Consumers have three payment options when checking out in a store – cash, card, or mobile pay. Even without paying particular attention, the average consumer will notice that mobile pay is rapidly overtaking cash and card payments.[1] In 2021, around 101 million Americans—about 30 percent of the U.S. population—used mobile payment systems.[2] This was a massive 9.64 percent jump from 92 million Americans in 2020.[3] Though FinTech’s shift from physical to mobile payment systems provides consumers with more flexibility, this shift begs the question of how regulations (i.e., Electronic Fund Transfer Act and Bank Holding Company Act) will continue to apply as Big Tech companies expand consumers’ access to mobile financial services.
Apple Pay is the most popular mobile payment system in the United States.[4] When users configure Apple Pay, they add their bank card information into Apple’s “Wallet” app (formerly called “Passport”)[5] through their iPhone’s “near-field communication” system, which allows users to tap their phone on contactless readers to make payment.[6] When Apply Pay users make a payment, a unique “device account number” is linked to the transaction instead of the card’s actual credentials.[7] This provides consumers with an extra level of security, as card credentials are never shared with the merchant.[8] However, this extra level of security may be undercut by having a third party (i.e., Apple) facilitate the transaction.[9] Consumers are exposed to third party data breaches and subjected to credential theft arising from them.[10]
Current Regulatory Framework
Federal agencies, like the Federal Deposit Insurance Corporation (the “FDIC”) and the Consumer Protection Financial Bureau (the “CFPB”), spearhead the mission of protecting consumers from banking failures and threats arising from financial service usage.[11] However, it is unclear whether these agencies have jurisdiction to regulate non-bank mobile payment systems in same way they can regulate a traditional bank card payment.[12] For example, the Electronic Fund Transfer Act (the “EFTA”) gives the CFPB the power to monitor electronic transactions by, inter alia, enforcing disclosure requirements, determining consumer liability of unauthorized transactions, and resolving issues arising from unauthorized transactions.[13] However, the EFTA does not explicitly provide the CFPB with jurisdiction over non-bank mobile payment systems. Nonetheless, the FDIC argues that federal laws like the EFTA should apply because these laws govern the same mechanisms utilized in non-bank mobile payment systems (i.e., electronic fund transfers and automated clearing house systems).[14] Agencies argue that big tech companies should not be able to evade regulation simply by implementing an existing, regulated system that uses a new form of technology.[15] Big Tech contends, however, that consumers will not benefit from any additional regulatory burden because the infrastructure underlying the transaction is subject to adequate regulation.[16] Though companies like Apple provide accessibility, they rely on banks to carry out transactions.[17]
Entrance Into Retail Banking and Regulatory Issues
Despite ongoing regulatory ambiguity, some big tech companies are ready to launch the next step in providing third-party financial services. On October 13, 2022, Apple announced that they are planning to partner with Goldman Sachs to offer Apple Card holders the option of opening a high-yield savings account.[18] Consumers would be able to set up and manage an ordinary bank account right from their phone.[19] This comes during a time when other giants like Walmart and Amazon have considered entering retail banking as partners to startups or established national banks.[20] However, Apple seems to be the first to provide a concrete gameplan.
Normally, banks and holding companies—“any institution that takes deposits and makes loans”—are subject to the Bank Holding Company Act (the “BHCA”).[21] The BHCA gives the Federal Reserve (the “Fed”) the power to supervise the expansion and operation of banks.[22] In addition, banks are subject to general restrictions imposed by the Fed.[23] For example, the Fed can require banks to submit reports on their books,[24] collect fees from member banks for the Fed’s estimated cost of regulatory responsibilities,[25] and require banks to maintain a minimum amount of cash reserves.[26] These are only a few of many regulations that the Fed imposes on banks.[27] To non-bank companies, such regulations may appear to inhibit growth in their respective markets. By partnering with existing banks, non-bank companies can enter the banking market without themselves being subject to banking regulations.[28] Non-bank companies can offer their customers almost all the financial services that banks offer without succumbing to stringent federal oversight.[29] Non-bank companies justify these relationships with banks by providing underserved consumers with banking services, providing a more user-friendly banking interface, and tailoring the application to fit consumers’ needs.[30]
The Next Steps
Whether one believes that Big Tech is heroic for providing a consumer necessity or in the alternative, that Big Tech is trying to evade the reach of federal agencies, the focus should always remain on the consumer. As previously discussed, consumers are increasingly comfortable with adapting to new forms of financial services.[31] Millions of mobile payment transactions are made every day, and the frequency is increasing significantly each year.[32] Therefore, we can likely expect the same amount of activity in the context of Big Tech’s mobile banking services in the coming years. However, consumer harms in the form of privacy breaches, system error, or even credit theft will inevitably result as a consequence.
Agencies should unambiguously state whether their regulations apply to Big Tech entering the retail banking space or whether traditional banking laws should apply to partnerships between Big Tech and banks. Such clarifications in their regulations would ensure that Big Tech will not make business decisions that jeopardize consumer safety simply because the law does not regulate a particular behavior. For example, by directly addressing the issue, regulators could require Big Tech companies to (1) provide clearer disclosures that do not resemble adhesion contracts, (2) provide periodic reports on data breaches as well as steps that have been taken to combat credit theft, or (3) maintain a certain amount of cash reserves. Though these are only a few examples of the many approaches available to regulators, it is imperative that regulators take a clear position on the issue.
[1] Mobile Payments to Overtake Cards by 2024, Asian Banker (May 1, 2022), https://www.theasianbanker.com/updates-and-articles/mobile-payments-to-overtake-cards-by-2024. Mobile payment systems allow smartphone companies, like Apple and Samsung, to act as third-party facilitators in transactions between smartphone users and merchants. See id.
[2] 22 Mobile Payment Statistics Detailing the Industry’s Growth, MoneyTransfers.com (Aug. 24, 2022), https://moneytransfers.com/news/content/mobile-payment-statistics#:~:text=How%20many%20people%20use%20mobile,92.3%20million%20a%20year%20earlier.
[3] 22 Mobile Payment Statistics Detailing the Industry’s Growth, supra note 3.
[4] See David Curry, Mobile Payments App Revenue and Usage Statistics (2022), Bus. of Apps (Sept. 8, 2022), https://www.businessofapps.com/data/mobile-payments-app-market/#:~:text=Apple%20Pay%20is%20the%20most,US%2C%20more%20than%20Google%20Play.
[5] David Narkiewicz, Apple Pay: Beginning of the End of Plastic Credit Cards?, 36 Pa. L. 60, 60 (2014).
[6] Mark E. Burge, Apple Pay, Bitcoin, and Consumers: The ABCs of Future Public Payments Law, Hastings L. J. 1494, 1524 (2016).
[7] Id. at 1495 n.5.
[8] Id.
[9] See Tana Blegen, Mobile Payment Security: Top 5 Threats, Promon (Aug. 24, 2022), https://promon.co/security-news/mobile-payment-security-top-5-threats/.
[10] See id.
[11] See What We Do, Fed. Deposit Ins. Corp., https://www.fdic.gov/about/what-we-do/index.html#:~:text=The%20FDIC%20directly%20supervises%20and,the%20Comptroller%20of%20the%20Currency (last visited Oct. 15, 2022); see also The Bureau, Consumer Fin. Prot. Bureau, https://www.consumerfinance.gov/about-us/the-bureau/#:~:text=The%20CFPB%20was%20created%20to,Today%2C%20it’s%20our%20primary%20focus (last visited Oct. 15, 2022).
[12] See generally Mobile Payments, The PEW Charitable Trusts (2016), https://www.pewtrusts.org/-/media/assets/2016/02/cb_mobilitypaymentsissuebrief.pdf.
[13] See generally Electronic Fund Transfer Act, 15 U.S.C.S. § 1693 (1978); see also Fed. Reserve, Regulation E: Electronic Fund Transfer Act (2013), https://www.federalreserve.gov/boarddocs/supmanual/cch/efta.pdf.
[14] Carolyn Lowry, What’s in Your Mobile Wallet? An Analysis of Trends in Mobile Payments and Regulation, 68 Fed. Commc’ns L. J. 355, 377 (2016).
[15] Id.
[16] Id. at 380.
[17] Id.
[18] Steve Dickson & Sridhar Natarajan, Apple Teams With Goldman to Offer Savings Accounts, Bloomberg (Oct. 13, 2022, 11:19 PM), https://www.bloomberg.com/news/articles/2022-10-13/apple-teams-with-goldman-on-savings-accounts-for-its-card-users?leadSource=uverify%20wall.
[19] See Apple Card will soon let users grow Daily Cash rewards while saving for the future, Apple (Oct. 13, 2022), https://www.apple.com/newsroom/2022/10/apple-card-will-let-users-grow-daily-cash-rewards-while-saving-for-the-future/.
[20] See David Donovan, Walmart Is the Future of Banking, Built In (Feb. 8, 2022), https://builtin.com/fintech/walmart-retail-banking-hybrids; see also Melody Brue, Is Amazon Building the Next Generation Bank?, Forbes (Apr. 30, 2022, 12:04 PM), https://www.forbes.com/sites/moorinsights/2021/04/30/is-amazon-building-the-next-generation-bank/?sh=57a6b937dddf.
[21] Joe Mahon, Bank Holding Company Act of 1956, Fed. Rsrv. Hist., https://www.federalreservehistory.org/essays/bank-holding-company-act-of-1956#regulatory (last visited Oct. 15, 2022).
[22] See generally id.
[23] See generally 12 U.S.C. § 248 (2018).
[24] Id. § 248(a).
[25] Id. § 248(s)2.
[26] See 12 C.F.R. § 204.1(c) (2012).
[27] See, e.g., 12 C.F.R. § 208 (setting general requirements for Fed member banks); see also, e.g., 12 C.F.R. § 222 (providing guidance on what information Fed member banks must provide concerning consumers’ credit).
[28] See Joshua Cutler, Wal-Mart and Banking (2017), https://wiki.harvard.edu/confluence/download/attachments/204380235/CSP%20031%20Walmart%2010112017.pdf.
[29] See Kyle Campbell, The Need for Nonbank Regulation is a Consensus Issue for the Fed, Am. Banker (Dec. 7, 2022), https://www.americanbanker.com/news/the-need-for-nonbank-regulation-is-a-consensus-issue-for-the-fed.
[30] Raihan Zamil & Aiden Lawson, Gatekeeping the gatekeepers: when big techs and fintechs own banks – benefits risks and policy options (2022), https://www.bis.org/fsi/publ/insights39.pdf.
[31] See supra notes 1-3 and accompanying text.
[32] See id.
