Mobile payment apps and peer-to-peer payment systems have become prolific among American consumers, with 4 in 5 Americans using these apps, which include Venmo, Zelle, CashApp, and Paypal. What started as a way for consumers to send money instantaneously has grown into a method to make online purchases, pay bills, and more. As mobile and peer-to-peer or “P2P” payment systems continue to rise in popularity, consumer advocates express increasing concern about the lack of consumer protections that exist for these products. In this post, Zelle is classified as a mobile payment app, rather than P2P, because payments are always sent from one consumer’s bank to another consumer’s bank.
First, although the majority of consumers maintain a balance in their P2P apps, most of these applications lack FDIC deposit insurance. Secondly, given the instantaneous nature of payments, there is a high and growing prevalence of scams and fraud associated with P2P apps. This problem is compounded by the absence of meaningful oversight, accountability, or consumer protections beyond disclosures and warnings, resulting in little or no recourse for defrauded consumers. Third, these apps collect vast amounts of consumer data, especially financial data which raises significant privacy concerns. Finally, it is questionable how much these apps do to promote financial inclusion, a common industry claim, especially given that consumers who use P2P payment apps likely need a smartphone and wireless data or internet access and a significant amount of low-income consumers lack a smartphone and/or high speed internet access.
Lack of Federal Deposit Insurance
Issued by the Federal Deposit Insurance Corporation (FDIC), federal deposit insurance protects consumers’ deposits should a bank institution fail, ensuring public confidence in and stability of our financial system. However, non-banks and P2P apps are not federally-insured or even regularly supervised or examined by federal financial regulators. Even if non-banks partner with FDIC-insured banks, funds sent to or held in the nonbank are not FDIC-insured. Although some cash funds in P2P apps are FDIC insured, insurance only covers limited funds in certain instances. For example, for Venmo users, funds are eligible for pass through insurance when the user has bought cryptocurrency or added money through direct deposit or remote check capture. Therefore, for the most part, consumers maintaining large balances in P2P apps do not have their funds protected.
Without deposit insurance, P2P apps have the ability to freeze and deactivate consumers’ accounts and funds. Consumers unwittingly agree to these terms buried in the fine print of user agreements during account creation. Further, some P2P products lack fair notice and appeal process should a consumer’s account be closed. P2P providers do not publish reports of account freezes and closures, further obscuring this conduct from consumers. There are no comprehensive federal regulations for non-bank financial institutions, subjecting consumers to the unchecked conduct of sophisticated financial entities, leaving consumers to fend for themselves. As more consumers use P2P systems, they may be at greater risk than they know.
High Prevalence of Fraud and Scams, Coupled with Lack of Accountability and Oversight
Nearly 18 million Americans were scammed or defrauded while using P2P apps in 2020. The convenience, speed, and ease of P2P systems create an opportune environment for fraudsters and scammers. These bad actors use a variety of tactics to lure consumers into sending money, because the scammer will immediately receive the funds due to the quick nature of these systems. In addition, consumers are also victims of phishing or hacking of P2P apps and resultingly, see that their account transferred money without their consent.
P2P apps have disclosures, warnings, and certain security checks, in part due to the high prevalence of fraud and scams. However, these warnings are insufficient in protecting consumers and place the risk and onus unfairly on the consumer. Although consumer alerts published by federal regulators and advocacy groups help inform consumers, they do little to actually protect consumers when using these products.
In the absence of safeguards being built into products, consumers should, at the very least, have meaningful recourse when faced with account closures or deactivations. Despite these rising concerns, there is minimal accountability or oversight of P2P providers, and little has been done to make these products safer for consumers. Those consumers who have been defrauded or scammed are rarely made whole after losing funds to scams or fraud.
Defrauded consumers are often left without any resolution for their stolen money due to ambiguities and gaps in existing consumer protection regulations. Regulation E implements the Electronic Fund Transfer Act (EFTA), but in its current form does not protect consumers when they have been defrauded into making a payment.
That is why CFA supports Chairwoman Maxine Waters’ Protecting Consumers From Payment Scams Act. This bill would amend EFTA and protect consumers from liability when they are defrauded into initiating a transfer. It would also clarify that responsibility to resolve errors applies. Finally, this bill would clarify that EFTA’s error resolution procedures also apply when the consumer makes a mistake, such as when the consumer sends the incorrect amount of funds or to the wrong recipient.
Ineffective Consumer Privacy, Especially of Financial Data
P2P apps collect enormous amounts of consumer data and some even include consumer consent to data aggregation in their initial terms and conditions. P2P companies are not transparent with consumers about the amount of data they collect, what they use the data for, or whether they are selling it to other companies.
Further, the default privacy settings for P2P apps are not in the consumer’s best interest for their financial privacy. For example, Venmo’s default settings publicly show transactions between users, including the parties’ names and attached message with the payment. One does not need an account to see these transactions, and users must manually change two areas of their settings to hide transactions from public view. These practices clearly lack adequate privacy protections, which, coupled with unclear initial privacy notice, puts both consumers and their financial data at risk of great harm.
Finally, despite industry claims, it is unclear whether P2P apps expand financial inclusion for unbanked consumers and other marginalized communities. At first glance, non-banks like P2P apps may seem like an attractive alternative that can aid financial inclusion. However, more than 80% of mobile payment users connect their bank account, credit, or debit card to a smartphone application, requiring at least a smartphone and data, and best used with internet access. Yet, more than 40% of adults in low-income households lack high-speed internet access in their homes and roughly a quarter of low-income consumers lack a smartphone, making P2P applications difficult or impossible to access. This results in a large barrier to entry for many marginalized consumers, and P2P apps are therefore in all likelihood not expanding services to these consumers.
As P2P app usage grows, CFA and other consumer advocates grow increasingly concerned about the lack of consumer protections built into the products combined with extremely minimal federal oversight and accountability. Funds left in P2P apps are not covered by FDIC insurance, which means that P2P apps can freeze funds or deactivate accounts, leaving consumers without access to their stored funds. In addition, consumers lack recourse when defrauded, scammed or hacked, which is occurring at increasingly alarming rates. Plus, P2P apps have access to large amounts of consumer financial data and consumer privacy is insufficient. Finally, although these apps can certainly meet some consumer’s needs, it is unlikely that P2P apps are expanding financial inclusion to underserved consumers.