ALCS Sessions


Wednesday, November 30

10:30 am – 10:35 am – Opening Remarks

10:35 am – 11:35 am – Understanding the Basics of Payments Law
Understanding the fundamentals of payment laws and regulations is crucial to understanding how payments work. So is having a clear comprehension of how the laws and regulations interact with one another, particularly when there may be overlap. Which law applies to a payment transaction depends on who the end users are, what kind of institution acts as intermediary, and what form of transaction is used to move the money. The introduction of new kinds of payments service providers and completely new forms of currencies and payments is raising questions about what laws apply to “fintech .” With so many agencies overseeing overlapping aspects of the payments industry, sometimes different agencies might be taking contradictory views about emerging issues. This session delves into these issues and provides an overview of the most significant laws and regulations governing payments, including Uniform Commercial Code Articles 3, 4, and 4A, the Expedited Funds Availability Act and Regulation CC, the Electronic Funds Transfer Act and Regulation E, the CFPB’s authority to act against unfair deceptive, and abusive acts or practices, and recent updates to Regulation J in anticipation of FedNow. The session touches on the rules that structure the Federal Reserve’s payments services, including Regulation J and the Fed’s Operating Circulars. The speaker will also describe the OFAC/Bank Secrecy Act compliance regime that applies to all payments in the U.S.

Duncan Douglas, Partner, Alston & Bird

11:40 am – 12:40 – Examining Cross Channel Fraud
This session is designed to provide attendees with a comprehensive understanding of the legal risks and consequences associated with fraud in different payment channels. Presenter(s) will examine the various types of payment fraud, including business email compromise, card skimming, and account takeover, and provide practical insights on how to detect and prevent fraudulent activities. They will also discuss the legal framework that governs payment fraud, including consumer protection laws, financial regulations, and criminal statutes. Through case studies and real-world examples, presenter(s) will explore the potential legal liabilities and consequences of payment fraud, including civil lawsuits, regulatory fines, and criminal charges. They will also discuss the role of law enforcement agencies and other stakeholders in investigating and prosecuting fraud cases and provide guidance on best practices for responding to fraud incidents. Attendees gain valuable insights on how to protect your organization from payment fraud risks while complying with legal and regulatory requirements.

Ivy Gupta, Product Counsel, Plaid, Inc.

12:40pm – 1:00 pm – Break

1:00 pm – 2:00 pm – The Legal & Compliance Landscape of Instant Payments: What You Need to Know
Instant payments have transformed the way we transfer funds, making transactions faster and more efficient. But this innovation has also brought new legal considerations that must be taken into account. During this session, we will discuss the legal and regulatory frameworks that apply to instant payments, including Regulation E & UCC4A, as well as dive into the liability and risk management concerns associated with instant payments, including fraud, chargebacks, and data breaches. Speakers will also discuss strategies for mitigating these risks, such as implementing robust security protocols and complying with industry standards.

Jennifer Aguilar, APRP, Senior Associate, Alston & Bird

2:15 pm – 3:15 pm – Legal & Compliance Roles in Cybersecurity Incidents
This session will explore the legal frameworks and best practices for responding to cyber security incidents and highlight the legal implications of such incidents. Presenter(s) will begin with an overview of the current cyber threat landscape and the different types of cyber security incidents that can occur, as well as the legal implications of cyber security incidents, including data breach notification laws, industry-specific regulations, and potential liability for data breaches. The presenter will use real-world examples to highlight the importance of a coordinated response between legal, IT, operations, and other stakeholders to ensure that the organization is able to effectively respond to a cyber security incident, while also covering the legal frameworks and best practices for responding to cyber security incidents, including incident response plans, legal privilege, and preserving evidence.

John Banghart, Senior Director for Cybersecurity Services, Venable LLP
Harley L. Geiger, Counsel, Venable LLP

3:20 pm – 4:20 pm – A Legal Perspective on Indemnity Agreements: How, When and Why
In this session panelists explore basic risk management tenets, the indemnity provisions included in the Nacha Operating Rules and, formal indemnity agreements beyond the Rules including a discussion of the practicality of indemnities and discuss risk management considerations on entering into indemnity agreements. Attendees come away from the session with an understanding of how indemnities play out and what parties demand of each other.

Brian W. Jones, General Counsel, Merrick Bank Corporation
Susan Levine, Executive Director, Assistant General Counsel, J.P. Morgan
Matthew C. Luzadder, Managing Partner Chicago Office, Kelley Drye & Warren LLP
Devon Marsh, APRP, Senior Director, ACH Network Administration, Nacha

4:30 pm – 5:30 pm – Understanding Consumer Liability for Unauthorized Instant Payments Transactions
The speaker in this session will discuss protections from liability for consumers under traditional card networks, unauthorized electronic fund transfers under the Electronic Fund Transfer Act (EFTA).

Stanley J. Boris, Counsel, Sidley Austin LLP

Thursday, November 30

10:30 am – 10:35 am – Welcome Back and Day One Recap

10:35 am – 11:35 am – Navigating the Legalities & Compliance Implications of Third-Party Providers
In today's digital age, many organizations rely on third-party senders or service providers to handle their payment transactions. While this may seem like a convenient and efficient solution, there are legal considerations that businesses must be aware of when outsourcing their payment processing. During this session, we will explore the legal landscape surrounding the use of third-party senders and service providers. The presenter will also discuss the various laws and regulations with which organizations must comply, including data protection and privacy laws, consumer protection laws, and anti-fraud regulations. The speaker will also discuss best practices for mitigating legal risks when outsourcing payment processing, such as conducting due diligence on potential service providers and regularly monitoring their performance. We will also examine where the various responsibility lies when it comes to transacting safely, as well as potential new Nacha requirements currently under consideration.

Keith Barnett, Partner, Troutman Pepper Hamilton Sanders LLP

11:35 am – 12:35 pm – Data Aggregation & Privacy - Whose Information is It Really?
The use of consumer financial account data and how it is stored, accessed, and leveraged is critical to the advancement of both new and legacy platforms and products. But the question of who owns the data, how it can be used, and how to maintain the security of the information is paramount in keeping consumers safe while allowing them to be in control of their information. How the data is stored and used can also depend upon the role an organization plays in the transaction from which the information was derived. Controllers, processors, and merchants must all ensure the consumer’s privacy is being protected. Speakers in this session discuss how data aggregators are working with the industry to understand how agreements, requirements such as WEB debit verification, and fraud prevention exceptions under existing and pending legislation are impacting and defining data usage and privacy protection.

Kelly DeMarchis Bastide, Partner, Venable LLP

12:35 pm – 1:00 pm – Break

1:00 pm – 2:00 pm – Payments After Dark: Examining High Risk Originators
Financial institutions make business decisions to originate ACH transactions for clients, and it is incumbent on them to conduct appropriate due diligence and related risk management. With what could be considered high- risk activity, it is imperative that the FI implements a robust and holistic risk management program throughout the life cycle that has active involvement and commitment across the organization. Online gaming, ACH debit at online purchases without card network purchase protection, and other transactions are examples of industries where financial institutions have proceeded with caution. These industries could represent potential threats to payment systems so, as a result, various payment systems rules have been defined, all with the goal of protecting the integrity of the system as well as limiting possible risk. Speakers in this session discuss what constitutes “high- risk” payments and the types and magnitude of transactions that give rise to such risks. Understand who needs to be involved and why, what process elements need to be considered, and what are potential client showstopper questions.

Ellen Traupman Berge, Partner, Venable LLP

2:05 pm – 3:05 pm – Current Events in Sanctions and AML
This session will provide attendees with a deep dive into the legal and regulatory implications of recent developments in sanctions and anti-money laundering (AML) compliance. Our expert presenter will explore the latest trends and emerging risks in sanctions and AML, including the impact of new sanctions regimes and regulatory developments on businesses and financial institutions. They will also examine the role of technology in financial crime and discuss how organizations can leverage new technologies to enhance their AML and sanctions compliance programs. Through case studies and real-world examples, the panelists will provide practical insights on how to mitigate the legal and regulatory risks associated with sanctions and AML non-compliance. They will discuss best practices for conducting risk assessments, implementing effective compliance programs, and responding to sanctions and AML violations.

Matthew C. Luzadder, Managing Partner Chicago Office, Kelley Drye & Warren LLP

3:10 pm – 4:10 pm – After a Collapse: Asking the Right Questions
Playing Monday morning quarterback extended beyond the football field in the spring of 2023 as the financial industry watched the aftermath of the Silicon Valley Bank and Signature Bank closures. With the seizures of the banks came questions concerning the establishment of the bridge bank, the role of the FDIC, receivership certificates, pass through insurance and deposit insurance limits. But beyond those, industry insiders were asking about pending ACH and real- time files and transactions and pondering what this event might have looked like with the FedNow system in place. The speaker in this session explores these questions and considers if there were other, better questions to ask as the situation was unfolding.

Duncan Douglas, Partner, Alston & Bird

4:10 pm – 4:15 pm – Closing Remarks

Register Now       Attorney Registration