Apple’s Compliance Cakewalk

Apple Pay’s decision to use tokens has some fringe benefits beyond allowing retailers to get money without storing payment credentials. Like many token efforts, because Apple Pay is not storing the payment credentials, the Wall Street Journal points out, it can avoid a lot of the icky paperwork that typically burdens payments players. One example of bureaucracy avoided is not having to register with the U.S. Treasury Department’s Financial Crime Enforcement Network.

“Among other things, registering with Treasury’s Financial Crimes Enforcement Network as a covered financial institution carries the requirement of maintaining an effective anti-money laundering compliance program, monitoring transactions carried through an institution’s network and reporting any suspicious transactions. As a result, Apple Pay comes under much less regulatory scrutiny than other mobile payment market players,” the Journal noted.

Some of this speaks to the reality that payments today is a very fast-paced changing environment and that government regulations and laws are unlikely to properly address newer payment mechanisms such as Apple Pay and Bitcoin, along with the implications of tokenization.

As a practical matter, Apple simply has turned over many of the compliance and regulatory duties to the various payments partners it has signed up. In short, it’s not as though Apple Pay transactions are avoiding government oversight, but that Apple isn’t dealing with it and Apple financial partners are.

“Apple is performing a role we at Visa called a ‘payment enabler.’ [It] is a technology or platform provider facilitating the payment but not performing any role beyond that,” said Matt Dill, senior vice president and head of innovation and partnerships at Visa. “When a payment is initiated by an enrolled consumer and a merchant, the legal and regulatory responsibilities are reflected between the parties in the payment process.”

The story quoted Treasury spokesperson Stephen Hudak explaining the rules, stressing that mobile payment system business models where payments for purchases go from a phone owner’s card directly to the merchant, following regular card network rails, the device provider is merely providing a service. “If the device maker does not accept and transmit value, and just transmits encrypted card information that is used by the regular payment system to process the payment among regular participants, it wouldn’t be a money transmitter,” he said.