Third-Party Risk from a Prepaid Expert’s Perspective

As part of our Venminder Thought Leadership Series interview where we speak with the industry’s sought-after thought leaders for their perspective and advice on third parties, mitigating risk, best practices, trends and more, I had the opportunity to speak with Loraine Debonis of Ubiquity Compliance Solutions. Loraine and I were recently on a panel together at the NBPCA’s Power of Prepaid conference this past April in Washington. Loraine is the Director of Marketing and Communications at Ubiquity Compliance Solutions which is a dispute and chargeback management company with many clients in the prepaid sector. She has more than 20 years’ experience in communications and, prior to joining Ubiquity Compliance, she spent 10 years in payments at Paybefore.

You can listen to the full interview here.

During our discussion, we covered:

• Key takeaways from the NBPCA’s Power of Prepaid conference
• Regulation E
• How financial institutions can improve their process from a prepaid expert’s perspective

Key Takeaways from the NBPCA’s Power of Prepaid

Loraine shared that the key takeaway from the NBPCA’s Power of Prepaid for her is really just how important third-party risk management is. This may seem very straightforward; however, it surely isn’t a topic to ever take lightly. She shared that compliance and risk management are hard, as most of us are aware, and stakeholders need to provide their cooperation as it needs to a be a priority and at the top of the list both for the prepaid and financial services industries.

Loraine makes a great point in stating that it’s all about collaboration in the business in order to be successful at third-party risk management. You need to understand who is doing what, why, how and when. It’s not a one and done exercise but instead an ongoing one that you must be vigilant about.

Regulation E – Understanding the Regulation and the Challenges

As a panelist at Power of Prepaid, Loraine took note of the focus on Reg E this year. Regulation E is a Federal Reserve regulation governing disputes and error resolution for debit and prepaid cards. She shares that there’s so much to understand about Reg E as you truly need a good grasp on the process that must be in place (i.e. if a customer calls into the company regarding an unauthorized charge on their account, what are the steps your company must take to follow regulation and also do right by the cardholder).

Given Loraine’s expertise in the prepaid industry, I took the opportunity to ask her what the biggest challenges are that companies and prepaid program managers are facing specifically around Reg E. In her opinion, the Reg E challenges are:

1. Dispute types: There are so many different types of disputes to manage.
2. Different timeframes and expectations: The timeframe varies depending on what kind of dispute is at hand and the regulation is fairly complex in its specific requirements.
3. Managing the network rules: The rules are in addition to the regulatory requirements and are changing as well.
4. Spikes in disputes occur periodically: These spikes in dispute volume tend to happen around big deposit periods like tax season or during back to school times.

Recommendations to Improve Your Overall Risk Management Practices

Based on 10 years in the prepaid industry, Loraine shared the following recommendations to improve your overall risk management practices:

• Even if your program is well-developed and you have a robust system in place, with the evolving regulations and demands sometimes it’s a good idea to seek outside expert assistance.
• Maintain a focus on risk management and due diligence and make sure you’re picking the right third parties to partner with your company.
• Keep compliance and third party risk management as an ongoing priority – never make it a one-time priority. Per Loraine,
  “…we all know that compliance is hard. Risk management is hard and financial institutions have so many competing priorities but the third-party risk management just has to be at the top.”

I think her statement is very on-point with where the industry is at this time. Third-party risk management is a top priority that isn’t diminishing anytime soon. 

Regulation E isn't the only guidance you should be aware of. We know that there can be a great deal of third-party risk regulations to keep up with, so we created a quick an easy reference guide just for you. Download now.