FRAUD ALERT: PAYMENT PROCESSORS AND ISOs MUST ENSURE THAT THEIR COMPLIANCE PROCEDURES CAN DETECT COVID-19 FRAUD

The Federal Trade Commission (“FTC”) plans to aggressively police companies that use deceptive marketing to take advantage of consumers’ fears relating to the COVID-19 pandemic. The FTC is focused on a broad range of potential deceptive practices, including unapproved or unsubstantiated health claims, work-at-home schemes, finance schemes, and misrepresentations as to the current availability of in-demand products, such as cleaning, household, and health or medical supplies. The FTC has already issued warning letters to seven sellers of unapproved and misbranded products who claimed that their products could treat or prevent the coronavirus, and additional warning letters or enforcement actions are likely to follow as the pandemic progresses and economic uncertainty increases.

 

Orrick’s COVID-19-Resources Center

Visit for resources to help answer the most commonly asked questions and to provide emerging best practices for businesses and employers.

The FTC’s efforts to target COVID-19 fraud and deception will not just focus on merchants who engage in deceptive marketing, but will also target the payment processors and Independent Sales Organizations (“ISOs”) who facilitate consumer payments to those merchants. The current FTC leadership has increasingly targeted payment processors and ISOs who facilitate deceptive transactions, including a recent enforcement action that permanently barred a payment processor from the payments processing industry for failing to review and monitor its merchant clients. Even in cases where the FTC does not directly target payment processors and ISOs, the FTC has been aggressive in seizing merchant reserve accounts, which leaves the processor or ISO on the hook for chargebacks.

It is critical that payment processors review their compliance programs for screening and monitoring merchants to minimize the possibility that they end up in the FTC’s crosshairs as part of its COVID-19 enforcement sweep. The compliance review should address the following areas:

  • Rigorous Merchant Screening: Processors and ISOs should ensure that their merchant onboarding and screening process is robust enough to identify merchants who may be involved in deceptive conduct.
  • Increased Monitoring of Potentially Suspicious Behavior: Processors and ISOs should review and enhance their monitoring of merchant transactions and consumer complaints to ensure that they can quickly detect any suspicious behavior that might be related to deceptive practices relating to COVID-19.
  • Decisive Discipline: If a payment processer or ISO identifies suspicious activity, they should move quickly to investigate and, if appropriate, the merchant should take decisive action in accordance with the merchant agreement.
  • Proactive Engagement with the FTC: Payment processors and ISOs should consider proactively reaching out to the FTC to educate FTC staff on their compliance measures and activity in the marketplace so that there is an open line of communication if a client merchant is swept up in an FTC enforcement action.

For more information, visit Orrick’s COVID-19 Resource Center or contact Jon Direnfeld, Tony Kim, Barrie VanBrackle or Parag Patel.