Prohibition on Funding of Unlawful Internet Gambling, 69382-69411 [E8-27181]

Download as PDF 69382 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations Baressi, Financial Services Project Leader (202/452–3959), Division of Reserve Bank Operations and Payment Systems; for users of Telecommunication Devices for the Deaf (TDD) only, contact 202/263–4869. Treasury: Charles Klingman, Director, Office of Critical Infrastructure Protection and Compliance Policy; or Steven D. Laughton, Senior Counsel, Office of the Assistant General Counsel (Banking & Finance), 202/622–9209. SUPPLEMENTARY INFORMATION: FEDERAL RESERVE SYSTEM 12 CFR Part 233 [Regulation GG; Docket No. R–1298] DEPARTMENT OF THE TREASURY 31 CFR Part 132 RIN 1505–AB78 Prohibition on Funding of Unlawful Internet Gambling Board of Governors of the Federal Reserve System and Departmental Offices, Department of the Treasury. ACTION: Final rule. mstockstill on PROD1PC66 with RULES3 AGENCIES: SUMMARY: This document is published jointly by the Departmental Offices of the Department of the Treasury (the ‘‘Treasury’’) and the Board of Governors of the Federal Reserve System (the ‘‘Board’’) (collectively, the ‘‘Agencies’’) to adopt a final rule to implement applicable provisions of the Unlawful Internet Gambling Enforcement Act of 2006 (the ‘‘Act’’). The final rule sets out definitions for terms used in the regulation; designates payment systems that could be used by participants in connection with, or to facilitate, a restricted transaction; exempts certain participants in certain designated payment systems from the requirement of the regulation; requires the participants performing non-exempt functions in a designated payment system to establish and implement policies and procedures reasonably designed to prevent or prohibit restricted transactions, such as by identifying and blocking such transactions; provides non-exclusive examples of policies and procedures for non-exempt participants in each designated payment system; and sets out the regulatory enforcement framework. In developing this rule, the Agencies have consulted with the Department of Justice, as required by the Act, and have taken into consideration all comments received on the proposed rule issued in October 2007. DATES: Final rule is effective January 19, 2009. The incorporation by reference of the publication listed in the final rule is approved by the Director of the Federal Register as of January 19, 2009. However, compliance by non-exempt participants in designated payment systems is not required until December 1, 2009. FOR FURTHER INFORMATION CONTACT: Board: Christopher W. Clubb, Senior Counsel (202/452–3904), Legal Division; Jeffrey S. Yeganeh, Manager, or Joseph VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 I. Background Unlawful Internet Gambling Enforcement Act The Act prohibits any person engaged in the business of betting or wagering (as defined in the Act) from knowingly accepting payments in connection with the participation of another person in unlawful Internet gambling. Such transactions are termed ‘‘restricted transactions.’’ The Act generally defines ‘‘unlawful Internet gambling’’ as placing, receiving, or otherwise knowingly transmitting a bet or wager by any means which involves the use, at least in part, of the Internet where such bet or wager is unlawful under any applicable Federal or State law in the State or Tribal lands in which the bet or wager is initiated, received, or otherwise made. The Act states that its provisions should not be construed to alter, limit, or extend any Federal or State law or Tribal-State compact prohibiting, permitting, or regulating gambling within the United States.1 The Act does not spell out which activities are legal and which are illegal, but rather relies on the underlying substantive Federal and State laws.2 The Act requires the Agencies (in consultation with the U.S. Attorney General) to designate payment systems that could be utilized in connection with or to facilitate restricted transactions. Such a designation makes the payment system, and financial transaction providers participating in the system, subject to the requirements of the regulations. The Act further requires the Agencies (in consultation with the U.S. Attorney General) to prescribe regulations requiring designated payment systems and financial transaction providers participating in each designated payment system to establish policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions. The regulations must identify types of 1 31 U.S.C. 5361(b). H. Rep. No. 109–412 (pt. 1) p. 10. 2 See PO 00000 Frm 00002 Fmt 4701 Sfmt 4700 policies and procedures that would be deemed to be reasonably designed to achieve this objective, including nonexclusive examples. The Act also requires the Agencies to exempt certain restricted transactions or designated payment systems from any requirement imposed by the regulations if the Agencies jointly determine that it is not reasonably practical to identify and block, or otherwise prevent or prohibit the acceptance of, such transactions. Overview of the Proposed Rule In October 2007, the Agencies jointly issued, and requested public comment on, a Notice of Proposed Rulemaking (‘‘NPRM’’) to implement the Act.3 The proposed rule provided definitions of terms used in the regulation, many of which followed or referred to definitions set out in the Act or other existing regulatory or statutory definitions. The proposed rule did not attempt to further define gamblingrelated terms because the Act itself does not specify which gambling activities are legal or illegal and relies on prohibitions contained in statutes that are not under the jurisdiction of the Agencies. Application of some of the terms used in the Act may depend significantly on the facts of specific transactions such that general regulatory definitions would not be appropriate. The proposed rule designated the following payment systems as payment systems that could be used in connection with unlawful Internet gambling transactions restricted by the Act: Automated clearing house systems; card systems; check collection systems; money transmitting businesses; and wire transfer systems. The proposed rule required participants in these designated payment systems to establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit transactions in connection with unlawful Internet gambling. The proposed rule also exempted from the requirements to establish such policies and procedures all participants in the automated clearing house systems, check collection systems, and wire transfer systems, except for the participant that possesses the customer relationship with the Internet gambling business (and certain participants that receive certain cross-border transactions from, or send certain such transactions to, foreign payment service providers) because the Agencies believed that it was not reasonably practical for those participants to identify and block, or otherwise prevent or prohibit, unlawful 3 72 FR 56680 (Oct. 4, 2007). E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 Internet gambling transactions restricted by the Act. The Agencies intended that the participant with the customer relationship with the Internet gambling business would have the responsibility in the ACH systems, check collection systems, or wire transfer systems to prevent or prohibit restricted transactions from being credited to the account of the gambling business through that particular payment system. Finally, the proposed rule described types of policies and procedures that non-exempt participants in each type of designated payment system could adopt in order to comply with the Act and included non-exclusive examples of policies and procedures that would be deemed to be reasonably designed to prevent or prohibit restricted transactions. The non-exclusive examples included special procedures for cross-border transactions in ACH systems, check collection systems, and wire transfer systems. The Agencies requested comment on all aspects of the proposed rule, as well as detailed questions regarding specific aspects of the rule within each section. Overview of Public Comments The Agencies received comments from about 225 members of the public, including approximately 125 consumers, 40 depository institutions and associations thereof, 20 gamblingrelated entities, 10 public-policy advocacy groups, 10 payment system operators and money transmitters, and 20 others, including Federal agencies and members of Congress.4 In addition to the following overview, specific comments are discussed in more detail in the portions of the section-by-section analysis that describe particular provisions. Comments related to the Act. About 65 commenters directly addressed the Act itself. Of these, approximately 35 commenters, almost all consumers, expressed disapproval of the Act. Consumers generally thought that the Act represents an inappropriate governmental intrusion into the personal choices that individuals make and that the government should not devote resources attempting to prevent Internet gambling. A portion of these commenters further noted that the government might wish to legalize, regulate, and tax Internet gambling, thereby helping provide appropriate safeguards and protections for consumers while also potentially 4 The comment letters and conference call summaries cited herein are available on the Board’s public Web site at: http://www.federalreserve.gov/ generalinfo/foia/ index.cfm?doc_id=R%2D1298&doc_ver=1. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 increasing the government’s revenues. Conversely, about 20 commenters, about evenly split between consumers and public-policy advocacy groups, expressed support for the Act on the grounds that gambling causes harm. These commenters noted that gambling via the Internet is of particular concern because it is anonymous and can be done within the home at any time of day or night. Additionally, about 10 commenters expressed concern that the Act will exacerbate the U.S.’s difficulties with the World Trade Organization (WTO) related to Internet gambling, and suggested that the Agencies refrain from implementing the Act until the related WTO matter is resolved.5 The Agencies believe that these comments relate to the public policy issue of the merits of the Act itself and are outside the rulemaking process. The Agencies’ duty is to carry out their responsibilities to promulgate implementing regulations required by the Act and that is the focus of this rulemaking. Comments related to the proposed rule. About 20 commenters, almost all of them depository institutions and associations of depository institutions, noted that notwithstanding the Agencies’ efforts to craft a reasonable rule, the proposed regulation would be unduly burdensome and would result in compliance costs greater than any offsetting societal benefit. Several of these commenters stated that the rule would adversely affect the competitiveness of the U.S. payments system, and that the Agencies should be cognizant of the potential for the Act and similar laws to cumulatively cause capital flight and erode the U.S. dollar’s status as the world’s reserve currency. More broadly, these commenters also questioned whether the payments system is the appropriate mechanism by which to enforce prohibitions on Internet gambling. Some of these commenters argued that the responsibility for enforcing gambling laws should lie with Federal and State law enforcement authorities and that, operationally, the preferable way to prevent unlawful Internet gambling may be for the government to work with telecommunications providers to impede gambling Web sites’ access to the Internet. About 50 commenters, primarily consumers and gambling-related entities, expressed concern regarding the rule’s applicability to poker and similar games. These commenters referred to the definition of ‘‘bet or 5 See, e.g., comment letter from David S. Orkin (Dec. 2, 2007) p. 1. PO 00000 Frm 00003 Fmt 4701 Sfmt 4700 69383 wager,’’ and argued that poker is a game predominantly of skill and should be excluded from the scope of the definition. About 30 commenters, primarily depository institutions and associations thereof, as well as a few members of Congress and gambling-related entities, expressed concern regarding the proposed rule’s definition of ‘‘unlawful Internet gambling.’’ Banks stated that the definition’s lack of specificity would result in higher costs associated with complying with the rule. Some members of Congress and gambling-related interests found the vagueness of the definition to be so problematic as to raise free-speech, fundamental-fairness, and Administrative Procedure Act concerns. About 40 commenters responded to the Agencies’ request for comment on whether to incorporate within the rule a list of unlawful Internet gambling businesses. About 35 commenters of various types—depository institutions and associations thereof, payment system operators and money transmitters, as well as public-policy groups—expressed support for such a list, generally on the grounds that it would reduce the cost of complying with the rule, but some of these commenters noted that the list might not prevent restricted transactions. About five commenters, all of which were payment system participants or associations thereof, opposed a list on the grounds that it would not be effective. II. Final Rule Overview After carefully considering the comments, the Agencies have adopted a final rule to implement the Act. In accordance with the Act, the Agencies have consulted with the Department of Justice during the development of the final rule. The Agencies also conducted further outreach to gather information on the issues raised in the public comments. The final rule shares some fundamental characteristics with the approach presented in the proposed rule. First, for example, the final rule retains the focus on a due diligence process in establishing and maintaining a commercial customer relationship as the core policy and procedure that the participants in designated payment systems other than card systems can choose to prevent or prohibit restricted transactions. As noted in the proposal, card systems are the only designated payment systems that use a merchant and transaction coding framework that E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 69384 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations permits participants to identify and block, during processing, transactions with indicia of being restricted transactions. The other designated payment systems could choose to conduct due diligence in accountopening procedures designed to ensure that the commercial customer does not originate or receive restricted transactions through the customer relationship. The final rule also continues to place the responsibility for such due diligence on the participant that is establishing or maintaining the customer relationship with the commercial customer. In response to comments on the proposed rule, as discussed in more detail below, a new subsection ll.6(b) of the final rule provides additional guidance on due diligence steps participants can take for commercial customers to have reasonably designed policies and procedures to prevent or prohibit restricted transactions. The Act requires the Agencies to provide non-exclusive examples of reasonably designed policies and procedures to prevent restricted transactions, rather than establishing an absolute prohibition on processing any restricted transactions. The Agencies recognize the challenge that participants in designated payments systems will face in trying to prevent restricted transactions without unduly burdening their processing of lawful transactions, which make up the vast majority of payments processed. The Agencies believe that flexible, risk-based due diligence procedures at account opening, such as those set out in the final rule, present the best option for balancing these two interests. Similar to the proposed rule, the final rule does not contemplate that the Agencies, other government agencies, or any other entity will establish or publish a list of businesses known to be involved in unlawful Internet gambling. Although the Act does not require creation of a list of unlawful Internet gambling businesses, some commenters have suggested that the Agencies should create such a list and make it available to designated payment systems and their participants in order to permit them to block payments destined to those entities.6 After carefully considering the public comments on this issue, the Agencies have concluded that such a list would not be effective or efficient. The first step in including a business on such a 6 See, e.g., comment letter from Members of Congress of the United States (Sen. Kyl et al.) (Dec. 12, 2007) (hereinafter ‘‘Kyl letter’’) p. 2. See also H. Rep. No. 109–412, Part 1, p. 11. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 list would be to ensure that the particular business was, in fact, engaged in activities deemed to be unlawful Internet gambling under the Act. The Act, however, does not set out the precise activities that are covered by the term, but refers to activities that are unlawful under other Federal or State gambling laws for such determinations. Creating such a list would require the Agencies to formally interpret those laws that are written and enforced by other entities, such as State legislatures and law enforcement agencies. Accordingly, interpretations by the Agencies in these areas may not be determinative in defining the Act’s legal coverage and could set up conflicts or confusion with interpretations by the entities that actually enforce those laws. In addition, the Agencies do not believe that a list of businesses that engage in unlawful Internet gambling would necessarily be effective or efficient in preventing unlawful activity because the payment transactions would not necessarily be made payable to the business’s listed name.7 Even where the business’s listed name is used on the transaction, some payment systems do not process the transaction based on the payee name.8 Also, to the extent that Internet gambling businesses can change their payments information with relative ease and speed, such a list would be outdated quickly. Finally, the Agencies believe that appropriate due diligence conducted by participants opening accounts would be the most effective method for preventing unlawful Internet gambling businesses from gaining access to the payment system directly through U.S. accounts. The suggested due diligence procedures discussed in this final rule are designed to target that relationship. Moreover, the Act already provides for a course of action if government entities are aware of an unlawful Internet gambling Web site. The Act provides a procedure pursuant to which the U.S. Attorney General, State attorneys general, or other appropriate State officials may institute proceedings to have an unlawful Internet gambling Web site removed by the interactive computer service that provides access to that Web site.9 Accordingly, if government entities are aware of an 7 See, e.g., comment letter from MoneyGram Int’l (Dec. 11, 2007) (herein ‘‘neyGram letter’’) p.3 (Internet gambling Web sites may direct payments to an individual, rather than the business’s corporate name, and change these names frequently). 8 For example, the automated processing equipment used to clear checks does not read the payee line on a typical consumer check. 9 31 U.S.C. 5365(c). PO 00000 Frm 00004 Fmt 4701 Sfmt 4700 unlawful Internet gambling Web site, the procedure provided by the Act for denying access to the Web site in its entirety could be used, rather than permitting access to the unlawful Internet gambling Web site to continue without interruption, while relying on the designated payment systems and their participants to block every transaction destined for the Internet gambling business operating the Web site. Finally, the final rule, like the proposed rule, does not define ‘‘unlawful Internet gambling’’ beyond the Act’s definition. Numerous commenters addressed the implementation and compliance problems created by the Act’s definition of ‘‘unlawful Internet gambling’’ and requested that the Agencies provide greater clarity regarding this term.10 The Agencies carefully considered these comments, as well as the challenges of creating a regulatory definition of a term encompassing the various Federal and State laws affecting Internet gambling. After consulting with the Department of Justice and representatives from the offices of several State attorneys general regarding this issue, the Agencies have determined that a single, regulatory definition of ‘‘unlawful Internet gambling’’ would not be practical.11 The Act’s definition of ‘‘unlawful Internet gambling’’ relies on underlying Federal and State gambling laws. The States have taken different approaches to the regulation of gambling within their jurisdictions and the structure of State gambling law varies widely, as do the activities that are permitted in each State. Accordingly, the underlying patchwork legal framework does not lend itself to a single regulatory definition of ‘‘unlawful Internet gambling.’’ The Agencies have attempted to address the payments industry’s desire for more certainty that would result from a precise regulatory definition of ‘‘unlawful Internet gambling’’ through the due diligence guidance provided in ll.6(b). The suggested due diligence process relies on State regulation of Internet gambling and imposes the burden of proof of legality of Internet gambling activities on the gambling business, rather than the designated payment systems and their participants. As discussed in detail below, the Agencies have modified the rules in various respects in response to the 10 See, e.g., comment letter from the American Bankers Association (Dec. 12, 2007) (hereinafter ‘‘ABA letter’’), pp. 5–6. 11 See summary of conference call with representatives of various State Attorneys General (call date July 9, 2008) p. 1. E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations comments received. Identical sets of the final rules are being adopted by the Board, to be published in Title 12 of the Code of Federal Regulations, and by the Treasury, to be published in Title 31 of the Code of Federal Regulations.12 The section numbers used in the analysis below have not changed from the proposed rule, but the subsection numbers may have changed because subsections have been added, deleted, or rearranged in response to public comments. Effective Date mstockstill on PROD1PC66 with RULES3 In the NPRM, the Agencies proposed that the final rule should take effect six months after the joint final rule was published, and requested comment on whether this period was reasonable. Some commenters, representing members of Congress, sports leagues, or gambling-related entities, suggested that six months was either an adequate implementation period or was too long. One or more of these commenters stated that they did not understand why participants would not be able to implement the final rule promptly, expressed concern about the harm a delayed effective date would have on certain gambling interests, and referenced the statutory deadline for the promulgation of a rule.13 Most commenters representing the financial industry suggested that this period was insufficient for financial transaction providers to develop and implement the necessary policies and procedures. In designated payment systems with operators, such as the ACH systems and the card systems, commenters were concerned that participants would have to wait until the operators developed and announced their policies and procedures before developing their own policies and procedures.14 These commenters suggested various periods for an adequate implementation period, ranging from 12 months to 24 months. The Agencies have reviewed these comments and the concerns expressed about a delayed effective date, as well as the reasons given for the need for additional time. In response, the 12 The final rules adopted by the Board and the Treasury within their respective titles of the Code of Federal Regulations (12 CFR Part 233 for the Board and 31 CFR Part 132 for the Treasury) are identically numbered from § ll.1 to § ll.7. For ease of reference, the single set of final rules adopted by each Agency is referred to in this release as Section ll, excluding title and part designations. A similar format is used to refer to the single set of proposed rules issued by the Agencies. 13 See, e.g., Kyl letter, supra note 6, at 2. 14 See, e.g., comment letter from The Clearing House Assoc. LLC and its affiliates, The Clearing House Payments Co. LLC (Dec. 12, 2007) (hereinafter ‘‘The Clearing House letter’’) p. 14. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 Agencies have decided to make the final rule effective approximately 60 days from the date of publication of the final rule in the Federal Register, and to establish a compliance date approximately 12 months from publication of the final rule.15 Given the changes in the nonexclusive examples of policies and procedures which, if followed, would result in a reduction of compliance burden from the proposed rule to the final rule, the Agencies believe that nonexempt participants in designated payment systems certainly should not require more than 12 months to design and implement the necessary policies and procedures.16 The Agencies also believe, however, that the commenters have adequately demonstrated that six months may not be sufficient time for complying with the final rule. Accordingly, the final rule includes a compliance date of December 1, 2009, approximately 12 months from the date of publication of the final rule in the Federal Register. Section-by-Section Analysis § ll.1 Authority, Purpose, and Incorporation by Reference The Agencies did not receive any comments that explicitly requested changes to this section; however, the final rule does include three changes. First, subsection ll.1(a) has been revised to clarify that the final rule, consistent with the Act, is not intended to affect or interpret the interaction between existing Federal or State statutes, such as the Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et seq.) (IHA), and other Federal statutes. Specifically, as set out in subsection ll.1(a), the Act states that none of its provisions shall be construed as altering, limiting, or extending any Federal or State law or Tribal-State compact prohibiting, permitting, or regulating gambling within the United States.17 In addition, the Act states that its provisions are not intended to change the existing relationship between the IHA and other Federal statutes in effect on October 13, 2006, 15 The ‘‘effective date’’ is the date that the regulation affects or is added to the Code of Federal Regulations. The ‘‘compliance date’’ is the date that regulated entities must be in compliance with the regulation. National Archives and Records Administration, Federal Register Document Drafting Handbook, pp. 2–10 and 2–11 (Oct. 1998 rev.). 16 For example, the Agencies believe that the shifting of the burden of establishing whether an Internet gambling business is engaged in restricted transactions from the financial transaction providers to the Internet gambling businesses will minimize burden for participants. 17 31 U.S.C. 5361(b). PO 00000 Frm 00005 Fmt 4701 Sfmt 4700 69385 the date of the Act’s enactment, and are not intended to resolve any existing disagreements over how to interpret the relationship between the IHA and other Federal statutes.18 The final rule is intended to be consistent with these provisions and should not be construed to affect or interpret the interaction between the various underlying Federal and State statutes or Tribal-State compacts. Second, a new subsection ll.1(c) has been added and states that requirements for the collection of information in the final rule have been approved under the Paperwork Reduction Act for the Department of the Treasury by the Office of Management and Budget (OMB) and by the Board pursuant to authority delegated to the Board by OMB. Finally, the reference to the automated clearing house rules incorporated by reference into the final rule has been updated to reflect the 2008 rules published by the National Automated Clearing House Association (NACHA). For purposes of this final rule, there are no material differences between the 2008 NACHA rules and the 2007 NACHA rules that were incorporated by reference in the proposed rule. The Agencies will continue to update the reference to new rules issued by NACHA as appropriate if there are changes in the rules that are material to application of the final rule. § ll.2 Definitions In general. In response to comments, the final rule contains several new or modified defined terms. As an initial matter, lead-in language for the entirety of § ll.2 was added to clarify that the definitions set out in the final rule are intended for use only with respect to the final rule and are not intended to be used in other contexts. § ll.2(a) Actual knowledge. The proposed rule included examples of remedial actions that a non-exempt participant could choose to take if it ‘‘becomes aware’’ that a commercial customer received restricted transactions through the participant’s facilities or a foreign counterparty ‘‘is found to have’’ processed restricted transactions through the participant’s facilities. Commenters objected to these terms as too vague to provide a basis for compliance programs and suggested that they should be replaced with more precise terms that could be implemented by compliance personnel and examined by regulators.19 In 18 31 U.S.C. 5362(10)(D)(iii). e.g., comment letter from Wells Fargo & Company (Dec. 12, 2007) (hereinafter ‘‘Wells Fargo letter’’), pp. 15–16. 19 See, E:\FR\FM\18NOR3.SGM 18NOR3 69386 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 response to these comments, a new definition for the term ‘‘actual knowledge’’ was added for use in the remedial action provisions of § ll.6. As described in more detail below, the Agencies revised the remedial action examples to include an ‘‘actual knowledge’’ standard similar to what some commenters suggested.20 As used in the final rule, the term ‘‘actual knowledge’’ includes information regarding a particular transaction or commercial customer that is known by or brought to the attention of compliance personnel of the participant responsible for that transaction or customer (which may be below officer level) or any officer of the participant. The Agencies expect that an employee at the officer level of a participant should be responsible for forwarding the information to the proper personnel within the organization. § ll.2(c) Bet or wager. The proposed rule contained a definition of the term ‘‘bet or wager’’ which followed the definition for that term contained in the Act.21 Specifically, the proposed rule defined the term, in pertinent part, to mean the staking or risking by any person of something of value upon the outcome of, among other things, ‘‘a game subject to chance, upon an agreement or understanding that the person or another person will receive something of value in the event of a certain outcome.’’ 22 Similar to the Act, the proposed rule did not define gambling-related terms such as ‘‘game subject to chance.’’ The Agencies explained in the proposed rule that it was their preliminary view that issues regarding the scope of gambling-related terms should be resolved by reference to the underlying substantive State and Federal gambling laws and not by a general regulatory definition. The Agencies received about 40 comments related to the meaning of the term ‘‘game subject to chance.’’ Commenters requested that the Agencies clarify that Congress did not intend for the Act to block lawful gaming transactions such as skill games, that the definition of ‘‘unlawful Internet gambling’’ does not include skill games, and that the system designed to stop the flow of funds to unlawful Internet gambling operations does not include businesses operating skill games on the Internet.23 Commenters also suggested application of a dominant factor test as 20 Id. at 21–22. U.S.C. 5362(1). 22 NPRM, 72 FR at 56695. 23 See e.g., comment letter from the Interactive Skill Games Association (Dec. 12, 2007), pp. 1 and 3. 21 31 VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 a means of distinguishing a skill game from a game subject to chance.24 Commenters asserted that, under the dominant factor test, a game whose outcome is determined predominantly by chance would be a game subject to chance, and a game whose outcome is determined predominantly by skill would be a skill game not covered by the Act or the regulation.25 Commenters also stated that ‘‘subject to chance’’ is meant to cover games like roulette or slots where persons bet against the ‘‘house’’ and success is determined entirely by chance as opposed to games where individuals compete against one another with success over time being determined by skill.26 Commenters also asserted that poker is a game of skill and not of chance.27 Other commenters asserted that games like traditional poker and bridge are games subject to chance based on the ‘‘luck of the draw’’ via the random shuffling and dealing of cards.28 These commenters asserted that unlike traditional poker and bridge, games like duplicate poker and duplicate bridge are skill games, because the luck of the draw is completely eliminated. The Agencies believe that the characterization of each of the activities discussed above depends on the specific facts and circumstances. As noted above, the Agencies believe that questions regarding what constitutes unlawful Internet gambling should be resolved pursuant to the applicable Federal and State gambling laws. While there may be some games or contests conducted over the Internet that are not ‘‘games subject to chance’’ and, thus, not subject to the Act and the final rule, the Agencies believe that such issues are more appropriately resolved pursuant to the various underlying gambling laws than with a single regulatory definition. The Agencies note, however, that a careful reading of the statutory language of the Act may be instructive in discerning Congressional intent regarding what constitutes a ‘‘game subject to chance.’’ The Act defines the term ‘‘bet or wager’’ as including a ‘‘game subject to chance.’’ 29 However, the Act also defines the term ‘‘bet or wager’’ as including the purchase of a chance or opportunity to win a lottery 24 See e.g., comment letter from the Poker Players Alliance (Dec. 12, 2007) (hereinafter ‘‘PPA letter’’), p. 2. 25 Id. 26 See e.g., comment letter from Daniel W. Johnson (Oct. 16, 2007), p. 1. 27 See e.g., PPA letter, supra note 24, at 2. 28 See e.g., comment letter from Nelson Mullins Riley & Scarborough LLP (Dec. 12, 2007) (hereinafter ‘‘Nelson Mullins letter’’) pp. 2–3. 29 31 U.S.C. 5362(1)(A). PO 00000 Frm 00006 Fmt 4701 Sfmt 4700 or other prize (which opportunity to win is predominantly subject to chance).’’ 30 The fact that Congress used ‘‘subject to chance’’ in one paragraph and ‘‘predominantly subject to chance’’ in the next paragraph in the same subsection suggests that Congress intended the element of chance in ‘‘game subject to chance’’ to be less than predominant. The Agencies believe that if Congress had intended chance to be the predominant factor in determining the outcome of a ‘‘game subject to chance,’’ Congress would have inserted the word ‘‘predominantly’’ as it did subsequently in the same section. Therefore, even if chance is not the predominant factor in the outcome of a game, but was still a significant factor, the game could still be deemed to be a ‘‘game subject to chance’’ under a plain reading of the Act. One commenter suggested that the Agencies consider developing a procedural mechanism by which Internet gambling businesses may apply for and obtain a certification from the Agencies that the Internet gambling businesses are engaged in lawful Internet gambling under applicable Federal and/or State law.31 The Agencies have decided against implementing such a certification process. Instead, the nonexclusive policies and procedures contained in the final rule and discussed further below provide for an analogous procedural mechanism whereby the responsibility of determining which gambling activities are lawful is retained with the authorities enforcing the underlying gambling laws. Specifically, participants in designated payment systems may choose to follow the due diligence process in § ll.6(b) of the final rule’s non-exclusive examples whereby they can rely on licenses issued by the appropriate gambling authorities as evidence that a commercial customer’s Internet gambling activities are lawful. If a commercial customer does not have such a license, the participant may request that the unlicensed Internet gambling business provide a reasoned legal opinion that it does not engage in restricted transactions. If a participant has questions or concerns regarding the reasoned legal opinion, it should verify (or have the commercial customer verify) the conclusions presented in the reasoned legal opinion with the appropriate licensing authority. § ll.2(d) Block. A new definition for the term ‘‘block’’ was added to the final 30 31 U.S.C. 5362(1)(B) (emphasis added). Mullins letter, supra note 28, at 2 and 31 Nelson 6. E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations rule in response to comments that suggested that there was confusion among participants over the meaning of the term.32 This term is used in the Act and the proposed rule imported it from the statutory language. As defined in the final rule, the term ‘‘block’’ means to reject a transaction before or during processing and is not intended to require freezing the funds. The funds would remain in or be returned to the original account and could be accessed by the accountholder for other purposes. § ll.2(f) Card system. The final rule includes revisions to the definition of ‘‘card system’’ included in the proposed rule in response to a comment that requested that the definition be clarified to cover both a card system model in which the merchant acquirer, the card network, and the card issuer are separate entities, as well as a model in which one company (such as American Express) owns the card processing network and is responsible for two or more major functions involved in issuing cards and acquiring merchants to accept the cards.33 The NPRM discussed both card system models and the proposed rule made no distinction between the two.34 In order to remove any ambiguity, the final rule clarifies that both models are covered by the term ‘‘card system’’ in the final rule. § ll.2(i) Commercial customer. A new definition for the term ‘‘commercial customer’’ was added to the final rule in response to comments that suggested that the final rule should clarify that the regulation was focused on due diligence procedures relating to commercial customers, rather than consumer accounts.35 As noted above, other than for payment systems with a transaction coding functionality, the Agencies are suggesting that the efforts of participants in designated payment systems be focused on preventing restricted transactions primarily through due diligence on commercial customers. The Agencies have revised the provisions of the regulation to provide more clarity on this point. To facilitate this, a definition of the term ‘‘commercial customer’’ was added to the final rule. § ll.2(o) Foreign banking office. A new definition of the term ‘‘foreign banking office’’ was included in the final rule for use in the remedial action provisions in § ll.6 for cross-border transactions. The definition clarifies mstockstill on PROD1PC66 with RULES3 32 See, e.g., The Clearing House letter, supra note 14, at 13. 33 See, e.g., comment letter from Bank of America (Dec. 12, 2007) pp. 2–3. 34 NPRM, 72 FR 56680, 56684 n.10. 35 See, e.g., comment letter from Howrey, LLP, on behalf of The Money Services Round Table (Dec. 6, 2007) (hereinafter ‘‘TMSRT letter’’) pp. 5–6. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 that a foreign office of a U.S. bank and a non-U.S. office of a foreign banking organization are both considered a ‘‘foreign banking office’’ for purposes of the final rule. The non-exclusive examples of reasonably designed policies and procedures include special provisions with respect to transactions and relationships between a U.S. office of a participant in a designated payment system and a foreign banking office. The new term for ‘‘foreign banking office’’ was included to facilitate those provisions. § ll.2(r) Internet gambling business. The final rule includes a new definition of the term ‘‘Internet gambling business’’ to facilitate use of the expanded example of due diligence of commercial customers. (Under the due diligence example, a participant would assess the risk of a customer being engaged in an ‘‘Internet gambling business’’ and would take certain steps based on that assessment.) The term contains elements of the Act’s definition of the term ‘‘unlawful Internet gambling,’’ but includes both lawful and unlawful activities. The new term excludes the customary activities of a financial transaction provider, or any interactive computer service or telecommunications service, similar to the Act’s exclusions from the term ‘‘business of betting or wagering.’’ § ll.2(v) Operator. Some commenters requested clarification of the exemptions and responsibilities of different participants in a payment system under the examples of reasonably designed policies and procedures to prevent restricted transactions.36 The final rule defines the term ‘‘operator’’ of a designated payment system to mean an entity that provides centralized clearing and delivery services between participants in the designated payment system and maintains the operational framework for the system and includes an ACH operator as defined in the NACHA rules. This definition works in conjunction with the clarifying changes to the exemptions and revisions, discussed below. For example, the operator of a money transmitting business is responsible for establishing the policies and procedures, while in an ACH system, the operator is generally granted an exemption. § ll.2(x) Reasoned legal opinion. The final rule includes a new definition for the term ‘‘reasoned legal opinion’’ to facilitate use of the expanded due diligence guidance that has been added to § ll.6(b). As explained in more detail below, in certain situations, a 36 See, PO 00000 e.g., ABA letter, supra note 10, at 3–4. Frm 00007 Fmt 4701 Sfmt 4700 69387 participant may ask a commercial customer for a ‘‘reasoned legal opinion’’ that its Internet gambling business does not involve restricted transactions. The Agencies added this term to provide more guidance on the type of legal opinion that would be considered adequate. The definition is based in part on the American Bar Association standards for a legal opinion.37 § ll.2(y) Restricted transaction. Several commenters asked the Agencies to clarify that the definition of ‘‘restricted transaction’’ would not apply to funds going to a consumer (i.e., a gambler), as opposed to funds going to a commercial customer (i.e., an Internet gambling business).38 The Act defines ‘‘restricted transaction’’ in § 5362(7) as ‘‘any transaction * * * which the recipient is prohibited from accepting under section 5363.’’ In turn, § 5363 provides that ‘‘[n]o person engaged in the business of betting or wagering may knowingly accept’’ a payment ‘‘in connection with the participation of another person in unlawful Internet gambling.’’ Under the final rule, the term ‘‘restricted transaction’’ would not include funds going to a gambler, and would only include funds going to an Internet gambling business. § ll.2(aa) Third party processor. A new definition for the term ‘‘third party processor’’ was added to the final rule in response to comments that suggested the final rule should clarify the responsibilities of processors under the Act.39 The new definition clarifies that a processor with a direct customer relationship with the originator of a debit transfer transaction or the receiver of a credit transfer transaction, and which acts as an intermediary between the originator (or receiver) and the depository institution is a ‘‘third party processor’’ and covered by the regulation. A processor providing backoffice support to a depository institution is not covered by the final rule, but the depository institution should ensure that such a processor complies with the depository institution’s policies. The term ‘‘third party processor’’ has also been added to the definition of ‘‘participant in a designated payment system’’ and, as discussed in § ll.6, ‘‘third party processors’’ are responsible for establishing reasonably designed 37 See ‘‘Third-Party Legal Opinion Report, Including the Legal Opinion Accord, of the Section of Business Law,’’ American Bar Association, 47 Bus. Law. 167 (1991). 38 See, e.g., comment letter from the National Automated Clearing House Association (Dec. 13, 2007) (hereinafter ‘‘NACHA letter’’), p. 2. 39 See, e.g., comment letter from U.S. Central Federal Credit Union (Dec. 6, 2007) p. 3. E:\FR\FM\18NOR3.SGM 18NOR3 69388 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 policies and procedures in certain circumstances. § ll.3 Designated Payment Systems The final rule’s list of designated payment systems subject to the regulation differs from the list presented in the proposed rule only with respect to the designation for money transmitting businesses. The proposed rule included the definitions of ‘‘money transmitting business’’ and ‘‘money transmitting service’’ set out in the Act. The proposed rule designated ‘‘money transmitting businesses’’ as payment systems subject to the regulation. Commenters noted that, as defined in the Act, ‘‘money transmitting business’’ included check cashers, currency exchangers or entities which issue or redeem money orders or travelers checks.40 For purposes of the Act, the Agencies do not believe that entities should be brought under the final rule’s designation of ‘‘money transmitting business’’ and become subject to the final rule’s provisions solely by virtue of engaging in check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments. Such activities could not be used for Internet gambling on an efficient basis. Accordingly, in order to address this comment, the Agencies revised the designation to read money transmitting businesses solely to the extent that they ‘‘engage in the transmission of funds, which does not include check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments.’’ Entities that would be included in the statutory term ‘‘money transmitting business’’ solely by virtue of engaging in check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments, but without engaging in the transmission of funds, would not be a participant in a designated payment system under the final rule. After reviewing comments and conducting further outreach, the Agencies have also revised the designation to include only those money transmitting businesses that engage in the transmission of funds and permit customers to initiate money transmission transactions remotely from a location other than a physical office of the money transmitting business.41 Money transmitting businesses that require senders to come to a physical office location to initiate transactions would not be attractive payment arrangements through which Internet businesses, including Internet gambling businesses, could obtain payments from the general public. The Agencies do not believe that such arrangements could reasonably be used for Internet gambling on a scale that would be useful or efficient for the Internet gambling business due to their lack of broad public accessibility. The Agencies believe that money transmitting businesses that do not permit remote initiation of transactions, such as through a website, are primarily focused on serving a narrow population or geographic area, such as would be the case in arrangements where a particular population in the United States is sending money to relatives in their home country. A few commenters cited ‘‘900number’’ payment schemes, and, while not providing any information regarding how these schemes work, requested that the Agencies look into them and ensure they are covered by the regulation as appropriate.42 The Agencies have researched these schemes and believe that the schemes would fit the Act’s and rule’s definition of a money transmitting business if located within the United States. Operators of the 900-number schemes appear to use either a card payment or an ACH debit to obtain funds from the payor (the caller) and, separately, to use either a check or an ACH credit to send funds to the payee (the merchant that subscribes to the 900number service, i.e., the entity receiving the 900-number call). The model appears analogous to that employed by PayPal (which identifies itself as a money transmitting service, and has obtained numerous Federal and State licenses in that regard), except that the operator of the 900-number scheme uses the phone network instead of the Internet for communications purposes, and uses phone numbers instead of email addresses to identify payors and payees using the system. Accordingly, such schemes located in the United States would be included in the money transmitting business designated payment system set forth in § ll.3(d) of the rule, and non-exempt participants in these systems, such as the operator, would be expected to adopt policies and procedures reasonably designed to prevent or prohibit restricted 40 E.g., TMSRT letter, supra note 35, at 2; see also Wells Fargo letter, supra note 19, at 24–25. 41 See summary of conference call with The National Money Transmitters Assoc. (call date June 3, 2008) (hereinafter ‘‘NMTA call summary’’), p. 1. 42 See, e.g., comment letter from the National Football League, Major League Baseball, National Basketball Association, National Hockey League, and National Collegiate Athletic Association (Dec. 12, 2007) (hereinafter ‘‘NFL letter’’), p. 5. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 PO 00000 Frm 00008 Fmt 4701 Sfmt 4700 transactions if located in the United States. § ll.4 Exemptions In general. Under the proposed rule, in designated payment systems other than card systems, the primary responsibility for establishing reasonably designed policies and procedures to prevent restricted transactions was placed on the participant that established and maintained the customer relationship with the commercial recipient of the funds (i.e., the Internet gambling business). The proposed rule provided exemptions for other specified participants in the ACH, check clearing, and wire transfer systems. Commenters noted that, while listing the exempt participants in each designated payment system may be the functional equivalent of exempting all participants except for the participant with the customer relationship with the Internet gambling business, it could define the exempt participants too narrowly.43 In a payment transaction, there may be numerous intermediary servicers that do not have access to information on the commercial recipient and should be exempted. In addition, as commenters noted, as payment systems evolve, new intermediary participants could enter the transaction stream, but not be exempted because they were not specifically listed in § ll.4. Commenters recommended reworking the text of § ll.4 to make it clear that all participants in designated payment systems are exempt, except for the participant that possesses the customer relationship with the Internet gambling business. In response to these comments, § ll.4 has been revised to exempt every participant in a designated payment system, except the participants that have specific responsibilities in the non-exclusive examples in § ll.6, which, in most cases, will be the participant with the relationship with the commercial customer.44 Various participants would 43 See, e.g., ABA letter, supra note 10, at 3. commenters suggested that even an exempt participant should be required to block a transaction in cases where the participant has actual knowledge that it is a restricted transaction. E.g., NFL letter, supra note 42, at 5. In an automated payment system, it is unclear how an exempt participant would have actual knowledge that a particular transaction is a restricted transaction while in process. In addition, the final rule expressly states that it does not modify any requirement imposed on a participant by other applicable law or regulation to file a suspicious activity report to the appropriate authorities. If any participant suspects that a customer is processing illegal transactions, including restricted transactions, through the participant’s facilities, the 44 Some E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 have responsibilities under the nonexclusive examples for card systems in § ll.6 if card systems and their participants choose to adopt them. § ll.4(a), (b), and (d) Exemptions for ACH, check, and wire systems. Some commenters suggested that the final rule should provide a blanket exemption for ACH, check collection, and wire transfer systems in their entirety because these systems, unlike card systems, do not have the functionality necessary to code transactions and merchants.45 While such an approach would certainly reduce the burden of the rule, it would substantially undermine the efficacy of the rule and the Act. Moreover, the final rule’s non-exclusive examples for ACH, check collection, and wire transfer systems do not contemplate that nonexempt participants would identify individual transactions as restricted transactions. Rather, the final rule’s non-exclusive examples contemplate that a participant would conduct riskbased due diligence of commercial customers at account opening, and when it has actual knowledge that a commercial customer is engaged in an Internet gambling business, to determine the risk the commercial customer presents of engaging in restricted transactions.46 The Agencies believe that this approach is reasonably practical for non-exempt participants in the ACH, check collection, and wire transfer systems and, accordingly, that a blanket exemption for these systems in their entirety would not be appropriate under the Act. Some commenters suggested exempting all U.S. participants processing cross-border transactions, because these participants do not have a direct customer relationship with Internet gambling businesses located abroad.47 The final rule exempts U.S. participants processing outbound crossborder credit transactions (i.e., ACH credits and wire transfers) because there are no reasonably practical steps that a U.S. participant could take to prevent participant should file a suspicious activity report with the appropriate authorities. 45 E.g., comment letter from Manufacturers and Traders Trust Co. (M&T Bank) (Dec. 11, 2007) (hereinafter ‘‘M&T Bank letter’’), p. 4. Some commenters similarly suggested that ACH, check collection, and wire transfer systems should not be listed as designated payment systems for similar reasons. See, e.g., Wells Fargo letter, supra note 19, at 7. 46 One commenter acknowledged that a bank could perhaps identify customers engaged in illegal Internet gambling by conducting enhanced due diligence at account opening, but stated that having to conduct enhanced due diligence at each account opening would be a significant burden on banks and customers alike. See comment letter from Compass Bank (Dec. 6, 2007), pp. 4–5. 47 See e.g., ABA letter, supra note 10 at 4. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 their consumer customers from sending restricted transactions cross-border.48 Specifically, the automated systems associated with ACH credit and wire transfers do not typically include information that would allow U.S. participants to identify and block restricted transactions. The Agencies also considered a process described in the NPRM that would involve customers describing the nature of the transaction and/or stating whether the transaction involves Internet gambling. However, the Agencies determined that such a process would be unduly burdensome for U.S. participants with little corresponding benefit because U.S. customers may mischaracterize the nature of the transaction and the participant would generally be unable to determine whether the customer’s characterization of the transaction is accurate. As discussed in greater detail below, however, the final rule does not exempt U.S. participants receiving cross-border debit transactions (i.e., ACH debits and check collections). Also, there are no exemptions for crossborder transactions in card systems. Exemptions for certain card systems. One commenter suggested that the final rule should exempt gift cards entirely from the regulation and exempt storedvalue cards or, at a minimum, exempt stored value cards below a threshold amount.49 The commenter stated that such cards have not previously been subject to government regulation and such card systems do not have policies and procedures in place to track or limit the type of use of the card by the purchaser.50 The commenter also stated that the burden of imposing a new regulation on entities acting as a card system operator, a merchant acquirer, or a card issuer is likely to be substantial. The Agencies considered this comment, but determined that the concerns were 48 The final rule does not exempt the operator of a money transmitting business with respect to cross-border transactions, another form of credit transaction, because the operator of the system typically signs up commercial customers and can perform due diligence on those customers. 49 See comment letter from Alston & Bird LLP (Dec. 12, 2007) (hereinafter ‘‘Alston & Bird letter’’), pp. 14–17. 50 The commenter also questions whether the proposed rule required issuers, seller, and redeemers of gift cards to have reasonably designed policies and procedures to prevent restricted transactions. Id. at 15. As explained above, the only participants in card systems that are contemplated by the final rule’s non-exclusive examples to have policies and procedures are the operator, card issuer, third-party processor, and merchant acquirer. Retailers that may sell pre-paid gift cards or stored value products of other issuers, such as grocery stores or convenience stores that sell gift cards for book stores, are not participants in a designated payment system, as defined by the final rule, and thus are not covered by the final rule. PO 00000 Frm 00009 Fmt 4701 Sfmt 4700 69389 addressed by the final rule. The final rule’s non-exclusive examples for card systems are based on coding frameworks that have already been instituted by the operators of the major ‘‘open’’ card systems, such as Visa, MasterCard, and American Express. If a card system is a ‘‘closed loop’’ system, the cards can only be used at the merchants belonging to the ‘‘closed loop’’ system. So long as Internet gambling businesses cannot accept these cards, the burden of this rule would be minimal, although the non-exempt participants in these systems would still have to comply with the rule’s requirement to have reasonably designed policies and procedures in place. Accordingly, the Agencies determined that a blanket exemption for stored value products and gift cards was not appropriate. Another commenter questioned the application of the proposed rule to cobranded cards, where a depository institution issues the card, but a nondepository institution, such as a securities firm, has its name on the card.51 According to the commenter, the cards are usually issued to customers of the non-depository institution, but, in some co-branded card arrangements, the non-depository institution may assist the card issuer in certain aspects of the program, such as performing subaccounting, issuing statements and providing authorization services, under a servicing contract with the card issuer. The commenter argued that a securities firm should not be regarded as a participant in the card system simply because its name appears on the card or the securities firm provides services to the card issuer in support of the program. The Agencies believe that the final rule’s non-exclusive examples for card systems address these types of situations. The non-exclusive examples for card systems contemplate the implementation of a code system, such as transaction codes and merchant/ business category codes to accompany the authorization request for a transaction. The code system should provide the operational functionality to enable the card system operator or the card issuer to reasonably identify and deny authorization for a transaction that the coding procedure indicates may be a restricted transaction. With respect to the commenter’s question regarding the responsibilities of the co-branding securities firm under the non-exclusive examples for card systems in § ll.6, the answer would depend on the facts presented. If the 51 Comment letter from the Securities Industry and Financial Markets Association (Dec. 12, 2007), pp. 3–4. E:\FR\FM\18NOR3.SGM 18NOR3 69390 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations card issuing bank receives the transaction authorization request with the required codes, it should implement its policies and procedures to deny authorization for a transaction with codes that indicate it may be a restricted transaction, without any involvement by the non-depository institution with its name on the card. If the card issuing bank has contracted with the cobranding non-depository institution to process authorization requests, the card issuing bank is responsible for ensuring that the co-branding non-depository institution is properly following the card issuing bank’s policies and procedures regarding restricted transactions. § ll.4(c) Money transmitting business. The proposed rule did not contain any exemptions for participants in a money transmitting business. Commenters suggested that ‘‘send’’ agents of money transmitting businesses should be exempted from the rule’s requirements because, like the originating institution in an ACH credit or a wire transfer, the ‘‘send’’ agent does not have a direct relationship with the commercial customer receiving the funds transmission and would not be in a position to collect information to identify restricted transactions.52 In response to these comments, the Agencies have determined to exempt all send agents in a money transmitting business. In fact, the final rule includes an exemption for all participants in a money transmitting business, except for the operator. If an entity acted as both a send agent and the operator in a money transmitting business, the entity would not be exempted from the final rule by virtue of acting as the operator. mstockstill on PROD1PC66 with RULES3 § ll.5 Policies and Procedures Required § ll.5 Section title. In the proposed rule, the title of § ll.5 was ‘‘Processing of restricted transactions prohibited.’’ One commenter suggested that the title of § ll.5 in the proposed rule be revised to more accurately reflect what the section actually does.53 In fact, the requirement in § ll.5 is to establish and implement reasonably designed policies and procedures to identify and block or otherwise prevent or prohibit restricted transactions, rather than impose a strict liability standard. The title of § ll.5 in the final rule has been revised accordingly to read ‘‘Policies and procedures required.’’ e.g., TMSRT letter, supra note 35, at 3. e.g., comment letter from MasterCard Worldwide (Dec. 12, 2007) (hereinafter ‘‘MasterCard letter’’) p. 2. § ll.5(b) Reliance on system policies and procedures. The proposed rule incorporated the Act’s provisions permitting a participant in a designated payment system to comply with the Act’s requirement to establish policies and procedures by relying on and complying with the policies and procedures of the designated payment system if the system’s policies and procedures complied with the requirements of the regulation. This would likely be applicable to operatordriven systems, such as card systems. The Act does not indicate how a participant is to determine whether a system’s policies and procedures comply with the regulation, and yet, makes such a determination a requirement for compliance under this provision. Commenters noted the significant problems and burden that would be imposed on participants in determining whether a system’s policies and procedures complied with the regulation in order to rely on them.54 In response to these comments and to provide participants with a bright-line standard for knowing when they could rely on this provision for compliance with the regulation, the Agencies revised the rule to expressly permit participants in a designated payment system to rely on a written statement or notice by the operator of the designated payment system to its participants that states that the operator has designed or structured its policies and procedures to comply with the regulation. Such a statement or notice will be deemed to provide a justifiable basis for the participant to assume that the system’s policies and procedures comply with the requirements of the final rule, unless and until the participant is notified otherwise by the Federal agency that has enforcement authority over that participant under § ll.7. The Agencies anticipate that such a statement or notice will provide a common understanding for all parties (i.e., the system operator, the other participants, and the regulator) that the Federal functional regulators will review the operator’s policies and procedures and that the participants, many of which may be small businesses, will not be criticized by the regulators if they comply with the operator’s policies and procedures, even though the regulators may subsequently deem the operator’s policies and procedures to be deficient. If, upon review, the regulators determine that the operator’s policies and procedures are deficient under the 52 See, 53 See, VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 54 See, e.g., comment letter from the Office of the Comptroller of the Currency (Dec. 12, 2007) (hereinafter ‘‘Comptroller letter’’) pp. 2–3. PO 00000 Frm 00010 Fmt 4701 Sfmt 4700 regulation, the Agencies expect that the regulators will work with the operator to correct the deficiency. If the operator is unable or unwilling to correct the deficiency, the Agencies expect that the regulators or the system operator would notify the participants that they can no longer rely on the operator’s policies and procedures. § ll.5(d) Liability protection. As noted in the NPRM, the proposed rule imported the Act’s provisions protecting persons from liability for identifying and blocking, preventing or prohibiting the acceptance of its products or services in connection with a transaction, or otherwise refusing to honor a transaction if (i) the transaction is a restricted transaction, (ii) such person reasonably believed the transaction to be a restricted transaction, or (iii) the person is a participant in a designated payment system and prevented the transaction in reliance on the policies and procedures of a designated payment system, in an effort to comply with the regulation. Some commenters suggested that the final rule expand these provisions to provide protection from liability in specific scenarios.55 The Agencies considered these comments, but do not believe that expanding the liability protections in the regulation is appropriate. The Act’s liability protection provisions address liability to a counterparty that may arise under other statutes (such as State commercial laws) from the failure of a participant in a designated payment system to complete a transaction. The Agencies do not believe that the Act authorizes them to expand or modify, by regulation, the scope of the protection from liability that the Act itself provides with respect to these other statutes.56 The liability protection provisions in the final rule are limited to application of the final rule. The scope of the Act’s liability protection with respect to other statutes should be determined by the entities that enforce those statutes. Accordingly, the final rule retains the scope of the liability protection provisions from the proposed rule. § ll.5(e) Overblocking. The Act requires that the Agencies ensure that transactions in connection with any 55 See, e.g., comment letter from First Data Corporation (Dec. 12, 2007) p. 3. 56 A commenter also requested that the Agencies include the Act’s liability protection provisions verbatim from the statutory language. See MasterCard letter, supra note 53, at 3. The commenter was unclear as to whether the liability protection in the proposed rule matched the breadth of content of the Act’s provision. As noted above, the Agencies intended to import the Act’s liability protections from the Act and only modified the language for grammatical purposes to insert into the regulation. E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations activity excluded from the Act’s definition of ‘‘unlawful Internet gambling’’ are not blocked or otherwise prevented or prohibited by the prescribed regulations (the ‘‘overblocking provision’’).57 As noted in the NPRM, the proposed rule implemented this provision by making clear that nothing in the regulation requires or is intended to suggest that participants should block or otherwise prevent or prohibit any transaction in connection with any activity that is excluded from the definition of ‘‘unlawful Internet gambling’’ in the Act. In the NPRM, the Agencies noted that they believed that the Act does not provide the Agencies with the authority to require designated payment systems or participants therein to process any gambling transactions if the system or participant decides for business reasons not to process such transactions. Some commenters agreed with the Agencies’ approach to the overblocking provision presented in the proposed rule.58 One commenter noted that any regulation that would require participants in designated payment systems to process certain types of transactions would ‘‘significantly alter the business practices of many financial transaction providers—including the issuers of significant numbers of payment cards who currently routinely decline authorization for all transactions on U.S.-issued cards coded as Internet gambling transactions.’’ 59 Conversely, some commenters representing gambling interests argued that the final rule should clarify that transactions related to interstate pari-mutuel wagering are not unlawful and need not be blocked.60 Some commenters suggested that the final rule should require designated payment systems to create a new merchant category code specifically for gambling transactions that are not prohibited by the Act.61 The Agencies continue to believe that the Act does not provide them with the authority to require designated payment systems or participants therein to engage in any particular line of business or process any particular transactions.62 57 31 U.S.C. 5364(b)(4). e.g., comment letter from Visa U.S.A. Inc. (Dec. 12, 2007) (hereinafter ‘‘Visa letter’’) p. 3; see also ABA letter, supra note 10, at 5. 59 See MasterCard letter, supra note 53, at 4. 60 See, e.g., comment letter from American Greyhound Racing, Inc. (Nov. 26, 2007), p. 2. 61 See, e.g., comment letter from the National Thoroughbred Racing Association (Dec. 11, 2007), p. 2. 62 A principle of statutory construction is that a statute ought to be construed so that, if it can be prevented, no clause, sentence, or word shall be superfluous, void, or insignificant. As noted above, § 5364(b)(4) of the Act directs the Agencies to While card system operators certainly may create new merchant category codes that are useful for specific transactions and industries, that is a business decision that those operators must make. Accordingly, the Agencies continue to believe that the proposed rule’s language adequately addressed the Act’s overblocking provision and that language has been retained in the final rule. § ll.5(g) U.S. offices. Some commenters requested that the Agencies clarify that the scope of any final rule is limited to United States offices of participants in designated payment systems.63 The Agencies believe that the Act’s restrictions apply only to transactions that are unlawful under applicable U.S. Federal or State law. The Act’s definition of ‘‘unlawful Internet gambling’’ clearly states that it refers to a bet or wager that ‘‘is unlawful under any applicable Federal or State law in the State or Tribal land in which the bet or wager is initiated, received, or otherwise made.’’ 64 Transactions that are wholly outside the United States (i.e., when all parties and financial transaction providers to the transaction are outside the United States) would not violate such laws. As discussed below, while the Agencies expect U.S. participants to implement policies and procedures for certain cross-border transactions, the responsibility for implementing those policies and procedures would fall on the U.S. institution that handles the cross-border transaction. In order to provide the clarification requested by the comments, the final rule includes a new § ll.5(g) that states that the regulation’s requirement to establish and implement reasonably designed policies and procedures applies only to the U.S. offices of participants in designated payment systems. § ll.6 Non-Exclusive Examples Several commenters suggested that the final rule should clarify the Agencies’ intent that the non-exclusive examples provided in the proposed rule were focused on relationships with commercial customers and not with mstockstill on PROD1PC66 with RULES3 58 See, VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 ensure that transactions excluded from the Act’s definition of ‘‘unlawful Internet gambling’’ are not blocked or otherwise prevented or prohibited ‘‘by the prescribed regulations.’’ To interpret that provision as a requirement that designated payment systems and participants therein must process all transactions excluded from the definition of ‘‘unlawful Internet gambling,’’ even though they have made business decisions not to process such transactions, would render the words ‘‘by the prescribed regulations’’ meaningless. 63 See, e.g., Visa letter, supra note 58, at 4. 64 31 U.S.C. 5362(10). PO 00000 Frm 00011 Fmt 4701 Sfmt 4700 69391 respect to consumer accounts.65 The Agencies recognize the problems with designing and implementing procedures focused on consumer accounts. For example, except for card systems, a participant would generally not know the purpose of a consumer transaction and often the payee information on a transaction, such as a check, is not in automated form. In response to the comments requesting clarification on this point, as a general matter, the nonexclusive examples in § ll.6 have been revised to make it clear in each instance that the policies and procedures to be implemented to prevent restricted transactions are with respect to commercial customer accounts only. § ll.6(b) Due diligence. As noted above and in the NPRM, most designated payment systems do not use formats that would permit participants to identify and block restricted transactions during payment processing.66 Accordingly, the proposed rule adopted the approach of using flexible, risk-based due diligence in the participants’ account-opening and account-maintenance procedures for commercial customers to reduce the risk that the commercial customer would originate or receive restricted transactions through its commercial relationship with the participant. The proposed rule also suggested that participants could include as a term of a commercial customer agreement that the customer may not engage in restricted transactions. Commenters raised several issues regarding these provisions. Commenters expressed concern that the guidance provided was not detailed enough.67 Commenters requested that the flexible risk-based due diligence approach described in the preamble to the NPRM be included in the final rule to facilitate participant compliance.68 Commenters also expressed concerns with including a term in a commercial customer agreement prohibiting restricted transactions because the commercial customer may not have the information necessary to determine whether a transaction is a restricted transaction. These commenters stated that revising millions of commercial customer agreements to include such a provision would be burdensome and 65 See, 66 See, e.g., ABA letter, supra note 10, at 4. e.g., Wells Fargo letter, supra note 19, at 8. 67 See, e.g., comment letter from Branch Banking and Trust Company (Dec. 12, 2007) (hereinafter ‘‘BB&T letter’’), p. 2. 68 See, e.g., comment letter from the Independent Community Bankers of America (Dec. 12, 2007) (hereinafter ‘‘ICBA letter’’), p. 8. E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 69392 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations impractical.69 Commenters suggested that commercial customers engaged in an Internet gambling business should demonstrate to their financial transaction providers that the commercial customers are not engaged in unlawful Internet gambling in order to shift the burden of distinguishing lawful from unlawful Internet gambling from the financial transaction providers to the Internet gambling businesses.70 In order to provide more guidance on the due diligence procedures that the Agencies would deem reasonably designed, the final rule includes a new § ll.6(b) that sets out a specific process that a non-exempt participant could choose to follow to conduct adequate due diligence of commercial customers with respect to the risk of unlawful Internet gambling. The nonexclusive examples for each designated payment system include a reference to the general due diligence provisions in this new section. The Agencies also believe that this due diligence process will help alleviate some of the concerns regarding the Act’s definition of ‘‘unlawful Internet gambling.’’ While the process set out in § ll.6(b) may still require some judgment on the part of participants opening new accounts for commercial customers, the process would leave the primary responsibility for determining what is lawful and unlawful gambling activity with the State gambling commissions and other gambling licensing authorities. As noted in the NPRM, the Agencies anticipate that participants could choose to use a flexible, risk-based approach in their due diligence procedures in that the level of due diligence performed would match the level of risk posed by the commercial customer, and new § ll.6(b) includes specific references to this type of approach. In addition, the most efficient way for participants to implement the due diligence procedures would be to incorporate them into existing accountopening due diligence procedures (such as those required of depository institutions under Federal banking agencies’ anti-money laundering compliance program requirements).71 As set out in new § ll.6(b), the participant could choose to conduct due diligence at account opening and determine the risk of a commercial customer engaging in an Internet gambling business. The participant should have a basic understanding of a e.g., MasterCard letter, supra note 53, at 6. NFL letter, supra note 42, at 3; see also undated comment letter from Members of Congress of the United States (Rep. Pitts et al.) p. 1. 71 See, e.g., 12 CFR 208.63. new commercial customer’s business, based on normal account-opening procedures. The vast majority of commercial customers will not have any involvement in an Internet gambling business. If, based on its initial due diligence, the participant determines that the prospective commercial customer presents only a minimal risk of engaging in an Internet gambling business, the participant could open the account for the commercial customer without further action under § ll.6(b). One commenter suggested that the Agencies consider whether there are low-risk relationships for which due diligence would not be necessary.72 New subsection ll.6(b)(4) states that a participant may deem the following commercial customers as presenting a minimal risk of engaging in an Internet gambling business without further investigation: (i) Entities that are directly supervised by the Federal functional regulators that are responsible for enforcing the Act; and (ii) agencies, departments, or divisions of the Federal government or a State government. With respect to supervised entities, the Federal functional regulators already review the activities of such entities and additional due diligence by participants in designated payment systems would be redundant.73 With respect to the activities of the Federal or State governments, participants should be able to assume that their activities are lawful. Depository institutions that are nonexempt participants in designated payment systems and have commercial customers that are money transmitting businesses should apply their due diligence procedures to those customers. However, under the final rule, the money transmitting businesses would themselves be responsible for implementing their own policies and procedures with respect to their commercial customers. The depository institutions providing financial transaction services to the money transmitting businesses would not be responsible for assessing the risk that the money transmitting business’s commercial customers engage in an Internet gambling business. Under § ll.6(b), the Agencies contemplate that a U.S. participant establishing a correspondent account for a foreign respondent would conduct appropriate, risk-based due diligence on the foreign respondent as a commercial customer to determine the risk the foreign respondent presents of engaging in an Internet gambling business. The Agencies expect that a participant would likely choose to incorporate such due diligence in its normal correspondent account opening procedures.74 For the purposes of the final rule, the Agencies would not expect U.S. participants to conduct due diligence on its foreign respondent’s commercial customers. If a U.S. participant obtained actual knowledge that a foreign respondent’s commercial customer processed restricted transaction through the U.S. participant’s facilities, the Agencies expect that the U.S. participant would follow the applicable procedures for cross-border transactions discussed below. If the commercial customer’s description of its business or other factors cause the participant to suspect that it may present more than a minimal risk of engaging in an Internet gambling business (for example, the commercial customer offers games or contests over the Internet), the participant should ask for further documentation from the commercial customer. Certification from the commercial customer that it does not engage in an Internet gambling business would address factual questions regarding the commercial customer’s business. If the commercial customer engages in an Internet gambling business, the participant should obtain further documentation to show that the Internet gambling business is lawful. The non-exclusive policies and procedures also provide for a participant to obtain a written commitment from a commercial customer to notify the participant of any changes in its legal authority to engage in its Internet gambling business. If a commercial customer has a license that expressly authorizes the customer to engage in the Internet gambling business issued by the appropriate State or Tribal authority, the participant should be able to rely on that State agency’s ability to implement its own gambling laws in a manner that does not violate the law of another State or Federal law. If the commercial customer does not have such a license, the Agencies expect that the participant would obtain from the commercial customer a reasoned legal opinion by the customer’s counsel that demonstrates that the commercial customer’s Internet gambling business does not involve restricted transactions. If a participant has questions regarding 69 See, 70 See VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 72 See Comptroller letter, supra note 54, at 2. a general discussion in this regard, see the comment letter from The Depository Trust & Clearing Corporation (Dec. 10, 2007). 73 For PO 00000 Frm 00012 Fmt 4701 Sfmt 4700 74 Many U.S. institutions are already required to conduct due diligence of foreign financial institutions pursuant to Section 312 of the USA PATRIOT Act. 31 U.S.C. 5318(i); 31 CFR 103.176. E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 the permissibility of a commercial customer’s activities, the participant should consult with (or have the commercial customer obtain confirmation from) the applicable licensing authority.75 In addition, the suggested due diligence process in § ll.6(b) includes a third-party certification that the commercial customer’s systems for engaging in the Internet gambling business are reasonably designed to ensure that the commercial customer’s Internet gambling business will remain within the licensed or otherwise lawful limits, including with respect to age and location verification. The Agencies expect that this provision will not only provide additional guidance to participants on an adequate due diligence process, but also will permit the entities that license gambling activities to retain the primary responsibility for determining which activities are permissible under U.S. law. The Agencies have designed the example of due diligence procedures to enable designated payment systems and their participants to rely on government licensing and enforcement agencies to determine whether a commercial customer’s Internet gambling activities are lawful rather than trying to make that determination themselves. The designated payment systems and their participants should, however, obtain appropriate documentation from those entities regarding the legality of the Internet gambling activities of its prospective commercial customers. The final rule retains the concept that participants in designated payment systems could communicate to their commercial customers that restricted transactions are prohibited. However, rather than suggesting that the only way to accomplish this goal is to include such a prohibition in the commercial customer agreement, the final rule provides that a participant could notify all of its commercial customers that restricted transactions are prohibited through a term in the commercial customer agreement, a simple notice sent to the customer, or through some other method. § ll.6(d) and (f) Monitoring the Internet. As an example of reasonably designed policies and procedures for card systems and money transmitting businesses, the proposed rule included monitoring the Internet to detect 75 The receipt of a reasoned legal opinion pursuant to a due diligence process under § .ll6(b) is solely for purposes of compliance with implementing regulations under the Act and does not necessarily constitute compliance with, or provide protection from liability under, any other applicable Federal or State laws. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 unauthorized use of the relevant designated payment system, including its trademarks.76 The Agencies’ intent with this example was to incorporate the existing practice of some participants in designated payment systems to proactively search (or retain a contractor to search) the Internet for unauthorized use of their trademarks, including by Internet gambling Web sites.77 When unauthorized use of a trademark was discovered, the payment system or participant could choose to take steps to seek its removal from the gambling Web site, including legal action if available. While some payment industry commenters recognized the value of monitoring the Internet for abuse of trademarks, they also reported that reasonable efforts to protect their trademarks are not always successful.78 In addition, payment industry commenters objected to the proposed rule converting the right to protect a trademark ‘‘into an obligation under the Act.’’ 79 Commenters noted that legal action to protect trademarks can be costly and ultimately unsuccessful and criticized the proposed rule because it implied that such action was required.80 The Agencies believe that monitoring the Internet for unauthorized use of a payment system’s trademark by Internet gambling businesses is a good practice and can be useful in preventing restricted transactions. However, the Agencies agree that designated payment systems and their participants should make a business decision on whether to pursue this activity and how to respond to discovered unauthorized use of their trademarks. Accordingly, in order to avoid confusion, the Agencies have deleted from the final rule the language regarding monitoring the Internet for unauthorized use of trademarks of designated payment systems or nonexempt participants. Of course, the examples in the rule are non-exclusive, 76 Monitoring the Internet for unauthorized use of a trademark is distinct from monitoring and analyzing payment patterns to detect suspicious patterns of payments to a recipient. Monitoring and analyzing payment patterns continues to be included in the non-exclusive examples for card systems and money transmitting businesses. 77 See, e.g., MoneyGram letter, supra note 7, at 2. 78 Id. 79 See comment letter from PayPal (Dec. 12, 2007), p. 2; see also MasterCard letter, supra note 53, at 8. 80 See PayPal letter, supra note 79, at 2 and MasterCard letter, supra note 53, at 8. None of the rule’s examples of reasonably designed policies and procedures are ‘‘required.’’ As noted in § ll.6(a) of both the proposed rule and the final rule, the examples provided in § ll.6 are non-exclusive and designated payment systems and participants therein are permitted to design and implement policies and procedures that may be different than the examples. PO 00000 Frm 00013 Fmt 4701 Sfmt 4700 69393 and a system or participant may choose to include trademark monitoring in its policies and procedures where appropriate. § ll.6(c), (d) and (f) Fines. In the non-exclusive examples of reasonably designed policies and procedures for ACH systems, card systems, and money transmitting businesses, the proposed rule included the imposition of fines if the participant becomes aware that restricted transactions had been processed. The Agencies’ intent in including this provision was to suggest imposing fines on participants that violated system rules regarding unlawful Internet gambling.81 The proposed rule did not, however, adequately explain the specific functions that should be carried out by specific participants in a system, including how fines should be imposed. The lack of specificity caused some confusion among commenters who suggested that the provision be dropped or that the terminology be revised.82 In the final rule, as a general matter, the Agencies have attempted to provide greater clarity to the specific procedures in the non-exclusive examples that are intended to apply to particular parties in the designated payment system. With respect to fines, the Agencies have deleted this provision from the final rule as potentially confusing, given the different relationships between parties within each designated payment system. As the examples in the rule are nonexclusive, a system or participant may choose to include fines in its policies and procedures where appropriate. § ll.6(d) Card system examples. The proposed rule included as part of its non-exclusive examples of reasonably designed policies and procedures for card systems due diligence in establishing commercial customer accounts designed to ensure that the merchant will not receive restricted transaction through the card system, similar to provisions included in the non-exclusive examples for the other designated payment systems. The proposed rule’s card system examples also included establishing transaction codes and merchant/business category codes that accompany the authorization request for a transaction and creating the operational functionality to enable the card system or the card user to identify and deny authorization for a restricted transaction. One card system commenter suggested that card systems 81 See, e.g., National Automated Clearing House Association, 2007 ACH Rules, Operating Rules Appendix XI (The National System of Fines). 82 See, e.g., The Clearing House letter, supra note 14, at 11. E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 69394 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations should be permitted to comply with the Act through the use of either due diligence on merchants or coding to identify and block restricted transactions, but not necessarily both.83 The commenter cited the language of the Act that specifically identifies policies and procedures that allow a designated payment system and its participants ‘‘to identify restricted transactions by means of codes in authorization messages or by other means’’ and to block such transactions, as one of the acceptable ways that a payment system can comply with the Act.84 The Agencies expect that a coding system to identify and block restricted transactions will be the method of choice for the vast majority of card system participants to comply with the Act. In addition, the Agencies note that most Internet gambling businesses that use card systems for funding do so through non-U.S. merchant acquirers that are not subject to the Act or the final rule and likely would not conduct due diligence regarding Internet gambling on their merchants. However, the final rule retains a due diligence example for closed loop card systems in the United States where the card can only be used for a single merchant or a limited group of identified merchants, such as merchants operating in a particular shopping mall. Section ll.6(d) includes both the coding and due diligence examples for card systems as alternatives and contemplates that a card system and its participants could adopt either approach. Moreover, it is important to note that the examples in § ll.6 are non-exclusive and a card system could adopt policies and procedures other than the coding and due diligence examples presented and still comply with the final rule’s requirement to adopt reasonably designed policies and procedures to prevent or prohibit restricted transactions. In addition, some commenters suggested that the final rule’s nonexclusive examples should include a provision by which credit card companies would create a particular merchant category code that would be limited to those types of Internet gambling that are specifically excluded from the definition of the term ‘‘unlawful Internet gambling’’ in § ll.2(cc)—intrastate transactions, intratribal transactions, and any activity that may be allowed under the Interstate 83 See 84 See Visa letter, supra note 58, at 2. 31 U.S.C. 5364(a). VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 Horseracing Act.85 While card system operators may choose to create new codes for such transactions, the Agencies believe that the establishment of codes for particular merchant transactions is a business decision for the card system operators and their participants. Accordingly, the final rule does not specify the establishment of such codes in the coding example for card systems. § ll.6(c) and (e) Cross-border transactions. For the reasons discussed in the NPRM and above, the Agencies believe that it is very difficult, if not impossible, for a participant in the designated payment systems (other than card systems) to identify restricted transactions while they are being processed. As a result, the Agencies determined that the most efficient way to implement the Act for the systems other than card systems was through adequate due diligence by participants when opening accounts for commercial customers to reduce the risk that a commercial customer will introduce restricted transactions into the payment system in the first place. With respect to cross-border transactions, however, the institution that opens the account for an Internet gambling business likely will be located outside the United States and not be subject to the Act. Accordingly, no U.S. participant would be able to conduct due diligence at account opening for the foreign commercial customer. The proposed rule provided examples of special procedures for participants in ACH, check collection, and wire transfer systems that received cross-border transactions from foreign counterparties, such as including as a term in its agreement with a foreign counterparty a requirement that the foreign counterparty have reasonably designed policies and procedures in place to ensure that the commercial relationship would not be used to process restricted transactions.86 Commenters objected to the crossborder examples in the proposed rule on numerous grounds.87 Some commenters stated that including a term in agreements with foreign banks regarding restricted transactions was not practicable because it was unrealistic to expect foreign institutions to be willing 85 See, e.g., comment letter from the American Horse Council (Dec. 12, 2007), pp. 3–4; see also comment letter from the North American Association of State & Provincial Lotteries (Dec. 11, 2007), p 3. 86 The Agencies do not believe that special crossborder procedures are necessary for card systems, which generally have the same coding system for transactions regardless of where they are initiated. 87 See, e.g., ABA letter, supra note 10, at 7. PO 00000 Frm 00014 Fmt 4701 Sfmt 4700 or able to make specific representations with respect to restricted transactions, given the uncertain definition of ‘‘unlawful Internet gambling.’’ 88 In addition, commenters noted that the foreign correspondent with which the U.S. participant has a contractual relationship may itself be a correspondent several steps removed from the institution that has the customer relationship with the Internet gambling business and that it would be unrealistic to expect a provision in the cross-border agreement would be able to prevent restricted transactions.89 Commenters suggested that cross-border transactions conducted through correspondent relationships be entirely exempt from the regulation, or that notice to customers that the relevant payment system may not be used to engage in restricted transactions should be deemed a reasonably designed policy and procedure.90 The comment letters illustrated many of the challenges in identifying and preventing particular types of transactions in the modern, global payment system. The Agencies agree that, with the complex framework of gambling laws in the United States, institutions in other countries will not reasonably be able to determine which transactions are unlawful under applicable U.S. law. Moreover, given the numerous intermediaries involved with a typical cross-border payment transaction, there will likely be many cases where the foreign correspondent from which a U.S. participant receives a cross-border debit transaction does not have a customer relationship with the Internet gambling business. In response to the comments on the various cross-border transaction provisions, the Agencies have made revisions to the cross-border provisions in the final rule. First, the final rule contains non-exclusive examples with respect only to cross-border debit transactions (i.e., ACH debits and check collections) because there are no reasonably practical steps that a foreign counterparty could take to prevent a U.S. institution from sending a restricted transaction to the foreign counterparty, short of severing the relationship altogether. Second, the final rule contemplates that if a U.S. participant is notified by a U.S. government entity (such as its regulator or law enforcement) that it has been sent cross-border restricted transactions by a 88 See, e.g., The Clearing House letter, supra note 14, at 9. 89 See, e.g., ABA letter, supra note 10, at 8. 90 Id.; see also The Clearing House letter, supra note 14, at 9. E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations particular foreign respondent, the participant would be expected to notify its foreign respondent of the restricted transaction.91 The Agencies have included a model notice in the appendix to the regulation. § ll.6 Remedial Action Commenters urged the Agencies to provide more detailed guidance as to when non-exempt participants should take remedial action against their commercial customers for processing restricted transactions. These commenters stated that the proposed rule gave no specifics about what types of penalties are appropriate under particular circumstances.92 The Agencies considered these comments and determined that a non-exempt participant’s decision on when to deny a commercial customer access to a particular payment system or when to close the account of such customer for processing restricted transactions is factspecific and a matter of business judgment. As a result, the final rule does not contain thresholds specifying when it would be appropriate to take certain types of remedial action. When restricted transactions are discovered, the Agencies expect that a participant’s regulator will review the remedial actions taken by the participant and come to a judgment as to whether the participant took appropriate action under the circumstances. mstockstill on PROD1PC66 with RULES3 § ll.7 Regulatory Enforcement The proposed rule essentially reiterated the regulatory enforcement framework from the Act. Some commenters urged that the financial regulators develop a uniform approach for enforcing the rule.93 The Act does not modify the statutory enforcement mechanisms of the agencies charged with enforcing the Act with respect to the institutions that are within their jurisdiction. The Federal agencies charged with regulatory enforcement authority for the final rule have different enforcement authorities and use different regulatory tools for fulfilling their supervisory responsibilities, so the Agencies do not believe that it is appropriate to mandate a particular uniform regulatory enforcement 91 The Agencies expect that the notice would contain enough detail (including identifying intermediaries) to permit the U.S. participant to describe the transaction’s path to its foreign counterparty. 92 See e.g., NFL letter, supra note 42, at 4; see also comment letter from Christian Coalition of America (Dec. 7, 2007), p.2. 93 See, e.g., comment letter from Credit Union National Association (Dec. 12, 2007) p. 5; see also comment letter from The Financial Services Roundtable and BITS (Dec. 12, 2007), pp. 6–7. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 approach in the final rule. Moreover, the Board expects that examiner guidance will be developed among the Federal depository institution regulatory agencies responsible for enforcing the final rule, however, that process would occur separately from this rulemaking. Another commenter noted that the Act’s regulatory enforcement framework reflected in the proposed rule would subject money service businesses (MSBs) to the jurisdiction of two different agencies—the Federal Trade Commission for enforcement of the Act and the Internal Revenue Service, which elsewhere has been delegated authority to examine for compliance with the Bank Secrecy Act (BSA).94 The commenter suggested that the Agencies could determine that MSBs should be subject to the authority of only one regulator. The Agencies do not believe that the Act provides the Agencies with the authority to modify the regulatory authority of Federal agencies pursuant to the Act or any other statute. After considering the public comments received on the proposed rule, the Agencies have not modified § ll.7 from the proposed rule, other than technical conforming changes. III. Administrative Law Matters A. Executive Order 12866 It has been determined that this regulation is an economically significant regulatory action as defined in section 3(f)(1) of E.O. 12866, as amended. Accordingly, this final rule has been reviewed by the Office of Management and Budget. The reasons for this determination are explained in more detail in the Small Business Regulatory Enforcement Fairness Act Section B. The Regulatory Assessment prepared by the Treasury for this regulation is provided below. 1. Description of Need for the Regulatory Action The rulemaking is required by the Act, the applicable provisions of which are designed to interdict the flow of funds from gamblers to unlawful Internet gambling businesses. To accomplish this, the Act requires the Agencies, in consultation with the U.S. Attorney General, to jointly prescribe regulations requiring designated payment systems (and their participants) to establish policies and procedures that are reasonably designed to identify and block or otherwise 94 See Alston & Bird letter, supra note 49, at 23. See also, 31 CFR 103.56(b)(8) where the regulations of the Financial Crimes Enforcement Network (‘‘FinCEN’’) clarify the examination authority of the IRS. PO 00000 Frm 00015 Fmt 4701 Sfmt 4700 69395 prevent or prohibit unlawful Internet gambling transactions restricted by the Act. In accordance with the Act, section 3 of the final rule designates five payment systems that could be used in connection with, or to facilitate, unlawful Internet gambling transactions. The five designated payment systems are the same payment systems designated in the proposed rule, except that the Agencies have narrowed the designation of money transmitting businesses to cover only those money transmitting businesses that permit their customers to initiate fund transfers remotely from a location other than a physical office of the money transmitting business. As explained above, the Agencies’ view is that money transmitting businesses that do not permit their customers to initiate remote funds transfers, such as through a Web site, could not reasonably be used for Internet gambling because of the lack of broad public accessibility. The Agencies believe that the narrowing of the money transmitting business designation will significantly reduce the number of money transmitting businesses affected by the final rule. The Agencies estimated in the proposed rule that the number of money transmitting businesses affected would be 253,208. The Agencies estimate that the number of money transmitting businesses affected by the final rule with the narrower designation and with the exemption described below will be 16, resulting in an estimated reduction of 253,192 money transmitting businesses affected by the final rule. In accordance with the Act, section 5 of the final rule requires designated payment systems and participants in those designated payment systems to establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit unlawful Internet gambling transactions restricted by the Act. In accordance with the Act, section 4 of the final rule exempts certain participants in designated payment systems from the requirement to establish and implement policies and procedures, because the Agencies believe that it is not reasonably practical for those participants to identify and block or otherwise prevent or prohibit unlawful Internet gambling transactions restricted by the Act. As explained earlier, the Agencies have expanded the exemptions in the final rule. For example, the proposed rule did not contain any exemptions for money transmitting businesses. At least one commenter recommended that the Agencies exempt ‘‘send’’ agents of E:\FR\FM\18NOR3.SGM 18NOR3 69396 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations money transmitting businesses by analogizing such ‘‘send’’ agents to the originating depository institutions for ACH credit and wire transfers which the Agencies exempted in the proposed rule. The final rule exempts all participants in money transmitting businesses, including ‘‘send’’ agents, except for the operator. In accordance with the Act, section 6 of the final rule contains a ‘‘safe harbor’’ provision by including non-exclusive examples of policies and procedures which would be deemed to be reasonably designed to identify and block or otherwise prevent or prohibit unlawful Internet gambling transactions restricted by the Act. 2. Assessment of Potential Benefits and Costs mstockstill on PROD1PC66 with RULES3 a. Potential Benefits Congress determined that Internet gambling is a growing cause of debt collection problems for insured depository institutions and the consumer credit industry.95 Further, Congress determined that there is a need for new mechanisms for enforcing Internet gambling laws because traditional law enforcement mechanisms are often inadequate for enforcing gambling prohibitions or regulations on the Internet, especially where such gambling crosses State or national borders.96 Section 5 of the final rule addresses this by requiring participants in designated payment systems, which include insured depository institutions and other participants in the consumer credit industry, to establish and implement reasonably designed policies and procedures to identify and block or otherwise prevent or prohibit unlawful Internet gambling transactions in order to stop the flow of funds to unlawful Internet gambling businesses. This funds flow interdiction is designed not only to inhibit the accumulation of consumer debt but also to reduce debt collection problems for insured depository institutions and the consumer credit industry. Treasury believes that the reduction of debt collection problems through the final rule’s funds flow interdiction process will yield important benefits for insured depository institutions and consumers given the recent turmoil in the financial markets that is causing liquidity problems for insured depository institutions and constraining the availability of consumer credit. Moreover, the final rule carries out the Act’s goal of implementing new 95 31 96 31 U.S.C. 5361(a)(3). U.S.C. 5361(a)(4). VerDate Aug<31>2005 17:00 Nov 17, 2008 mechanisms for enforcing Internet gambling laws. The final rule will likely provide other benefits. Specifically, the final rule could restrict excesses related to unlawful Internet gambling by underage or compulsive gamblers. b. Potential Costs Treasury believes that the costs of implementing the Act and the final rule are lower than they would be if the Act and the final rule were to require a prescriptive, one-size-fits-all approach with regard to regulated entities. First, section 5 of the final rule provides that a financial transaction provider shall be considered to be in compliance with the regulation if it relies on and complies with the written policies and procedures of the designated payment system of which it is a participant. This means that the regulated entities will not be required to establish their own policies and procedures but can instead follow the policies and procedures of the designated payment system, thereby resulting in lower costs. Based on public comments received, the Agencies have made it easier for regulated entities to choose to follow the policies and procedures of a designated payment system. Specifically, the proposed rule incorporated the Act’s provision permitting regulated entities to rely on the policies and procedures of a designated payment system if the system’s policies and procedures comply with the requirements of the regulation. In their comments, regulated entities expressed concern about the significant burden that would be imposed on them in determining whether a designated payment system’s policies and procedures complied with the regulation, particularly when the payment system has thousands of participants and no single participant has any significant leverage with the payment system.97 In order to eliminate this burden and the associated costs, the final rule specifically states that regulated entities may rely on and treat as conclusive evidence a written statement or notice from a designated payment system that the system’s policies and procedures comply with the final rule, unless such regulated entities are specifically notified otherwise by the appropriate Federal agency. Second, with regard to regulated entities that choose to establish their own policies and procedures, sections 5 and 6 of the final rule provide maximum flexibility. Specifically, the final rule contains neither design 97 See e.g., comment letter from The Huntington National Bank (Dec. 12, 2007) p. 3. Jkt 217001 PO 00000 Frm 00016 Fmt 4701 Sfmt 4700 standards (such as requiring the use of a specific technology) nor performance standards but instead requires, consistent with the Act, that the policies and procedures be ‘‘reasonably designed’’ to identify and block or otherwise prevent or prohibit unlawful Internet gambling. In addition, the final rule expressly authorizes each regulated entity to design and implement policies and procedures that are ‘‘tailored to its business,’’ which will enable it to craft policies and procedures based on individual circumstances. The flexibility the final rule affords regulated entities that establish their own policies and procedures should result in lower costs than if the final rule took a prescriptive one-size-fits-all approach. Third, the ‘‘safe harbor’’ provision, with its nonexclusive examples of policies and procedures deemed to be ‘‘reasonably designed,’’ provides regulated entities with specific guidance on how to structure the policies and procedures required by the Act and the final rule. As a result, costs associated with formulating policies and procedures should be lower because the safe harbor provision provides guidance on how to so structure the policies and procedures. The Agencies also revised the nonexclusive due diligence examples contained in section 6 of the final rule to reduce potential costs for regulated entities. Specifically, the proposed rule contained nonexclusive due diligence examples which generally placed the burden of distinguishing lawful versus unlawful Internet gambling on regulated entities. As noted earlier, public commenters suggested that commercial customers engaged in an Internet gambling business should demonstrate to their financial transaction providers that the commercial customers are not engaged in unlawful Internet gambling in order to shift the burden of distinguishing lawful versus unlawful Internet gambling from regulated entities to the Internet gambling businesses. Based on these comments, the Agencies revised the nonexclusive due diligence examples contained in the final rule by shifting the burden of distinguishing lawful versus unlawful Internet gambling from regulated entities to the Internet gambling businesses. Treasury believes that this shifting of the burden will result in lower costs for regulated entities that choose to follow the final rule’s nonexclusive due diligence examples. Treasury received two comments expressing concern that the Regulatory Assessment in the proposed rule only addressed the potential recordkeeping E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations from the definition of the term ‘‘unlawful Internet gambling,’’ intrastate, intratribal, and intertribal transactions.101 Because the final rule does not alter these defined terms, it avoids undue interference with State, local, and tribal governments in the exercise of governmental functions. In addition, the final rule’s non-exclusive due diligence examples contained in § ll.6 accord deference to State and Tribal authorities. Specifically, the final rule’s due diligence examples provide that a regulated entity may accept as evidence of a commercial customer’s legal authority to engage in an Internet gambling business, a license issued by an appropriate State or Tribal authority that expressly allows the regulated entity’s commercial customer to engage in the Internet gambling business. 3. Interference With State, Local, and Tribal Governments The Act does not alter State, local or Tribal gaming law.100 The Act exempts mstockstill on PROD1PC66 with RULES3 costs on regulated entities but did not include an analysis of the full potential costs to participants to establish and implement the policies and procedures, including legal, management and operational costs.98 In the proposed rule, Treasury explained that it did not have sufficient information to quantify reliably the costs of developing specific policies and procedures, and it solicited information and comment on any costs or compliance requirements. Because the final rule provides maximum flexibility to regulated entities that establish their own policies and procedures by allowing them to tailor their policies and procedures to their business, including the use of different policies and procedures with respect to different business lines or different parts of the organization, Treasury does not have sufficient information to quantify reliably the costs of developing and implementing specific policies and procedures. It is estimated that the recordkeeping burden for regulated entities will be approximately one million hours in order to develop and establish the policies and procedures required by the Act and this final rule. Using a reasonable estimate of average wages to monetize the opportunity cost of this time, which is explained in more detail in the Paperwork Reduction Act section below, yields a combined recordkeeping burden of approximately $88.5 million. We estimate this potential impact will be born during the first year this rule is in effect, in anticipation of the compliance date 12 months after publication of the final rule. In addition, it is estimated that the recordkeeping requirement required by the Act and the final rule will take approximately 8 hours per recordkeeper per year to maintain the policies and procedures required by this rulemaking. It is estimated that the total annual cost to regulated entities to maintain the policies and procedures will be approximately $3,337,200.99 C. Unfunded Mandates Reform Act (Sec. 202, Pub. L. 104–4; 2 U.S.C. 1532) Treasury has concluded this rule does not contain a Federal mandate that may result in the expenditure by State, local and Tribal governments, in aggregate, or by the private sector, of $100 million or more (adjusted for inflation) in any one year. The threshold after adjustment for inflation is $130 million, using the most 98 See e.g., comment letter from the California and Nevada Credit Union Leagues (Dec. 12, 2007) p.4. 99 This estimate is based on an estimate of 16,686 recordkeepers. The hourly cost of the individual who would be responsible for maintaining the policies and procedures is estimated to be $25 per hour (which is an average based on data contained in the U.S. Department of Labor, Bureau of Labor Statistics’ occupational employment statistics for office and administrative support occupations, dated May 2007). 100 Specifically, the Act defines the term ‘‘unlawful Internet gambling’’ as a bet or wager, VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 B. Small Business Regulatory Enforcement Fairness Act of 1996 As discussed elsewhere, the total recordkeeping costs alone imposed on regulated entities exceed $88.5 million. Treasury does not have adequate information to quantify the impact of other compliance requirements, such as the implementation of any due diligence policies and procedures for commercial customers during the first year of this rule. These unquantified costs that are necessary to meet compliance obligations include burdens related to management, clerical, technical, training, auditing, and legal expertise that are necessary to implement the policies and procedures set forth in this final rule. Therefore, Treasury believes it is reasonable to assume the total compliance costs of this final rule will exceed $100 million in the first year. Considering the final rule’s quantified and unquantified costs, and the fact that costs are likely to constitute a major increase in costs for an individual industry (depository institutions), it is a major rule as defined by section 804 of the Small Business Regulatory Enforcement Fairness Act of 1996. current (2007) Implicit Price Deflator for the Gross Domestic Product. However, Treasury believes the analyses provided in the Executive Order, Regulatory Flexibility Act, and Paperwork Reduction Act sections provide the analysis required by the Unfunded Mandates Reform Act. D. Final Regulatory Flexibility Analysis An initial regulatory flexibility analysis (IRFA) was included in the NPRM in accordance with the Regulatory Flexibility Act (RFA).102 In the IRFA, the Agencies specifically solicited comment, including from small entities, on whether the proposed rule would have a significant economic impact on a substantial number of small entities. No small entities submitted comments regarding quantification of their projected costs. The Agencies expect this rule to affect a number of small entities; however, the direct cost this rule imposes does not appear to have a significant economic impact on a substantial number of small entities, within the meaning of the RFA. Specifically, as discussed below, the proposed rule estimated that approximately 253,368 small entities would be subject to the rule. The Agencies estimate that the number of small entities subject to the final rule will be approximately 12,267 or less than five percent of the total number of small entities estimated in the proposed rule. The Agencies thus believe that the final rule will not affect a substantial number of small entities. Moreover, as noted below, in response to public comments on the proposed rule and on the IRFA, the Agencies have made a number of changes in the final rule that will reduce its economic impact. Even though this rule does not appear to have a significant economic impact on a substantial number of small entities, the Agencies have not formally certified the rule as not having a ‘‘significant economic impact on a substantial number of small entities,’’ as provided under section 605(b) of the RFA. Instead, the Agencies have prepared a Final Regulatory Flexibility Analysis as described in the RFA, 5 U.S.C. 604.103 The RFA requires each FRFA to contain: • A succinct statement of the need for, and objectives of, the rule; • A summary of the significant issues raised by the public comments in response to 102 5 which involves at least in part the use of the Internet, where such bet or wager is unlawful under any applicable Federal or State law in the State or Tribal lands in which the bet or wager is initiated, received, or otherwise made. 31 U.S.C. 5362(10)(A). 101 31 U.S.C. 5362(10)(B) and (C). PO 00000 Frm 00017 Fmt 4701 Sfmt 4700 69397 U.S.C. 601 et seq. promulgating a final rule, the RFA requires agencies to prepare a FRFA unless the agency finds that the final rule will not, if promulgated, have a significant economic impact on a substantial number of small entities. 5 U.S.C. 604(a) and 605(b). 103 When E:\FR\FM\18NOR3.SGM 18NOR3 69398 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 the initial regulatory flexibility analysis, a summary of the assessment of the agency of such issues, and a statement of any changes made in the proposed rule as a result of such comments; • A description of and an estimate of the number of small entities to which the rule will apply or an explanation of why no such estimate is available; • A description of the projected reporting, recordkeeping and other compliance requirements of the rule, including an estimate of the classes of small entities which will be subject to the requirement and the type of professional skills necessary for preparation of the report or record; and • A description of the steps the agency has taken to minimize the significant economic impact on small entities consistent with the stated objectives of applicable statutes, including a statement of the factual, policy, and legal reasons for selecting the alternative adopted in the final rule and why each one of the other significant alternatives to the rule considered by the agency which affect the impact on small entities was rejected.104 1. Statement of the Need for, and Objectives of, the Final Rule The Agencies jointly are adopting this final rule to implement the Act, as required by the Act. As noted above, the Act prohibits any person in the business of betting or wagering (as defined in the Act) from knowingly accepting payments in connection with the participation of another person in unlawful Internet gambling. The Act requires the Agencies jointly (in consultation with the U.S. Attorney General) to designate payment systems that could be used in connection with, or to facilitate, restricted transactions and to prescribe regulations requiring designated payment systems, and financial transaction providers participating in each designated payment system, to establish policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions.105 The final rule sets out necessary definitions, designates payment systems that could be used in connection with restricted transactions, exempts participants performing certain functions in designated payment systems from the requirement imposed by the final rule, provides nonexclusive examples of policies and procedures reasonably designed to identify and block, or otherwise prevent and prohibit, restricted transactions, and reiterates the enforcement regime set out in the Act for designated payment systems and non-exempt participants therein. The Agencies believe that the final rule implements Congress’s requirement that the Agencies prescribe 104 5 U.S.C. 604(a). U.S.C. 5364(a). 105 31 VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 regulations that carry out the purposes of the Act and provide guidance to designated payment systems and participants therein with respect to policies and procedures reasonably designed to identify and block, or otherwise prevent or prohibit, transactions in connection with unlawful Internet gambling. 2. Significant Issues Raised by Comments in Response to the IRFA The Agencies have carefully considered the comment letters received in response to the proposed rule. The preamble above provides a general overview of the comments and the preamble’s section-by-section analysis discusses the significant issues raised by the comments. The following is a summary of significant issues raised by commenters regarding the IRFA. The Agencies also have considered the comments received from small entities and associations that represent such small entities, even though the comments did not specifically refer to the RFA. The Agencies received several comments directly related to the IRFA, including from the Office of Advocacy (Advocacy) of the U.S. Small Business Administration.106 The most common concern expressed in these comments was that the IRFA did not provide sufficient information about the nature of the impact of the proposed rule on small entities or that the burdens were not adequately estimated. Advocacy stated that, while it appreciated the fact that the Agencies may need to obtain information on the impact on small entities and commended the Agencies for soliciting additional information from the public, it was concerned that the Agencies were not providing all available information. Advocacy referenced the Board’s ‘‘Supporting Statement for Recordkeeping Requirements’’ (Supporting Statement) associated with the proposed rule that was submitted to the Office of Management and Budget and published on the Board’s website. The Supporting Statement included an estimate of the proposed rule’s total recordkeeping cost to the public of just under $20 million. The Supporting Statement was created in compliance with the Paperwork Reduction Act (PRA), which requires a specific, objectively supported estimate 106 E.g., comment letters were received from the Office of Advocacy of the U.S. Small Business Administration (Dec. 12, 2007) (hereinafter ‘‘Advocacy letter’’); the Center for Regulatory Effectiveness (Nov. 15, 2007) (hereinafter ‘‘CRE letter’’);, M&T Bank, supra note 45; TMSRT, supra note 35; Alston & Bird, supra note 49;, and J. Schmit, an individual (Dec. 8, 2007). PO 00000 Frm 00018 Fmt 4701 Sfmt 4700 of burden.107 Conversely, the RFA authorizes agencies to provide general descriptive statements of the effects of a proposed rule, in lieu of a quantifiable or numerical description, if quantification is not practicable or reliable.108 The Agencies stated in the NPRM that they did not have sufficient information to quantify reliably the effects the Act and the proposed rule would have on small entities. The Agencies specifically requested public comment on any costs, compliance requirements, or changes in operating procedures arising from the application of the proposed rule and the extent to which those costs, requirements, or changes are in addition to, or different from, those arising from the application of the Act generally.109 Because of the different standards contained in the PRA and the RFA and the differing types of costs assessed under these two statutes, the Agencies did not believe that Board’s PRA estimates constituted a useful proxy for purposes of the RFA. Accordingly, to avoid confusion by providing inappropriate data, the Agencies did not include the Board’s PRA cost estimates in the IRFA. Advocacy also expressed concern that the Agencies did not put forward a meaningful discussion of alternatives to the proposed rule. The only actual requirement in the proposed rule, which is mandated by the Act, was that all non-exempt participants in designated payment systems establish and implement policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions.110 The proposed rule made clear that the examples of reasonably designed policies and procedures set out in § ll.6 are nonexclusive and that a participant in a designated payment system may design and use other policies and procedures that are specific to its business and may use different policies and procedures with respect to different types of restricted transactions. With respect to the non-exclusive examples provided in § ll.6 of the proposed rule, the NPRM went into considerable detail describing how the Agencies anticipated that such policies and procedures would operate, including risk-based due diligence at account opening and remedial actions if a participant discovered that a customer 107 44 U.S.C. 3506(c)(1)(A)(iv) and 5 CFR 1320.8(a)(4). 108 5 U.S.C. 607. 109 NPRM, 72 FR at 56693. 110 This requirement is set out in § ll.5(a) of the proposed rule and is required by section 5364(a) of the Act. E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations processed restricted transactions through the participant’s facilities. The NPRM went into detail in discussing alternatives considered and the reasoning behind the alternatives selected for the proposed rule, particularly with respect to exemptions for certain participants in designated payment systems and non-exclusive examples of procedures for each designated payment system. For example, the NPRM discussed alternatives that the Agencies included in the proposed rule (such as due diligence at account opening, remedial action, and transaction coding), and alternatives that the Agencies considered but rejected for the proposed rule (such as a list of unlawful Internet gambling businesses). With respect to small entities, the Agencies considered exempting all small entities from coverage of the rule.111 As noted in the IRFA, the Agencies proposed that the requirements in the proposed rule be applicable to all entities subject to the Act, as implemented, regardless of their size because an exemption for small entities would significantly diminish the usefulness of the policies and procedures required by the Act by permitting unlawful Internet gambling operations to evade the requirements by using small financial transaction providers.112 The Agencies also considered as a significant alternative the use of performance rather than design standards and the simplification of compliance requirements.113 As noted in the NPRM, the proposed rule was designed to provide maximum flexibility. The Act does not contain specific performance (much less design) standards, but instead requires that the policies and procedures be ‘‘reasonably designed’’ to prevent or prohibit unlawful Internet gambling. The proposed rule preserved this flexibility. In addition, the proposed rule simplified compliance requirements by expressly authorizing each regulated entity to use policies and procedures that are ‘‘specific to its business’’ to enable it to efficiently tailor its policies and procedures to its needs.114 The IRFA referred back to the extensive discussion of alternatives in 111 See 5 U.S.C. 603(c)(4). 72 FR at 56693. 113 See 5 U.S.C. 603(c)(2) and (3). 114 Treasury noted in its discussion of Executive Order 12866 in the NPRM that providing this flexibility for regulated entities by allowing them to tailor their policies and procedures to their individual circumstances should result in lower costs than if the Act and the proposed rule took a prescriptive one-size-fits-all approach. NPRM, 72 FR at 56692. mstockstill on PROD1PC66 with RULES3 112 NPRM, VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 the NPRM when it stated that ‘‘other than as noted above’’ the Agencies were unaware of any significant alternatives to the proposed rule. Accordingly, the Agencies believe that the IRFA addressed this requirement of the RFA. Advocacy also suggested that the Agencies had not identified Federal rules that duplicate, overlap, or conflict with the proposed rule, as required by the RFA. The IRFA expressly stated that the Agencies had not identified any Federal rules that duplicated, overlapped, or conflicted with the proposed rule. As with all other aspects of the proposed rule, the Agencies sought public comment regarding whether any commenter believed there were any Federal rules that duplicated, overlapped, or conflicted with the proposed rule. Advocacy apparently interpreted these statements as an attempt by the Agencies to shift the obligation for identifying such rules to small entities. The Agencies intended its statement to mean that the Agencies had researched the issue and found no Federal rules that duplicated, overlapped, or conflicted with the proposed rule. Accordingly, the Agencies believe that the IRFA addressed this requirement of the RFA. Advocacy also suggested that the Agencies consider (i) exempting small money transmitters from the proposed rule and (ii) exempting the send agents in a money transmitting business. As noted above in the section-by-section analysis, other commenters raised similar issues and the Agencies have made revisions in the final rule to address these concerns, including exempting all send agents in a money transmitting business. However, the Agencies decided against exempting all small money transmitting businesses. Specifically, the Agencies do not believe that the Act’s standard for granting exemptions would be met with regard to such a wholesale exemption, and such wholesale exemption would substantially undermine the purpose of the Act by allowing unlawful Internet gambling businesses to evade the restrictions contained in the Act and the final rule by using small money transmitting businesses.115 115 See 31 U.S.C. 5364(b)(3). As noted above, the final rule does, however, include a revised designation for money transmitting businesses as including only those money transmitting businesses that engage in the transmission of funds and permit customers to initiate money transmission transactions remotely from a location other than a physical office of the money transmitting business (such as through the Internet). The Agencies believe that this designation revised along functional lines, rather than by size, may also exclude a significant number of small money transmitting businesses. PO 00000 Frm 00019 Fmt 4701 Sfmt 4700 69399 Advocacy recommended that the Agencies prepare a revised initial regulatory flexibility analysis to address its concerns. The Agencies believe that the IRFA met the requirements of the RFA and a revised initial regulatory flexibility analysis is not warranted. In addition, after considering this and other comments, the Agencies determined that the issues raised by Advocacy have been addressed in the final rule or would not be resolved by an additional initial regulatory flexibility analysis. One commenter suggested that the Agencies extend the comment period to allow the Agencies to gather additional information on the impact the proposed rule would have on regulated small entities, including through use of the procedures described in the RFA, which includes direct notification of interested small entities.116 The commenter stated that an extension of the comment period is warranted because many small money transmitting businesses may not be part of a trade association that is familiar with the federal regulatory process and may not use English as their primary language, so they are in particular need of outreach. In the NPRM, the Agencies stated that they anticipated contacting trade groups representing participants that qualify as small entities and encouraging them to provide comments during the comment period in order to ascertain the costs imposed on regulated small entities. Within a week of publication of the proposed rule in the Federal Register, Board staff sent electronic notices to money transmitter associations in over a dozen States, including New York, New Jersey, California, Illinois, Georgia, Florida, Washington, Colorado and Ohio, notifying them of the issuance of the proposed rule and encouraging the associations to provide comments on all aspects of the proposed rule, but, in particular, the costs that may be imposed on small entities. A commenter, which received one of the electronic notices and which represents small- and medium-sized money transmitters, suggested that send agents in money transmitting businesses should be exempted and noted that these send agents ‘‘are predominantly small entities.’’ 117 As noted above, the Agencies exempted send agents from the requirement of the final rule. In addition, under the final rule, the only non-exempt participants in a money transmitting business are the operators that permit customers to initiate 116 See CRE letter, supra note 106, at 5–6. The RFA section can be found at 5 U.S.C. 609. 117 See TMSRT letter, supra note 35 at 3–4. E:\FR\FM\18NOR3.SGM 18NOR3 69400 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations transmission of funds transactions remotely from a location other than a physical office of the money transmitting business. The Agencies believe that the public comment period was sufficient and that further extension of the comment period is not warranted. One commenter stated that the Agencies should determine how many small entities will be affected by the rule in connection with their participation in card systems, particularly gift card and stored-value card systems.118 The number of small entities involved with card systems that would be subject to the final rule is estimated below, but the Agencies do not believe that attempting to break out the number of small entities involved specifically with gift cards or stored value cards is relevant to the analysis.119 Based on information the Agencies had regarding the size of the entities that commented, the Agencies have identified only one comment letter received from a depository institution that qualifies as a ‘‘small entity’’ under regulations promulgated by the U.S. Small Business Administration (SBA).120 The Agencies also received comment letters from several trade associations whose membership could include small entities affected by the rule.121 These comments raised issues generally similar to those discussed above in the section-by-section analysis, such as defining gambling-related terms, providing guidance on adequate due diligence, creating a list of unlawful Internet gambling businesses, and the burden of modifying customer agreements. 118 See Alston & Bird letter, supra note 49, at 22– mstockstill on PROD1PC66 with RULES3 23. 119 Card systems basically operate the same way for purposes of the Act and the rule, regardless of whether the particular card involved is a credit card, debit card, pre-paid card, or stored-value product. With respect to implementing the final rule’s non-exclusive examples for card systems, the relevant entities are the card system operator, merchant acquirer bank, and the card issuer bank. Retailers that may sell pre-paid gift cards or storedvalue products, such as grocery stores or convenience stores, are not participants in a designated payment system, as defined by the final rule, and thus are not covered by the final rule. 120 Comment letter from First National Bank of Morgan (Nov. 30, 2007), which questioned the public policy of imposing burden on participants in designated payment systems to prevent Internet gambling when other forms of gambling are permitted, such as State lotteries and casinos. The SBA size standards to define small business concerns in credit intermediation and related activities are located at 13 CFR 121.201 (subsector 522). 121 E.g., ICBA letter, supra note 67; comment letter from the Consumer Bankers Assoc. (Dec. 12, 2007) (hereinafter ‘‘CBA letter’’). VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 3. Description and estimate of classes of small entities affected by the final rule The majority of small non-exempt participants in the five designated payment systems (ACH systems, card systems, check collection systems, money transmitting businesses, and wire transfer systems) that would be affected by the rule are depository institutions. Pursuant to the SBA size standards defining small entities, a commercial bank, savings association, or credit union is considered a ‘‘small entity’’ if it has assets of $175 million or less.122 Based on call report data for June 30, 2008, the Agencies estimate that 4,564 small banks (out of a total of 7,699 banks), 412 small savings associations (out of a total of 829), and 7,281 small credit unions (out of a total of 8,136), for a total of 12,257 small depository institutions, will be directly affected by the final rule.123 Under the same SBA regulation, small money transmitting businesses are those with assets of $7.0 million or less. Based in part on information obtained from a Government Accountability Office report, the Agencies estimate that there are approximately 253,208 money transmitting businesses in the United States,124 and that 240,547 are small entities as defined above.125 Section ll.3(d) of the final rule states that only those money transmitting businesses that (1) engage in the transmission of funds, which does not include check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments; and (2) permit customers to initiate 122 13 CFR 121.201. report data include information submitted by depository institutions on the following forms: Consolidated Reports of Condition and Income for a Bank with Domestic and Foreign Offices (FFIEC Form 031) and Consolidated Reports of Condition and Income for a Bank with Domestic Offices Only (FFIEC Form 041), Thrift Financial Report (OTS Form 1313), and NCUA Call Report (NCUA Form 5300). 124 U.S. Government Accountability Office, ‘‘Bank Secrecy Act: FinCEN and IRS Need to Improve and Better Coordinate Compliance and Data Management Efforts,’’ GAO–07–212 (Dec. 2006). The Agencies note that this report took information from multiple studies, some of which focused on the number of ‘‘money services businesses’’ subject to FinCEN regulation. The term ‘‘money services business,’’ by virtue of thresholds and other criteria in FinCEN’s definition, applies to a different scope of entities than does the statutory term ‘‘money transmitting business.’’ See 31 CFR 103.11(uu). 125 The estimate of 240,547 small money transmitting businesses is the same estimate that is contained in the NPRM. The Agencies expressly solicited comment in the NPRM on the number of small entities to which the proposed rule would apply. The Agencies did not receive any comments during the comment period disputing the Agencies’ specific estimates and providing an explanation of why the estimates were being disputed. 123 Call PO 00000 Frm 00020 Fmt 4701 Sfmt 4700 transmission of funds remotely from a location other than a physical office of the money transmitting business, would be subject to the rule. Moreover, § ll.4(c) of the rule exempts all participants in such a money transmitting business, except for the operator of the system.126 Accordingly, only money transmitting business operators that permit customers to initiate transactions remotely must establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions. Based on consultations with representatives of the money transmitting industry, the Agencies believe that most small money transmitting business operators do not permit customers to initiate transmissions of funds remotely from a location other than a physical office of the money transmitting business.127 Moreover, those operators that do permit customers to initiate transactions remotely—for example Western Union, MoneyGram, and PayPal—generally have asset sizes that are above the ‘‘small entity’’ definition under the SBA regulations. As a result, the Agencies estimate that of the estimated 240,547 small money transmitting businesses, no more than 10 consist of operators that permit customers to initiate transmission of funds transactions remotely. The Agencies thus estimate that only 10 small money transmitting business operators will be affected by the final rule. The Agencies thus estimate that approximately 12,267 small entities will be subject to the final rule. When compared to the estimate contained in the proposed rule of 253,368 small entities, the Agencies believe that under the final rule approximately 241,101 fewer small entities will have to comply with the final rule. 4. Recordkeeping, Reporting and Other Compliance Requirements The extent to which small entities will be affected by the final rule depends on several variables, including 126 The proposed rule designated money transmitting businesses as a payment system subject to the rule and did not provide any exemptions for participants in a money transmitting business. 127 See summary of conference call with the National Money Transmitters Association (call date June 3, 2007) (hereinafter ‘‘NMTA call summary’’) p.1. (‘‘The business of most smaller [money transmitter organizations] is person-to-person remittances. Furthermore, most smaller MTOs do not allow Internet-initiated transactions—a customer is usually required to visit an agent location in person in order to perform a transaction.’’) E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations which designated payment systems they participate in, the composition of their customer base, and whether the entities are able to rely on policies and procedures established and implemented by the designated payment system. The final rule (as mandated by the Act) requires all nonexempt participants to establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions. The final rule contains non-exclusive examples of reasonably designed policies and procedures for participants in each designated payment system; however, the final rule expressly permits non-exempt participants to design and implement policies and procedures tailored to their business that may be different than the examples provided in the final rule. The Agencies believe that most small entities participating in ACH systems, card systems, check collection systems and wire transfer systems will be small depository institutions, including credit unions. If a small depository institution chooses to follow the final rule’s nonexclusive examples for ACH, check collection, and wire transfer systems set out in § ll.6, they should develop policies and procedures for conducting due diligence of commercial customers to determine the risk the commercial customer presents of engaging in an Internet gambling business. The due diligence examples in the final rule also suggest that non-exempt participants notify all commercial customers, through the account agreement or other means available, that restricted transactions are prohibited from being processed through the account or relationship. Developing such conforming policies and procedures would likely require input from legal counsel and management familiar with the small entity’s existing accountopening, account maintenance and due diligence procedures. The small entity’s senior management also would likely need to be involved in developing the policies and procedures to ensure they are compatible with the company’s business plans. In addition to policies and procedures for due diligence, the final rule’s nonexclusive examples also suggest including remedial action procedures to be followed in situations where the participant has actual knowledge that a commercial customer has processed restricted transactions through the participant’s facilities. Developing such procedures would likely require input from legal counsel and compliance personnel to integrate these procedures VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 into the institution’s existing compliance program. After the policies and procedures are designed and in place, the Agencies anticipate that the actual implementation burden would be shifted more toward the management, clerical, and technical functions of the institution that would be interfacing directly with the commercial customers. Training in the new policies and procedures would be necessary for customer relations staff. In addition, involvement of audit and compliance personnel would be necessary for audit and testing of the new policies and procedures. Legal counsel, management, and compliance personnel may be required to address issues that arise with commercial customers that due diligence indicates may be engaged in an Internet gambling business. The Agencies anticipate that a depository institution that qualifies as a small entity and participates in ACH, check, and wire-transfer systems would be able to establish and implement the same due diligence policies and procedures for commercial customers across all three of those systems for purposes of the final rule. The institution will not need to establish and implement separate policies and procedures for each of these designated payment systems. Additionally, credit unions, which constitute the majority of depository institutions that qualify as small entities, generally have few, if any, commercial customers because of the nature of their business. The final rule’s due diligence examples only apply to commercial customers, so an institution with few or no commercial customer accounts would have relatively minimal implementation burden. Further, even if a depository institution that qualifies as a small entity does have such customers, the vast majority of commercial customers will not present more than a minimal risk of engaging in an Internet gambling business, so the due diligence burden would be minimal. A small entity that participates in a card system and chooses to follow the card system examples in the final rule should largely be able to rely on the policies and procedures established by the operator of the card system, such as Visa or MasterCard.128 In general, such small depository institutions will rely 128 The Agencies have added a new § ll.5(c) to the rule stating that a participant in a designated payment system, such as a small depository institution participating in a card system, may rely on a written statement or notice by the operator of that system that the system’s policies and procedures comply with the requirements of this rule. PO 00000 Frm 00021 Fmt 4701 Sfmt 4700 69401 on the transaction coding of the card system to determine whether to authorize or deny authorization for a transaction that the card system’s coding procedure indicates may be a restricted transaction. Many small depository institutions had already made the business decision, prior to the Act and this rule’s effective date, to implement these processes, such that this rule may impose only minimal additional burden in this respect. Moreover, a small depository institution may agree to have the card system operator or a third-party processor make transaction authorization decisions on its behalf as its agent. Following the card system example in the final rule may require a small entity participant to seek input from legal counsel and technical personnel familiar with the coding framework and transaction authorization process used by the card system in which the small entity participates, although, based on comments received, the Agencies believe that many card issuing banks and card systems already have such procedures in place.129 Small entities in money transmitting businesses would, to a large extent, be ‘‘send’’ or ‘‘receive’’ agents that participate in systems operated by Western Union, MoneyGram, or similar entities. The final rule provides exemptions for all participants in a money transmitting business, except for the operator. The Agencies anticipate that these exemptions will completely eliminate the burden for such small entities. In addition, the final rule extends only to those money transmitting business operators that permit customers to initiate money transmission transactions remotely from a location other than a physical location of the money transmitting business. As noted earlier, the National Money Transmitters Association (NMTA), a trade association representing small- to medium-sized money transmitting organizations, indicated that most smaller money transmitting organizations do not allow Internetinitiated transactions and require a customer to visit an agent location in person in order to initiate a transaction.130 For those few small money transmitting business operators subject to the final rule which choose to follow the final rule’s examples, the operator would need to design and implement policies and procedures for conducting due diligence on its commercial 129 See, e.g., MasterCard letter, supra note 53, at 3. 130 NMTA E:\FR\FM\18NOR3.SGM call summary, supra note 41, at 1. 18NOR3 69402 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 customers at the establishment of the account or relationship similar to the due diligence described above for ACH, check collection, and wire transfer systems. The final rule’s examples also suggest that the operator notify all commercial customers, through the account agreement or other means available, that restricted transactions are prohibited from being processed through the account or relationship. Developing such conforming policies and procedures would likely require input from legal counsel and management as described above for ACH, check collection, and wire transfer systems. Implementation of due diligence and remedial action policies and procedures would also require input from legal counsel, management, technical, audit, and compliance personnel similar to that required for the ACH, check collection, and wire transfer systems. In addition, the final rule’s money transmitting business examples suggest that an operator’s policies and procedures should include procedures regarding ongoing monitoring or testing to detect potential restricted transactions, such as monitoring and analyzing payment patterns to detect suspicious payment volumes to any recipient. Such procedures would likely be facilitated by technical expertise and software from an outside vendor; however, the final rule’s examples do not require using a vendor. In fact, the NMTA indicated that the smallest money transmitting organizations are sometimes the best at spotting anomalous transactions, even without computers. The NMTA stated that such businesses keep detailed records and tend to know all of their customers, and thus can quickly spot anomalous transactions.131 5. Steps Taken To Minimize the Economic Impact on Small Entities As discussed in the preamble to this final rule, the Agencies considered many approaches to minimize the burden of the rule on non-exempt participants, including small entities, while carrying out the mandates of the Act. Consistent with the Act, the final rule has been designed for maximum flexibility with respect to non-exempt participants, including small entities. First, the final rule only requires nonexempt participants to establish and implement reasonably designed policies and procedures. The final rule does not prescribe any design standards (such as requiring the use of a specific technology) or performance standards 131 NMTA call summary, supra note 41, at 1–2. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 for such policies and procedures. Second, the examples of reasonably designed policies and procedures provided in § ll.6 of the final rule are non-exclusive and non-prescriptive. Specifically, a non-exempt participant, including a small entity, is permitted to design and implement policies and procedures tailored to its business that may be different than the examples provided in the final rule. Participants may also tailor different policies and procedures with respect to different business lines or different parts of its organization. Third, the Agencies have made a number of changes in the final rule in response to public comments on the proposed rule in order to reduce the burden the Act and the rule impose on payment system participants, including small entities. The proposed rule designated money transmitting businesses as a payment system subject to the rule and did not provide any exemptions for particular participants in a money transmitting business. Commenters suggested that the Agencies consider exempting small money transmitters or, at a minimum, send agents of money transmitting businesses from the rule.132 In addition, commenters suggested that the designation of money transmitting businesses in the proposed rule was too broad and included entities that were not intended to be included by the Act.133 As discussed above, the final rule’s listing of money transmitting businesses as a designated payment system subject to the rule has been narrowed to include only those money transmitting businesses that (1) engage in the transmission of funds, which does not include check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments; and (2) permit customers to initiate transmission of funds remotely from a location other than a physical office of the money transmitting business. Based on comments from the NMTA, these changes would exclude most small money transmitting businesses. Moreover, the final rule provides an exemption for all participants in a designated money transmitting business except for the operator. As noted above, the Agencies believe that almost all of the estimated 240,547 small participants in money transmitting businesses are participants other than operators. Accordingly, these small entities will not be affected by the rule. 132 E.g. Advocacy letter, supra note 106 at 4; see also TMSRT letter, supra note 35 at 3–4. 133 E.g., TMSRT letter, supra note 35 at 2. PO 00000 Frm 00022 Fmt 4701 Sfmt 4700 The proposed rule reiterated the Act’s provision that permits participants in a designated payment system to comply with the rule’s requirement to establish and implement reasonably designed policies and procedures by relying on and complying with the policies and procedures of the designated payment system if, among other things, such policies and procedures complied with the requirements of the proposed rule. Commenters expressed concern, however, with the value of this provision if a participant was unsure whether the designated payment system’s policies and procedures complied with the rule and the Act.134 This issue would be particularly relevant to small entities that would be more likely to be participants in a designated payment system than an operator and would be more likely to take advantage of this authority to rely on the system’s policies and procedures, rather than incurring the cost of designing and implementing their own policies and procedures. The Agencies addressed this concern in the final rule by permitting a participant to rely on the policies and procedures of its designated payment system if the operator of that system has stated to its participants that the operator has designed or structured the system’s policies and procedures to comply with the requirements of the final rule, unless the participant is notified otherwise by its Federal functional regulator or, in the case of participants that are not directly supervised by a Federal functional regulator, the Federal Trade Commission. The proposed rule’s non-exclusive examples also indicated that nonexempt participants in designated payment systems should conduct due diligence in ‘‘establishing or maintaining’’ a commercial customer relationship to ensure that the customer does not process restricted transactions. Commenters noted the significant burden that would be imposed by reviewing all of an institution’s existing commercial customer accounts to ensure that they did not process restricted transactions.135 The final rule’s examples for ACH, check collection, and wire transfer systems recommends that non-exempt participants conduct due diligence at the establishment of the commercial account or relationship. If a non-exempt participant has actual knowledge that an existing commercial customer engages in an Internet gambling business, the final rule’s non-exclusive policies and 134 E.g., 135 E.g., E:\FR\FM\18NOR3.SGM CBA letter, supra note 121, at 4. BB&T letter, supra note 67, at 2. 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 procedures suggest that the participant conduct due diligence on that customer similar to what is contemplated for new customers. Commenters also suggested that the final rule provide more guidance on the due diligence that would be deemed sufficient.136 In response to these comments, the final rule provides detailed steps that a participant can choose to take to conduct reasonable risk-based due diligence as contemplated by the final rule’s examples. The proposed rule’s designated payment system examples also suggested including as a term of commercial customer agreements that the customer may not engage in restricted transactions through the participant’s facilities. Numerous commenters stated that such a requirement to modify existing agreements would be unduly burdensome.137 In addition, commenters noted that typical customer agreements already include a prohibition against unlawful transactions, so modifying the agreement to specifically include restricted transactions in this prohibition would be unnecessary.138 Based on the comments, the final rule does not contemplate that non-exempt participants in designated payment systems will modify their account agreements with existing commercial customers, but instead contemplates that participants will notify commercial customers that the participant’s facilities may not be used to process restricted transactions. Such notification could be accomplished through a term in the commercial customer agreements, through a notice sent to the customer, or through some other method. The NPRM also set forth a proposed effective date for the final rule of six months after its publication. Many commenters stated that this was insufficient time to implement the rule. A longer period would be particularly relevant for small entities because they would most likely be participants in a designated payment system, rather than an operator. Commenters stated that designated payment systems must first develop their policies and procedures before participants will be able to conform their policies and procedures.139 As explained above in the preamble, the Agencies have 136 See, e.g., comment letter from the State Dept. Federal Credit Union (Dec. 13, 2007) p. 2. 137 See, e.g., comment letter from the Electronic Check Clearing House Organization (Dec. 10, 2007) p. 3. 138 See, e.g., The Clearing House letter, supra note 14, at 9. 139 See, e.g., NACHA letter, supra note 38, at 5. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 established a compliance date for the final rule 12 months from its publication. This longer period will give small entities more time to establish and implement policies and procedures reasonably designed to identify and block or otherwise prevent restricted transactions, and may thereby reduce small entities’ costs of complying with the rule. Commenters also recommended some significant alternatives to approaches adopted in the proposed rule that the Agencies have not adopted in the final rule. Some of these suggestions may have reduced the burden imposed by the rule on some small entities, but were rejected by the Agencies for factual, policy, or legal reasons. For example, the final rule does not contemplate that any government entity will create, publish, and maintain a list of unlawful Internet gambling businesses. Several commenters indicated that such a list would assist financial institutions in identifying Internet gambling operations.140 After carefully considering this issue, including the numerous comments both for and against such a list, for the reasons discussed at length above, the Agencies have concluded that such a list would not be effective or efficient. In addition, the final rule’s non-exclusive due diligence policies and procedures shift the burden of distinguishing lawful from unlawful Internet gambling from participants in designated payment systems to the Internet gambling businesses. Some commenters also suggested that the Agencies exempt from the rule all participants in the ACH, check, and wire-transfer systems or exclude such systems from the list of designated payment systems.141 While such an approach would reduce the burden of the rule on small depository institutions, it would also substantially undermine the efficacy of the rule. Section 5364(b)(3) of the Act states that the Agencies shall exempt certain restricted transactions or designated payment systems from the rule if the Agencies jointly find that it is not reasonably practical to identify and block or otherwise prevent or prohibit restricted transactions. The Agencies believe that it is reasonably practical for participants in designated payment systems, including small entities, to implement certain policies and procedures, such as those contained in § ll.6 of the final rule, that will 140 E.g., Wells Fargo letter, supra note 19, at 23– 24. 141 See, e.g., M&T Bank letter, supra note 45, at 4. PO 00000 Frm 00023 Fmt 4701 Sfmt 4700 69403 constitute policies and procedures reasonably designed to prevent or prohibit restricted transactions. Accordingly, the Agencies have determined that blanket exemptions for the ACH, check, and wire-transfer systems would not be appropriate given the standard for an exemption set forth in section 5364(b)(3) of the Act. E. Paperwork Reduction Act Analysis In accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3506; 5 CFR 1320 Appendix A.1), the Board has reviewed the final rule. The collection of information contained in the Treasury’s final rule has been reviewed and approved by OMB in accordance with the requirements of the Paperwork Reduction Act of 1995 (44 U.S.C. 3507(d)). The Agencies may not conduct or sponsor, and an organization is not required to respond to, a collection of information unless it displays a currently valid OMB control number. The OMB control numbers are 1505–0204 for the Treasury and 7100– 0317 for the Board. The collection of information that is required by this final rulemaking is found in sections 5 and 6. This collection of information is required by section 802 of the Act, which requires the Agencies to prescribe joint regulations requiring each designated payment system, and all participants in such systems, to identify and block or otherwise prevent or prohibit restricted transactions through the establishment of policies and procedures reasonably designed to prevent or prohibit restricted transactions. The final rule implements this requirement by requiring all non-exempt participants in designated payment systems to establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions. The recordkeepers are businesses or other for-profit and not-for-profit organizations that include depository institutions (commercial banks, savings associations, and credit unions), thirdparty processors, and card system operators, and money transmitting business operators. The final rule does not include a specific time period for record retention; however, non-exempt participants would be required to maintain the policies and procedures for a particular designated payment system as long as they participate in that system. The Agencies collectively received seven comment letters (from a law firm, a depository institution, a member of Congress, an individual, a government agency, and two business/trade E:\FR\FM\18NOR3.SGM 18NOR3 69404 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations associations) that addressed the paperwork issues. Five comment letters specifically addressed the burden estimates, one letter stated that the Agencies could provide more rigorous burden estimates, and one letter questioned the Board’s monetized cost to the public as provided in its OMB Supporting Statement posted on the Board’s public Web site. Broadly, all commenters stated that the paperwork burden estimates were too low; therefore, the Agencies have substantially increased the burden estimates. Additionally, some of these commenters stated that the Agencies did not adequately identify the number of entities that would incur paperwork burden under the rule.142 The Agencies continue to believe that their methodology for estimating the number of regulated entities is generally accurate. The Board’s and Treasury’s burden estimates (as provided in each Agency’s OMB supporting statements for this rulemaking) each reflect only about half of the rulemaking’s burden on regulated entities. The Agencies have agreed to split equally the total number of recordkeepers not subject to examination and supervision by either the Board or the Treasury’s Office of the Comptroller of the Currency and Office of Thrift Supervision. The final rule provides exemptions for all participants in a money transmitting business, except for the operator. Small entities in money transmitting businesses would, to a large extent, be send or receive agents that participate in systems operated by Western Union, MoneyGram, or similar entities. Accordingly, they are exempt from the final rule and are not included in the estimated number of recordkeepers below. Also, the Agencies clarified in the final rule that money transmitting businesses are subject to the rule solely to the extent they engage in the transmission of funds, which does not include check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments. This change would reduce the number of money transmitting businesses that are subject to the recordkeeping requirements. Also, in the final rule, the Agencies clarified that the requirement to establish and implement written policies and procedures applies only to U.S. offices of participants in designated payment systems. Depository institutions are the primary non-exempt participants for the ACH, card, check collection, and wire transfer systems subject to the rule. Accordingly, non-exempt depository institutions in such designated payment systems would be subject to the recordkeeping requirement of establishing and implementing written policies and procedures reasonably designed to prevent or prohibit restricted transactions to the extent that they participate in such systems. Respondent burden: For the purpose of estimating burden and accounting for it with OMB, the total number of depository institutions listed for each Agency includes the number of entities regulated by the Agency and half of the remaining depository institutions and third-party processors. Each Agency is also accounting for the burden for half of the card system operators and money transmitting business operators to which the Agencies estimate the final rule applies. Federal Reserve: Estimated number of recordkeepers: 3,459 commercial banks, 4,068 credit unions, 3 card system operators, and 8 money transmitting business operators. Estimated average annual burden hours per recordkeeper: One-time burden 100 hours for commercial banks and card system operators, 20 hours for credit unions, and 120 hours for money transmitting business operators. Ongoing annual burden of 8 hours per recordkeeper. Estimated frequency: Annually. Estimated total annual recordkeeping burden: One-time burden, 428,520 hours and ongoing burden, 60,304 hours. Treasury: Estimated number of recordkeepers: 4,240 commercial banks, 829 savings associations, 4,068 credit unions, 3 card system operators, and 8 money transmitting business operators. Estimated average annual burden hours per recordkeeper: One-time burden of 100 hours for commercial banks, savings associations and card system operators; 20 hours for credit unions; and 120 hours for money transmitting business operators. Ongoing annual burden of 8 hours per recordkeeper. Estimated frequency: Annually. Estimated total annual recordkeeping burden: One-time burden, 589,520 hours and ongoing burden, 73,184 hours. Based on these estimates, the PRA burden for regulated entities is approximately one million hours: Number of hours spent (one-time burden) Number of recordkeepers Treasury ............................................................................................................................ Federal Reserve ............................................................................................................... 9,148 7,538 Total PRA Burden Hours for All Regulated Entities ................................................. ............................ 143 varies ........... ........... 589,520 428,520 ........................... 1,018,040 144 varies mstockstill on PROD1PC66 with RULES3 The one-time burden imposed by the Act requires non-exempt participants to establish policies and procedures. The Agencies estimate that this initial burden will average 100 hours per commercial bank, savings association, and card system operator, 20 hours per credit union, and 120 hours per money transmitting business operator. The Agencies also estimate that the ongoing burden of maintaining the policies and 142 One commenter expressed concern specifically regarding the number of entities involved in stored value cards and gift cards that would be subject to the rule’s recordkeeping requirements. See Alston & Bird letter, supra note 49, at 23 With respect to implementing the final rule’s non-exclusive examples for card systems, the relevant entities are the card system operators, merchant acquirers, and the card issuers. Retailers, such as grocery stores or convenience stores, are not participants in a designated payment system, as defined by the final rule, by virtue of their selling pre-paid gift cards or stored value products and thus are not covered by the final rule. 143 The one-time burden hours for the 4,240 commercial banks, 829 savings associations, and 3 card system operators is 100 hours each. The onetime burden for 4,068 credit unions is 20 hours each. The one-time burden for 8 money transmitting business operators is 120 hours each. 144 The one-time burden hours for the 3,459 commercial banks and 3 card system operators is 100 hours each. The one-time burden for 4,068 credit unions is 20 hours each. The one-time burden for 8 money transmitting business operators is 120 hours each. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 PO 00000 Frm 00024 Fmt 4701 Sfmt 4700 E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations procedures once they are established will be 8 hours per recordkeeper. The Agencies further estimate (as provided in each Agency’s OMB Supporting Statement) the total start-up cost for the banking, card system, and money transmitting industries to be $88,518,578.145 The total estimated recordkeeping cost for all regulated entities is over $88.5 million: IV. Statutory Authority Pursuant to the authority set out in the Act and particularly section 802 (codified at 31 U.S.C. 5361 et seq.), the Board amends Chapter II of Title 12 of the Code of Federal Regulations and the Treasury amends Chapter I of Title 31 of the Code of Federal Regulations by adding the common rules set out below. Total PRA burden hours ..... Average adjusted rate of avg. wage for recordkeeping ............................. Total PRA Cost to Regulated Entities .............................. List of Subjects 1,018,040 V. Text of Final Rules 12 CFR Part 233 Banks, Banking, Electronic funds $88,518,578 transfers, Incorporation by reference, Internet gambling, Payments, Because the records would be Recordkeeping. maintained at the institutions and 31 CFR Part 132 notices are not provided to the Agencies, no issue of confidentiality Banks, Banking, Electronic funds under the Freedom of Information Act transfers, Incorporation by reference, arises. The Agencies have a continuing Internet gambling, Payments, interest in the public’s opinion of our Recordkeeping. collections of information. At any time, Federal Reserve System comments regarding the burden estimate, or any other aspect of this Authority and Issuance collection of information, including suggestions for reducing the burden may ■ For the reasons set forth in the preamble, the Board amends Title 12, be sent to: Office of Critical Chapter II of the Code of Federal Infrastructure Protection and Regulations by adding a new part 233 as Compliance Policy, Department of the set forth under Common Rules at the Treasury, Main Treasury Building, Room 1327, 1500 Pennsylvania Avenue, end of this document: NW., Washington, DC 20220 ; Secretary, PART 233—PROHIBITION ON Board of Governors of the Federal FUNDING OF UNLAWFUL INTERNET Reserve System, 20th and C Streets, NW., Washington, DC 20551; and to the GAMBLING (REGULATION GG) Office of Management and Budget, Sec. Paperwork Reduction Project (1505– 233.1 Authority, purpose, and 0204 for Treasury or 7100–0317 for the incorporation by reference. 233.2 Definitions. Board), Washington, DC 20503. $86.95 mstockstill on PROD1PC66 with RULES3 F. Plain Language Each Federal banking agency, such as the Board, is required to use plain language in all proposed and final rulemakings published after January 1, 2000. 12 U.S.C. 4809. In addition, in 1998, the President issued a memorandum directing each agency in the Executive branch, such as Treasury, to use plain language for all new proposed and final rulemaking documents issued on or after January 1, 1999. The Agencies have sought to present the final rule, to the extent possible, in a simple and straightforward manner. 145 Total cost to the banking, card system, and money transmitting industries was estimated using the following formula. Percent of staff time, multiplied by annual burden hours, multiplied by hourly rate: 20% Clerical @ $25, 25% Managerial or Technical @ $55, 25% Senior Management @ $100, and 30% Legal Counsel @ $144. Hourly rate estimates for each occupational group are averages using data from the Bureau of Labor and Statistics, Occupational Employment and Wages, news release. VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 233.3 Designated payment systems. 233.4 Exemptions. 233.5 Policies and procedures required. 233.6 Non-exclusive examples of policies and procedures. 233.7 Regulatory enforcement. Appendix A to Part 233—Model Notice Authority: 31 U.S.C. 5364. Department of the Treasury Authority and Issuance For the reasons set forth in the preamble, Treasury amends Title 31, Chapter I of the Code of Federal Regulations by adding a new part 132 as set forth under Common Rules at the end of this document: ■ PART 132—PROHIBITION ON FUNDING OF UNLAWFUL INTERNET GAMBLING Sec. 132.1 Authority, purpose, and incorporation by reference. 132.2 Definitions. 132.3 Designated payment systems. 132.4 Exemptions. PO 00000 Frm 00025 Fmt 4701 Sfmt 4700 69405 132.5 Policies and procedures required. 132.6 Non-exclusive examples of policies and procedures. 132.7 Regulatory enforcement. Appendix A to Part 132—Model Notice Authority: 31 U.S.C. 321 and 5364. Common Rules The common rules added by the Board as part 233 of Title 12, Chapter II of the Code of Federal Regulations and by Treasury as part 132 of Title 31, Chapter I of the Code of Federal Regulations follow: § ll.1 Authority, purpose, collection of information, and incorporation by reference. (a) Authority. This part is issued jointly by the Board of Governors of the Federal Reserve System (Board) and the Secretary of the Department of the Treasury (Treasury) under section 802 of the Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and Accountability For Every Port Act of 2006, Pub. L. No. 109–347, 120 Stat. 1884, and codified at 31 U.S.C. 5361– 5367). The Act states that none of its provisions shall be construed as altering, limiting, or extending any Federal or State law or Tribal-State compact prohibiting, permitting, or regulating gambling within the United States. See 31 U.S.C. 5361(b). In addition, the Act states that its provisions are not intended to change which activities related to horseracing may or may not be allowed under Federal law, are not intended to change the existing relationship between the Interstate Horseracing Act of 1978 (IHA) (15 U.S.C. 3001 et seq.) and other Federal statutes in effect on October 13, 2006, the date of the Act’s enactment, and are not intended to resolve any existing disagreements over how to interpret the relationship between the IHA and other Federal statutes. See 31 U.S.C. 5362(10)(D)(iii). This part is intended to be consistent with these provisions. (b) Purpose. The purpose of this part is to issue implementing regulations as required by the Act. The part sets out necessary definitions, designates payment systems subject to the requirements of this part, exempts certain participants in designated payment systems from certain requirements of this part, provides nonexclusive examples of policies and procedures reasonably designed to identify and block, or otherwise prevent and prohibit, restricted transactions, and sets out the Federal entities that have exclusive regulatory enforcement authority with respect to the designated E:\FR\FM\18NOR3.SGM 18NOR3 69406 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations payments systems and non-exempt participants therein. (c) Collection of information. The Office of Management and Budget (OMB) has approved the collection of information requirements in this part for the Department of the Treasury and assigned OMB control number 1505– 0204. The Board has approved the collection of information requirements in this part under the authority delegated to the Board by OMB, and assigned OMB control number 7100– 0317. (d) Incorporation by reference— relevant definitions from ACH rules. (1) This part incorporates by reference the relevant definitions of ACH terms as published in the ‘‘2008 ACH Rules: A Complete Guide to Rules & Regulations Governing the ACH Network’’ (the ‘‘ACH Rules’’). The Director of the Federal Register approves this incorporation by reference in accordance with 5 U.S.C. 552(a) and 1 CFR part 51. Copies of the ‘‘2008 ACH Rules’’ are available from the National Automated Clearing House Association, Suite 100, 13450 Sunrise Valley Drive, Herndon, Virginia 20171, http:// nacha.org, (703) 561–1100. Copies also are available for public inspection at the Department of Treasury Library, Room 1428, Main Treasury Building, 1500 Pennsylvania Avenue, NW., Washington, DC 20220, and the National Archives and Records Administration (NARA). Before visiting the Treasury library, you must call (202) 622–0990 for an appointment. For information on the availability of this material at NARA, call (202) 741–6030, or go to: http://www.archives.gov/ federal_register/ code_of_federal_regulations/ ibr_locations.html 20002. (2) Any amendment to definitions of the relevant ACH terms in the ACH Rules shall not apply to this part unless the Treasury and the Board jointly accept such amendment by publishing notice of acceptance of the amendment to this part in the Federal Register. An amendment to the definition of a relevant ACH term in the ACH Rules that is accepted by the Treasury and the Board shall apply to this part on the effective date of the rulemaking specified by the Treasury and the Board in the joint Federal Register notice expressly accepting such amendment. mstockstill on PROD1PC66 with RULES3 § ll.2 Definitions. The following definitions apply solely for purposes of this part: (a) Actual knowledge with respect to a transaction or commercial customer means when a particular fact with respect to that transaction or VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 commercial customer is known by or brought to the attention of: (1) An individual in the organization responsible for the organization’s compliance function with respect to that transaction or commercial customer; or (2) An officer of the organization. (b) Automated clearing house system or ACH system means a funds transfer system, primarily governed by the ACH Rules, which provides for the clearing and settlement of batched electronic entries for participating financial institutions. When referring to ACH systems, the terms in this regulation (such as ‘‘originating depository financial institution,’’ ‘‘operator,’’ ‘‘originating gateway operator,’’ ‘‘receiving depository financial institution,’’ ‘‘receiving gateway operator,’’ and ‘‘third-party sender’’) are defined as those terms are defined in the ACH Rules. (c) Bet or wager: (1) Means the staking or risking by any person of something of value upon the outcome of a contest of others, a sporting event, or a game subject to chance, upon an agreement or understanding that the person or another person will receive something of value in the event of a certain outcome; (2) Includes the purchase of a chance or opportunity to win a lottery or other prize (which opportunity to win is predominantly subject to chance); (3) Includes any scheme of a type described in 28 U.S.C. 3702; (4) Includes any instructions or information pertaining to the establishment or movement of funds by the bettor or customer in, to, or from an account with the business of betting or wagering (which does not include the activities of a financial transaction provider, or any interactive computer service or telecommunications service); and (5) Does not include— (i) Any activity governed by the securities laws (as that term is defined in section 3(a)(47) of the Securities Exchange Act of 1934 (15 U.S.C. 78c(a)(47)) for the purchase or sale of securities (as that term is defined in section 3(a)(10) of that act (15 U.S.C. 78c(a)(10)); (ii) Any transaction conducted on or subject to the rules of a registered entity or exempt board of trade under the Commodity Exchange Act (7 U.S.C. 1 et seq.); (iii) Any over-the-counter derivative instrument; (iv) Any other transaction that— (A) Is excluded or exempt from regulation under the Commodity Exchange Act (7 U.S.C. 1 et seq.); or PO 00000 Frm 00026 Fmt 4701 Sfmt 4700 (B) Is exempt from State gaming or bucket shop laws under section 12(e) of the Commodity Exchange Act (7 U.S.C. 16(e)) or section 28(a) of the Securities Exchange Act of 1934 (15 U.S.C. 78bb(a)); (v) Any contract of indemnity or guarantee; (vi) Any contract for insurance; (vii) Any deposit or other transaction with an insured depository institution; (viii) Participation in any game or contest in which participants do not stake or risk anything of value other than— (A) Personal efforts of the participants in playing the game or contest or obtaining access to the Internet; or (B) Points or credits that the sponsor of the game or contest provides to participants free of charge and that can be used or redeemed only for participation in games or contests offered by the sponsor; or (ix) Participation in any fantasy or simulation sports game or educational game or contest in which (if the game or contest involves a team or teams) no fantasy or simulation sports team is based on the current membership of an actual team that is a member of an amateur or professional sports organization (as those terms are defined in 28 U.S.C. 3701) and that meets the following conditions: (A) All prizes and awards offered to winning participants are established and made known to the participants in advance of the game or contest and their value is not determined by the number of participants or the amount of any fees paid by those participants. (B) All winning outcomes reflect the relative knowledge and skill of the participants and are determined predominantly by accumulated statistical results of the performance of individuals (athletes in the case of sports events) in multiple real-world sporting or other events. (C) No winning outcome is based— (1) On the score, point-spread, or any performance or performances of any single real-world team or any combination of such teams, or (2 ) Solely on any single performance of an individual athlete in any single real-world sporting or other event. (d) Block means to reject a particular transaction before or during processing, but it does not require freezing or otherwise prohibiting subsequent transfers or transactions regarding the proceeds or account. (e) Card issuer means any person who issues a credit card, debit card, pre-paid card, or stored value card, or the agent of such person with respect to such card. E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations (f) Card system means a system for authorizing, clearing and settling transactions in which credit cards, debit cards, pre-paid cards, or stored value cards (such cards being issued or authorized by the operator of the system), are used to purchase goods or services or to obtain a cash advance. The term includes systems both in which the merchant acquirer, card issuer, and system operator are separate entities and in which more than one of these roles are performed by the same entity. (g) Check clearing house means an association of banks or other payors that regularly exchange checks for collection or return. (h) Check collection system means an interbank system for collecting, presenting, returning, and settling for checks or intrabank system for settling for checks deposited in and drawn on the same bank. When referring to check collection systems, the terms in this regulation (such as ‘‘paying bank,’’ ‘‘collecting bank,’’ ‘‘depositary bank,’’ ‘‘returning bank,’’ and ‘‘check’’) are defined as those terms are defined in 12 CFR 229.2. For purposes of this part, ‘‘check’’ also includes an electronic representation of a check that a bank agrees to handle as a check. (i) Commercial customer means a person that is not a consumer and that contracts with a non-exempt participant in a designated payment system to receive, or otherwise accesses, payment transaction services through that nonexempt participant. (j) Consumer means a natural person. (k) Designated payment system means a system listed in § ll.3. (l) Electronic fund transfer has the same meaning given the term in section 903 of the Electronic Fund Transfer Act (15 U.S.C. 1693a), except that such term includes transfers that would otherwise be excluded under section 903(6)(E) of that act (15 U.S.C. 1693a(6)(E)), and includes any funds transfer covered by Article 4A of the Uniform Commercial Code, as in effect in any State. (m) Financial institution means a State or national bank, a State or Federal savings and loan association, a mutual savings bank, a State or Federal credit union, or any other person that, directly or indirectly, holds an account belonging to a consumer. The term does not include a casino, sports book, or other business at or through which bets or wagers may be placed or received. (n) Financial transaction provider means a creditor, credit card issuer, financial institution, operator of a terminal at which an electronic fund transfer may be initiated, money transmitting business, or international, VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 national, regional, or local payment network utilized to effect a credit transaction, electronic fund transfer, stored value product transaction, or money transmitting service, or a participant in such network, or other participant in a designated payment system. (o) Foreign banking office means: (1) Any non-U.S. office of a financial institution; and (2) Any non-U.S. office of a foreign bank as described in 12 U.S.C. 3101(7). (p) Interactive computer service means any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the Internet and such systems operated or services offered by libraries or educational institutions. (q) Internet means the international computer network of interoperable packet switched data networks. (r) Internet gambling business means the business of placing, receiving or otherwise knowingly transmitting a bet or wager by any means which involves the use, at least in part, of the Internet, but does not include the performance of the customary activities of a financial transaction provider, or any interactive computer service or telecommunications service. (s) Intrastate transaction means placing, receiving, or otherwise transmitting a bet or wager where— (1) The bet or wager is initiated and received or otherwise made exclusively within a single State; (2) The bet or wager and the method by which the bet or wager is initiated and received or otherwise made is expressly authorized by and placed in accordance with the laws of such State, and the State law or regulations include— (i) Age and location verification requirements reasonably designed to block access to minors and persons located out of such State; and (ii) Appropriate data security standards to prevent unauthorized access by any person whose age and current location has not been verified in accordance with such State’s law or regulations; and (3) The bet or wager does not violate any provision of— (i) The Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et seq.); (ii) 28 U.S.C. chapter 178 (professional and amateur sports protection); (iii) The Gambling Devices Transportation Act (15 U.S.C. 1171 et seq.); or PO 00000 Frm 00027 Fmt 4701 Sfmt 4700 69407 (iv) The Indian Gaming Regulatory Act (25 U.S.C. 2701 et seq.). (t) Intratribal transaction means placing, receiving or otherwise transmitting a bet or wager where— (1) The bet or wager is initiated and received or otherwise made exclusively— (i) Within the Indian lands of a single Indian tribe (as such terms are defined under the Indian Gaming Regulatory Act (25 U.S.C. 2703)); or (ii) Between the Indian lands of two or more Indian tribes to the extent that intertribal gaming is authorized by the Indian Gaming Regulatory Act (25 U.S.C. 2701 et seq.); (2) The bet or wager and the method by which the bet or wager is initiated and received or otherwise made is expressly authorized by and complies with the requirements of— (i) The applicable tribal ordinance or resolution approved by the Chairman of the National Indian Gaming Commission; and (ii) With respect to class III gaming, the applicable Tribal-State compact; (3) The applicable tribal ordinance or resolution or Tribal-State compact includes— (i) Age and location verification requirements reasonably designed to block access to minors and persons located out of the applicable Tribal lands; and (ii) Appropriate data security standards to prevent unauthorized access by any person whose age and current location has not been verified in accordance with the applicable tribal ordinance or resolution or Tribal-State Compact; and (4) The bet or wager does not violate any provision of— (i) The Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et seq.); (ii) 28 U.S.C. chapter 178 (professional and amateur sports protection); (iii) The Gambling Devices Transportation Act (15 U.S.C. 1171 et seq.); or (iv) The Indian Gaming Regulatory Act (25 U.S.C. 2701 et seq.). (u) Money transmitting business has the meaning given the term in 31 U.S.C. 5330(d)(1) (determined without regard to any regulations prescribed by the Secretary of the Treasury thereunder). (v) Operator of a designated payment system means an entity that provides centralized clearing and delivery services between participants in the designated payment system and maintains the operational framework for the system. In the case of an automated clearinghouse system, the term ‘‘operator’’ has the same meaning as provided in the ACH Rules. E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 69408 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations (w) Participant in a designated payment system means an operator of a designated payment system, a financial transaction provider that is a member of, or has contracted for financial transaction services with, or is otherwise participating in, a designated payment system, or a third-party processor. This term does not include a customer of the financial transaction provider, unless the customer is also a financial transaction provider otherwise participating in the designated payment system on its own behalf. (x) Reasoned legal opinion means a written expression of professional judgment by a State-licensed attorney that addresses the facts of a particular client’s business and the legality of the client’s provision of its services to relevant customers in the relevant jurisdictions under applicable federal and State law, and, in the case of intratribal transactions, applicable tribal ordinances, tribal resolutions, and Tribal-State compacts. A written legal opinion will not be considered ‘‘reasoned’’ if it does nothing more than recite the facts and express a conclusion. (y) Restricted transaction means any of the following transactions or transmittals involving any credit, funds, instrument, or proceeds that the Act prohibits any person engaged in the business of betting or wagering (which does not include the activities of a financial transaction provider, or any interactive computer service or telecommunications service) from knowingly accepting, in connection with the participation of another person in unlawful Internet gambling— (1) Credit, or the proceeds of credit, extended to or on behalf of such other person (including credit extended through the use of a credit card); (2) An electronic fund transfer, or funds transmitted by or through a money transmitting business, or the proceeds of an electronic fund transfer or money transmitting service, from or on behalf of such other person; or (3) Any check, draft, or similar instrument that is drawn by or on behalf of such other person and is drawn on or payable at or through any financial institution. (z) State means any State of the United States, the District of Columbia, or any commonwealth, territory, or other possession of the United States, including the Commonwealth of Puerto Rico, the Commonwealth of the Northern Mariana Islands, American Samoa, Guam, and the Virgin Islands. (aa) Third-party processor means a service provider that— VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 (1) In the case of a debit transaction payment, such as an ACH debit entry or card system transaction, has a direct relationship with the commercial customer that is initiating the debit transfer transaction and acts as an intermediary between the commercial customer and the first depository institution to handle the transaction; (2) In the case of a credit transaction payment, such as an ACH credit entry, has a direct relationship with the commercial customer that is to receive the proceeds of the credit transfer and acts as an intermediary between the commercial customer and the last depository institution to handle the transaction; and (3) In the case of a cross-border ACH debit or check collection transaction, is the first service provider located within the United States to receive the ACH debit instructions or check for collection. (bb) Unlawful Internet gambling means to place, receive, or otherwise knowingly transmit a bet or wager by any means which involves the use, at least in part, of the Internet where such bet or wager is unlawful under any applicable Federal or State law in the State or Tribal lands in which the bet or wager is initiated, received, or otherwise made. The term does not include placing, receiving, or otherwise transmitting a bet or wager that is excluded from the definition of this term by the Act as an intrastate transaction or an intra-tribal transaction, and does not include any activity that is allowed under the Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et seq.; see § ll.1(a)). The intermediate routing of electronic data shall not determine the location or locations in which a bet or wager is initiated, received, or otherwise made. (cc) Wire transfer system means a system through which an unconditional order to a bank to pay a fixed or determinable amount of money to a beneficiary upon receipt, or on a day stated in the order, is transmitted by electronic or other means through the network, between banks, or on the books of a bank. When referring to wire transfer systems, the terms in this regulation (such as ‘‘bank,’’ ‘‘originator’s bank,’’ ‘‘beneficiary’s bank,’’ and ‘‘intermediary bank’’) are defined as those terms are defined in 12 CFR part 210, appendix B. § ll.3 Designated payment systems. The following payment systems could be used by participants in connection with, or to facilitate, a restricted transaction: (a) Automated clearing house systems; PO 00000 Frm 00028 Fmt 4701 Sfmt 4700 (b) Card systems; (c) Check collection systems; (d) Money transmitting businesses solely to the extent they (1) Engage in the transmission of funds, which does not include check cashing, currency exchange, or the issuance or redemption of money orders, travelers’ checks, and other similar instruments; and (2) Permit customers to initiate transmission of funds transactions remotely from a location other than a physical office of the money transmitting business; and (e) Wire transfer systems. § ll.4 Exemptions. (a) Automated clearing house systems. The participants processing a particular transaction through an automated clearing house system are exempt from this regulation’s requirements for establishing written policies and procedures reasonably designed to prevent or prohibit restricted transactions with respect to that transaction, except for— (1) The receiving depository financial institution and any third-party processor receiving the transaction on behalf of the receiver in an ACH credit transaction; (2) The originating depository financial institution and any third-party processor initiating the transaction on behalf of the originator in an ACH debit transaction; and (3) The receiving gateway operator and any third-party processor that receives instructions for an ACH debit transaction directly from a foreign sender (which could include a foreign banking office, a foreign third-party processor, or a foreign originating gateway operator). (b) Check collection systems. The participants in a particular check collection through a check collection system are exempt from this regulation’s requirements for establishing written policies and procedures reasonably designed to prevent or prohibit restricted transactions with respect to that check collection, except for the depositary bank. (c) Money transmitting businesses. The participants in a money transmitting business are exempt from this regulation’s requirements for establishing written policies and procedures reasonably designed to prevent or prohibit restricted transactions, except for the operator. (d) Wire transfer systems. The participants in a particular wire transfer through a wire transfer system are exempt from this regulation’s requirements for establishing written E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations policies and procedures reasonably designed to prevent or prohibit restricted transactions with respect to that transaction, except for the beneficiary’s bank. mstockstill on PROD1PC66 with RULES3 § ll.5 Policies and procedures required. (a) All non-exempt participants in designated payment systems shall establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions. (b) A non-exempt financial transaction provider participant in a designated payment system shall be considered to be in compliance with the requirements of paragraph (a) of this section if— (1) It relies on and complies with the written policies and procedures of the designated payment system that are reasonably designed to— (i) Identify and block restricted transactions; or (ii) Otherwise prevent or prohibit the acceptance of the products or services of the designated payment system or participant in connection with restricted transactions; and (2) Such policies and procedures of the designated payment system comply with the requirements of this part. (c) For purposes of paragraph (b)(2) in this section, a participant in a designated payment system may rely on a written statement or notice by the operator of that designated payment system to its participants that states that the operator has designed or structured the system’s policies and procedures for identifying and blocking or otherwise preventing or prohibiting restricted transactions to comply with the requirements of this part as conclusive evidence that the system’s policies and procedures comply with the requirements of this part, unless the participant is notified otherwise by its Federal functional regulator or, in the case of participants that are not directly supervised by a Federal functional regulator, the Federal Trade Commission. (d) As provided in the Act, a person that identifies and blocks a transaction, prevents or prohibits the acceptance of its products or services in connection with a transaction, or otherwise refuses to honor a transaction, shall not be liable to any party for such action if— (1) The transaction is a restricted transaction; (2) Such person reasonably believes the transaction to be a restricted transaction; or (3) The person is a participant in a designated payment system and blocks VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 or otherwise prevents the transaction in reliance on the policies and procedures of the designated payment system in an effort to comply with this regulation. (e) Nothing in this part requires or is intended to suggest that designated payment systems or participants therein must or should block or otherwise prevent or prohibit any transaction in connection with any activity that is excluded from the definition of ‘‘unlawful Internet gambling’’ in the Act as an intrastate transaction, an intratribal transaction, or a transaction in connection with any activity that is allowed under the Interstate Horseracing Act of 1978 (15 U.S.C. 3001 et seq.; see § ll .1(a)). (f) Nothing in this part modifies any requirement imposed on a participant by other applicable law or regulation to file a suspicious activity report to the appropriate authorities. (g) The requirement of this part to establish and implement written policies and procedures applies only to the U.S. offices of participants in designated payment systems. § ll .6 Non-exclusive examples of policies and procedures. (a) In general. The examples of policies and procedures to identify and block or otherwise prevent or prohibit restricted transactions set out in this section are non-exclusive. In establishing and implementing written policies and procedures to identify and block or otherwise prevent or prohibit restricted transactions, a non-exempt participant in a designated payment system is permitted to design and implement policies and procedures tailored to its business that may be different than the examples provided in this section. In addition, non-exempt participants may use different policies and procedures with respect to different business lines or different parts of the organization. (b) Due diligence. If a non-exempt participant in a designated payment system establishes and implements procedures for due diligence of its commercial customer accounts or commercial customer relationships in order to comply, in whole or in part, with the requirements of this regulation, those due diligence procedures will be deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions if the procedures include the steps set out in paragraphs (b)(1), (b)(2), and (b)(3) of this section and subject to paragraph (b)(4) of this section. (1) At the establishment of the account or relationship, the participant conducts due diligence of a commercial PO 00000 Frm 00029 Fmt 4701 Sfmt 4700 69409 customer and its activities commensurate with the participant’s judgment of the risk of restricted transactions presented by the customer’s business. (2) Based on its due diligence, the participant makes a determination regarding the risk the commercial customer presents of engaging in an Internet gambling business and follows either paragraph (b)(2)(i) or (b)(2)(ii) of this section. (i) The participant determines that the commercial customer presents a minimal risk of engaging in an Internet gambling business. (ii) The participant cannot determine that the commercial customer presents a minimal risk of engaging in an Internet gambling business, in which case it obtains the documentation in either paragraph (b)(2)(ii)(A) or (b)(2)(ii)(B) of this section— (A) Certification from the commercial customer that it does not engage in an Internet gambling business; or (B) If the commercial customer does engage in an Internet gambling business, each of the following— (1) Evidence of legal authority to engage in the Internet gambling business, such as— (i) A copy of the commercial customer’s license that expressly authorizes the customer to engage in the Internet gambling business issued by the appropriate State or Tribal authority or, if the commercial customer does not have such a license, a reasoned legal opinion that demonstrates that the commercial customer’s Internet gambling business does not involve restricted transactions; and (ii) A written commitment by the commercial customer to notify the participant of any changes in its legal authority to engage in its Internet gambling business. (2) A third-party certification that the commercial customer’s systems for engaging in the Internet gambling business are reasonably designed to ensure that the commercial customer’s Internet gambling business will remain within the licensed or otherwise lawful limits, including with respect to age and location verification. (3) The participant notifies all of its commercial customers, through provisions in the account or commercial customer relationship agreement or otherwise, that restricted transactions are prohibited from being processed through the account or relationship. (4) With respect to the determination in paragraph (b)(2)(i) of this section, participants may deem the following commercial customers to present a E:\FR\FM\18NOR3.SGM 18NOR3 mstockstill on PROD1PC66 with RULES3 69410 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations minimal risk of engaging in an Internet gambling business— (i) An entity that is directly supervised by a Federal functional regulator as set out in § ll .7(a); or (ii) An agency, department, or division of the Federal government or a State government. (c) Automated clearing house system examples. (1) The policies and procedures of the originating depository financial institution and any third party processor in an ACH debit transaction, and the receiving depository financial institution and any third party processor in an ACH credit transaction, are deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions if they— (i) Address methods to conduct due diligence in establishing a commercial customer account or relationship as set out in § ll .6(b); (ii) Address methods to conduct due diligence as set out in § ll .6(b)(2)(ii)(B) in the event that the participant has actual knowledge that an existing commercial customer of the participant engages in an Internet gambling business; and (iii) Include procedures to be followed with respect to a commercial customer if the originating depository financial institution or third-party processor has actual knowledge that its commercial customer has originated restricted transactions as ACH debit transactions or if the receiving depository financial institution or third-party processor has actual knowledge that its commercial customer has received restricted transactions as ACH credit transactions, such as procedures that address— (A) The circumstances under which the commercial customer should not be allowed to originate ACH debit transactions or receive ACH credit transactions; and (B) The circumstances under which the account should be closed. (2) The policies and procedures of a receiving gateway operator and thirdparty processor that receives instructions to originate an ACH debit transaction directly from a foreign sender are deemed to be reasonably designed to prevent or prohibit restricted transactions if they include procedures to be followed with respect to a foreign sender if the receiving gateway operator or third-party processor has actual knowledge, obtained through notification by a government entity, such as law enforcement or a regulatory agency, that such instructions included instructions for restricted transactions. Such VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 procedures may address sending notification to the foreign sender, such as in the form of the notice contained in appendix A to this part. (d) Card system examples. The policies and procedures of a card system operator, a merchant acquirer, thirdparty processor, or a card issuer, are deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions, if the policies and procedures— (1) Provide for either— (i) Methods to conduct due diligence— (A) In establishing a commercial customer account or relationship as set out in § ll .6(b); and (B) As set out in § ll .6(b)(2)(ii)(B) in the event that the participant has actual knowledge that an existing commercial customer of the participant engages in an Internet gambling business; or (ii) Implementation of a code system, such as transaction codes and merchant/ business category codes, that are required to accompany the authorization request for a transaction, including— (A) The operational functionality to enable the card system operator or the card issuer to reasonably identify and deny authorization for a transaction that the coding procedure indicates may be a restricted transaction; and (B) Procedures for ongoing monitoring or testing by the card system operator to detect potential restricted transactions, including— (1) Conducting testing to ascertain whether transaction authorization requests are coded correctly; and (2) Monitoring and analyzing payment patterns to detect suspicious payment volumes from a merchant customer; and (2) For the card system operator, merchant acquirer, or third-party processor, include procedures to be followed when the participant has actual knowledge that a merchant has received restricted transactions through the card system, such as— (i) The circumstances under which the access to the card system for the merchant, merchant acquirer, or thirdparty processor should be denied; and (ii) The circumstances under which the merchant account should be closed. (e) Check collection system examples. (1) The policies and procedures of a depositary bank are deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions, if they— (i) Address methods for the depositary bank to conduct due diligence in establishing a commercial customer account or relationship as set out in § ll .6(b); PO 00000 Frm 00030 Fmt 4701 Sfmt 4700 (ii) Address methods for the depositary bank to conduct due diligence as set out in § ll .6(b)(2)(ii)(B) in the event that the depositary bank has actual knowledge that an existing commercial customer engages in an Internet gambling business; and (iii) Include procedures to be followed if the depositary bank has actual knowledge that a commercial customer of the depositary bank has deposited checks that are restricted transactions, such as procedures that address— (A) The circumstances under which check collection services for the customer should be denied; and (B) The circumstances under which the account should be closed. (2) The policies and procedures of a depositary bank that receives checks for collection from a foreign banking office are deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions if they include procedures to be followed by the depositary bank when it has actual knowledge, obtained through notification by a government entity, such as law enforcement or a regulatory agency, that a foreign banking office has sent checks to the depositary bank that are restricted transactions. Such procedures may address sending notification to the foreign banking office, such as in the form of the notice contained in the appendix to this part. (f) Money transmitting business examples. The policies and procedures of an operator of a money transmitting business are deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions if they— (1) Address methods for the operator to conduct due diligence in establishing a commercial customer relationship as set out in § ll .6(b); (2) Address methods for the operator to conduct due diligence as set out in § ll .6(b)(2)(ii)(B) in the event that the operator has actual knowledge that an existing commercial customer engages in an Internet gambling business; (3) Include procedures regarding ongoing monitoring or testing by the operator to detect potential restricted transactions, such as monitoring and analyzing payment patterns to detect suspicious payment volumes to any recipient; and (4) Include procedures when the operator has actual knowledge that a commercial customer of the operator has received restricted transactions through the money transmitting business, that address— (i) The circumstances under which money transmitting services should be E:\FR\FM\18NOR3.SGM 18NOR3 Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / Rules and Regulations mstockstill on PROD1PC66 with RULES3 denied to that commercial customer; and (ii) The circumstances under which the commercial customer account should be closed. (g) Wire transfer system examples. The policies and procedures of the beneficiary’s bank in a wire transfer are deemed to be reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions if they— (1) Address methods for the beneficiary’s bank to conduct due diligence in establishing a commercial customer account as set out in § ll .6(b); (2) Address methods for the beneficiary’s bank to conduct due diligence as set out in § ll .6(b)(2)(ii)(B) in the event that the beneficiary’s bank has actual knowledge that an existing commercial customer of the bank engages in an Internet gambling business; (3) Include procedures to be followed if the beneficiary’s bank obtains actual knowledge that a commercial customer of the bank has received restricted transactions through the wire transfer system, such as procedures that address (i) The circumstances under which the beneficiary bank should deny wire transfer services to the commercial customer; and VerDate Aug<31>2005 17:00 Nov 17, 2008 Jkt 217001 (ii) The circumstances under which the commercial customer account should be closed. § ll .7 Regulatory enforcement. The requirements under this part are subject to the exclusive regulatory enforcement of— (a) The Federal functional regulators, with respect to the designated payment systems and participants therein that are subject to the respective jurisdiction of such regulators under section 505(a) of the Gramm-Leach-Bliley Act (15 U.S.C. 6805(a)) and section 5g of the Commodity Exchange Act (7 U.S.C. 7b– 2); and (b) The Federal Trade Commission, with respect to designated payment systems and participants therein not otherwise subject to the jurisdiction of any Federal functional regulators (including the Commission) as described in paragraph (a) of this section. Appendix A to Part ll—Model Notice [Date] [Name of foreign sender or foreign banking office] [Address] Re: U.S. Unlawful Internet Gambling Enforcement Act Notice Dear [Name of foreign counterparty]: On [date], U.S. government officials informed us that your institution processed PO 00000 Frm 00031 Fmt 4701 Sfmt 4700 69411 payments through our facilities for Internet gambling transactions restricted by U.S. law on [dates, recipients, and other relevant information if available]. We provide this notice to comply with U.S. Government regulations implementing the Unlawful Internet Gambling Enforcement Act of 2006 (Act), a U.S. federal law. Our policies and procedures established in accordance with those regulations provide that we will notify a foreign counterparty if we learn that the counterparty has processed payments through our facilities for Internet gambling transactions restricted by the Act. This notice ensures that you are aware that we have received information that your institution has processed payments for Internet gambling restricted by the Act. The Act is codified in subchapter IV, chapter 53, title 31 of the U.S. Code (31 U.S.C. 5361 et seq.). Implementing regulations that duplicate one another can be found at part 233 of title 12 of the U.S. Code of Federal Regulations (12 CFR part 233) and part 132 of title 31 of the U.S. Code of Federal Regulations (31 CFR part 132). By order of the Board of Governors of the Federal Reserve System, November 12, 2008. Robert deV. Frierson, Deputy Secretary of the Board. Dated: November 10, 2008. By the Department of the Treasury. Taiya Smith, Executive Secretary. [FR Doc. E8–27181 Filed 11–12–08; 4:15 pm] BILLING CODE 6210–01–P; 4810–25–P E:\FR\FM\18NOR3.SGM 18NOR3

Agencies

[Federal Register Volume 73, Number 223 (Tuesday, November 18, 2008)]
[Rules and Regulations]
[Pages 69382-69411]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-27181]



[[Page 68501]]

-----------------------------------------------------------------------

Part II





Department of Health and Human Services





-----------------------------------------------------------------------



Centers for Medicare & Medicaid Services



-----------------------------------------------------------------------



42 CFR Parts 410, 416, and 419



Medicare Program: Changes to the Hospital Outpatient Prospective 
Payment System and CY 2009 Payment Rates; Changes to the Ambulatory 
Surgical Center Payment System and CY 2009 Payment Rates; Hospital 
Conditions of Participation: Requirements for Approval and Re-Approval 
of Transplant Centers To Perform Organ Transplants--Clarification of 
Provider and Supplier Termination Policy Medicare and Medicaid 
Programs: Changes to the Ambulatory Surgical Center Conditions for 
Coverage; Final Rule

Federal Register / Vol. 73, No. 223 / Tuesday, November 18, 2008 / 
Rules and Regulations

[[Page 68502]]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Centers for Medicare & Medicaid Services

42 CFR Parts 410, 416, and 419

[CMS-1404-FC; CMS-3887-F; CMS-3835-F-1]
RIN 0938-AP17; RIN 0938-AL80; RIN 0938-AH17


Medicare Program: Changes to the Hospital Outpatient Prospective 
Payment System and CY 2009 Payment Rates; Changes to the Ambulatory 
Surgical Center Payment System and CY 2009 Payment Rates; Hospital 
Conditions of Participation: Requirements for Approval and Re-Approval 
of Transplant Centers To Perform Organ Transplants--Clarification of 
Provider and Supplier Termination Policy Medicare and Medicaid 
Programs: Changes to the Ambulatory Surgical Center Conditions for 
Coverage

AGENCY: Centers for Medicare & Medicaid Services (CMS), HHS.

ACTION: Final rule with comment period; final rules.

-----------------------------------------------------------------------

SUMMARY: This final rule with comment period revises the Medicare 
hospital outpatient prospective payment system to implement applicable 
statutory requirements and changes arising from our continuing 
experience with this system, and to implement a number of changes made 
by the Medicare Improvement for Patients and Providers Act of 2008. In 
this final rule with comment period, we describe the changes to the 
amounts and factors used to determine the payment rates for Medicare 
hospital outpatient services paid under the prospective payment system. 
These changes are applicable to services furnished on or after January 
1, 2009.
    In addition, this final rule with comment period updates the 
revised Medicare ambulatory surgical center (ASC) payment system to 
implement applicable statutory requirements and changes arising from 
our continuing experience with this system. In this final rule with 
comment period, we set forth the applicable relative payment weights 
and amounts for services furnished in ASCs, specific HCPCS codes to 
which these changes apply, and other pertinent ratesetting information 
for the CY 2009 ASC payment system. These changes are applicable to 
services furnished on or after January 1, 2009.
    In this document, we are responding to public comments on a 
proposed rule and finalizing updates to the ASC Conditions for Coverage 
to reflect current ASC practices and new requirements in the conditions 
to promote and protect patient health and safety.
    Further, this final rule also clarifies policy statements included 
in responses to public comments set forth in the preamble of the March 
30, 2007 final rule regarding the Secretary's ability to terminate 
Medicare providers and suppliers (that is, transplant centers) during 
an appeal of a determination that affects participation in the Medicare 
program.

DATES: Effective Dates: The provisions of this rule are effective 
January 1, 2009, except for amendments to 42 CFR 416.2, 416.41 through 
416.43, and 416.49 through 416.52 are effective on May 18, 2009. The 
policy clarification set forth in section XVIII of the preamble of this 
rule is effective December 18, 2008.
    Comment Period: We will consider comments on the payment 
classifications assigned to HCPCS codes identified in Addenda B, AA, 
and BB to this final rule with comment period with the ``NI'' comment 
indicator, and on other areas specified throughout this rule, received 
at one of the addresses provided in the ADDRESSES section, no later 
than 5 p.m. EST on December 29, 2008.
    Application Deadline--New Class of New Technology Intraocular 
Lenses: Request for review of applications for a new class of new 
technology intraocular lenses must be received by 5 p.m. EST on March 
2, 2009.

ADDRESSES: In commenting, please refer to file code CMS-1404-FC. 
Because of staff and resource limitations, we cannot accept comments by 
facsimile (FAX) transmission.
    You may submit comments in one of four ways (no duplicates, 
please):
    1. Electronically. You may submit electronic comments on this 
regulation to http://www.regulations.gov. Follow the instructions for 
``Comment or Submission'' and enter the file code to find the document 
accepting comments.
    2. By regular mail. You may mail written comments (one original and 
two copies) to the following address ONLY: Centers for Medicare & 
Medicaid Services, Department of Health and Human Services, Attention: 
CMS-1404-FC, P.O. Box 8013, Baltimore, MD 21244-1850.
    Please allow sufficient time for mailed comments to be received 
before the close of the comment period.
    3. By express or overnight mail. You may send written comments (one 
original and two copies) to the following address ONLY: Centers for 
Medicare & Medicaid Services, Department of Health and Human Services, 
Attention: CMS-1404-FC, Mail Stop C4-26-05, 7500 Security Boulevard, 
Baltimore, MD 21244-1850.
    4. By hand or courier. If you prefer, you may deliver (by hand or 
courier) your written comments (one original and two copies) before the 
close of the comment period to one of the following addresses:
    a. Room 445-G, Hubert H. Humphrey Building, 200 Independence 
Avenue, SW., Washington, DC 20201.
    (Because access to the interior of the HHH Building is not readily 
available to persons without Federal Government identification, 
commenters are encouraged to leave their comments in the CMS drop slots 
located in the main lobby of the building. A stamp-in clock is 
available for persons wishing to retain a proof of filing by stamping 
in and retaining an extra copy of the comments being filed.)
    b. 7500 Security Boulevard, Baltimore, MD 21244-1850.
    If you intend to deliver your comments to the Baltimore address, 
please call the telephone number (410) 786-9994 in advance to schedule 
your arrival with one of our staff members.
    Comments mailed to the addresses indicated as appropriate for hand 
or courier delivery may be delayed and received after the comment 
period.
    For information on viewing public comments, see the beginning of 
the SUPPLEMENTARY INFORMATION section.
    Applications for a new class of new technology intraocular lenses: 
Requests for review of applications for a new class of new technology 
intraocular lenses must be sent by regular mail to: ASC/NTIOL, Division 
of Outpatient Care, Mailstop C4-05-17, Centers for Medicare & Medicaid 
Services, 7500 Security Boulevard, Baltimore, MD 21244-1850.

FOR FURTHER INFORMATION CONTACT: Alberta Dwivedi, (410) 786-0378, 
Hospital outpatient prospective payment issues.
    Dana Burley, (410) 786-0378, Ambulatory surgical center issues.
    Suzanne Asplen, (410) 786-4558, Partial hospitalization and 
community mental health center issues.
    Sheila Blackstock, (410) 786-3502, Reporting of quality data 
issues.
    Jacqueline Morgan, (410) 786-4282, Joan A. Moliki, (410) 786-5526, 
Steve Miller, (410) 786-6656, and Jeannie Miller, (410) 786-3164, 
Ambulatory

[[Page 68503]]

surgical center Conditions for Coverage issues.
    Marcia Newton, (410) 786-5265, and Karen Tritz, (410) 786-8021, 
Clarification of provider and supplier termination policy issues.

SUPPLEMENTARY INFORMATION:
    Inspection of Public Comments: All comments received before the 
close of the comment period are available for viewing by the public, 
including any personally identifiable or confidential business 
information that is included in a comment. We post all comments 
received before the close of the comment period on the following Web 
site as soon as possible after they have been received: http://
www.regulations.gov. Follow the search instructions on that Web site to 
view public comments.
    Comments received timely will also be available for public 
inspection as they are received, generally beginning approximately 3 
weeks after publication of a document, at the headquarters of the 
Centers for Medicare & Medicaid Services, 7500 Security Boulevard, 
Baltimore, MD 21244, on Monday through Friday of each week from 8:30 
a.m. to 4 p.m. EST. To schedule an appointment to view public comments, 
phone 1-800-743-3951.

Electronic Access

    This Federal Register document is also available from the Federal 
Register online database through GPO Access, a service of the U.S. 
Government Printing Office. Free public access is available on a Wide 
Area Information Server (WAIS) through the Internet and via 
asynchronous dial-in. Internet users can access the database by using 
the World Wide Web; the Superintendent of Documents' home page address 
is http://www.gpoaccess.gov/index.html, by using local WAIS client 
software, or by telnet to swais.access.gpo.gov, then login as guest (no 
password required). Dial-in users should use communications software 
and modem to call (202) 512-1661; type swais, then login as guest (no 
password required).

Alphabetical List of Acronyms Appearing in This Final Rule With Comment 
Period

AAAASF American Association for Accreditation of Ambulatory Surgical 
Facilities
AAAHC Accreditation Association for Ambulatory Health Care
ACEP American College of Emergency Physicians
AHA American Hospital Association
AHIMA American Health Information Management Association
AMA American Medical Association
AMP Average manufacturer price
AOA American Osteopathic Association
APC Ambulatory payment classification
ASC Ambulatory Surgical Center
ASP Average sales price
AWP Average wholesale price
BBA Balanced Budget Act of 1997, Public Law 105-33
BBRA Medicare, Medicaid, and SCHIP [State Children's Health 
Insurance Program] Balanced Budget Refinement Act of 1999, Public 
Law 106-113
BCA Blue Cross Association
BCBSA Blue Cross and Blue Shield Association
BIPA Medicare, Medicaid, and SCHIP Benefits Improvement and 
Protection Act of 2000, Public Law 106-554
CAH Critical access hospital
CAP Competitive Acquisition Program
CBSA Core-Based Statistical Area
CCR Cost-to-charge ratio
CERT Comprehensive Error Rate Testing
CfC Condition for Coverage
CMHC Community mental health center
CMS Centers for Medicare & Medicaid Services
CoP Condition of participation
CORF Comprehensive outpatient rehabilitation facility
CPT [Physicians'] Current Procedural Terminology, Fourth Edition, 
2007, copyrighted by the American Medical Association
CRNA Certified registered nurse anesthetist
CY Calendar year
DMEPOS Durable medical equipment, prosthetics, orthotics, and 
supplies
DMERC Durable medical equipment regional carrier
DRA Deficit Reduction Act of 2005, Public Law 109-171
DSH Disproportionate share hospital
EACH Essential Access Community Hospital
E/M Evaluation and management
EPO Erythropoietin
ESRD End-stage renal disease
FACA Federal Advisory Committee Act, Public Law 92-463
FAR Federal Acquisition Regulations
FDA Food and Drug Administration
FFS Fee-for-service
FSS Federal Supply Schedule
FTE Full-time equivalent
FY Federal fiscal year
GAO Government Accountability Office
GME Graduate medical education
HCPCS Healthcare Common Procedure Coding System
HCRIS Hospital Cost Report Information System
HHA Home health agency
HIPAA Health Insurance Portability and Accountability Act of 1996, 
Public Law 104-191
HOPD Hospital outpatient department
HOP QDRP Hospital Outpatient Quality Data Reporting Program
ICD-9-CM International Classification of Diseases, Ninth Edition, 
Clinical Modification
IDE Investigational device exemption
IME Indirect medical education
I/OCE Integrated Outpatient Code Editor
IOL Intraocular lens
IPPE Initial preventive physical examination
IPPS [Hospital] Inpatient prospective payment system
IVIG Intravenous immune globulin
MAC Medicare Administrative Contractors
MedPAC Medicare Payment Advisory Commission
MDH Medicare-dependent, small rural hospital
MIEA-TRHCA Medicare Improvements and Extension Act under Division B, 
Title I of the Tax Relief Health Care Act of 2006, Public Law 109-
432
MIPPA Medicare Improvements for Patients and Providers Act of 2008, 
Public Law 110-275
MMA Medicare Prescription Drug, Improvement, and Modernization Act 
of 2003, Public Law 108-173
MMSEA Medicare, Medicaid, and SCHIP Extension Act of 2007, Public 
Law 110-173
MPFS Medicare Physician Fee Schedule
MSA Metropolitan Statistical Area
NCCI National Correct Coding Initiative
NCD National Coverage Determination
NTIOL New technology intraocular lens
OIG [HHS] Office of the Inspector General
OMB Office of Management and Budget
OPD [Hospital] Outpatient department
OPPS [Hospital] Outpatient prospective payment system
PHP Partial hospitalization program
PM Program memorandum
PPI Producer Price Index
PPS Prospective payment system
PPV Pneumococcal pneumonia vaccine
PRA Paperwork Reduction Act
QAPI Quality Assessment and Performance Improvement
QIO Quality Improvement Organization
RFA Regulatory Flexibility Act
RHQDAPU Reporting Hospital Quality Data for Annual Payment Update 
[Program]
RHHI Regional home health intermediary
SBA Small Business Administration
SCH Sole community hospital
SDP Single Drug Pricer
SI Status indicator
TEFRA Tax Equity and Fiscal Responsibility Act of 1982, Public Law 
97-248
TOPS Transitional outpatient payments
USPDI United States Pharmacopoeia Drug Information
WAC Wholesale acquisition cost

    In this document, we address two payment systems under the Medicare 
program: The hospital outpatient prospective payment system (OPPS) and 
the revised ambulatory surgical center (ASC) payment system. The 
provisions relating to the OPPS are included in sections I. through 
XIV., XVI., XVII., and XIX. through XXIII. of this final rule with 
comment period and in Addenda A, B, C (Addendum C is available on the 
Internet only; we refer readers to section XIX. of this final rule with 
comment period), D1, D2, E, L, and M to this final rule with comment 
period. The provisions related to the revised ASC payment system are 
included in sections XV. and XIX. through XXIII. of this final rule 
with comment period and in Addenda AA, BB, DD1, DD2, and EE

[[Page 68504]]

to this final rule with comment period. (Addendum EE is available on 
the Internet only; we refer readers to section XIX. of this final rule 
with comment period.)
    In this document, we also address changes to the ASC Conditions for 
Coverage (CfCs). The provisions relating to the ASC CfCs are included 
in sections XV., XIX., XX.B., and XXIII. of this document. In addition, 
in this document, we clarify policy regarding the Secretary's ability 
to terminate Medicare providers and suppliers (in this case, transplant 
centers) during an appeal of a determination that affects participation 
in the Medicare Program. This clarification is included in section 
XVIII. of this document.

Table of Contents

I. Background for the OPPS
    A. Legislative and Regulatory Authority for the Hospital 
Outpatient Prospective Payment System
    B. Excluded OPPS Services and Hospitals
    C. Prior Rulemaking
    D. APC Advisory Panel
    1. Authority of the APC Panel
    2. Establishment of the APC Panel
    3. APC Panel Meetings and Organizational Structure
    E. Provisions of the Medicare, Medicaid, and SCHIP Extension Act 
of 2007
    1. Increase in Physician Payment Update
    2. Extended Expiration Date for Cost-Based OPPS Payment for 
Brachytherapy Sources and Therapeutic Radiopharmaceuticals
    3. Alternative Volume Weighting in Computation of Average Sales 
Price (ASP) for Medicare Part B Drugs
    4. Extended Expiration Date for Certain IPPS Wage Index 
Geographic Reclassification and Special Exceptions
    F. Provisions of the Medicare Improvements for Patients and 
Providers Act of 2008
    1. Improvements to Coverage of Preventive Services
    2. Extended Expiration Date for Certain IPPS Wage Index 
Geographic Reclassifications and Special Exceptions
    3. Increase in Physician Payment Update
    4. Extension of Expiration Date for Cost-Based OPPS Payment for 
Brachytherapy and Therapeutic Radiopharmaceuticals
    5. Extension and Expansion of the Medicare Hold Harmless 
Provision Under the OPPS for Certain Hospitals
    G. Summary of the Major Contents of the CY 2009 OPPS/ASC 
Proposed Rule
    1. Updates Affecting OPPS Payments
    2. OPPS Ambulatory Payment Classification (APC) Group Policies
    3. OPPS Payment for Devices
    4. OPPS Payment for Drugs, Biologicals, and Radiopharmaceuticals
    5. Estimate of OPPS Transitional Pass-Through Spending for 
Drugs, Biologicals, Radiopharmaceuticals, and Devices
    6. OPPS Payment for Brachytherapy Sources
    7. OPPS Payment for Drug Administration Services
    8. OPPS Payment for Hospital Outpatient Visits
    9. Payment for Partial Hospitalization Services
    10. Procedures That Will Be Paid Only as Inpatient Services
    11. OPPS Nonrecurring Technical and Policy Clarifications
    12. OPPS Payment Status and Comment Indicators
    13. OPPS Policy and Payment Recommendations
    14. Update of the Revised Ambulatory Surgical Center (ASC) 
Payment System
    15. Reporting Quality Data for Annual Payment Rate Updates
    16. Healthcare-Associated Conditions
    17. Regulatory Impact Analysis
    H. Public Comments Received in Response to the CY 2009 OPPS/ASC 
Proposed Rule
    I. Public Comments Received in Response to the November 27, 2007 
OPPS/ASC Final Rule With Comment Period
    J. Proposed Rule on ASC Conditions for Coverage
    K. Medicare Hospital Conditions of Participation: Requirements 
for Approval and Re-Approval of Transplant Programs To Perform 
Transplants--Clarification of Provider and Supplier Termination 
Policy
II. Updates Affecting OPPS Payments
    A. Recalibration of APC Relative Weights
    1. Database Construction
    a. Database Source and Methodology
    b. Use of Single and Multiple Procedure Claims
    c. Calculation of CCRs
    (1) Development of the CCRs
    (2) Charge Compression
    2. Calculation of Median Costs
    a. Claims Preparations
    b. Splitting Claims and Creation of ``Pseudo'' Single Claims
    (1) Splitting Claims
    (2) Creation of ``Pseudo'' Single Claims
    c. Completion of Claim Records and Median Cost Calculations
    d. Calculation of Single Procedure APC Criteria-Based Median 
Costs
    (1) Device-Dependent APCs
    (2) Blood and Blood Products
    (3) Single Allergy Tests
    (4) Echocardiography Services
    (5) Nuclear Medicine Services
    (6) Hyperbaric Oxygen Therapy
    (7) Payment for Ancillary Outpatient Services When Patient 
Expires (-CA Modifier)
    e. Calculation of Composite APC Criteria-Based Median Costs
    (1) Extended Assessment and Management Composite APCs (APCs 8002 
and 8003)
    (2) Low Dose Rate (LDR) Prostate Brachytherapy Composite APC 
(APC 8001)
    (3) Cardiac Electrophysiologic Evaluation and Ablation Composite 
APC (APC 8000)
    (4) Mental Health Services Composite APC (APC 0034)
    (5) Multiple Imaging Composite APCs (APCs 8004, 8005, 8006, 
8007, and 8008)
    3. Calculation of OPPS Scaled Payment Weights
    4. Changes to Packaged Services
    a. Background
    b. Service-Specific Packaging Issues
    (1) Package Services Addressed by APC Panel Recommendations
    (2) Intravenous Immune Globulin (IVIG) Preadministration-Related 
Services
    (3) Other Service-Specific Packaging Issues
    B. Conversion Factor Update
    C. Wage Index Changes
    D. Statewide Average Default CCRs
    E. OPPS Payments to Certain Rural and Other Hospitals
    1. Hold Harmless Transitional Payment Changes Made by Public Law 
110-275 (MIPPA)
    2. Adjustment for Rural SCHs Implemented in CY 2006 Related to 
Public Law 108-173 (MMA)
    F. Hospital Outpatient Outlier Payments
    1. Background
    2. Outlier Calculation
    3. Outlier Reconciliation
    G. Calculation of an Adjusted Medicare Payment from the National 
Unadjusted Medicare Payment
    H. Beneficiary Copayments
    1. Background
    2. Copayment Policy
    3. Calculation of an Adjusted Copayment Amount for an APC Group
III. OPPS Ambulatory Payment Classification (APC) Group Policies
    A. OPPS Treatment of New HCPCS and CPT Codes
    1. Treatment of New HCPCS Codes Included in the April and July 
Quarterly OPPS Updates for CY 2008
    2. Treatment of New Category I and III CPT Codes and Level II 
HCPCS Codes
    B. OPPS Changes--Variations Within APCs
    1. Background
    2. Application of the 2 Times Rule
    3. Exceptions to the 2 Times Rule
    C. New Technology APCs
    1. Background
    2. Movement of Procedures from New Technology APCs to Clinical 
APCs
    D. OPPS APC-Specific Policies
    1. Apheresis and Stem Cell Processing Services
    a. Low Density Lipoprotein (LDL) Apheresis (APC 0112)
    b. Bone Marrow and Stem Cell Processing Services (APC 0393)
    2. Genitourinary Procedures
    a. Implant Injection for Vesicoureteral Reflex (APC 0163)
    b. Laparoscopic Ablation of Renal Mass (APC 0132)
    c. Percutaneous Renal Cryoablation (APC 0423)
    d. Magnetic Resonance Guided Focused Ultrasound (MRgFus) 
Ablation of Uterine Fibroids (APC 0067)
    e. Prostatic Thermotherapy (APC 0429)
    3. Nervous System Procedures
    a. Magnetoencephalography (MEG) (APC 0067)
    b. Chemodenervation (APC 0204)
    4. Ocular Procedures
    a. Suprachoroidal Delivery of Pharmacologic Agent (APC 0237)
    b. Scanning Opthalmic Imaging (APC 0230)
    5. Orthopedic Procedures
    a. Closed Treatment Fracture of Finger/Toe/Trunk (APCs 0129, 
0138, and 0139)

[[Page 68505]]

    b. Arthroscopic and Other Orthopedic Procedures (APCs 0041 and 
0042)
    c. Surgical Wrist Procedures (APCs 0053 and 0054)
    d. Intercarpal or Carpometacarpal Arthroplasty (APC 0047)
    e. Insertion of Posterior Spinous Process Distraction Device 
(APC 0052)
    6. Radiation Therapy Services
    a. Proton Beam Therapy (APCs 0664 and 0667)
    b. Implantation of Interstitial Devices (APC 0310)
    c. Stereotactic Radiosurgery (SRS) Treatment Delivery Services 
(APCs 0065, 0066, and 0067)
    7. Other Procedures and Services
    a. Negative Pressure Wound Therapy (APC 0013)
    b. Endovenous Ablation (APCs 0091 and 0092)
    c. Unlisted Antigen Skin Testing (APC 0341)
    d. Home International Normalized Ratio (INR) Monitoring (APC 
0607)
    e. Mental Health Services (APCs 0322, 0323, 0324, and 0325)
    f. Trauma Response Associated With Hospital Critical Care 
Services (APC 0618)
IV. OPPS Payment for Devices
    A. Pass-Through Payments for Devices
    1. Expiration of Transitional Pass-Through Payments for Certain 
Devices
    a. Background
    b. Final Policy
    2. Provisions for Reducing Transitional Pass-Through Payments To 
Offset Costs Packaged Into APC Groups
    a. Background
    b. Final Policy
    B. Adjustment to OPPS Payments for No Cost/Full Credit and 
Partial Credit Devices
    1. Background
    2. APCs and Devices Subject to the Adjustment Policy
V. OPPS Payment Changes for Drugs, Biologicals, and 
Radiopharmaceuticals
    A. OPPS Transitional Pass-Through Payment for Additional Costs 
of Drugs, Biologicals, and Radiopharmaceuticals
    1. Background
    2. Drugs and Biologicals With Expiring Pass-Through Status in CY 
2008
    3. Drugs, Biologicals, and Radiopharmaceuticals With New or 
Continuing Pass-Through Status in CY 2009
    4. Reduction of Transitional Pass-Through Payments for 
Diagnostic Radiopharmaceuticals To Offset Costs Packaged Into APC 
Groups
    B. OPPS Payment for Drugs, Biologicals, and Radiopharmaceuticals 
Without Pass-Through Status
    1. Background
    2. Criteria for Packaging Drugs, Biologicals, and 
Radiopharmaceuticals
    a. Background
    b. Drugs, Biologicals, and Therapeutic Radiopharmaceuticals
    c. Payment for Diagnostic Radiopharmaceuticals and Contrast 
Agents
    3. Payment for Drugs and Biologicals Without Pass-Through Status 
That Are Not Packaged
    a. Payment for Specified Covered Outpatient Drugs
    b. Payment Policy
    c. Payment for Blood Clotting Factors
    4. Payment for Therapeutic Radiopharmaceuticals
    a. Background
    b. Payment Policy
    5. Payment for Nonpass-Through Drugs, Biologicals, and 
Radiopharmaceuticals With HCPCS Codes, but Without OPPS Hospital 
Claims Data
VI. Estimate of OPPS Transitional Pass-Through Spending for Drugs, 
Biologicals, Radiopharmaceuticals, and Devices
    A. Background
    B. Estimate of Pass-Through Spending
VII. OPPS Payment for Brachytherapy Sources
    A. Background
    B. OPPS Payment Policy
VIII. OPPS Payment for Drug Administration Services
    A. Background
    B. Coding and Payment for Drug Administration Services
IX. OPPS Payment for Hospital Outpatient Visits
    A. Background
    B. Policies for Hospital Outpatient Visits
    1. Clinic Visits: New and Established Patient Visits
    2. Emergency Department Visits
    3. Visit Reporting Guidelines
X. Payment for Partial Hospitalization Services
    A. Background
    B. PHP APC Update
    C. Policy Changes
    1. Policy to Deny Payment for Low Intensity Days
    2. Policy to Strengthen PHP Patient Eligibility
    3. Partial Hospitalization Coding Update
    D. Separate Threshold for Outlier Payments to CMHCs
XI. Procedures That Will Be Paid Only as Inpatient Procedures
    A. Background
    B. Changes to the Inpatient List
XII. OPPS Nonrecurring Technical and Policy Changes and 
Clarifications
    A. Physician Supervision of HOPD Services
    B. Reporting of Pathology Services for Prostrate Saturation 
Biopsy
    C. Changes to the Initial Preventive Physical Examination (IPPE)
    D. Reporting of Wound Care Services
    E. Standardized Cognitive Performance Testing
XIII. OPPS Payment Status and Comment Indicators
    A. OPPS Payment Status Indicator Definitions
    1. Payment Status Indicators To Designate Services That Are Paid 
Under the OPPS
    2. Payment Status Indicators To Designate Services That Are Paid 
Under a Payment System Other Than the OPPS
    3. Payment Status Indicators To Designate Services That Are Not 
Recognized Under the OPPS but That May Be Recognized by Other 
Institutional Providers
    4. Payment Status Indicators To Designate Services That Are Not 
Payable by Medicare on Outpatient Claims
    B. Comment Indicator Definitions
XIV. OPPS Policy and Payment Recommendations
    A. Medicare Payment Advisory Commission (MedPAC) Recommendations
    1. March 2008 Report
    2. June 2007 Report
    B. APC Panel Recommendations
    C. OIG Recommendations
XV. Ambulatory Surgical Centers: Updates and Revisions to the 
Ambulatory Surgical Center Conditions for Coverage and Updates to 
the Revised Ambulatory Surgical Center Payment System
    A. Legislative and Regulatory Authority for the ASC Conditions 
for Coverage
    B. Updates and Revisions to the ASC Conditions for Coverage
    1. Background
    2. Provisions of the Proposed and Final Regulations
    a. Definitions (Sec.  416.2)
    b. Specific Conditions for Coverage
    (1) Condition for Coverage: Governing Body and Management (Sec.  
416.41)
    (2) Condition for Coverage: Quality Assessment and Performance 
Improvement (QAPI) (Sec.  416.43)
    (3) Condition for Coverage: Laboratory and Radiologic Services 
(Sec.  416.49)
    (4) Condition for Coverage: Patients Rights (Sec.  416.50)
    (5) Condition for Coverage: Infection Control (Sec.  416.51)
    (6) Condition for Coverage: Patient Admission, Assessment and 
Discharge (Sec.  416.52)
    c. Comments Outside the Scope of the Proposed Rule
    C. Updates of the Revised ASC Payment System
    1. Legislative Authority for the ASC Payment System
    2. Prior Rulemaking
    3. Policies Governing Changes to the Lists of Codes and Payment 
Rates for ASC Covered Surgical Procedures and Covered Ancillary 
Services
    D. Treatment of New Codes
    1. Treatment of New Category I and III CPT Codes and Level II 
HCPCS Codes
    2. Treatment of New Level II HCPCS Codes Implemented in April 
and July 2008
    E. Update to the List of ASC Covered Surgical Procedures and 
Covered Ancillary Services
    1. Covered Surgical Procedures
    a. Additions to the List of ASC Covered Surgical Procedures
    b. Covered Surgical Procedures Designated as Office-Based
    (1) Background
    (2) Changes to Covered Surgical Procedures Designated as Office-
Based for CY 2009
    c. Covered Surgical Procedures Designated as Device-Intensive
    (1) Background
    (2) Changes to List of Covered Surgical Procedures Designated as 
Device-Intensive for CY 2009
    d. Surgical Procedures Removed from the OPPS Inpatient List for 
CY 2009

[[Page 68506]]

    2. Covered Ancillary Services
    F. ASC Payment for Covered Surgical Procedures and Covered 
Ancillary Services
    1. Payment for Covered Surgical Procedures
    a. Background
    b. Update to ASC Covered Surgical Procedure Payment Rates for CY 
2009
    c. Adjustment to ASC Payments for No Cost/Full Credit and 
Partial Credit Devices
    2. Payment for Covered Ancillary Services
    a. Background
    b. Payment for Covered Ancillary Services for CY 2009
    G. New Technology Intraocular Lenses (NTIOLs)
    1. Background
    2. NTIOL Application Process for Payment Adjustment
    3. Classes of NTIOLs Approved and New Request for Payment 
Adjustment
    a. Background
    b. Requests To Establish New NTIOL Class for CY 2009
    4. Payment Adjustment
    5. ASC Payment for Insertion of IOLs
    6. Announcement of CY 2009 Deadline for Submitting Requests for 
CMS Review of Appropriateness of ASC Payment for Insertion of an 
NTIOL Following Cataract Surgery
    H. ASC Payment and Comment Indicators
    1. Background
    2. ASC Payment and Comment Indicators
    I. Calculation of the ASC Conversion Factor and ASC Payment 
Rates
    1. Background
    2. Policy Regarding Calculation of the ASC Payment Rates
    a. Updating the ASC Relative Payment Weights for CY 2009 and 
Future Years
    b. Updating the ASC Conversion Factor
    3. Display of ASC Payment Rates
XVI. Reporting Quality Data for Annual Payment Rate Updates
    A. Background
    1. Reporting Hospital Outpatient Quality Data for Annual Payment 
Update
    2. Reporting ASC Quality Data for Annual Payment Update
    3. Reporting Hospital Inpatient Quality Data for Annual Payment 
Update
    B. Hospital Outpatient Measures for CY 2009
    C. Quality Measures for CY 2010 and Subsequent Calendar Years 
and the Process To Update Measures
    1. Quality Measures for CY 2010 Payment Determinations
    2. Process for Updating Measures
    3. Possible New Quality Measures for CY 2011 and Subsequent 
Calendar Years
    D. Payment Reduction for Hospitals That Fail To Meet the HOP 
QDRP Requirements for the CY 2009 Payment Update
    1. Background
    2. Reduction of OPPS Payments for Hospitals That Fail To Meet 
the HOP QDRP CY 2009 Payment Update Requirements
    a. Calculation of Reduced National Unadjusted Payment Rates
    b. Calculation of Reduced Minimum Unadjusted and National 
Unadjusted Beneficiary Copayments
    c. Treatment of Other Payment Adjustments
    E. Requirements for HOPD Quality Data Reporting for CY 2010 and 
Subsequent Calendar Years
    1. Administrative Requirements
    2. Data Collection and Submission Requirements
    3. HOP QDRP Validation Requirements
    a. Data Validation Requirements for CY 2010
    b. Alternative Data Validation Approaches for CY 2011
    F. Publication of HOP QDRP Data
    G. HOP QDRP Reconsideration and Appeals Procedures
    H. Reporting of ASC Quality Data
    I. FY 2010 IPPS Quality Measures under the RHQDAPU Program
XVII. Healthcare-Associated Conditions
    A. Background
    B. Expanding the Principles of the IPPS Hospital-Acquired 
Conditions Payment Provision to the OPPS
    1. Criteria for Possible Candidate OPPS Conditions
    2. Collaboration Process
    3. Potential OPPS Healthcare-Associated Conditions
    4. OPPS Infrastructure and Payment for Encounters Resulting in 
Healthcare-Associated Conditions
XVIII. Medicare Hospital Conditions of Participation: Requirements 
for Approval and Re-Approval of Transplant Programs To Perform 
Transplants; Clarification of Provider and Supplier Termination 
Policy
XIX. Files Available to the Public Via the Internet
    A. Information in Addenda Related to the CY 2009 Hospital OPPS
    B. Information in Addenda Related to the CY 2009 ASC Payment 
System
XX. Collection of Information Requirements
    A. Legislative Requirement for Solicitation of Comments
    B. ASC Conditions for Coverage Collections
    1. Condition for Coverage--Governing Body and Management (Sec.  
416.41)
    2. Condition for Coverage--Quality Assessment and Performance 
Improvement (Sec.  416.43)
    3. Condition for Coverage--Patient Rights (Sec.  416.50)
    4. Condition for Coverage--Patient Admission, Assessment and 
Discharge (Sec.  416.52)
    5. Revisions to the CfCs on Infection Control in This Final Rule 
(Sec.  416.51)
    C. Associated Information Collections Not Specified in 
Regulatory Text
XXI. Waiver of Proposed Rulemaking
XXII. Response to Comments
XXIII. Regulatory Impact Analysis
    A. Overall Impact
    1. Executive Order 12866
    2. Regulatory Flexibility Act (RFA)
    3. Small Rural Hospitals
    4. Unfunded Mandates
    5. Federalism
    B. Effects of OPPS Changes in This Final Rule With Comment 
Period
    1. Alternatives Considered
    a. Alternatives Considered for Payment of Multiple Imaging 
Procedures
    b. Alternatives Considered for the HOP QDRP Requirements for the 
CY 2009 Payment Update
    c. Alternatives Considered Regarding OPPS Cost Estimation for 
Relative Payment Weights
    2. Limitation of Our Analysis
    3. Estimated Effects of This Final Rule With Comment Period on 
Hospitals
    4. Estimated Effects of This Final Rule With Comment Period on 
CMHCs
    5. Estimated Effects of This Final Rule With Comment Period on 
Beneficiaries
    6. Conclusion
    7. Accounting Statement
    C. Effects of ASC Payment System Changes in This Final Rule With 
Comment Period
    1. Alternatives Considered
    a. Office-Based Procedures
    b. Covered Surgical Procedures
    2. Limitations of Our Analysis
    3. Estimated Effects of This Final Rule With Comment Period on 
ASCs
    4. Estimated Effects of This Final Rule With Comment Period on 
Beneficiaries
    5. Conclusion
    6. Accounting Statement
    D. Effects of Final Requirements for Reporting of Quality Data 
for Annual Hospital Payment Update
    E. Effects of ASC Conditions for Coverage Changes in This Final 
Rule
    1. Effects on ASCs
    a. Effects of the Governing Body and Management Provision
    b. Effects of the QAPI Provision
    c. Effects of the Laboratory and Radiologic Services Provision
    d. Effects of the Patient Rights Provision
    e. Effects of the Infection Control Provision
    f. Effects of the Patient Admission, Assessment and Discharge 
Provision
    2. Alternatives Considered
    a. Alternatives to the Governing Body and Management Provision
    b. Alternatives to the QAPI Provision
    c. Alternatives to the Patient Rights Provision
    d. Alternatives to the Discharge Provision
    3. Conclusion
    F. Executive Order 12866
Regulation Text
Addenda
    Addendum A--OPPS APCs for CY 2009
    Addendum AA--ASC Covered Surgical Procedures for CY 2009 
(Including Surgical Procedures for Which Payment Is Packaged)
    Addendum B--OPPS Payment by HCPCS Code for CY 2009
    Addendum BB--ASC Covered Ancillary Services Integral to Covered 
Surgical Procedures for CY 2009 (Including Ancillary Services for 
Which Payment Is Packaged)
    Addendum D1--OPPS Payment Status Indicators
    Addendum DD1--ASC Payment Indicators
    Addendum D2--OPPS Comment Indicators
    Addendum DD2--ASC Comment Indicators
    Addendum E--HCPCS Codes That Would Be Paid Only as Inpatient 
Procedures for CY 2009

[[Page 68507]]

    Addendum EE--Surgical Procedures Excluded from Payment in ASCs
    Addendum L--Out-Migration Adjustment
    Addendum M--HCPCS Codes for Assignment to Composite APCs for CY 
2009

I. Background for the OPPS

A. Legislative and Regulatory Authority for the Hospital Outpatient 
Prospective Payment System

    When the Medicare statute was originally enacted, Medicare payment 
for hospital outpatient services was based on hospital-specific costs. 
In an effort to ensure that Medicare and its beneficiaries pay 
appropriately for services and to encourage more efficient delivery of 
care, the Congress mandated replacement of the reasonable cost-based 
payment methodology with a prospective payment system (PPS). The 
Balanced Budget Act (BBA) of 1997 (Pub. L. 105-33) added section 
1833(t) to the Social Security Act (the Act) authorizing implementation 
of a PPS for hospital outpatient services.
    The Medicare, Medicaid, and SCHIP Balanced Budget Refinement Act 
(BBRA) of 1999 (Pub. L. 106-113) made major changes in the hospital 
outpatient prospective payment system (OPPS). The Medicare, Medicaid, 
and SCHIP Benefits Improvement and Protection Act (BIPA) of 2000 (Pub. 
L. 106-554) made further changes in the OPPS. The Medicare Prescription 
Drug, Improvement, and Modernization Act (MMA) of 2003 (Pub. L. 108-
173) also amended Section 1833(t) of the Act. The Deficit Reduction Act 
(DRA) of 2005 (Pub. L. 109-171), enacted on February 8, 2006, also made 
additional changes in the OPPS. In addition, the Medicare Improvements 
and Extension Act under Division B of Title I of the Tax Relief and 
Health Care Act (MIEA-TRHCA) of 2006 (Pub. L. 109-432), enacted on 
December 20, 2006, made further changes in the OPPS. Further, the 
Medicare, Medicaid, and SCHIP Extension Act (MMSEA) of 2007 (Pub. L. 
110-173), enacted on December 29, 2007, made additional changes in the 
OPPS. We also note that the Medicare Improvements for Patients and 
Providers Act (MIPPA) of 2008 (Pub. L. 110-275), enacted on July 15, 
2008, made further changes to the OPPS. A discussion of these changes 
related to the MMSEA are included in sections I.E., II.C., V., and VII. 
of this final rule with comment period and those related to the MIPPA 
are included in sections I.F., II.C., II.E.1., V., VII., and XII.C.
    The OPPS was first implemented for services furnished on or after 
August 1, 2000. Implementing regulations for the OPPS are located at 42 
CFR Part 419.
    Under the OPPS, we pay for hospital outpatient services on a rate-
per-service basis that varies according to the ambulatory payment 
classification (APC) group to which the service is assigned. We use the 
Healthcare Common Procedure Coding System (HCPCS) codes (which include 
certain Current Procedural Terminology (CPT) codes) and descriptors to 
identify and group the services within each APC group. The OPPS 
includes payment for most hospital outpatient services, except those 
identified in section I.B. of this final rule with comment period. 
Section 1833(t)(1)(B)(ii) of the Act provides for Medicare payment 
under the OPPS for hospital outpatient services designated by the 
Secretary (which includes partial hospitalization services furnished by 
community mental health centers (CMHCs)) and hospital outpatient 
services that are furnished to inpatients who have exhausted their Part 
A benefits, or who are otherwise not in a covered Part A stay. Section 
611 of Public Law 108-173 added provisions for Medicare coverage for an 
initial preventive physical examination, subject to the applicable 
deductible and coinsurance, as an outpatient department service, 
payable under the OPPS.
    The OPPS rate is an unadjusted national payment amount that 
includes the Medicare payment and the beneficiary copayment. This rate 
is divided into a labor-related amount and a nonlabor-related amount. 
The labor-related amount is adjusted for area wage differences using 
the hospital inpatient wage index value for the locality in which the 
hospital or CMHC is located.
    All services and items within an APC group are comparable 
clinically and with respect to resource use (section 1833(t)(2)(B) of 
the Act). In accordance with section 1833(t)(2) of the Act, subject to 
certain exceptions, services and items within an APC group cannot be 
considered comparable with respect to the use of resources if the 
highest median (or mean cost, if elected by the Secretary) for an item 
or service in the APC group is more than 2 times greater than the 
lowest median cost for an item or service within the same APC group 
(referred to as the ``2 times rule''). In implementing this provision, 
we generally use the median cost of the item or service assigned to an 
APC group.
    For new technology items and services, special payments under the 
OPPS may be made in one of two ways. Section 1833(t)(6) of the Act 
provides for temporary additional payments, which we refer to as 
``transitional pass-through payments,'' for at least 2 but not more 
than 3 years for certain drugs, biological agents, brachytherapy 
devices used for the treatment of cancer, and categories of other 
medical devices. For new technology services that are not eligible for 
transitional pass-through payments, and for which we lack sufficient 
data to appropriately assign them to a clinical APC group, we have 
established special APC groups based on costs, which we refer to as New 
Technology APCs. These New Technology APCs are designated by cost bands 
which allow us to provide appropriate and consistent payment for 
designated new procedures that are not yet reflected in our claims 
data. Similar to pass-through payments, an assignment to a New 
Technology APC is temporary; that is, we retain a service within a New 
Technology APC until we acquire sufficient data to assign it to a 
clinically appropriate APC group.

B. Excluded OPPS Services and Hospitals

    Section 1833(t)(1)(B)(i) of the Act authorizes the Secretary to 
designate the hospital outpatient services that are paid under the 
OPPS. While most hospital outpatient services are payable under the 
OPPS, section 1833(t)(1)(B)(iv) of the Act excludes payment for 
ambulance, physical and occupational therapy, and speech-language 
pathology services, for which payment is made under a fee schedule. 
Section 614 of Public Law 108-173 amended section 1833(t)(1)(B)(iv) of 
the Act to exclude payment for screening and diagnostic mammography 
services from the OPPS. The Secretary exercised the authority granted 
under the statute to also exclude from the OPPS those services that are 
paid under fee schedules or other payment systems. Such excluded 
services include, for example, the professional services of physicians 
and nonphysician practitioners paid under the Medicare Physician Fee 
Schedule (MPFS); laboratory services paid under the clinical diagnostic 
laboratory fee schedule (CLFS); services for beneficiaries with end-
stage renal disease (ESRD) that are paid under the ESRD composite rate; 
and services and procedures that require an inpatient stay that are 
paid under the hospital inpatient prospective payment system (IPPS). We 
set forth the services that are excluded from payment under the OPPS in 
Sec.  419.22 of the regulations.
    Under Sec.  419.20(b) of the regulations, we specify the types of 
hospitals and entities that are excluded from payment under the OPPS. 
These excluded entities include Maryland hospitals, but only for 
services that are paid under a

[[Page 68508]]

cost containment waiver in accordance with section 1814(b)(3) of the 
Act; critical access hospitals (CAHs); hospitals located outside of the 
50 States, the District of Columbia, and Puerto Rico; and Indian Health 
Service hospitals.

C. Prior Rulemaking

    On April 7, 2000, we published in the Federal Register a final rule 
with comment period (65 FR 18434) to implement a prospective payment 
system for hospital outpatient services. The hospital OPPS was first 
implemented for services furnished on or after August 1, 2000. Section 
1833(t)(9) of the Act requires the Secretary to review certain 
components of the OPPS, not less often than annually, and to revise the 
groups, relative payment weights, and other adjustments that take into 
account changes in medical practices, changes in technologies, and the 
addition of new services, new cost data, and other relevant information 
and factors.
    Since initially implementing the OPPS, we have published final 
rules in the Federal Register annually to implement statutory 
requirements and changes arising from our continuing experience with 
this system. We published in the Federal Register on November 27, 2007 
the CY 2008 OPPS/ASC final rule with comment period (72 FR 66580). In 
that final rule with comment period, we revised the OPPS to update the 
payment weights and conversion factor for services payable under the CY 
2008 OPPS on the basis of claims data from January 1, 2006, through 
December 31, 2006, and to implement certain provisions of Public Law 
108-173 and Public Law 109-171. In addition, we responded to public 
comments received on the provisions of the November 26, 2006 final rule 
with comment period (71 FR 67960) pertaining to the APC assignment of 
HCPCS codes identified in Addendum B to that rule with the new interim 
(NI) comment indicator; and public comments received on the August 2, 
2007 OPPS/ASC proposed rule for CY 2008 (72 FR 42628).
    Subsequent to publication of the CY 2008 OPPS/ASC final rule with 
comment period, we published in the Federal Register on February 22, 
2008, a correction notice (73 FR 9860) to correct certain technical 
errors in the CY 2008 OPPS/ASC final rule with comment period.
    On July 18, 2008, we issued in the Federal Register (73 FR 41416) a 
proposed rule for the CY 2009 OPPS/ASC payment system to implement 
statutory requirements and changes arising from our continuing 
experience with both systems. Subsequent to issuance of the CY 2009 
OPPS/ASC proposed rule, we published in the Federal Register on August 
11, 2008 a correction notice (73 FR 46575) to replace Table 30 included 
the CY 2009 OPPS/ASC proposed rule.

D. APC Advisory Panel

1. Authority of the APC Panel
    Section 1833(t)(9)(A) of the Act, as amended by section 201(h) of 
the BBRA, and redesignated by section 202(a)(2) of the BBRA, requires 
that we consult with an outside panel of experts to review the clinical 
integrity of the payment groups and their weights under the OPPS. The 
Act further specifies that the panel will act in an advisory capacity. 
The Advisory Panel on Ambulatory Payment Classification (APC) Groups 
(the APC Panel), discussed under section I.D.2. of this final rule with 
comment period, fulfills these requirements. The APC Panel is not 
restricted to using data compiled by CMS, and it may use data collected 
or developed by organizations outside the Department in conducting its 
review.
2. Establishment of the APC Panel
    On November 21, 2000, the Secretary signed the initial charter 
establishing the APC Panel. This expert panel, which may be composed of 
up to 15 representatives of providers (currently employed full-time, 
not as consultants, in their respective areas of expertise) subject to 
the OPPS, reviews clinical data and advises CMS about the clinical 
integrity of the APC groups and their payment weights. The APC Panel is 
technical in nature, and it is governed by the provisions of the 
Federal Advisory Committee Act (FACA). Since its initial chartering, 
the Secretary has renewed the APC Panel's charter three times: On 
November 1, 2002; on November 1, 2004; and on November 21, 2006. The 
current charter specifies, among other requirements, that the APC Panel 
continues to be technical in nature; is governed by the provisions of 
the FACA; may convene up to three meetings per year; has a Designated 
Federal Officer (DFO); and is chaired by a Federal official designated 
by the Secretary.
    The current APC Panel membership and other information pertaining 
to the APC Panel, including its charter, Federal Register notices, 
membership, meeting dates, agenda topics, and meeting reports can be 
viewed on the CMS Web site at: http://www.cms.hhs.gov/FACA/05_
AdvisoryPanelonAmbulatoryPaymentClassificationGroups.asp#TopOfPage.
3. APC Panel Meetings and Organizational Structure
    The APC Panel first met on February 27, February 28, and March 1, 
2001. Since the initial meeting, the APC Panel has held 15 subsequent 
meetings, with the last meeting taking place on August 27 and 28, 2008. 
Prior to each meeting, we publish a notice in the Federal Register to 
announce the meeting and, when necessary, to solicit nominations for 
APC Panel membership and to announce new members.
    The APC Panel has established an operational structure that, in 
part, includes the use of three subcommittees to facilitate its 
required APC review process. At its March 2008 meeting, the APC Panel 
recommended that the Observation and Visit Subcommittee's name be 
changed to the ``Visits and Observation Subcommittee.'' As stated in 
the CY 2009 OPPS/ASC proposed rule (73 FR 41421), we are accepting this 
recommendation and are referring to the subcommittee by its new name, 
as appropriate, throughout this final rule with comment period. Thus, 
the three current subcommittees are the Data Subcommittee, the Visits 
and Observation Subcommittee, and the Packaging Subcommittee. The Data 
Subcommittee is responsible for studying the data issues confronting 
the APC Panel and for recommending options for resolving them. The 
Visits and Observation Subcommittee reviews and makes recommendations 
to the APC Panel on all technical issues pertaining to observation 
services and hospital outpatient visits paid under the OPPS (for 
example, APC configurations and APC payment weights). The Packaging 
Subcommittee studies and makes recommendations on issues pertaining to 
services that are not separately payable under the OPPS, but whose 
payments are bundled or packaged into APC payments. Each of these 
subcommittees was established by a majority vote from the full APC 
Panel during a scheduled APC Panel meeting, and their continuation as 
subcommittees was last approved at the August 2008 APC Panel meeting. 
At that meeting, the Panel recommended that the work of these three 
subcommittees continue, and we are accepting that recommendation. All 
subcommittee recommendations are discussed and voted upon by the full 
APC Panel.
    Discussions of the recommendations resulting from the APC Panel's 
March and August 2008 meetings are included in the sections of this 
final rule that are specific to each recommendation. For

[[Page 68509]]

discussions of earlier APC Panel meetings and recommendations, we refer 
readers to previously published hospital OPPS final rules, the Web site 
mentioned earlier in this section, or the FACA database at http://
fido.gov/facadatabase/public.asp.
    During the comment period for the CY 2009 OPPS/ASC proposed rule, 
we received several public comments regarding representation on the APC 
Panel.
    Comment: Several commenters requested that CMS include a designated 
ASC representative on the APC Panel. The commenters believed that, 
because the ASC payment system is based on the same APC groups and 
relative payment weights as the OPPS, ASC representation on the APC 
Panel would ensure input from representatives of all the care settings 
providing surgical services whose payment groups and payment weights 
are affected by the OPPS.
    Response: We acknowledge that the revised ASC payment system 
provides Medicare payment to ASCs for surgical procedures that is 
based, in most cases, on the relative payment weights of the OPPS. 
However, CMS is statutorily required to have an appropriate selection 
of representatives of ``providers'' as members of the APC Panel.
    Specifically, the current APC Panel charter requires that ``Each 
Panel member must be employed full-time by a hospital, hospital system, 
or other Medicare provider subject to payment under the OPPS,'' which 
does not include ASCs because ASCs are not providers. We refer readers 
to section 1833(t)(9)(A) of the Act and Sec.  400.202 of our 
regulations for specific requirements and definitions. The charter must 
comply with the statute, which does not include representatives of 
suppliers on the APC Panel. However, we understand the concerns of 
commenters regarding their interest in ASC input on the APC Panel now 
that the ASC payment system is based on the OPPS relative payment 
weights.

E. Provisions of the Medicare, Medicaid, and SCHIP Extension Act of 
2007

    The Medicare, Medicaid and SCHIP Extension Act (MMSEA) of 2007 
(Pub. L. 110-173), enacted on December 29, 2007, includes the following 
provisions that affect the OPPS and the revised ASC payment system:
1. Increase in Physician Payment Update
    Section 101 of the MMSEA provided a 0.5 percent increase in the 
physician payment update from January 1, 2008 through June 30, 2008; 
revised the Physician Assistance and Quality Initiative Fund, and 
extended through 2009 the physician quality reporting system. We refer 
readers to section XV. of this final rule with comment period for 
discussion of the effect of this provision on services paid under the 
revised ASC payment system.
2. Extended Expiration Date for Cost-Based OPPS Payment for 
Brachytherapy Sources and Therapeutic Radiopharmaceuticals
    Section 106 of the MMSEA amended section 1833(t)(16)(C) of the Act, 
as amended by section 107 of the MIEA-TRCHA, to extend for an 
additional 6 months, through June 30, 2008, payment for brachytherapy 
devices at hospitals' charges adjusted to costs and to mandate that the 
same cost-based payment methodology apply to therapeutic 
radiopharmaceuticals for the same extended payment period. We refer 
readers to sections V.B.4. and VII. of this final rule with comment 
period for discussion of this provision. We also note that section 142 
of Public Law 110-275 further extended this provision, as discussed in 
section I.F.4. of this final rule with comment period.
3. Alternative Volume Weighting in Computation of Average Sales Price 
(ASP) for Medicare Part B Drugs
    Section 112 of the MMSEA amended section 1847A(b) of the Act to 
provide for application of alternative volume weighting in computing 
the ASP for payment of Medicare Part B multiple source and single 
source drugs furnished after April 1, 2008, and for a special rule, 
beginning April 1, 2008, for payment of single source drugs or 
biologicals treated as a multiple source drug. This provision is 
discussed in section V. of this final rule with comment period.
4. Extended Expiration Date for Certain IPPS Wage Index Geographic 
Reclassifications and Special Exceptions
    Section 117 of the MMSEA extended through September 30, 2008, both 
the reclassifications that were extended by section 106 of MIEA-TRCHA 
as well as certain special exception wage indices referenced in the FY 
2005 IPPS final rule (69 FR 49105 and 49107). We refer readers to 
section II.C. of this final rule with comment for discussion of this 
provision. We also note that section 124 of Public Law 110-275 further 
extended this provision through September 30, 2009, as discussed under 
section I.F.2. of this final rule with comment period.

F. Provisions of the Medicare Improvements for Patients and Providers 
Act of 2008

    The Medicare, Improvements for Patients and Providers Act (MIPPA) 
of 2008 (Pub. L. 110-275), enacted on July 15, 2008, includes the 
following provisions that affect the OPPS and the revised ASC payment 
system:
1. Improvements to Coverage of Preventive Services
    Section 101(b) of the MIPPA amended section 1861 of the Act, as 
amended by section 114 of the MMSEA, to make several changes to the 
Initial Preventive Physical Examination (IPPE) benefit, including 
waiving the deductible and extending the period of eligibility for an 
IPPE from 6 months to 12 months after the date of the beneficiary's 
initial enrollment in Medicare Part B. Section 101(b) of the MIPPA also 
removed the screening electrocardiagram (EKG) as a mandatory 
requirement that is part of the IPPE and required that there be 
education, counseling, and referral for an EKG, as appropriate, for a 
once-in-a-lifetime screening EKG performed as a result of a referral 
from an IPPE. The facility service for the screening EKG (tracing only) 
is payable under the OPPS when it is the result of a referral from an 
IPPE. The amendments apply to services furnished on or after January 1, 
2009. We refer readers to section XII.C. of this final rule for 
discussion of the HCPCS codes to be used for the IPPE and screening EKG 
and the OPPS payment rates for services under this provision for CY 
2009.
2. Extended Expiration Date for Certain IPPS Wage Index Geographic 
Reclassifications and Special Exceptions
    Section 124 of the MIPPA extended through September 30, 2009 the 
hospital wage index reclassifications for hospitals reclassified under 
section 508 of the MMA. MIPPA also extended through the last date of 
the extension of the reclassifications under section 106(a) of the 
MIEA-TRHCA certain special exception wage indices referenced in the FY 
2005 IPPS final rule (69 FR 49105 and 49107) and that were extended by 
section 117(a)(2) of the MMSEA. We refer readers to section II.C. of 
this final rule with comment period for discussion of this provision.
3. Increase in Physician Payment Update
    Section 131 of MIPPA increased the conversion factor by 1.1 percent 
for CY 2009 and required that CY 2008 and CY 2009 payment updates have 
no effect on payment rates for CY 2010 and subsequent years under the 
MPFS. We

[[Page 68510]]

refer readers to section XV.F. of this final rule with comment period 
for discussion of the effect of this provision on payment for covered 
office-based surgical procedures and covered ancillary services paid 
under the ASC payment system.
4. Extension of Expiration Date for Cost-Based OPPS Payment for 
Brachytherapy and Therapeutic Radiopharmaceuticals
    Section 142 of the MIPPA amended section 1833(t)(16)(C) of the Act, 
as amended by section 106(a) of the MMSEA, and further extended the 
payment period for brachytherapy devices sources and therapeutic 
radiopharmaceuticals based on hospital's charges adjusted to cost 
through December 31, 2009. We refer readers to sections V.B.4. and VII. 
of this final rule with comment period for discussions of this 
provision. We also refer readers to section XV.F. of this final rule 
with comment period for discussion of the effect of this provision on 
covered ancillary services paid under the ASC payment system.
5. Extension and Expansion of the Medicare Hold Harmless Provision 
Under the OPPS for Certain Hospitals
    Section 147 of the MIPPA amended section 1833(t)(7)(D)(i) of the 
Act by extending the hold harmless payments (85 percent of the 
difference between the prospective payment system amount under the OPPS 
and the pre-BBA amount) for covered OPD services furnished by rural 
hospitals with 100 beds or less through December 31, 2009. It also 
expanded the same hold harmless payments to SCHs with 100 beds or fewer 
for covered OPD services furnished on or after January 1, 2009, and 
before January 1, 2010. We refer readers to section II.E. of this final 
rule with comment period for discussion of this provision.

G. Summary of the Major Contents of the CY 2009 OPPS/ASC Proposed Rule

    A proposed rule appeared in the July 18, 2008 Federal Register (73 
FR 41416) that set forth proposed changes to the Medicare hospital OPPS 
for CY 2009 to implement statutory requirements and changes arising 
from our continuing experience with the system and to implement certain 
new statutory provisions. In addition, we proposed changes to the 
revised Medicare ASC payment system for CY 2009, including updated 
payment weights and covered ancillary services based on the proposed 
OPPS update. Finally, we set forth proposed quality measures for the 
Hospital Outpatient Quality Data Reporting Program (HOP QDRP) for 
reporting quality data for annual payment rate updates for CY 2010 and 
subsequent calendar years, the requirements for data collection and 
submission for the annual payment update, and a proposed reduction in 
the OPPS payment for hospitals that fail to meet the HOP QDRP 
requirements for CY 2009, in accordance with the statutory requirement. 
The following is a summary of the major changes included in the CY 2009 
OPPS/ASC proposed rule:
1. Updates Affecting OPPS Payments
    In section II. of the proposed rule, we set forth--
     The methodology used to recalibrate the proposed APC 
relative payment weights.
     The proposed changes to packaged services.
     The proposed update to the conversion factor used to 
determine payment rates under the OPPS. In this section we set forth 
changes in the amounts and factors for calculating the full annual 
update increase to the conversion factor.
     The proposed retention of our current policy to use the 
IPPS wage indices to adjust, for geographic wage differences, the 
portion of the OPPS payment rate and the copayment standardized amount 
attributable to labor-related cost.
     The proposed update of statewide average default CCRs.
     The proposed application of hold harmless transitional 
outpatient payments (TOPs) for certain small rural hospitals.
     The proposed payment adjustment for rural SCHs.
     The proposed calculation of the hospital outpatient 
outlier payment.
     The calculation of the proposed national unadjusted 
Medicare OPPS payment.
     The proposed beneficiary copayments for OPPS services.
2. OPPS Ambulatory Payment Classification (APC) Group Policies
    In section III. of the proposed rule, we discussed the proposed 
additions of new procedure codes to the APCs; our proposal to establish 
a number of new APCs; and our analyses of Medicare claims data and 
certain recommendations of the APC Panel. We also discussed the 
application of the 2 times rule and proposed exceptions to it; proposed 
changes to specific APCs; and proposed movement of procedures from New 
Technology APCs to clinical APCs.
3. OPPS Payment for Devices
    In section IV. of the proposed rule, we discussed proposed pass-
through payment for specific categories of devices and the proposed 
adjustment for devices furnished at no cost or with partial or full 
credit.
4. OPPS Payment Changes for Drugs, Biologicals, and 
Radiopharmaceuticals
    In section V. of the proposed rule, we discussed proposed CY 2009 
OPPS payment for drugs, biologicals, and radiopharmaceuticals, 
including the proposed payment for drugs, biologicals, and 
radiopharmaceuticals with and without pass-through status.
5. Estimate of OPPS Transitional Pass-Through Spending for Drugs, 
Biologicals, Radiopharmaceuticals, and Devices
    In section VI. of the proposed rule, we discussed the estimate of 
CY 2009 OPPS transitional pass-through spending for drugs, biologicals, 
and devices.
6. OPPS Payment for Brachytherapy Sources
    In section VII. of the proposed rule, we discussed our proposal 
concerning coding and payment for brachytherapy sources.
7. OPPS Payment for Drug Administration Services
    In section VIII. of the proposed rule, we set forth our proposed 
policy concerning payment and coding for drug administration services.
8. OPPS Payment for Hospital Outpatient Visits
    In section IX. of the proposed rule, we set forth our proposed 
policies for the payment of clinic and emergency department visits and 
critical care services based on claims paid under the OPPS.
9. Payment for Partial Hospitalization Services
    In section X. of the proposed rule, we set forth our proposed 
payment for partial hospitalization services, including the proposed 
separate threshold for outlier payments for CMHCs.
10. Procedures That Will Be Paid Only as Inpatient Procedures
    In section XI. of the proposed rule, we discussed the procedures 
that we proposed to remove from the inpatient list and assign to APCs.

[[Page 68511]]

11. OPPS Nonrecurring Technical and Policy Clarifications
    I