The findings: Walmart’s history of cursory fraud prevention efforts has provided fraudsters with an easy mechanism to take advantage of its financial services customers, per ProPublica’s investigative reporting.
- Its findings raise questions about whether current oversight of such transactions and non-banks suffices.
What happened? Despite warnings from multiple state attorneys general and a federal regulator, Walmart has allowed customers to purchase gift cards with its own gift cards—and that’s helped fraudsters to launder ill-gotten gains, resulting in over $1 billion in losses for some of its most vulnerable customers.
- Employees have also reportedly failed to follow proper internal procedures and questions about suspicious transactions.
- Walmart is accused of failing to properly train employees or to implement adequate internal procedures to prevent fraud.
- The company has defended itself by saying it has “no responsibility to protect against the criminal conduct of third parties.”
How’d we get here? Since the late 90s, Walmart has found limited success in branching into the banking world.
- Like fintechs and other retailers, its inability to get a banking charter hasn’t stopped it from offering various financial services.
The retailer recently became the majority owner of a fintech company, One Finance, which offers traditional banking services like checking and savings accounts, as well as rewards to users who shop at Walmart.
- However, Walmart sells these gift cards at retail checkout counters, rather than through its banking partner, One—leaving these transactions in a legal purgatory.
Are regulators involved? That’s the tricky part—kind of.
- In 2022, the FTC filed a lawsuit against the retailer for "allowing its money transfer services to be used by fraudsters, who fleeced consumers out of hundreds of millions of dollars."
- Walmart questioned the constitutionality of the complaint and said it has no grounds to block transactions that customers freely choose to make. It also pointed out that some activities that would raise red flags—such as multiple transfers or using out-of-state IDs—aren’t illegal.
- Last year, the FTC amended the complaint to add more details about Walmart’s alleged violations of the Telemarketing Sales Rule. The retailer has rejected these amended allegations as “already lost once.”
What about the CFPB? In November, the Consumer Financial Protection Bureau (CFPB) proposed a new rule that lets it supervise large fintechs to ensure they follow financial laws like other traditional financial institutions (FIs).
- The regulator said this new rule would only affect that process over 5 million transactions per year.
- These 17 impacted fintechs would be examined for compliance to existing federal consumer laws.
- The public comment period on this proposal closed on January 8, 2024, and the final wording will determine whether or not any of Walmart’s financial activities fall under its jurisdiction.
What does this mean for traditional banks? The Walmart gift card saga calls attention to the regulatory gray areas that expose banking customers, especially vulnerable groups like seniors, to risk.
- Banks should engage in public comment periods, such as the recently closed one for the CFPB's proposed rule, advocating for increased supervision of nonbank entities.
- Marketing teams also have an important role to play. Targeting Walmart’s financial services customers with messaging about the safety and fraud prevention measures that traditional financial institutions are required to follow could help build relationships with new customers.