By Andrew A. Turner, J.D.
After technological breakdowns in October 2015 left RushCard users unable to access their money and without customer support, the Consumer Financial Protection Bureau says that it received more than 800 complaints. The failures culminated in an enforcement action brought by the CFPB against UniRush, which administers the RushCard, and Mastercard, its payment processor.
RushCard is a prepaid card advertised as a way to get direct deposits, including government benefits or payroll funds “up to two days sooner” by allowing deposits of that money onto the card. The CFPB found that Mastercard or UniRush denied consumers access to their own money, botched the processing of deposits and payments, gave consumers inaccurate account information, and failed to provide customer service to consumers impacted by the breakdowns.
Mastercard and UniRush have agreed to pay a total of $13 million to settle the charges based on an October 2015. According to the CFPB, more than 45,000 consumers were in some way affected by problems that arose when UniRush changed its payment processor to Mastercard. The two companies are jointly liable for approximately $10 million in consumer redress and an additional $3 million civil penalty. The settlement does not include any admission of wrongdoing by either company.
Service breakdown. Bureau Director Richard Cordray said that tens of thousands of users were locked out of their RushCard accounts, with service disruptions in some cases lasting for weeks. Many RushCard users rely on the card to pay basic living expenses because they have no bank accounts, Cordray said, and their inability to make payments resulted in late fees and penalties.
UniRush also failed to process direct deposits for approximately 45,000 consumers and improperly returned deposits for others, Cordray said. This left consumers unable to gain access to their funds.
On the other hand, some deposits were erroneously posted twice, and some debits were not posted in a timely manner, Cordray charged. This led users to believe they had larger balances than was true, which in turn induced them to overdraw their accounts. UniRush compounded the problem by using subsequent deposits to repay the overdrafts without notifying the customers.
UniRush’s customer service personnel were inadequate to handle the problems, the bureau added.
Mastercard alleged failures. The consent order against Mastercard is based on what the bureau described as the company’s inadequate preparation for the change-over. The company’s testing did not accurately simulate the conditions of the change-over, which generated an overly optimistic estimate of how quickly the process would be completed. The company rejected UniRush’s request for additional testing of one necessary data file that Mastercard knew was central to a successful change-over, the bureau said.
Mastercard also did not communicate adequately with UniRush, the CFPB added.
Consent order. Under the consent order, entered under the bureau’s authority to act against unfair, deceptive, or abusive acts or practices, the two companies are permitted to decide between themselves how to allocate liability for the $13 million in payments. However, the CFPB is not bound by their agreement, leaving the bureau able to collect the full amount should either company default.
Mastercard is required to create procedures to avoid similar problems in future change-overs, while UniRush must create an incident tracking system and a disaster recovery plan. Both companies are to implement improved compliance programs.
For more information about CFPB enforcement actions, subscribe to the Banking and Finance Law Daily.