Payment Processing & Finance Law

The intersection of finance and technology has revolutionized the payment processing industry, resulting in the rapid growth of both innovative services like peer-to peer-lending, crowdsourcing, eBanking and ePayments, and the need for attorneys experienced in this area. Ifrah Law’s attorneys fill that need by representing businesses, individuals, and in payment processing relationships, including online gaming merchants in disputes with payment processors, ISOs and acquiring banks, MATCH and Terminated Merchant File listings, and payment processing agreements.

On behalf of a wide variety of domestic and international banking and payment processing entities, Ifrah Law has a strong track record for trying and winning cases. They have also succeeded in concluding cases with private litigants, the Department of Justice, the Consumer Financial Protection Bureau (CFPB), the Federal Trade Commission (FTC), the Securities Exchange Commission (SEC), and the Commodities Futures Trading Commission (CFTC).

The History of Federal eCommerce Law

Over the past several years, lawmakers have instituted a number of changes in federal law regarding online payment services and how these technologies are regulated. One of the first major pieces of legislation to address this modern shift in banking and payment process was Congress passing the 1999 Gramm-Leach-Bliley Act, more commonly referred to as the Financial Services Modernization Act.

This Act represented the first federal level attempt to govern how financial institutions should treat sensitive customer information by keeping it confidential and secure—specifically, information acquired through online credit card transactions where a physical card was not present at the point of sale. Financial Services Modernization Act also established restrictions on when financial institutions could share nonpublic customer information, required companies to disclose to customers what their privacy practices are, and mandated that customers be given the option to opt out of their information being distributed to certain third parties.

Numerous updates to federal payment processing law have been implemented since then, the most significant of which is arguably the set of “Red Flag Rules” established by the Federal Trade Commission in 2007. The Red Flag Rules require any organization that receives or processes payments online to determine what red flags could indicate identity theft or fraud and set up a comprehensive system to address and correct problems when those issues pop up.

The Role of the Payment Card Industry Security Standards Council

In addition to the actions taken by federal lawmakers and regulatory agencies, a lot of standard security practices in the payment processing industry have been established and maintained by major industry participants. In fact, the Payment Card Industry Security Standards Council—made up of representatives from several giant companies such as Visa and Discover—generally takes the lead in drafting and enforcing electronic payment safety standards on an international basis, rather than the federal government.

While violations of the Data Security Standards put in place by this Council cannot directly result in criminal prosecution, they can still create serious consequences for anyone in the payment chain between consumer and financial institution, including independent retailers who fail to adhere to the recommendations. A qualified attorney from Ifrah Law could provide guidance to any company or individual seller looking to better understand these guidelines and ensure their own compliance with them.

What the Future Could Have in Store for Online Banking

Unfortunately, both the federal government and the Payment Card Industry Security Standards Council are still playing catch-up to the new frontier of eCommerce. While advances in credit card technology, such as chip readers, have helped cut down on in-person fraud, preventing online fraud and identity theft is often a matter of logistical expertise rather than technical know-how. Furthermore, the rapid expansion and proliferation of digital cryptocurrency—as well as other forms of blockchain-based payment processing—shows promise for revolutionizing the industry over the next few years, potentially leading to a lot more illicit activity online.

Since the growth of online banking and commerce is virtually unstoppable, the best way to ensure the safety and security of a business is to seek guidance from a knowledgeable legal professional. Ifrah Law remains up to date on every development in this complex field of modern legal doctrine, and once retained, they could share that knowledge to protect the security of the company.

How Ifrah Law Could Help Protect Your Business

Ifrah attorneys are on the cutting edge of this expanding field, ranging from advising financial services clients on emerging issues in crowdfunding to representing clients placed on the Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctions list.

Our in-depth knowledge of the payment and online gaming industry, in addition to our established litigation track record in financial services, privacy and data protection, and marketing and consumer protection, certifies us to protect your business and your concerns. Within the organizational structure of a client’s business, we work to identify and mitigate risk with senior executive management, legal counsel, risk professionals, sales representatives, online gaming merchant services team members, and other appropriate core staff.

We know how to balance aggressive legal tactics with practical concerns to represent you most effectively and can recommend strategies that put you at the least personal and professional risk. We stay with you and your case throughout the entire process, representing you from start to finish.

Ifrah Law advises clients on matters relating to payment processing, electronic payments and online gaming merchant transactions, including the following representative matters:

  • Drafting, negotiating and enforcing agreements between banks, processors, and other financial services, payment processing parties, and vendors
  • Developing policies and best practices for monitoring and managing risk with merchants
  • Compliance with financial and consumer protection regulations, including the Payment Card Industry Data Security Standards (PCI DSS) requirements
  • Defense of banks and payment processors in matters relating to merchants, reserve accounts, and third-party claims
  • Responding to investigations, requests for information, and government subpoenas
  • Privacy matters relating to eCommerce and the use of consumer data under regulatory initiatives, like the FTC’s proposed revisions to the Children’s Online Privacy Protection Act rules, the Privacy Bill of Rights, and self-regulatory projects like the Digital Advertising Alliance’s and the World Wide Web Consortium’s “Do Not Track” standards
  • FinCEN Registration and state licensing of money services businesses
  • Virtual currency business, such as Bitcoin
  • Anti-Money Laundering (AML) policy drafting, including drafting data security policies, employee screening, and encryption
  • MATCH/TMF Merchant support
  • Merchant reseller agreements
  • Merchant processing affecting continuity/rebill model
  • Internal audits of merchants for ISOs/payment processors
Case Studies
Publications + Presentations