First Data Merchant Services and executive to pay $40.2 million to settle FTC charges
Topics: FIRST DATA MERCHANT SERVICES FTC
According to the FTC’s complaint, Atlanta-based First Data Merchant Services, LLC (First Data) allegedly ignored repeated warnings from employees, banks, and others that Chi “Vincent” Ko, through his company that served as an independent sales agent (ISO) for First Data, was laundering, and First Data was assisting and facilitating laundering, payments for companies that were breaking the law over a number of years. Ko was later hired as an executive at First Data.
“First Data is paying $40 million because it repeatedly looked the other way while its payment processing services were being used to commit fraud,” said Daniel Kaufman, Deputy Director of the FTC’s Bureau of Consumer Protection. “When companies fail to screen out fraudsters exploiting the payment processing system to steal people’s money, they’re breaking the law – and injuring consumers.”
According to the complaint, Ko, through his prior company, First Pay Solutions LLC (First Pay), opened hundreds of merchant accounts for at least four scams – three that were the subject of FTC actions, and one that was the subject of a U.S. Department of Justice criminal prosecution.
The FTC alleges that, from 2012 to 2014, Ko opened accounts under false names, provided Wells Fargo Bank with deceptive information to open the accounts, and ignored evidence that his clients were engaged in fraud. The $40.2 million to be paid in the settlements will be used to provide refunds to consumers harmed by these scams.
The complaint alleges First Data ignored numerous warnings about Ko and First Pay’s activity. Among the warnings was a 2014 e-mail from Wells Fargo’s executive vice president, saying “Why is First Data signing ISOs like [First Pay]? They are going to get First Data and Wells Fargo in trouble with the FTC and CFPB due to consumer deceptive practices…”
In addition, a 2014 Visa investigation required First Data to pay back $18.7 million in charges processed by Ko and temporarily banned First Data from bringing on high-risk merchants. A 2015 forensic audit conducted as part of Visa’s investigation indicated that First Data had “no controls” on how the company managed high-risk merchants.
The complaint alleges that the defendants violated the FTC Act and the Telemarketing Sales Rule.
In addition to paying more than $40 million, under the terms of its proposed settlement, First Data, which was acquired by Fiserv, Inc. in 2019, will be prohibited from assisting or facilitating FTC Act violations related to payment processing and evading fraud and risk oversight programs.
In addition, the company will be required to screen and monitor certain high-risk merchant-clients, as well as establish and implement an oversight program to monitor its wholesale ISOs. The settlement also requires First Data to hire an independent assessor to oversee the company’s compliance with the settlement’s oversight program for the next three years.
Under the terms of his proposed settlement, Ko will be required to pay $270,373.70. He will be banned from payment processing for certain types of high-risk merchants, credit card laundering activities, making or assisting others in making false or misleading statements, and assisting or facilitating violations of the FTC Act. ■