Developments and Commentary

securityLegal Departments: New PCI DSS Requirements Mandatory in June

PCI Council publishes new PCI Data Security Standard Version 3.1 and provides very short time to implement new encryption standards. The PCI Council just published a new version of the PCI Data Security Standard (PCI DSS).  The newVersion 3.1 (agreement required) is available to use immediately and becomes mandatory on June ...

Money SymbolNew PCI Tokenization Guidelines

Last week, the Payment Card Industry Security Standards Council released new guidelines related to the security of tokenization products.  The guidelines are a set of technical best practices for evaluating tokenization products that will be used to replace the primary account number (PAN), commonly known as the full credit card ...

congressCongressional Payments Technology Caucus Formed

Innovation in the payments industry continues to accelerate as both established and emerging companies invest significant resources in the development of new payment systems and technologies. Recognizing the challenge that rapidly-evolving technologies present to legislators, bipartisan groups have been formed in both the United States Senate and United States House ...

credit reportBig Three Credit Bureaus Announce Consumer Financial Assistance Plan

Earlier this month, Equifax, Experian and TransUnion announced the creation of the “National Consumer Assistance Plan,” which will, among other things, change the way these credit bureaus handle consumer disputes and report unpaid medical bills. The Plan, which was created as part of a settlement agreement with the New York ...

DeptTreasury4PayPal to Pay Dearly for Alleged Violations of OFAC Sanctions

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced a $7,658,300 settlement with PayPal, Inc. (PayPal) to resolve potential civil liability for 486 alleged violations of the Iranian, Sudanese, Cuban, Global Terrorism, and Weapons of Mass Destruction Proliferators (WMDP) sanctions programs.  OFAC alleged that, for ...

Resource Updates

San FranABA Meeting Sheds Light on UDAAP Priorities and CFPB’s Project Catalyst Initiative

A team of DWT payments lawyers attended the American Bar Association Business Law Section’s spring meeting in San Francisco last week. Adam Maarec from our Washington, DC office moderated a lively roundtable titled A Roadmap for Credit Card Lending: Mitigating Fair Lending and UDAAP Risks, and Anticipating the CFPB’s Focus in ...

claudeMobile Wallet Discussion at 2015 FinTech Startups Conference

At the recent 3rd Annual FinTech Startups Conference in New York City, DWT payments team member Claude Goetz joined a panel that included Jenny Fielding (Techstars), Mark Egerman (Cover), Michael Dudas (Button), and Andrew Dresner (JP Morgan Chase & Co.) to discuss the burgeoning mobile wallet market, with a particular ...

WhiteHouseFlagPresident Obama’s April Fools’ Day Order on Cyberterrorism – No Joking About It!

While it’s not clear whether the President’s release today of an Executive Order, "Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities," was purposefully timed to coincide with April Fools' Day, it is apparent that the government is ratcheting up its fight against cyberterrorism and making no ...

doodle thoughtFFIEC Release – Business Continuity Planning For Outsourced Technology Services

The Federal Financial Institutions Examination Council (FFIEC) has released a new appendix to the “Business Continuity Planning” booklet of the FFIEC Information Technology Examination Handbook containing guidance that is intended to align financial institutions’ oversight of the business continuity planning (BCP) activities of their third-party technology service providers (TSPs) with guidance ...

gizmoAnatomy of a Consent Order: “Gizmo” Case Study

On March 26, 2015, DWT payments team member Andy Lorentz was a presenter at ACI’s 9th Emerging Payments System conference in Chicago, IL. His panel focused on the topic of “Ensuring Compliance with the Increasingly Aggressive State Regulatory and Enforcement Framework Governing Emerging Payment Systems.” Andy’s presentation offered a case ...