We are not aware of any specific guidance from NACHA on identifying ACH transactions involving illegal gambling.
Regulation GG itself includes examples of policies and procedures to identify illegal gambling transactions, which include due diligence on commercial customers to determine the risk that the customer will engage in internet gambling and notification that your bank will block illegal gambling transactions. FinCEN has issued general guidance on identifying suspicious activity involving third-party payment processors that might also help to identify suspicious ACH transactions. FinCEN’s recommendations (copied below) include monitoring for high numbers of consumer complaints and chargebacks or returns, among other techniques.
For resources related to our guidance, please see:
-
Regulation GG, 12 CFR 233.5(a) (“All non-exempt participants in designated payment systems shall establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions.”)
-
Regulation GG, 12 CFR 233.6 (Examples of policies and procedures to identify and block or otherwise prevent or prohibit restricted transactions.)
-
FRB Small Entity Compliance Guide, Regulation GG (“There may be several ways to meet the rule’s requirement to have reasonably designed policies and procedures and section 6 of the rule suggests some possible choices. With respect to due diligence, the Agencies expect that you could use a flexible, risk-based approach in your due diligence procedures so that the level of due diligence you perform will match the level of risk posed by your commercial customer. Section 6(b) of the rule sets out specific procedures that you could follow to conduct adequate due diligence of your business’s commercial customers in order to assess the risk they present of unlawful Internet gambling. . . .”)
-
FinCEN Advisory, FIN-2012-A010, Risk Associated with Third-Party Payment Processors (October 22, 2012) (“With the expansion of the Internet, Payment Processors may now service a variety of domestic and international merchants, including conventional retail and Internet-based establishments, prepaid travel, and Internet gaming enterprises. . . . Suspicious activity as described below often is associated with Payment Processors engaged in improper or illegal conduct.
-
Fraud: High numbers of consumer complaints about Payment Processors and/or merchant clients, and particularly high numbers of returns or charge backs (aggregate or otherwise), suggest that the originating merchant may be engaged in unfair or deceptive practices or fraud, including using consumers’ account information to create unauthorized RCCs or ACH debits. Consumer complaints are often lodged with financial institutions, Payment Processors, merchant clients, consumer advocacy groups, online complaint Web sites or blogs, and governmental entities such as the Federal Trade Commission and state Attorneys General.
-
Accounts at Multiple Financial Institutions: Payment Processors engaged in suspicious activity often maintain accounts at more than one financial institution. Similarly, they may move from one financial institution to another within a short period. Such Payment Processors also may use multiple financial institutions and maintain redundant banking relationships in recognition of the risk to the Payment Processor and merchant that a financial institution may recognize the suspicious activity and terminate the Payment Processor and/or merchant accounts. In addition, regulators and law enforcement have recognized an increased use of “check consolidation accounts” by some Payment Processors. Consolidation accounts can be used by Payment Processors to conceal high return or chargeback rates from originating financial institutions and regulators.
-
Money Laundering: Criminals are continually looking for ways to launder illicit proceeds, including the proceeds of consumer fraud. Payment Processors can be used by criminals to mask illegal or suspicious transactions and to launder proceeds of crime. In addition, Payment Processors have been used to place illegal funds directly into a financial institution using ACH credit transactions originating from foreign sources.
-
Enhanced Risk: There are potential risks associated with relationships with third-party entities, in particular foreign-located payment processors that process payments for telemarketers, online businesses, and other merchants. These relationships can pose increased risk to institutions and may require careful due diligence and monitoring.
-
Solicitation for Business: Payment Processors engaged in suspicious activity have been known to solicit business relationships with distressed financial institutions in need of revenue and capital. Such Payment Processors may consider troubled financial institutions to be more willing to engage in higher-risk transactions. In some cases, Payment Processors also have committed to purchasing stock in these financial institutions to further induce the financial institution to provide banking services to high risk merchants. Often, the targeted financial institutions are smaller community banks that lack the infrastructure to properly manage or control a high-risk Payment Processor relationship. Fraudulent merchants also have been known to possess accounts through payment processors at large financial institutions.
-
Elevated rate of return of debit transactions due to unauthorized transactions: Payment processors engaged in or complicit in suspicious activities may reflect a rate of return of debit items due to unauthorized transactions substantially higher than the average. Payment processors abused by criminals may show an acceptable rate (i.e. an average within normal parameters for the payment system involved) of returned items due to unauthorized transactions, calculated as a percentage of the processor’s total transaction volume, but a much higher rate of returned items when the ratio is calculated on the traffic volume of individual originators.”)