged in unlawful Internet gambling
with which it does not have a customer relationship if the participant
becomes aware that the gambling business is using the participant's
trademark on its website to promote restricted transactions. For
example, the participant could consider taking legal action to prevent
the unauthorized use of its trademark by an unlawful Internet gambling
business.
3. Monitoring
The policies and procedures of non-exempt participants in card
systems and money-transmitting businesses are expected to address
ongoing monitoring or testing to detect possible restricted
transactions. Examples of such monitoring or testing include (1)
Monitoring and analyzing payment patterns to detect suspicious patterns
of payments to a recipient, and (2) monitoring of Web sites to detect
unauthorized use of the relevant designated payment system, including
unauthorized use of the relevant designated payment system's
trademarks. Unlawful Internet gambling businesses may be able to access
a designated payment system (such as a money transmitting business)
that would otherwise deny them a commercial subscriber account, by
using individuals as agents to receive restricted transactions and may
advertise the use of these systems on their website. Certain money
transmitting businesses have developed monitoring procedures to detect
suspicious payment volumes to an individual recipient in order to
address this risk.\17\ In addition, certain money transmitting
businesses subscribe to a service that will search the Internet for
unauthorized use of the money transmitting business's trademark.
---------------------------------------------------------------------------
\17\ As provided in the Act and the proposed rule, participants
that are part of a money transmitting network may be able to rely on
the network's procedures in this regard if the participants
determine that the network's procedures comply with the requirements
of the regulation as applied to the participant.
---------------------------------------------------------------------------
The proposed rule does not include ongoing monitoring and testing
within the examples of the policies and procedures for ACH systems,
check collection systems, and wire transfer systems because these
systems currently do not have the same level of functionality for
analyzing patterns of specific payments being processed through the
system. Moreover, as mentioned above, these three systems are open,
universal systems that do not require businesses to explicitly sign up
in order to receive payments through them. The Agencies request comment
on whether ongoing monitoring and testing should be included within the
examples for the ACH, check collection, and wire transfer systems, and,
if so, how such functionality could reasonably be incorporated into
those systems. As a general matter, the Agencies will continue to
monitor technological developments in all payment systems, and, as
those developments warrant, will engage in future rulemakings to
address emerging means of identifying and blocking or otherwise
preventing or prohibiting restricted transactions in the designated
payment systems.
4. Coding
The policies and procedures of participants in a card system are
expected to address methods for identifying and blocking restricted
transactions as they are processed, such as by establishing one or more
transaction codes and merchant/business category codes that are
required to accompany the authorization request from the merchant for a
transaction and creating the operational functionality to enable the
card system or the card issuer to identify and deny authorization for a
restricted transaction. Card systems may be able to develop one or more
merchant category codes for gambling transactions that are not
restricted transactions under the Act. For example, in certain cases it
may be reasonably practical for card systems to develop merchant
category codes for particular types of lawful Internet gambling
transactions. The Agencies specifically seek comment on the
practicality, effectiveness, and cost of developing such additional
merchant codes.
The proposed rule does not include specific methods for identifying
and blocking restricted transactions as they are being processed within
the examples of procedures for any designated payment system other than
card systems because the Agencies believe that only the card systems
have the necessary capabilities and processes in place. The Agencies
request comment on whether the procedural examples for the other
designated payment systems should encompass identifying and blocking
restricted transactions as they are being processed, and, if so, how
such functionality could reasonably be incorporated into the systems.
Again, the Agencies will monitor technological developments in all
payment systems, and engage in future rulemakings as warranted to
address emerging means of identifying and blocking or otherwise
preventing or prohibiting restricted transactions in the designated
payment systems.
5. Cross-Border Relationships
Based on the Agencies' research and statements by industry
representatives, the Agencies believe that most unlawful Internet
gambling businesses do not have direct account relationships with U.S.
financial institutions. In most cases, their accounts are held at
offshore locations of foreign institutions that are not subject to the
Act, and restricted transactions enter the U.S. payment system through
those foreign institutions. In two of the designated payment systems
(card systems and money transmitting businesses), the proposed rule
does not provide exemptions for any participants and the proposed
rule's requirements would
[[Page 56690]]
apply to all U.S. participants in both domestic and cross-border
transactions. In the case of ACH, check collection, and wire transfer
systems, exemptions are provided for certain participants and examples
of special policies and procedures for cross-border transactions are
provided.
In general, in the case of U.S.-only transactions, for the ACH,
check collection, and wire transfer systems, the proposed rule would
require the participant in a particular payment system that has the
direct relationship with the gambling business to have policies and
procedures to prevent or prohibit restricted transactions through these
systems. The other participants in each of these systems would
otherwise be exempt from the requirements of the regulation. In the
case of payment transactions for the benefit of offshore gambling
businesses, none of the participants in the United States that process
the transaction would have a direct relationship with the gambling
business that receives the payment and would, under the general
regulatory requirements, be exempt and not required to have policies
and procedures to prevent or prohibit restricted transactions.
In the case of incoming cross-border ACH debit and check collection
transactions, the proposed rule places responsibility on the first
participant in the United States that receives the incoming transaction
directly from a foreign institution (i.e., an ACH debit transaction
from a foreign gateway operator, foreign bank, or a foreign third-party
processor or a check for collection directly from a foreign bank) to
take reasonable steps to ensure that their cross-border relationship is
not used to facilitate restricted transactions.\18\ Participants in
such arrangements should take steps to prevent their foreign
counterparty from sending restricted transactions through the
participant, such as including as a term of its contractual agreement
with the foreign institution a requirement that the foreign institution
have policies and procedures in place to avoid sending restricted
transactions to the U.S. participant. In addition, the U.S.
participant's policies and procedures would be deemed compliant with
the regulation if they also include procedures to be followed with
respect to a foreign bank or foreign third-party processor that is
found to have transmitted restricted transactions to, or received
restricted transactions through, the participant. These policies and
procedures might address (i) When access through the cross-border
relationship should be denied and (ii) the circumstances under which
the cross-border relationship should be terminated.
---------------------------------------------------------------------------
\18\ In an incoming cross-border ACH debit transaction, if the
first participant in the United States is an ACH operator (not an
ODFI), the proposed rule makes clear that, while serving in the
capacity of a receiving gateway operator, the ACH operator is not
exempt from the general requirement to have policies and procedures
reasonably designed to identify and block, or otherwise prevent or
prohibit, restricted transactions.
---------------------------------------------------------------------------
In the case of outgoing wire transfers and ACH credit transactions,
a transfer by a U.S. gambler to a foreign Internet gambling business
would be initiated in the United States and be sent or credited to an
account at the gambling business's foreign bank. In this case, the
originator's bank or the intermediary bank in the U.S. that sends the
wire transfer transaction, or the gateway operator that sends the ACH
credit entry, directly to a foreign bank should have policies and
procedures in place to be followed if such transfers to a particular
foreign bank are subsequently determined to be restricted
transactions.\19\ For example, some Internet gambling businesses
indicate on their websites the U.S. correspondent bank through which
wire transfers to them must be made. In such cases, the U.S.
participant should consider whether wire transfer services or the
correspondent arrangement should continue.
---------------------------------------------------------------------------
\19\ The proposed rule makes clear that the originator's bank or
the intermediary bank in the United States that directly sends a
cross-border wire transfer to a foreign bank, while acting in that
capacity, is not exempt from the general requirement to have
policies and procedures reasonably designed to identify and block or
otherwise prevent or prohibit restricted transactions. Similarly, in
an outgoing cross-border ACH credit transaction, the ACH operator in
the United States, acting as the originating gateway operator, that
directly sends the transaction to a foreign gateway operator is not
exempt from the general policies and procedures requirement while
acting in that capacity.
---------------------------------------------------------------------------
The Agencies recognize that the issue of the extent of a bank's
responsibility to have knowledge of its respondent banks' customers is
a difficult one, which also arises in the context of managing money
laundering and other risks that may be associated with correspondent
banking operations. The Agencies specifically request comment on the
likely effectiveness and burden of the proposed rule's due diligence
and remedial action provisions for cross-border arrangements, and
whether alternative approaches would increase effectiveness with the
same or less burden.
6. List of Unlawful Internet Gambling Businesses
The Act does not mention the creation of a list of unlawful
Internet gambling businesses. However, the Agencies are aware that
there is some interest in exploring this idea. The Agencies considered
including in the proposed rule's examples of reasonably designed
policies and procedures, examination of a list that would be
established by the U.S. Government of businesses known to be engaged in
the business of unlawful Internet gambling. Some have suggested that
the obligation of financial institutions with respect to such a list
might be similar in effect to their obligations under certain other
U.S. laws, such as those administered by the Office of Foreign Assets
Control (OFAC), albeit in a different context.\20\ Some have also
suggested that the list could be either available publicly in its
entirety, so that financial transaction providers could check
transactions against the list themselves, or maintained confidentially
at a central location, so that financial transaction providers could
submit transactions to the entity operating the central database, which
would inform the financial transaction providers whether the
transaction involved an unlawful Internet gambling business on its
list. Proponents of the list suggest that under either of these
approaches, certain restricted transactions directed to unlawful
Internet gambling accounts could be blocked.
---------------------------------------------------------------------------
\20\ H. Rep. No. 109-412, Part 1, p. 11.
---------------------------------------------------------------------------
Any government agency compiling and providing public access to such
a list would need to ensure that the particular business was, in fact,
engaged in activities deemed to be unlawful Internet gambling under the
Act. This would require significant investigation and legal analysis.
Such analysis could be complicated by the fact that the legality of a
particular Internet gambling transaction might change depending on the
location of the gambler at the time the transaction was initiated, and
the location where the bet or wager was received. In addition, a
business that engages in unlawful Internet gambling might also engage
in lawful activities that are not prohibited by the Act. The government
would need to provide an appropriate and reasonable process to avoid
inflicting unjustified harm to lawful businesses by incorrectly
including them on the list without adequate review. The high standards
needed to establish and maintain such a list likely would make
compiling such a list time-consuming and perhaps under-inclusive. To
the extent that Internet gambling businesses can change the names they
use to receive payments
[[Page 56691]]
with relative ease and speed, such a list may be outdated quickly.
The Agencies do not enforce the gambling laws, and interpretations
by the Agencies in these areas may not be determinative in defining the
Act's legal coverage. As noted above, the Act does not comprehensively
or clearly define which activities are lawful and which are unlawful,
but rather relies on underlying substantive law.\21\ In order to
compile a list of businesses engaged in unlawful Internet gambling
under the Act, the Agencies would have to formally interpret the
various Federal and State gambling laws in order to determine whether
the activities of each business that appears to conduct some type of
gambling-related function are unlawful under those statutes.
---------------------------------------------------------------------------
\21\ See H.R. Rep. No. 109-412, at 10 (2006).
---------------------------------------------------------------------------
The Agencies request comment on whether establishment and
maintenance of such a prohibited list by the Agencies is appropriate,
and whether examining or accessing such a list should be included in
the regulation's examples of policies and procedures reasonably
designed to identify and block or otherwise prevent or prohibit
restricted transactions. The Agencies also request comment on whether,
if it were practical to establish a fairly comprehensive list and a
participant routinely checked the list to make sure the indicated payee
of each transaction the participant processed on a particular
designated payment system is not on the list, the participant should be
deemed to have, without taking any other action, policies and
procedures reasonably designed to prevent or prohibit restricted
transactions with respect to that designated payment system. Similarly,
the Agencies also request comment on whether, if such a list were
established and a participant routinely checked the list to make sure a
prospective commercial customer was not included on the list (as well
as perhaps periodically screening existing commercial customers), the
participant should be deemed to have, without taking any other action,
policies and procedures reasonably designed to prevent or prohibit
restricted transactions. Finally, assuming such a list were established
and became available to all participants in the designated payment
systems, the Agencies request comment on the extent to which the
exemptions provided in section 4 of the proposed rule should be
narrowed.
Any commenter that believes that such a list should be included in
the regulation's examples of policies and procedures is requested to
address the issues discussed above regarding establishing, maintaining,
updating, and using such a list. The Agencies also request comment on
any other practical or operational aspects of establishing,
maintaining, updating, or using such a list. Finally, the Agencies
request comment on whether relying on such a list would be an effective
means of carrying out the purposes of the Act, if unlawful Internet
gambling businesses can change their corporate names with relative
ease.
F. Regulatory Enforcement
As provided in the Act, section 7 of the proposed rule indicates
that the requirements of the Agencies' rule would be subject to the
exclusive regulatory enforcement of (1) The Federal functional
regulators, with respect to the designated payment systems and
participants therein that are subject to the respective jurisdiction of
such regulators under section 505(a) of the Gramm-Leach-Bliley Act and
section 5g of the Commodity Exchange Act; and (2) the Federal Trade
Commission, with respect to designated payment systems and financial
transaction providers not otherwise subject to the jurisdiction of any
Federal functional regulators.
III. Administrative Law Matters
A. Executive Order 12866
It has been determined that this regulation is a significant
regulatory action as defined in E.O. 12866. Accordingly, this proposed
regulation has been reviewed by the Office of Management and Budget.
The Regulatory Assessment prepared by the Treasury for this regulation
is provided below.
1. Description of Need for the Regulatory Action
The rulemaking is required by the Act, the applicable provisions of
which are designed to interdict the flow of funds between gamblers and
unlawful Internet gambling businesses. To accomplish this, the Act
requires the Agencies, in consultation with the Attorney General, to
jointly prescribe regulations requiring designated payment systems (and
their participants) to establish policies and procedures that are
reasonably designed to prevent or prohibit such funding flows
(hereafter ``unlawful Internet gambling transactions'').\22\
---------------------------------------------------------------------------
\22\ 31 U.S.C. 5364.
---------------------------------------------------------------------------
In accordance with the Act, section 3 of the proposed rule
designates five payment systems that could be used in connection with
unlawful Internet gambling transactions. Sections 5 and 6 of the
proposed rule require designated payment systems and participants in
those payment systems to establish reasonably designed policies and
procedures to identify and block or otherwise prevent or prohibit
unlawful Internet gambling transactions. As required by the Act,
section 4 of the proposed rule exempts certain participants in
designated payment systems from the requirement to establish policies
and procedures because the Agencies believe that it is not reasonably
practical for those participants to prevent or prohibit unlawful
Internet gambling transactions. As required by the Act, section 6 of
the proposed rule also contains a ``safe harbor'' provision by
including non-exclusive examples of policies and procedures which would
be deemed to be reasonably designed to prevent or prohibit unlawful
Internet gambling transactions within the meaning of the Act.
2. Assessment of Potential Benefits and Costs
a. Potential Benefits
Congress determined that Internet gambling is a growing cause of
debt collection problems for insured depository institutions and the
consumer credit industry.\23\ Further, Congress determined that there
is a need for new mechanisms for enforcing Internet gambling laws
because traditional law enforcement mechanisms are often inadequate for
enforcing gambling prohibitions or regulations on the Internet,
especially where such gambling crosses State or national borders.\24\
Sections 5 and 6 of the proposed rule address this by requiring
participants in designated payment systems, which include insured
depository institutions and other participants in the consumer credit
industry, to establish reasonably designed policies and procedures to
identify and block or otherwise prevent or prohibit unlawful Internet
gambling transactions in order to stop the flow of funds to unlawful
Internet gambling businesses. This funds flow interdiction is designed
to inhibit the accumulation of consumer debt and to reduce debt
collection problems for insured depository institutions and the
consumer credit industry. Moreover, the proposed rule carries out the
Act's goal of implementing new mechanisms for enforcing Internet
gambling laws. The proposed rule will likely provide other benefits.
Specifically, the proposed rule
[[Page 56692]]
could restrict excesses related to unlawful Internet gambling by under-
age, addicted or compulsive gamblers.
---------------------------------------------------------------------------
\23\ 31 U.S.C. 5361(a)(3).
\24\ 31 U.S.C. 5361(a)(4).
---------------------------------------------------------------------------
The Treasury also examined the potential benefits of the
establishment by the U.S. Government of a list of entities that it
determines are engaged in the business of ``unlawful Internet
gambling.'' While the Treasury understands that interest exists in such
a list, we have tentatively concluded that the benefits of the list as
an effective tool for use by regulated entities to identify and block
or otherwise prevent or prohibit unlawful Internet gambling
transactions is uncertain relative to the likely costs involved in
creating such a list.
Establishing a list of unlawful Internet gambling businesses would
be a time consuming process given the fact-finding and legal analysis
that would be required. For example, the names of the businesses
directly receiving unlawful Internet gambling payments are often not
readily identifiable from their gambling websites. As a result, the
Government would have to engage in fact-finding to identify the name of
each unlawful Internet gambling business and its associated bank
account numbers and bank. In addition, to avoid inflicting unjustified
harm on lawful businesses by erroneously including them on the list,
the Government would likely need to provide businesses with advance
notice and a reasonable opportunity to contest their potential
inclusion on the list. This process could result in a considerable lag
time between the U.S. Government first identifying a gambling website
and ultimately adding the name of an unlawful Internet gambling
business to the list. Because it is possible for unlawful Internet
gambling businesses, particularly those located in foreign countries
with foreign bank accounts, to change with relative ease the business
names and bank accounts of entities directly receiving restricted
transactions, the list of unlawful Internet gambling businesses could
be quickly outdated and thus have limited practical utility as an
effective tool for regulated entities to prevent unlawful Internet
gambling transactions.
b. Potential Costs
Treasury believes that the costs of implementing the Act and the
proposed rule are lower than they would be if the Act and the proposed
rule were to require a prescriptive, one-size-fits-all approach with
regard to regulated entities. First, both the Act and section 5 of the
proposed rule provide that a financial transaction provider shall be
considered to be in compliance with the regulations if it relies on and
complies with the policies and procedures of the designated payment
system of which it is a participant. This means that regulated entities
will not be required to establish their own policies and procedures but
can instead follow the policies and procedures of the designated
payment system, thereby resulting in lower costs.
Second, with regard to regulated entities that establish their own
policies and procedures, both the Act and sections 5 and 6 of the
proposed rule provide maximum flexibility. Specifically, neither the
Act nor the proposed rule contain specific performance standards but
instead require that such policies and procedures be ``reasonably
designed'' to identify and block or otherwise prevent or prohibit
unlawful internet gambling. In addition, the proposed rule expressly
authorizes each regulated entity to use policies and procedures that
are ``specific to its business'' which will enable it to efficiently
tailor its policies and procedures to its needs. Because the Act and
the proposed rule provide flexibility for regulated entities in
crafting their policies and procedures, allowing them to tailor their
policies and procedures to their individual circumstances, the costs
imposed by the Act on regulated entities should be lower than if the
Act and the proposed rule were to take a prescriptive one-size-fits-all
approach.
Third, the ``safe harbor'' provision, with its nonexclusive
examples of policies and procedures deemed to be ``reasonably
designed,'' provides regulated entities with specific guidance on how
to structure the policies and procedures required by the Act. As a
result, costs associated with formulating policies and procedures
should be lower because the safe harbor provision provides guidance on
how to so structure the policies and procedures.
Because the Treasury does not have sufficient information to
quantify reliably the costs of developing specific policies and
procedures, the Treasury seeks information and comment on any costs,
compliance requirements, or changes in operating procedures arising
from the application of the proposed rule. Moreover, the Treasury
anticipates that the Agencies will contact trade groups representing
participants, particularly those that qualify as small entities, and
encourage them to provide comments during the comment period to
ascertain, among other things, the costs imposed by this rulemaking.
Once the policies and procedures have been developed, however, the
Treasury believes the burden of this rulemaking will be relatively low.
It is estimated that the recordkeeping requirement required by the Act
and the proposed rule will take approximately one hour per recordkeeper
per year to maintain the policies and procedures required by this
rulemaking. It is estimated that the total annual cost to regulated
entities to maintain the policies and procedures will be approximately
$4 million.\25\
---------------------------------------------------------------------------
\25\ This estimate is based on an estimate of 270,721
recordkeepers. The hourly cost of the person who would be
responsible for maintaining the policies and procedures is estimated
to be $14.60 per hour (based on the U.S. Department of Labor, Bureau
of Labor Statistics' occupational employment statistics for office
and administrative support occupations, dated May 2006).
---------------------------------------------------------------------------
The Treasury also considered the potential costs to the U.S.
Government of establishing a list of unlawful Internet gambling
businesses, and has initially determined that such costs would likely
be significant. This is because establishing a list would require
considerable fact-finding and legal analysis once the U.S. Government
identifies a gambling website. The Government must engage in an
extensive legal analysis to determine whether the gambling Web site is
used, at least in part, to place, receive or otherwise knowingly
transmit unlawful bets or wagers. This legal analysis would entail
interpreting the various Federal and State gambling laws, which could
be complicated by the fact that the legality of a particular Internet
gambling transaction might change depending on the location of the
gambler at the time the transaction was initiated and the location
where the bet or wager was received. The U.S. Government would at the
same time also need to identify the business name and the bank account
number and bank of the entity directly receiving payments on behalf of
the Internet gambling business, which is often not readily
ascertainable from the Web site. Identifying the business name and bank
account number of the entity directly receiving unlawful Internet
gambling payments might be challenging, especially where the Internet
gambling business is located in and maintains its bank accounts in a
foreign country. Once the fact-finding and legal analysis are concluded
successfully, the U.S. Government might then need to afford the
business advance notice and an opportunity to object to its potential
inclusion on the list in order to ensure that lawful businesses are not
harmed by being erroneously included on the list. These due process
safeguards would result in considerable added costs to the U.S.
Government.
[[Page 56693]]
3. Interference with State, Local, and Tribal Governments
The Act does not alter State, local or tribal gaming law.\26\ In
addition, the Act exempts from the definition of the term ``unlawful
Internet gambling,'' intrastate, intratribal, and intertribal gambling
transactions.\27\ Because the proposed rule does not alter these
defined terms, it avoids undue interference with State, local, and
tribal governments in the exercise of their governmental functions.
---------------------------------------------------------------------------
\26\ Specifically, the Act defines the term ``unlawful Internet
gambling'' as a bet or wager, which involves at least in part the
use of the Internet, where such bet or wager is unlawful under any
applicable Federal or State law in the State or Tribal lands in
which the bet or wager is initiated, received, or otherwise made. 31
U.S.C. 5362(10)(A).
\27\ 31 U.S.C. 5362(10)(B) and (C).
---------------------------------------------------------------------------
B. Regulatory Flexibility Act Analysis
Congress enacted the Regulatory Flexibility Act (RFA) (5 U.S.C. 601
et seq.) to address concerns related to the effects of agency rules on
small entities and the Agencies are sensitive to the impact their rules
may impose on small entities. In this case, the Agencies believe that
the proposed rule likely would not have a ``significant economic impact
on a substantial number of small entities.'' 5 U.S.C. 605(b). The Act
mandates that the Agencies jointly prescribe regulations requiring
designated payment systems, and all participants therein, to identify
and block or otherwise prevent or prohibit restricted transactions
through the establishment of reasonably designed policies and
procedures. Comments are requested on whether the proposed rule would
have a significant economic impact on a substantial number of small
entities and whether the costs are imposed by the Act itself, and not
the proposed rule.
The RFA requires agencies either to provide an initial regulatory
flexibility analysis with a proposed rule or to certify that the
proposed rule will not have a significant economic impact on a
substantial number of small entities. In accordance with section 3(a)
of the RFA, the Agencies have reviewed the proposed regulation. While
the Agencies believe that the proposed rule likely would not have a
significant economic impact on a substantial number of small entities
(5 U.S.C. 605(b)), the Agencies do not have complete data at this time
to make this determination. Therefore, an Initial Regulatory
Flexibility Analysis has been prepared in accordance with 5 U.S.C. 603.
The Agencies will, if necessary, conduct a final regulatory flexibility
analysis after consideration of comments received during the public
comment period.
1. Statement of the Need for, Objectives of, and Legal Basis for, the
Proposed Rule
The Agencies are proposing a regulation to implement the Act, as
required by the Act. The Act prohibits any person in the business of
betting or wagering (as defined in the Act) from knowingly accepting
payments in connection with the participation of another person in
unlawful Internet gambling. Section 802 of the Act (codified at 31
U.S.C. 5361 et seq.) requires the Agencies jointly (in consultation
with the Attorney General) to designate payment systems that could be
used in connection with, or to facilitate, restricted transactions and
to prescribe regulations requiring designated payment systems, and
financial transaction providers participating in each designated
payment system, to establish policies and procedures reasonably
designed to identify and block or otherwise prevent or prohibit
restricted transactions. The proposed regulation sets out necessary
definitions, designates payment systems that could be used in
connection with restricted transactions, exempts participants providing
certain functions in designated payment systems from certain
requirements imposed by the regulation, provides nonexclusive examples
of policies and procedures reasonably designed to identify and block,
or otherwise prevent and prohibit, restricted transactions, and
reiterates the enforcement regime set out in the Act for designated
payment systems and non-exempt participants therein. The Agencies
believe that the proposed regulation implements Congress's requirement
that the Agencies prescribe regulations that carry out the purposes of
the Act.
2. Small Entities Affected by the Proposed Rule
The proposed rule would affect non-exempt financial transaction
providers participating in the designated payment systems, regardless
of size. The Agencies estimate that 4,792 small banks (out of a total
of 8,192 banks), 420 small savings associations (out of a total of
838), 7,609 small credit unions (out of a total of 8,477), and 240,547
small money transmitting businesses (out of a total of 253,208) would
be affected by this proposed rule. Pursuant to regulations issued by
the Small Business Administration (13 CFR 121-201), a ``small entity''
includes a commercial bank, savings association or credit union with
assets of $165 million or less. For money transmitting businesses, a
``small entity'' would include those with assets of $6.5 million or
less. The Agencies propose that the requirements in this rule be
applicable to all entities subject to the Act, as implemented,
regardless of their size because an exemption for small entities would
significantly diminish the usefulness of the policies and procedures
required by the Act by permitting unlawful Internet gambling operations
to evade the requirements by using small financial transaction
providers. The Agencies anticipate, however, that, as provided in the
Act and the proposed regulations, small non-exempt participants in some
designated payment systems, to a large extent, should be able to rely
on policies and procedures established and implemented by the
designated payment systems of which they are participants or other
existing systems. The Agencies seek information and comment on the
number of small entities to which the proposed rule would apply.
3. Projected Reporting, Recordkeeping, and Other Compliance
Requirements
Section 802 of the Act requires the Agencies to prescribe
regulations requiring each designated payment system, and all financial
transaction providers participating in the designated payment system,
to identify and block or otherwise prevent or prohibit restricted
transactions through the establishment of policies and procedures
reasonably designed to identify and block or otherwise prevent or
prohibit the acceptance of restricted transactions. The proposed rule
implements this requirement by requiring all non-exempt participants in
designated payment systems to establish and implement policies and
procedures reasonably designed to identify and block or otherwise
prevent or prohibit restricted transactions. Because the Agencies do
not have sufficient information to quantify reliably the effects the
Act and the proposed rule would have on small entities, the Agencies
seek information and comment on any costs, compliance requirements, or
changes in operating procedures arising from the application of the
proposed rule and the extent to which those costs, requirements, or
changes are in addition to or different from those arising from the
application of the Act generally. Moreover, the Agencies anticipate
contacting trade groups representing participants that qualify as small
entities and encouraging them to provide comments during the comment
period to ascertain,
[[Page 56694]]
among other things, the costs imposed on regulated small entities.
4. Identification of Duplicative, Overlapping, or Conflicting Federal
Rules
The Agencies have not identified any Federal rules that duplicate,
overlap, or conflict with the proposed rule. The Agencies seek comment
regarding any statutes or regulations that would duplicate, overlap, or
conflict with the proposed rule.
5. Significant Alternatives to the Proposed Rule
Other than as noted above, the Agencies are unaware of any
significant alternatives to the proposed rule that accomplish the
stated objectives of the Act and that minimize any significant economic
impact of the proposed rule on small entities. The Agencies request
comment on additional ways to reduce regulatory burden associated with
this proposed rule.
C. Paperwork Reduction Act Analysis
The collection of information requirement contained in this notice
of joint proposed rulemaking has been submitted by the Agencies to the
Office of Management and Budget (OMB) for review in accordance with the
Paperwork Reduction Act of 1995 (44 U.S.C. 3507(d)). Comments on the
collection of information should be sent to the Office of Management
and Budget, Attention: Desk Officer for the Department of the Treasury
and the Board of Governors of the Federal Reserve System, Office of
Information and Regulatory Affairs, Washington, DC 20503, with copies
to Treasury's Office of Critical Infrastructure Protection and
Compliance Policy and the Board's Secretary at the addresses previously
specified. Because OMB must complete its review of the collection of
information between 30 and 60 days after publication, comments on the
information collection should be submitted not later than November 5,
2007. Comments are specifically requested concerning:
(1) Whether the proposed information collection is necessary for
the proper performance of Agency functions, including whether the
information will have practical utility;
(2) The accuracy of the estimated burden associated with the
proposed collection of information (see below);
(3) How to enhance the quality, utility, and clarity of the
information required to be maintained;
(4) How to minimize the burden of complying with the proposed
information collection, including the application of automated
collection techniques or other forms of information technology; and
(5) Estimates of capital or start-up costs and costs of operation,
maintenance, and purchase of services to maintain the information.
The collection of information in the proposed rule is in sections 5
and 6. This information is required by section 802 of the Act, which
requires the Agencies to prescribe joint regulations requiring each
designated payment system, and all participants in such systems, to
identify and block or otherwise prevent or prohibit restricted
transactions through the establishment of policies and procedures
reasonably designed to identify and block or otherwise prevent or
prohibit the acceptance of restricted transactions. The proposed rule
implements this requirement by requiring all non-exempt participants in
designated payment systems to establish and implement written policies
and procedures reasonably designed to identify and block or otherwise
prevent or prohibit restricted transactions. The proposed rule does not
include a specific time period for record retention; however, non-
exempt participants would be required to maintain the policies and
procedures for a particular designated payment system as long as they
participate in that system.
The Agencies anticipate that, as provided in the Act and the
proposed regulations, small non-exempt participants in designated
payment systems, for the most part, should be able to rely on policies
and procedures established and implemented by the designated payment
systems of which they are participants. For example, certain money
transmitting business operators may have their own centralized
procedures to prevent unlawful gambling transactions. Small money
transmitters, acting as agents in these large systems, may be able to
rely on the system's policies, and therefore would not have to create
their own.
Many of the payment systems used by depository institutions, such
as check clearing, do not have centralized system operators. Therefore,
depository institutions would likely have to create their own policies
for check clearing.
The likely recordkeepers are businesses or other for-profits and
not-for-profit institutions and include commercial banks, savings
associations, credit unions, card servicers, and money transmitting
businesses. The Agencies have agreed to split equally for burden
calculations the total number of recordkeepers not subject to
examination and supervision by either the Board or the Treasury's
Office of the Comptroller of the Currency and Office of Thrift
Supervision.
Board:
Estimated number of recordkeepers: 134,451.
Estimated average annual burden hours per recordkeeper: 25 hours
for depository institutions and card servicers, 1 hour for money
transmitting businesses.
Estimated frequency: Annually.
Estimated total annual recordkeeping burden: 322,779 hours.
Treasury:
Estimated number of recordkeepers: 136,270.
Estimated average annual burden hours per recordkeeper: 25 hours
for depository institutions and card servicers, 1 hour for money
transmitting businesses.
Estimated frequency: Annually.
Estimated total annual recordkeeping burden: 368,254 hours.
The initial burden is imposed by the Act which requires non-exempt
participants to establish policies and procedures. The Agencies
estimate that this initial burden will average 24 hours per
recordkeeper for depository institutions and card servicers. The
Agencies also estimate that the annual burden of maintaining the
policies and procedures once they are established will be 1 hour per
recordkeeper. An agency may not conduct or sponsor, and a person is not
required to respond to, a collection of information unless it displays
a valid control number assigned by OMB.
D. Plain Language
Each Federal banking agency, such as the Board, is required to use
plain language in all proposed and final rulemakings published after
January 1, 2000. 12 U.S.C. 4809. In addition, in 1998, the President
issued a memorandum directing each agency in the Executive branch, such
as Treasury, to use plain language for all new proposed and final
rulemaking documents issued on or after January 1, 1999. The Agencies
have sought to present the proposed rule, to the extent possible, in a
simple and straightforward manner. The Agencies invite comment on
whether there are additional steps that could be taken to make the
proposed rule easier to understand, such as with respect to the
organization of the materials or the clarity of the presentation.
IV. Statutory Authority
Pursuant to the authority set out in the Act and particularly
section 802 (codified at 31 U.S.C. 5361 et seq.), the
[[Page 56695]]
Board and the Treasury jointly propose the common rules set out below.
V. Text of Proposed Rules
List of Subjects
12 CFR Part 233
Banks, Banking, Electronic funds transfers, Incorporation by
reference, Internet gambling, Payments, Recordkeeping.
31 CFR Part 132
Banks, Banking, Electronic funds transfers, Incorporation by
reference, Internet gambling, Payments, Recordkeeping.
Federal Reserve System
Authority and Issuance
For the reasons set forth in the preamble, the Board proposes to
amend Title 12, Chapter II of the Code of Federal Regulations by adding
a new part 233 as set forth under Common Rules at the end of this
document:
PART 233--PROHIBITION ON FUNDING OF UNLAWFUL INTERNET GAMBLING
(REGULATION GG)
Sec.
233.1 Authority, purpose, and incorporation by reference.
233.2 Definitions.
233.3 Designated payment systems.
233.4 Exemptions.
233.5 Processing of restricted transactions prohibited.
233.6 Policies and procedures.
233.7 Regulatory enforcement.
Authority: 31 U.S.C. 5364.
Department of the Treasury
Authority and Issuance
For the reasons set forth in the preamble, Treasury proposes to
amend Title 31, Chapter I of the Code of Federal Regulations by adding
a new part 132 as set forth under Common Rules at the end of this
document:
PART 132--PROHIBITION ON FUNDING OF UNLAWFUL INTERNET GAMBLING
Sec.
132.1 Authority, purpose, and incorporation by reference.
132.2 Definitions.
132.3 Designated payment systems.
132.4 Exemptions.
132.5 Processing of restricted transactions prohibited.
132.6 Policies and procedures.
132.7 Regulatory enforcement.
Authority: 31 U.S.C. 321 and 5364.
Common Rules
The common rules that are proposed to be adopted by the Board as
part 233 of Title 12, Chapter II of the Code of Federal Regulations and
by Treasury as part 132 of Title 31, Chapter I of the Code of Federal
Regulations follow:
Sec. ----.1 Authority, purpose, and incorporation by reference.
(a) Authority. This part is issued jointly by the Board of
Governors of the Federal Reserve System (Board) and the Secretary of
the Department of the Treasury (Treasury) under section 802 of the
Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as
Title VIII of the Security and Accountability For Every Port Act of
2006, Pub. L. No. 109-347, 120 Stat. 1884, and codified at 31 U.S.C.
5361-5367).
(b) Purpose. The purpose of this part is to issue implementing
regulations as required by the Act. The part sets out necessary
definitions, designates payment systems subject to the requirements of
this part, exempts certain participants in designated payment systems
from certain requirements of this part, provides nonexclusive examples
of policies and procedures reasonably designed to identify and block,
or otherwise prevent and prohibit, restricted transactions, and sets
out the Federal entities that have exclusive regulatory enforcement
authority with respect to the designated payments systems and non-
exempt participants therein.
(c) Incorporation by reference--relevant definitions from ACH
rules. (1) This part incorporates by reference the relevant definitions
of ACH terms as published in the ``2007 ACH Rules: A Complete Guide to
Rules & Regulations Governing the ACH Network'' (the ``ACH Rules'').
The Director of the Federal Register approves this incorporation by
reference in accordance with 5 U.S.C. 552(a) and 1 CFR part 51. Copies
of the ``2007 ACH Rules'' are available from the National Automated
Clearing House Association, Suite 100, 13450 Sunrise Valley Drive,
Herndon, Virginia 20171 (703/561-1100).
Copies also are available for public inspection at the Department
of Treasury Library, Room 1428, Main Treasury Building, 1500
Pennsylvania Avenue, NW., Washington, DC 20220, and the National
Archives and Records Administration (NARA). Before visiting the
Treasury library, you must call (202) 622-0990 for an appointment. For
information on the availability of this material at NARA, call 202-741-
6030, or go to: http://www.archives.gov/federal_register/code_of_federal_regulations/ibr_locations.html 20002.
(2) Any amendment to definitions of the relevant ACH terms in the
ACH Rules shall not apply to this part unless the Treasury and the
Board jointly accept such amendment by publishing notice of acceptance
of the amendment to this part in the Federal Register. An amendment to
the definition of a relevant ACH term in the ACH Rules that is accepted
by the Treasury and the Board shall apply to this part on the effective
date of the rulemaking specified by the Treasury and the Board in the
joint Federal Register notice expressly accepting such amendment.
Sec. ----.2 Definitions.
(a) Automated clearing house system or ACH system means a funds
transfer system, primarily governed by the ACH Rules, which provides
for the clearing and settlement of batched electronic entries for
participating financial institutions. When referring to ACH systems,
the terms in this regulation (such as ``originating depository
financial institution,'' ``operator,'' ``originating gateway
operator,'' ``receiving depository financial institution,'' ``receiving
gateway operator,'' and ``third-party sender'') are defined as those
terms are defined in the ACH Rules.
(b) Bet or wager. (1) Means the staking or risking by any person of
something of value upon the outcome or a contest of others, a sporting
event, or a game subject to chance, upon an agreement or understanding
that the person or another person will receive something of value in
the event of a certain outcome;
(2) Includes the purchase of a chance or opportunity to win a
lottery or other prize (which opportunity to win is predominantly
subject to chance);
(3) Includes any scheme of a type described in 28 U.S.C. 3702;
(4) Includes any instructions or information pertaining to the
establishment or movement of funds by the bettor or customer in, to, or
from an account with the business of betting or wagering (which does
not include the activities of a financial transaction provider, or any
interactive computer service or telecommunications service); and
(5) Does not include--
(i) Any activity governed by the securities laws (as that term is
defined in section 3(a)(47) of the Securities Exchange Act of 1934 (15
U.S.C. 78c(a)(47)) for the purchase or sale of securities (as that term
is defined in section 3(a)(10) of that act (15 U.S.C. 78c(a)(10));
(ii) Any transaction conducted on or subject to the rules of a
registered entity
[[Page 56696]]
or exempt board of trade under the Commodity Exchange Act (7 U.S.C. 1
et seq.);
(iii) Any over-the-counter derivative instrument;
(iv) Any other transaction that--
(A) Is excluded or exempt from regulation under the Commodity
Exchange Act (7 U.S.C. 1 et seq.); or
(B) Is exempt from State gaming or bucket shop laws under section
12(e) of the Commodity Exchange Act (7 U.S.C. 16(e)) or section 28(a)
of the Securities Exchange Act of 1934 (15 U.S.C. 78bb(a));
(v) Any contract of indemnity or guarantee;
(vi) Any contract for insurance;
(vii) Any deposit or other transaction with an insured depository
institution;
(viii) Participation in any game or contest in which participants
do not stake or risk anything of value other than--
(A) Personal efforts of the participants in playing the game or
contest or obtaining access to the Internet; or
(B) Points or credits that the sponsor of the game or contest
provides to participants free of charge and that can be used or
redeemed only for participation in games or contests offered by the
sponsor; or
(ix) Participation in any fantasy or simulation sports game or
educational game or contest in which (if the game or contest involves a
team or teams) no fantasy or simulation sports team is based on the
current membership or an actual team that is a member of an amateur or
professional sports organization (as those terms are defined in 28
U.S.C. 3701) and that meets the following conditions:
(A) All prizes and awards offered to winning participants are
established and made known to the participants in advance of the game
or contest and their value is not determined by the number of
participants or the amount of any fees paid by those participants.
(B) All winning outcomes reflect the relative knowledge and skill
of the participants and are determined predominantly by accumulated
statistical results of the performance of individuals (athletes in the
case of sports events) in multiple real-world sporting or other events.
(C) No winning outcome is based--(1) On the score, point-spread, or
any performance or performances of any single real-world team or any
combination of such teams, or
(2) Solely on any single performance of an individual athlete in
any single real-world sporting or other event.
(c) Card issuer means any person who issues a credit card, debit
card, pre-paid card, or stored value product, or the agent of such
person with respect to such card or product.
(d) Card system means a system for clearing and settling
transactions in which credit cards, debit cards, pre-paid cards, or
stored value products, issued or authorized by the operator of the
system, are used to purchase goods or services or to obtain a cash
advance.
(e) Check clearing house means an association of banks or other
payors that regularly exchange checks for collection or return.
(f) Check collection system means an interbank system for
collecting, presenting, returning, and settling checks or intrabank
system for settling checks deposited in and drawn on the same bank.
When referring to check collection systems, the terms in this
regulation (such as ``paying bank,'' ``collecting bank,'' ``depositary
bank,'' ``returning bank,'' and ``check'') are defined as those terms
are defined in 12 CFR 229.2. For purposes of this part, ``check'' also
includes an electronic representation of a check that a bank agrees to
handle as a check.
(g) Consumer means a natural person.
(h) Designated payment system means a system listed in Sec. --
--.3.
(i) Electronic fund transfer has the same meaning given the term in
section 903 of the Electronic Fund Transfer Act (15 U.S.C. 1693a),
except that such term includes transfers that would otherwise be
excluded under section 903(6)(E) of that act (15 U.S.C. 1693a(6)(E)),
and includes any funds transfer covered by Article 4A of the Uniform
Commercial Code, as in effect in any State.
(j) Financial institution means a State or national bank, a State
or Federal savings and loan association, a mutual savings bank, a State
or Federal credit union, or any other person that, directly or
indirectly, holds an account belonging to a consumer. The term does not
include a casino, sports book, or other business at or through which
bets or wagers may be placed or received.
(k) Financial transaction provider means a creditor, credit card
issuer, financial institution, operator of a terminal at which an
electronic fund transfer may be initiated, money transmitting business,
or international, national, regional, or local payment network utilized
to effect a credit transaction, electronic fund transfer, stored value
product transaction, or money transmitting service, or a participant in
such network, or other participant in a designated payment system.
(l) Interactive computer service means any information service,
system, or access software provider that provides or enables computer
access by multiple users to a computer server, including specifically a
service or system that provides access to the Internet and such systems
operated or services offered by libraries or educational institutions.
(m) Internet means the international computer network of
interoperable packet switched data networks.
(n) Intrastate transaction means placing, receiving, or otherwise
transmitting a bet or wager where--
(1) The bet or wager is initiated and received or otherwise made
exclusively within a single State;
(2) The bet or wager and the method by which the bet or wager is
initiated and received or otherwise made is expressly authorized by and
placed in accordance with the laws of such State, and the State law or
regulations include--
(i) Age and location verification requirements reasonably designed
to block access to minors and persons located out of such State; and
(ii) Appropriate data security standards to prevent unauthorized
access by any person whose age and current location has not been
verified in accordance with such State's law or regulations; and
(3) The bet or wager does not violate any provision of--
(i) The Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et
seq.);
(ii) 28 U.S.C. chapter 178 (professional and amateur sports
protection);
(iii) The Gambling Devices Transportation Act (15 U.S.C. 1171 et
seq.); or
(iv) The Indian Gaming Regulatory Act (25 U.S.C. 2701 et seq.).
(o) Intratribal transaction means placing, receiving or otherwise
transmitting a bet or wager where--
(1) The bet or wager is initiated and received or otherwise made
exclusively--
(i) Within the Indian lands of a single Indian tribe (as such terms
are defined under the Indian Gaming Regulatory Act (25 U.S.C. 2703));
or
(ii) Between the Indian lands of two or more Indian tribes to the
extent that intertribal gaming is authorized by the Indian Gaming
Regulatory Act (25 U.S.C. 2701 et seq.);
(2) The bet or wager and the method by which the bet or wager is
initiated and received or otherwise made is expressly authorized by and
complies with the requirements of--
(i) The applicable tribal ordinance or resolution approved by the
Chairman of the National Indian Gaming Commission; and
(ii) With respect to class III gaming, the applicable Tribal-State
compact;
[[Page 56697]]
(3) The applicable tribal ordinance or resolution or Tribal-State
compact includes--
(i) Age and location verification requirements reasonably designed
to block access to minors and persons located out of the applicable
Tribal lands; and
(ii) Appropriate data security standards to prevent unauthorized
access by any person whose age and current location has not been
verified in accordance with the applicable tribal ordinance or
resolution or Tribal-State Compact; and
(4) The bet or wager does not violate any provision of--
(i) The Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et
seq.);
(ii) 28 U.S.C. chapter 178 (professional and amateur sports
protection);
(iii) The Gambling Devices Transportation Act (15 U.S.C. 1171 et
seq.); or
(iv) The Indian Gaming Regulatory Act (25 U.S.C. 2701 et seq.).
(p) Money transmitting business and money transmitting service have
the meanings given the terms in 31 U.S.C. 5330(d) (determined without
regard to any regulations prescribed by the Secretary of the Treasury
thereunder).
(q) Participant in a designated payment system means an operator of
a designated payment system, or a financial transaction provider that
is a member of or, has contracted for financial transaction services
with, or is otherwise participating in, a designated payment system.
This term does not include a customer of the financial transaction
provider if the customer is not a financial transaction provider
otherwise participating in the designated payment system on its own
behalf.
(r) Restricted transaction means any of the following transactions
or transmittals involving any credit, funds, instrument, or proceeds
that the Act prohibits any person engaged in the business of betting or
wagering (which does not include the activities of a financial
transaction provider, or any interactive computer service or
telecommunications service) from knowingly accepting, in connection
with the participation of another person in unlawful Internet
gambling--
(1) Credit, or the proceeds of credit, extended to or on behalf of
such other person (including credit extended through the use of a
credit card);
(2) An electronic fund transfer, or funds transmitted by or through
a money transmitting business, or the proceeds of an electronic fund
transfer or money transmitting service, from or on behalf of such other
person; or
(3) Any check, draft, or similar instrument that is drawn by or on
behalf of such other person and is drawn on or payable at or through
any financial institution.
(s) State means any State of the United States, the District of
Columbia, or any commonwealth, territory, or other possession of the
United States, including the Commonwealth of Puerto Rico, the
Commonwealth of the Northern Mariana Islands, American Samoa, Guam, and
the Virgin Islands.
(t) Unlawful Internet gambling means to place, receive, or
otherwise knowingly transmit a bet or wager by any means that involves
the use, at least in part, of the Internet where such bet or wager is
unlawful under any applicable Federal or State law in the State or
Tribal lands in which the bet or wager is initiated, received, or
otherwise made. The term does not include placing, receiving, or
otherwise transmitting a bet or wager that is excluded from the
definition of this term by the Act as an intrastate transaction or an
intra-tribal transaction, and does not include any activity that is
allowed under the Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et
seq.). The intermediate routing of electronic data shall not determine
the location or locations in which a bet or wager is initiated,
received, or otherwise made.
(u) Wire transfer system means a system through which an
unconditional order to a bank to pay a fixed or determinable amount of
money to a beneficiary upon receipt, or on a day stated in the order,
is transmitted by electronic or other means through the network,
between banks, or on the books of a bank. When referring to wire
transfer systems, the terms in this regulation (such as ``bank,''
``originator's bank,'' ``beneficiary's bank,'' and ``intermediary
bank'') are defined as those terms are defined in 12 CFR part 210,
appendix B.
Sec. ----.3 Designated payment systems.
The following payment systems could be used by participants in
connection with, or to facilitate, a restricted transaction:
(a) Automated clearing house systems;
(b) Card systems;
(c) Check collection systems;
(d) Money transmitting businesses; and
(e) Wire transfer systems.
Sec. ----.4 Exemptions.
(a) Automated clearing house systems. The participants providing
the following functions of an automated clearing house system with
respect to a particular ACH transaction are exempt from this
regulation's requirements for establishing written policies and
procedures reasonably designed to prevent or prohibit restricted
transactions--
(1) The ACH system operator, except as provided in Sec. --
--.6(b)(2) and Sec. ----.6(b)(3);
(2) The originating depository financial institution in an ACH
credit transaction; and
(3) The receiving depository financial institution in an ACH debit
transaction.
(b) Check collection systems. The participants providing the
following functions of a check collection system with respect to a
particular check transaction are exempt from this regulation's
requirements for establishing written policies and procedures
reasonably designed to prevent or prohibit restricted transactions--
(1) A check clearing house; and
(2) The paying bank (unless it is also the depositary bank), any
collecting bank (other than the depositary bank), and any returning
bank.
(c) Wire transfer systems. The participants providing the following
functions of a wire transfer system with respect to a particular wire
transfer are exempt from this regulation's requirements for
establishing written policies and procedures reasonably designed to
prevent or prohibit restricted transactions--
(1) The operator of a wire transfer network; and
(2) The originator's bank and any intermediary bank, except as
provided in Sec. ----.6(f)(2).
Sec. ----.5 Processing of restricted transactions prohibited.
(a) All non-exempt participants in designated payment systems shall
establish and implement written policies and procedures reasonably
designed to identify and block or otherwise prevent or prohibit
restricted transactions.
(b) A non-exempt financial transaction provider participant in a
designated payment system shall be considered to be in compliance with
the requirements of paragraph (a) of this section if it--
(1) Relies on and complies with the written policies and procedures
of the designated payment system that are reasonably designed to--
(i) Identify and block restricted transactions; or
(ii) Otherwise prevent or prohibit the acceptance of the products
or services of
[[Page 56698]]
the designated payment system or participant in connection with
restricted transactions; and
(2) Such policies and procedures of the designated payment system
comply with the requirements of this part.
(c) As provided in the Act, a person that identifies and blocks a
transaction, prevents or prohibits the acceptance of its products or
services in connection with a transaction, or otherwise refuses to
honor a transaction, shall not be liable to any party for such action
if--
(1) The transaction is a restricted transaction;
(2) Such person reasonably believes the transaction to be a
restricted transaction; or
(3) The person is a participant in a designated payment system and
blocks or otherwise prevents the transaction in reliance on the
policies and procedures of the designated payment system in an effort
to comply with this regulation.
(d) Nothing in this regulation requires or is intended to suggest
that designated payment systems or participants therein must or should
block or otherwise prevent or prohibit any transaction in connection
with any activity that is excluded from the definition of ``unlawful
Internet gambling'' in the Act as an intrastate transaction, an
intratribal transaction, or a transaction in connection with any
activity that is allowed under the Interstate Horseracing Act of 1978
(15 U.S.C. 3001 et seq.).
(e) Nothing in this regulation modifies any requirement imposed on
a participant by other applicable law or regulation to file a
suspicious activity report to the appropriate authorities.
Sec. ----.6 Policies and procedures.
(a) The examples of policies and procedures to identify and block
or otherwise prevent or prohibit restricted transactions set out in
this section are non-exclusive. In establishing and implementing
written policies and procedures to identify and block or otherwise
prevent or prohibit restricted transactions, a non-exempt participant
in a designated payment system may design and use other policies and
procedures that are specific to its business and may use different
policies and procedures with respect to different types of restricted
transactions.
(b) Automated clearing house system examples. (1) Except as
provided in paragraphs (b)(2) and (b)(3) of this section, the policies
and procedures of the originating depository financial institution and
any third-party sender in an ACH debit transaction, and the receiving
depository financial institution in an ACH credit transaction, are
deemed to be reasonably designed to prevent or prohibit restricted
transactions if they--
(i) Address methods for conducting due diligence in establishing or
maintaining a customer relationship designed to ensure that the
customer will not originate restricted transactions as ACH debit
transactions or receive restricted transactions as ACH credit
transactions through the customer relationship, such as--
(A) Screening potential commercial customers to ascertain the
nature of their business; and
(B) Including as a term of the commercial customer agreement that
the customer may not engage in restricted transactions; and
(ii) Include procedures to be followed with respect to a customer
if the originating depository financial institution or third-party
sender becomes aware that the customer has originated restricted
transactions as ACH debit transactions or if the receiving depository
financial institution becomes aware that the customer has received
restricted transactions as ACH credit transactions, such as procedures
that address--
(A) When fines should be imposed;
(B) When the customer should not be allowed to originate ACH debit
transactions; and
(C) The circumstances under which the account should be closed.
(2) The policies and procedures of a receiving gateway operator and
third-party sender that receives instructions to originate an ACH debit
transaction directly from a foreign sender (which could include a
foreign bank, a foreign third-party processor, or a foreign originating
gateway operator) are deemed to be reasonably designed to prevent or
prohibit restricted transactions if they--
(i) Address methods for conducting due diligence in establishing or
maintaining the relationship with the foreign sender designed to ensure
that the foreign sender will not send instructions to originate ACH
debit transactions representing restricted transactions to the
receiving gateway operator or third-party sender, such as including as
a term in its agreement with the foreign sender requiring the foreign
sender to have reasonably designed policies and procedures in place to
ensure that the relationship will not be used to process restricted
transactions; and
(ii) Include procedures to be followed with respect to a foreign
sender that is found to have sent instructions to originate ACH debit
transactions to the receiving gateway operator or third-party sender
that are restricted transactions, which may address--
(A) When ACH services to the foreign sender should be denied; and
(B) The circumstances under which the cross-border arrangements
with the foreign sender should be terminated.
(3) The policies and procedures of an originating gateway operator
that receives an ACH credit transaction containing instructions to send
or credit a transaction to a foreign bank directly or through a foreign
receiving gateway operator are deemed to be reasonably designed to
prevent or prohibit restricted transactions, if they include procedures
to be followed with respect to a foreign bank that is found to have
received from the originating gateway operator either directly or
indirectly transactions that are restricted transactions, which may
address--
(i) When ACH credit transactions for the foreign bank or through
the foreign gateway operator should be denied; and
(ii) The circumstances under which the cross-border arrangements
with the foreign bank should be terminated.
(c) Card system examples. The policies and procedures of a card
system operator, a merchant acquirer, and a card issuer, are deemed to
be reasonably designed to prevent or prohibit restricted transactions,
if they--
(1) Address methods for conducting due diligence in establishing or
maintaining a merchant relationship designed to ensure that the
merchant will not receive restricted transactions through the card
system, such as--
(i) Screening potential merchant customers to ascertain the nature
of their business; and
(ii) Including as a term of the merchant customer agreement that
the merchant may not receive restricted transactions through the card
system;
(2) Include procedures reasonably designed to identify and block or
otherwise prevent or prohibit restricted transactions, such as--
(i) Establishing transaction codes and merchant/business category
codes that are required to accompany the authorization request for a
transaction and creating the operational functionality to enable the
card system or the card issuer to identify and deny authorization for a
restricted transaction;
(ii) Ongoing monitoring or testing to detect potential restricted
transactions, including--
(A) Conducting testing to ascertain whether transaction
authorization requests are coded correctly;
(B) Monitoring of web sites to detect unauthorized use of the
relevant card system, including its trademark; or
[[Page 56699]]
(C) Monitoring and analyzing payment patterns to detect suspicious
payment volumes from a merchant customer; and
(3) Include procedures to be followed with respect to a merchant
customer if the card system, card issuer, or merchant acquirer becomes
aware that a merchant has received restricted transactions through the
card system, such as--
(i) When fines should be imposed; and
(ii) When access to the card system should be denied.
(d) Check collection system examples. (1) Except as provided in
paragraph (d)(2) of this section, the policies and procedures of a
depositary bank are deemed to be reasonably designed to prevent or
prohibit restricted transactions if they--
(i) Address methods for conducting due diligence in establishing or
maintaining a customer relationship designed to ensure that the
customer will not receive restricted transactions through the customer
relationship, such as--
(A) Screening potential commercial customers to ascertain the
nature of their business; and
(B) Including as a term of the commercial customer agreement that
the customer may not deposit checks that constitute restricted
transactions; and
(ii) Include procedures to be followed with respect to a customer
if the depositary bank becomes aware that the customer has deposited
checks that are restricted transactions, such as procedures that
address--
(A) When checks for deposit should be refused; and
(B) The circumstances under which the account should be closed.
(2) The policies and procedures of a depositary bank that receives
a check for collection directly from a foreign bank are deemed to be
reasonably designed to prevent or prohibit restricted transactions if
they--
(i) Address methods for conducting due diligence in establishing or
maintaining the correspondent relationship with the foreign bank
designed to ensure that the foreign bank will not send checks
representing restricted transactions to the depositary bank for
collection, such as including as a term in its agreement with the
foreign bank requiring the foreign bank to have reasonably designed
policies and procedures in place to ensure that the correspondent
relationship will not be used to process restricted transactions; and
(ii) Include procedures to be followed with respect to a foreign
bank that is found to have sent checks to the depositary bank that are
restricted transactions, which may address--
(A) When check collection services for the foreign bank should be
denied; and
(B) The circumstances under which the correspondent account should
be closed.
(e) Money transmitting business examples. The policies and
procedures of a money transmitting business are deemed to be reasonably
designed to prevent or prohibit restricted transactions if they--
(1) Address methods for conducting due diligence in establishing or
maintaining commercial subscriber relationships designed to ensure that
the commercial subscriber will not receive restricted transactions
through the money transmitting business, such as--
(i) Screening potential commercial subscribers to ascertain the
nature of their business; and
(ii) Including as a term of the commercial subscriber agreement
that the subscriber may not receive restricted transactions; and
(2) Include procedures regarding ongoing monitoring or testing to
detect potential restricted transactions, such as--
(i) Monitoring and analyzing payment patterns to detect suspicious
payment volumes to any recipient; or
(ii) Monitoring web sites to detect unauthorized use of the
relevant money transmitting business, including their trademarks; and
(3) Include procedures to be followed with respect to recipients
that are found to have engaged in restricted transactions, that
address--
(i) When fines should be imposed;
(ii) When access should be denied; and
(iii) The circumstances under which an account should be closed.
(f) Wire transfer system examples. (1) The policies and procedures
of the beneficiary's bank in a wire transfer are deemed to be
reasonably designed to prevent or prohibit restricted transactions if
they--
(i) Address methods for conducting due diligence in establishing or
maintaining a commercial customer relationship designed to ensure that
the commercial customer will not receive restricted transactions
through the customer relationship, such as--
(A) Screening potential commercial customers to ascertain the
nature of their business; and
(B) Including as a term of the commercial customer agreement that
the customer may not receive restricted transactions.
(ii) Include procedures to be followed with respect to a commercial
customer if the beneficiary's bank becomes aware that the commercial
customer has received restricted transactions, such as procedures that
address--
(A) When access to the wire transfer system should be denied; and
(B) The circumstances under which an account should be closed.
(2) An originator's bank or intermediary bank that sends or credits
a wire transfer transaction directly to a foreign bank is deemed to
have policies and procedures reasonably designed to identify and block,
or otherwise prevent or prohibit restricted transactions, if the
policies and procedures include procedures to be followed with respect
to a foreign bank that is found to have received from the originator's
bank or intermediary bank wire transfers that are restricted
transactions, which may address--
(i) When wire transfer services for the foreign bank should be
denied; and
(ii) The circumstances under which the correspondent account should
be closed.
Sec. ----.7 Regulatory enforcement.
The requirements under this regulation are subject to the exclusive
regulatory enforcement of--
(a) The Federal functional regulators, with respect to the
designated payment systems and participants therein that are subject to
the respective jurisdiction of such regulators under section 505(a) of
the Gramm-Leach-Bliley Act (15 U.S.C. 6805(a)) and section 5g of the
Commodity Exchange Act (7 U.S.C. 7b-2); and
(b) The Federal Trade Commission, with respect to designated
payment systems and financial transaction providers not otherwise
subject to the jurisdiction of any Federal functional regulators
(including the Commission) as described in paragraph (a) of this
section.
By order of the Board of Governors of the Federal Reserve
System, October 1, 2007.
Jennifer J. Johnson,
Secretary of the Board.
Dated: October 1, 2007.
By the Department of the Treasury.
Valerie A. Abend,
Deputy Assistant Secretary for Critical Infrastructure Protection and
Compliance Policy.
[FR Doc. 07-4914 Filed 10-3-07; 8:45 am]
BILLING CODE 6210-01-P, 4811-42-P