top of page

    Cyber (Payments – FinTech)

 

  • "FinTech" (generally defined as combinations of algorithms, artificial intelligence, computer programs, devices and any other technologies, used to support or enable online financial services) may be most-prevalent in consumer-related industries, such as banking, data analytics financial planning, insurance, investments, lending, payments, securities trading, security and privacy.

 

  • Experience with many aspects of various fintech-related businesses, such as consumer financial services, financial services providers, lenders, merchants, payment processors, retailers, including issues such as alternative lending arrangements, co-branded credit cards, compliance, cybersecurity, data privacy electronic payments, emerging and traditional payment systems, intellectual property, licensing, money transmission, payment card agreements, prepaid cards, product development, regulatory (domestic Federal and state, and international), technology transfer agreements, transactions.

 

  • Experience with some of the leading legal issues to be considered when negotiating and drafting fintech-related documents for any industry, such as biometric identification (including fingerprint recognition and retina scans), cybersecurity, data protection, digital assets, distributed ledger technology (DLT) (also known loosely as "blockchain" – which is actually only one form of DLT), outsourcing, robo-advisors and smart contracts.

 

  • Experience with fintech-related issues, such as alternative loans, alternative lending trading systems, broker-dealers, compliance (with public and private regulatory requirements), cybersecurity, cryptocurrencies, cryptocurrency derivatives, data monetization, data privacy, data security, digital assets, digital currencies, digital insurance, electronic financial services, electronic trades, fund formation, government enforcement actions and investigations, intellectual property transactions and transfers, investment adviser formation, joint ventures, litigation, mergers and acquisitions (M&A), neobanks (meaning banking companies such as Ally, which are totally online and which have no actual brick-and-mortar branches), outsourcing, private equity, securities (both digital and tokenized), securitization, seed capital, software-as-a-service (SaaS), strategic alliances, structured finance, venture capital.

 

  • Preparation and drafting of registration statements and other filings.

 

  • Negotiations with the Securities and Exchange Commission (SEC), relating to unusual regulatory issues raised by fintech-related funds.

 

  • Consultation regarding the Investment Advisers Act and Investment Company Act regarding issues raised by the use of blockchain technology for conventional asset classes.

 

  • Consultation regarding regulatory developments from the Commodity Futures Trading Commission (CFTC) and National Futures Association (NFA).

 

  • Consultation regarding Anti-Money Laundering (AML), Know Your Customer (KYC), money services businesses and money transmitters.

 

  • Compliance with the Electronic Signatures in Global and National Commerce Act (ESIGN) Act, the Standards and Procedures for Electronic Records and Signatures (SPERS) manual and the Uniform Electronic Transactions Act (UETA).

 

  • Compliance with the laws governing payment processes, such as automated clearing house (ACH) transactions, electronic fund transfers, remittances, remote check creation and remote deposit capture.

 

  • Compliance with Financial Crimes Enforcement Network (FinCEN) requirements, industry standards for payments and payment network requirements.

 

  • Negotiation and drafting of typical documents related to various fintech-related transactions, such as affiliate agreements, articles of incorporation, asset transfer contracts, intellectual property rights assignments, collaboration agreements, confidentiality agreements, consultant agreements, convertible note term sheets, corporate policies, end user license agreements (EULAs), non-compete agreements, non-disclosure agreements (NDAs), presale token agreements, share vesting agreements, shareholders' agreements, software development agreements, software licensing agreements, software-as-a-service (SaaS) agreements, terms of employment, token purchase agreements, trademark licensing agreements, website terms of use.

 

  • Investigates and researches customer disputes regarding electronic transactions involving ACH transactions, automated teller machines (ATMs), automatic bill pay (ABP), credit card, debit card, online banking, personal identification numbers (PINs), and various payment platforms.

 

  • Legal support for alternate dispute resolutions, arbitrations, issuing provisional credit, meditations, processing chargebacks (an amount returned to a credit card or debit card after a customer successfully disputes an item on an account statement or transactions report, demonstrating that they did not make the related purchase), processing notification letters and representments (submitting evidence that a transaction was completed properly, and that the claimant's claims are invalid).

 

  • Compliance with Federal Reserve Board (FRB) regulations, such as FRB Regulation E (which establishes guidelines for the protection of individual consumers engaging in electronic fund transfers and remittance transfers) and FRB Regulation Z (which prohibits mortgage lenders from engaging in unfair practices that result in a conflict of interest for the mortgage broker).

 

  • Fintech payments companies continue to be some of the most highly-valued businesses in the general fintech space.

 

  • In general, fintech payment platforms operate from a secured cloud environment, at a minimum PCI DSS L1 compliant, offering back-end-as-a-service (BeaaS) services, such as affiliates management, automated user and merchant onboarding, card payment acquiring and clearing for merchants, closed and open loop card scheme management, e-shop integration, e-wallets, payment switch, mobile banking, mobile money, peer-to-peer (P2P) loans, and remittance solutions.

 

  • The current four basic actors in the payments ecosystem are bank card issuers (such as Bank of America, Barclays, JP Morgan Chase and Wells Fargo, which distribute cards to clients within a certain group, and are responsible for approving transactions and charging fees therefore, and verifying balances), credit card networks (such as American Express, Discover, MasterCard and Visa, which have their own specific brands and clearing houses, and manage bank-to-bank transactions), payment gateways (such as Apple Pay, Adyen, Google Pay, PayPal, Samsung Pay, Square and Stripe, which handle cashless and online payments between banks and consumers, and for which data goes directly from the merchant's website through the payment gateway, to the payment processor for validation and ultimate completion), and payment processors (such as Adyen, FirstData, Flagship Merchants, PayPal, Square, Stripe and WorldPay, which generally use capture equipment – such as swipe card readers, generally leased or owned by the merchant – to send payments made by consumers at brick-and-mortar stores to banks for processing, of which there are two basic types: back-end payment processors, which control the transaction cash flow from the consumer to the bank after the transaction; and, front-end payment processors, in which the bank works directly with the credit card network when initially-approving the transaction).

 

  • Players in the fintech payments industry could also be categorized by common characteristics, such as banks (domestic andglobal, which have extensive established resources and financial clout, generally-trusted brands, longevity and name recognition), blockchain-based solutions (such as Circle and Ripple, which offer low transaction costs and fast processing globally), cross-border remitters (such as MoneyGram, Western Union and Xoom, which facilitate cash to be sent anywhere globally through wire transfers), P2P networks (which offer fast transaction processing and lesser transaction fees that banks), and tech (which has the ability to act generally faster than banks, due to a reliance on developing new technologies, such as smartphone compatibility).

 

  • Compliance with the European Union (EU) Revised Payment Services Directive (PSD2), Directive (EU) 2015/2366, which regulates payment services, payment service providers and payments within the EU, and attempts to create an integrated payments industry throughout the EU.

 

  • Compliance with the EU General Data Protection Regulation 2016/679 (GDPR), Directive 95-46-EC, and other international privacy regulations, such as the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA).​

 

  • Compliance with French Law Act No. 2002-303, dated March 4, 2002, and accreditation procedure mandated by Decree No. 2006-6, dated January 4, 2006, regarding the hosting of health data within any French jurisdiction.

 

  • Compliance with the California Consumer Privacy Act (CCPA), such as drafting policies for consumer access and deletion requests regarding their personally identifiable information (PII), opt-out procedures to prevent the unauthorized use and sale of consumer PII, clear language on websites relating to the use of and opting-out for PII, continual training for personnel regarding consumer rights under the CCPA, the application of the CCPA to consumers located outside California but using facilities and services within California, W3C Web Content Accessibility Guidelines (WCAG).

 

  • Compliance with the New York State Department of Financial Services (NYDFS) Cybersecurity Regulation 23 NYCRR 500.

 

  • There are many types of fintech digital payment methods using various technologies in various developed and underdeveloped areas of the world (where various technologies may not yet be available), such as the Aadhaar-Enabled Payment System (AEPS) (which allows online cloud-based point-of-sale – PoS – micro ATM transactions through the Business Correspondent – BC – network, using Aadhaar authentication), banking cards (such as cash cards, credit cards, debit cards, rewards cards and travel cards), micro automated teller machines (ATMs) (such as at the supermarket checkout counter, that may accept input from cash cards, credit cards, debit cards or touch input transmitted by wi-fi from a smartphone or other smart device, such as a smart watch), mobile transactions (using smartphones, wi-fi and related payment devices, such as swipe card readers), mobile wallets (virtual digital wallets – e-wallets – applications, very popular for facilitating anonymous transactions for blockchain, cryptocurrencies and various digital currencies), online transactions (generally involving personal computers and smartphone applications, that may be popular not only in developed areas, but also in underdeveloped areas that do not have a wi-fi network), point-of-sale (PoS) (which are transactions at actual brick-and-mortar stores, using various devices such as swipe card readers or touch readers for smartphones), pre-paid cards (in which cash is converted into an equal amount on a card – such as for a gift card – which can then be used on a transaction-by-transaction basis, until all the digital cash is expended, after which the card holder may have the option to replenish the cash amount to be digitized into the card), unified payments interface (UPI) (which facilitates transactions between a user's P2P multiple bank accounts), unstructured supplementary service data (USED) (such as 99#, which is a wi-fi based mobile service that facilitates banking transactions in areas that have no cable or ethernet infrastructure).

 

  • The concept of fintech – using digital applications to provide complex financial business and consumer services over the internet and wi-fi networks – has inspired many derivative technologies, such as crowdfunding platforms (including GoFundMe, Kickstarter and Patreon, which allow internet and smartphone users to send amounts of cash, debited directly from the bank accounts of such users, to such platforms, which can then be accessed directly from such platforms by a designated recipient, generally for charitable purposes), insuretech (in which insurance companies such as Allstate, Geico, Progressive and Liberty Mutual, make their insurance solutions available to consumers online through internet websites and smartphone applications), robo-advisor applications (such as Acorns, Betterment, Ellevest and Robinhood, which use artificial intelligence – AI – to attempt to answer consumers' banking, customer service or investment questions virtually, without the consumer ever having any contact with an actual human).

 

  • Budgeting applications (such as Intuit and Mint, which collect many consumer financial planning applications in one platform) employing decision-as-a-service (DaaS) technologies to assist consumers when analyzing potential financial decisions, are relatively-recent developments in the fintech industry.

 

  • One rapidly-expanding area of fintech is regtech, in which complex platforms, some of which employ AI and blockchain components (such as Ascent Regtech, Ayasdi, BehavioSec, Chainalysis, ComplyAdvantage, Continuity, Elliptic, Forter, Hummingbird, IdentityMind, Sift Science, and Trunomi) to manage all the regulatory change management compliance reporting for highly-regulated industries, such as banking, finance and pharmaceuticals.

 

  • A digital wallet (or "e-wallet") is one of the newest fintech innovations, with great potential for expanded use in many business sectors, and is a software-based system – which has the ability to access near-field communication technology (meaning the ability to enable two smart devices to communicate, if they are in close range to each other) – that securely stores user payment information, enables the creation of exceptionally-secure passwords, and is compatible with numerous payment methods, smart mobile devices (such as smartphones and tablets) and websites.

 

  • A digital wallet may also be used to store other types of fintech technology, such as loyalty cards (a marketing strategy attempting to encourage customers to shop at or use the services of the business associated with the particular marketing program, in which, by presenting a card – whether physical or digital – that customers may use to receive either a discount on the current purchase, or an accumulation of points that they may use for future purchases either in actual brick-and-mortar stores or online) and digital coupons (such as Groupon, which are discounts, special offers and promotions, represented by actual published advertisements – whether in paper publications or online – offered by actual brick-and-mortar stores or online, to entice a consumer to make purchases at certain brick-and-mortar stores or on certain websites).

 

  • Digital wallets are particularly critical for payments involving certain other fintech technologies, such as payments related to blockchain, cryptocurrencies – such as Bitcoin and Ethereum (based on blockchain) – and digital currencies – such as IOTA (which does not use blockchain).

 

  • Unfortunately, digital wallets rely upon "cookies" (files placed on the personal computer or smart device of the user at the time of a transaction, that store information about the purchasing habits of the user) to work seamlessly with the various fintech payment platforms, and may not be completely-protected by the particular digital wallet platform from being accessed by unwanted third-parties, who may then sell such information to other third-parties for whatever unauthorized activities they may attempt.

 

  • Fintech has also facilitated new financing models (generally known as "alternative financing"), such as debt-based financing (also known as "social lending", which facilitates direct contact between potential lenders and potential borrower/entrepreneurs, in which the lenders sign up to be "members" of the particular platform, and act as administrators – recording all transactions, fund transfers and any other ancillary transactions – if any such lender enters into any transaction with any such borrower, through such platform), donation-based financing (in which users of the platform – the potential donors – browse through numerous possible projects and then donate to some particular project that they may feel is worthy of being funded, in return for which donation such donors receive nothing more than a receipt for a tax deduction, and the possibility to make some comment regarding the worthiness of the particular project to which they are donating), equity-based financing (in which potential investors may provide funds directly to entrepreneurs representing specified projects, in return for which such investors may receive some predetermined stake in such project or some negotiated percentage under some fixed or negotiated terms and conditions), and, rewards-based financing (in which a business offers some form of reward or incentive to potential investors using the platform to participate in the project of such business, in exchange for receiving funding from such potential investors).

 

  • In an effort to make in-person fintech transactions more secure, credit card issuers are adding EMV (an acronym for "Europay, MasterCard, and Visa", which collaborated to create a credit card with an embedded chip that holds the authorization information for use of the card, rather than on a magnetic strip, which increases the data security of the card, since there are now small devices that may be concealed in someone's pocket or purse that can easily read the authorization information off the magnetic strip, but there are currently no known devices that can read the authorization from the embedded chip) chips to credit cards and are gradually phasing out the magnetic strips.

  

  • The largest market for fintech opportunities is the Peoples' Republic of China (PRC).

 

  • Research, testing, use, recommendation, specification and procurement of various online payment platforms (OPPs) by companies such as AcceptEmail, Acorns, Addepar, Affirm, Adyen, Alpha Payments Cloud, AstroPay, Avant, Barzahlen, Billtrust, BillPay, Blend, Bolt, Braintree, Brex, Carta, Chime, Circle, COGON, Coinbase, CommonBond, Credit Karma, Enfusion, EZV GmbH, Fattmerchant, Finix, FINALOGIC, FTS Payments Solution, Flywire, Forter, Forward Financing, Fundrise, Green Dot, GreenSky, Gravity Payments, Guaranteed Rate, Intuit, Kabbage, Lending Club, Marqueta, maviance, Morningstar, Nerdwallet, Netspend, Nium, OnDeck, Opploans, Optiver, PAY.ON, PAYANGO, PayCash, payever, payleven, PayLoop, PAYMILL, PAYMORROW, PAYONE, Payoneer, payworks, Personal Capital, Pitchbook, Plaid, Plastiq, Poynt, Q2 Holdings, Remitly, Robinhood, Skrill, SoFi, SOFORT, Square, Stripe, Suplari, Tala, Toast, Tradeshift, TransferWise, TransUnion, traxpay, TrueAccord, Varo Money, Venmo, Verifi, Wealthfront, Yapstone.

    Last updated 201012_1817

bottom of page