GS Logo
The Green Sheet, Inc

Please Login

Banner Ad
Skyscraper Ad
Breaking News
Updated: Friday, September 19, 2014

Alibaba IPO takes investors on magic carpet ride

A libaba Group Holding Ltd., which operates the largest overall e-commerce presence in the world, debuted on the New York Stock Exchange on Sept. 19, 2014, with an over two-hour delay in its initial public offering caused by a repeated upward revision of the stock's price per share. With Alibaba's shares now trading at well over 30 percent higher than initially set, a strong new competitor has emerged with designs on disrupting the U.S. e-commerce marketplace.

Alibaba was initially priced at $68, but excitement for China's e-commerce giant resulted in the share price opening at $92.70. Once trading finally got under way, almost at noon eastern standard time, shares soared to $99.70 before settling back to around $90 in early afternoon trading. More than 100 million shares of Alibaba were reportedly traded in the first 20 minutes of trading, and the IPO raised $21.8 billion, surpassing Visa Inc.'s IPO of $17.8 billion in 2008 and Facebook Inc.'s $16 billion raised in 2012.

Alibaba, founded by high-profile entrepreneur Jack Ma, has been characterized as China's equivalent of Inc., eBay Inc. and eBay-owned PayPal Inc., all rolled into one, with a touch of Google Inc. thrown in. Alibaba operates several e-commerce businesses in China, including, Taobao Marketplace and (formerly Taobao Mall). Alibaba also runs its own search engine, eTao, and a PayPal-like online payment service, Alipay.

Unlike Amazon, which buys goods from suppliers and resells them to consumers, Alibaba operates more like a middleman, connecting consumers to retailers in the spirit of eBay, but without functioning as an auctioneer. Taobao is considered Alibaba's largest e-commerce site, with approximately 760 million product listings from about seven million sellers. But retailers don't pay to sell on Taobao, rather they pay Alibaba for advertising and Google-like search engine optimized rankings.

Taobao is primarily for small merchants, while Tmall showcases larger businesses, like Apple Inc. and The Gap Inc., which opened Tmall storefronts in 2014. Unlike Taobao, Tmall charges retailers transaction fees. It has been reported that, in 2012, the combined transaction volume of Taobao and Tmall surpassed 1 trillion yuan (about $163 billion), more than Amazon and eBay combined.

The final piece of Alibaba's puzzle is Alipay, which has become the dominant third-party online payment provider in China. Alipay operates as an escrow service; consumer funds are held and only remitted to sellers once consumers receive, and are satisfied with, the goods that they paid for. Through Alipay, Alibaba also provides interest-bearing savings accounts for its users.

China's payments 'dragon'

In a September 2014 webinar, Alipay: The Chinese Dragon Beyond The Great Wall, Mercator Advisory Group lifted the veil on the so-called PayPal of China. Tristan Hugo-Webb, Associate Director of Mercator Advisory Group's International Advisory Service, said Alipay is what binds all of Alibaba's businesses together and is critical to Alibaba's ambition of becoming "the center of the online universe."

Alipay is no longer part of Alibaba Group, but is a separate entity still controlled by Jack Ma. The financial services firm was founded in 2004. By 2007, Alipay was processing an average of 800,000 transactions a day, with a daily transaction volume of $20 million, according to Hugo-Webb; by 2010, Alipay's daily numbers had risen to 40 million transactions and a transaction volume of $102 million. On Nov. 11, 2013, China's equivalent of Valentine's Day (referred to as Singles' Day), Alipay set a record by processing 171 million payments in a 24-hour period, Hugo-Webb said.

Hugo-Webb compared Alipay to its natural rival in the U.S. market, PayPal. The eBay subsidiary is considered the most popular online payment method in the United States, with 62 percent of online consumers having a PayPal account, Hugo-Webb noted. But PayPal averages only 8.8 million payments processed per day.

With China's total population of 1.35 billion, Alipay has a larger potential customer base to draw from than the 314 million for PayPal in the United States. However, Alipay only represents 50 percent of China's market, Hugo-Webb said. It is also rapidly expanding into the mobile realm; by February 2014, Alipay was processing 18 million mobile payments per day, Hugo-Webb added.

He noted that Alipay is aggressive in funding consumers' mobile wallets. When users open the wallets, Alipay automatically conducts a funds transfer from linked accounts to wallets so that money is always available to wallet users, Hugo-Webb said.

Alibaba's U.S. prospects

The size and scope of Alibaba makes it a fearsome competitor to U.S. e-commerce firms like Amazon and PayPal. Additionally, the excitement over its IPO shows that investors are confident Alibaba will be successful in its bid to penetrate the highly competitive U.S. marketplace. However, Alibaba may have difficulty gaining traction and market share because of inherent growth constraints placed on it by an already mature market.

Ken Wisnefski, Chief Executive Officer at digital marketing agency WebiMax, said, "Their margins are already high. They are amazing. But is there much more opportunity for upside from them? They are not going to be able to control that type of margin in the United States. There's already a large player here in Amazon."

Alibaba will find it hard to chip away at Amazon's dominance, Wisnefski added, with Amazon's customer loyalty beginning to rival the loyalty enjoyed by Apple Inc. "The brand loyalty with Amazon is something that is going to make it difficult for Alibaba to really be able to penetrate that space," he said.

Additionally, Alibaba could run into problems attracting U.S. merchants to its online sellers' marketplace. Wisnefski likened Alibaba's challenge to how U.S. retailers use search engine competitors to Google. "When you look at even advertising, we've got a lot of clients that do a lot of work on the Google paid services," he said. "It doesn't exclude them from doing work on the Bing and Yahoo! networks. But they don't allocate as much of the budget towards it. It's not as much of a focus."

Given the maturity of the U.S. online marketplace, with well-established players not likely to be deposed any time soon, Alibaba may be content to play a smaller role. "There's a lot of money to be had here playing second fiddle," Wisnefski said. "I could see that being a strategy."

Flawed coding blamed for recent data breaches
Tuesday, September 16, 2014

T he proliferation of data breaches at major U.S. retailers is a direct result of poorly coded software, according to a software analysis and measurement firm. The global data analytics firm, CAST, said seven out of 10 retail and finance applications are vulnerable to the Heartbleed-style malware attacks that have caused havoc among U.S. retailers nationwide in recent months.

CAST revealed in its 2014 CAST Report on Application Software Health (CRASH) that financial and retail industry applications are the most vulnerable to data breaches, with 70 percent of retail and 69 percent of financial services applications having "data input validation violations" that can lead to breaches. "This is particularly concerning, considering the amount of personal and financial customer data often held in applications across these industries," CAST said.

Lev Lesokhin, CAST Executive Vice President, described faulty code as a product of rushed deadlines faced by IT staff. "So long as IT organizations sacrifice software quality and security for the sake of meeting unrealistic schedules, we can expect to see more high-profile attacks leading to the exposure and exploitation of sensitive customer data," he said.

FI security coding fails

A Trustwave 2012 slide presentation entitled "Whitelist is the New Black" defined input validation as the "process of verifying the correctness of data supplied to an application before using that data." The data security firm noted that input validation is the hardest part of ensuring applications are secure. "Most vulnerabilities are a result of user-controlled data not being validated, or not being validated appropriately," Trustwave said.

CAST said poorly written code that did not properly validate data resulted in the notorious Heartbleed malware attack, which exposed over 60 percent of the Internet's servers to potential attacks. "As of June, 21, 2014, it's estimated that 309,197 public web servers still remained vulnerable," the researcher noted.

In its CRASH report, CAST singled out the financial services industry for the worst coded applications, the most surprising finding of the report. "[T]he data showed that the financial services industry has the highest number of input validation violations per application (224) even though their applications, on average, are only half as complex as the largest application scanned," CAST said.

Dr. Bill Curtis, Chief Scientist at CAST and CRASH report author, believes CAST's findings discredit the idea that software security and software quality are mutually exclusive. "The CRASH Report data proves this is false," he said. "Badly constructed software won't just cause systems to crash, corrupt data and make recovery difficult, but also leaves numerous security holes."

Home Depot the latest victim

In April 2014, the Heartbleed bug was detected by Trustwave in the popular OpenSSL security protocol, which is described as a cryptographic library used in securing e-commerce sites, email services and file transfer protocol programs. The bug is a weakness in the code that can be exploited by hackers to circumvent encryption and gain access to sensitive cardholder and enterprise data.

Heartbleed had reportedly gone undetected for over two years, time in which hackers could exploit the weakness to steal SSL certificates that establish encrypted communications for such activities as consumers making online purchases with bankcards or when administrators log onto networks.

The most recent big breach occurred at The Home Depot. The home improvement retailer said it first learned about the breach on Sept. 2, 2014, from law enforcement and its banking partners, and that the compromise began the previous April, affecting its U.S. and Canadian stores, but not its operations in Mexico, nor customers shopping via its online store.

Security reporter Brian Krebs wrote in a Sept. 14 post on his KrebsonSecurity blog that multiple financial institutions reported a steep increase over the past few days in ATM withdrawal fraud using data stolen from Home Depot customer accounts. While the retailer reassured customers that no debit card PIN data was compromised in the attack, Krebs noted that fraudsters can use other types of data that was stolen, such as ZIP codes, to reset debit cardholders' PINs via automated phone systems that employ weak cardholder authentication methods.

"The card data for sale in the underground that was stolen from Home Depot shoppers allows thieves to create counterfeit copies of debit and credit cards that can be used to purchase merchandise in big-box stores," Krebs wrote. "But if the crooks who buy stolen debit cards also are able to change the PIN on those accounts, the fabricated debit cards can then be used to withdraw cash from ATMs."

In the wake of the breach coming to light, a class-action lawsuit in the Atlanta district court was filed by the Georgia law firm of Harris Penn Lowry LLP. The suit alleges that Home Depot did not inform its customers of the breach until after Krebs broke the story on his blog site.

Apple Pay may set mobile payment security standard
Friday, September 12, 2014

A pple Inc. is known for setting trends, if not defining whole new market categories, as represented by the iPhone and iPad. But now, with the Sept. 9, 2014, launch of the iPhone 6, and Apple's first foray into the wearable device market with the Apple Watch, the tech giant has come out with a mobile contactless payment system called Apple Pay that could potentially set the standard for mobile security for the entire marketplace. By defining the security standard that wary consumers buy in to, the market for mobile contactless payments at the POS may finally take off.

Here's an excerpt from Apple's statement: "Apple Pay will change the way you pay. When you add a credit or debit card with Apple Pay, the actual card numbers are not stored on the device nor on Apple servers. Instead, a unique Device Account Number is assigned, encrypted and securely stored in the Secure Element on your iPhone or Apple Watch. Each transaction is authorized with a one-time unique number using your Device Account Number and instead of using the security code from the back of your card, Apple Pay creates a dynamic security code to securely validate each transaction."

Apple Pay leverages near field communication (NFC) technology embedded in smartphones to conduct contactless, in-store payments. Customers' sensitive payment data is tokenized and stored within the secure element of the NFC chip. When users pay with their phones at the POS, one-time tokens are generated in the place of the payment data. When Apple's biometric fingerprint scanning technology, Touch ID, is added to the mix, a potent security environment is erected around mobile payments.

Redefining card present

Randy Vanderhoof, Executive Director of the Smart Card Alliance, said, "[Apple Pay] really raises the bar on secure implementation of payments, because adding the biometric authentication to the transaction provides a much more secure validation to the merchant and to the issuing bank that the proper individual is making the payment transaction – and that they can trust that transaction."

Vanderhoof added that the card brands recognized the higher degree of security associated with Apple Pay and "rewarded" Apple with the lower card-present interchange fee, even though mobile contactless transactions are by literal definition card-not-present (CNP) and subject to higher fees. "So they are redefining the definition of card-present here," Vanderhoof said. "They're doing this because Apple is able to provide the same, in fact more, security, to the payments network that would normally exist when the physical card is involved." Because CNP transactions are considered more prone to fraud, they are placed in a higher interchange category, which translates into merchants paying more to accept CNP transactions.

In analysis of Apple Pay, Alcaraz Research said, via the Seeking Alpha website, that the 15 to 25 basis point discount the card brands have provided to Apple Pay transactions means that "Apple Pay processing fees can just be around 1.25 to 1.35 percent, much lower than PayPal's card-not-present transaction fee of 2.7 percent."

Vanderhoof noted that Google Wallet transactions also fall into the CNP interchange fee category because no comparable security protocols are in place, as Android-based phones are not equipped with biometric security technology.

Boon to the market

But the benefits of the Apple Pay security ecosystem to Apple, and the 220,000 U.S. retail locations that already accept contactless payments, will potentially extend to the entire mobile payments marketplace. Vanderhoof said the lower interchange category will act as an incentive for Apple to more aggressively market Apple Pay, which will result in more consumers wanting to use it and more merchants wanting the ability to accept it, creating a momentum of adoption and usage.

"It certainly does provide a very strong incentive for Apple to invest more marketing clout behind the wallet solution, which will then create more mobile payment transactions, which will replace the less secure magnetic stripe transactions more quickly," Vanderhoof said, "So the benefits are then going to be shared across the entire market; merchants and issuers are going to benefit from the higher security and the less likelihood of fraud by the way Apple has implemented Apple Pay."

It won't take many consumers coming into stores and asking if merchants accept Apple Pay for reluctant retailers to reconsider upgrading terminals to accept contactless payments. "I think merchants are probably going to be rethinking the future of NFC and contactless payments with this announcement," Vanderhoof said. "The previous implementations of NFC and mobile wallets hasn't had a real big impact on consumers, and therefore it hasn't caught the attention of too many of the merchants.

"But now with Apple jumping into the fray, it may give [merchants] further reason to upgrade their point of sale to be NFC capable and perhaps turn that NFC acceptance on sooner than they may have."

Additionally, Apple has created a security and mobile payment model that competitors can emulate. "It certainly is a model to consider for other solution providers to step up their creative ways to demonstrate a stronger link between a cardholder and the payment transaction, like Apple is doing with their biometric Touch ID," Vanderhoof stated.

However, Vanderhoof cautioned against rushing to crown Apple Pay the dominant mobile payments scheme. "With any new payments player in the market, and changes that happen in the direction by which consumers can transact at the point of sale, it takes some time for those new features to catch on and be fully vetted and operational."

But the stars seem to be aligning nonetheless. "I would say the signals are very good for what Apple has done, but it's a little bit too early to put a flag in it and call it a huge success or a huge game changer," Vanderhoof said.

CurrentC, a non-Apple, non-NFC mobile wallet
Tuesday, September 9, 2014

A pple Inc. made a big splash Sept. 9, 2014, when it announced Apple Pay, its near field communication (NFC)-powered mobile wallet, will be available on the soon-to-be-released iPhone 6, iPhone 6 Plus and Apple Watch. Some analysts have weighed in, stating not only is this the death knell for plastic payment cards, it is also the birth of a behemoth that could knock out competing mobile payment schemes vying for market dominance.

One such competitor is Merchant Customer Exchange, a mobile wallet being developed by leading retailers. Of all the high profile mobile wallet developers, MCX has been the most secretive. On Sept. 3, 2014, MCX offered a tantalizing peek into CurrentC, the brand name for its mobile wallet expected to launch in 2015.

MCX seems focused at the outset on the loyalty aspect of its wallet. MCX said, "CurrentC will simplify and expedite the customer checkout process by applying qualifying offers and coupons, participating merchant rewards, loyalty programs and membership accounts, and offering payment options through the consumer's selected financial account, all with a single scan."

As a mobile app offered to consumers as a free download from the app stores of Apple and Google Inc., CurrentC will be able to store and automatically apply retailer-specific offers and discounts from the merchants on MCX's prodigious network, which includes 7-Eleven Inc., Best Buy Co. Inc., Lowe's, Sears Holdings, Shell Oil Products US, Sunoco Inc., Target Corp. and Wal-Mart Stores Inc. CurrentC will also allow consumers to earn rewards that apply to the loyalty and membership accounts stored in the app. "Existing rewards, once entered, are detected, applied and earned automatically during the transaction," MCX said.

MCX also placed an emphasis on the data security that underscores the mobile app and corresponding network. "CurrentC will provide a more secure payment experience than traditional methods by storing users' sensitive financial information in its cloud vault rather than locally on the mobile device," MCX said. "Furthermore, the application uses a token placeholder to facilitate transactions instead of constantly passing the data between the user, merchant and financial institution. These innovative approaches to security are only a sample of industry leading tools used by CurrentC to create a comprehensive, layered approach to information security."

CurrentC is also being touted as merchant friendly, with retailers not having to upgrade current POS systems to integrate MCX's app. "CurrentC is a software-based solution that works with most existing point-of-sale and payment terminals – providing merchants large and small with a cost-effective entry point into the mobile payments movement," MCX said. "CurrentC will utilize a secure paycode and will not require additional hardware from most customers or merchants."

MCX said CurrentC will remain in private pilot testing mode through 2014, with regional and national rollouts to follow in 2015.

Ubiquitous brand-name reach

MCX launched in August 2012. Its network comprises over 70 brand-name retailers that together process in excess of $1 trillion annually in transactions at more than 110,000 retail outlets that span practically every vertical market, from quick service restaurants to convenience stores/gas stations, big box retailers and national grocery markets.

On mobile marketer Mobiquity Inc.'s blog page, Mobiquity Technical Advisor Robert McCarthy wrote in an August 2014 post that FIS Global will process CurrentC payments, while Paydiant Inc. is building the white-labeled mobile app. McCarthy noted that the FIS-owned mobile app developer mFoundry powers Starbucks Coffee Co.'s popular mobile wallet, as well as the Bank of America banking app.

McCarthy believes MCX's partnership with Paydiant was a wise move. "Paydiant’s technology will allow MCX member merchants to leverage existing smartphones, POS and payment terminals," he wrote. "It will include an easy-to-implement application programming interface (API) to enable MCX members to integrate complete mobile wallet capabilities and value-added services into their own branded iPhone and Android applications. In addition, the solution will allow retailers to avoid sharing sensitive customer information with third parties."

With the Starbucks app, transactions are facilitated at the POS by means of quick response (QR) codes. McCarthy thus believes that the MCX solution will likely leverage QR codes as well. "This is obviously an intriguing initiative, one promising massive change in the industry," he wrote, adding that MCX may result in "something wildly disruptive and valuable to consumers and merchants alike."

Focused on merchants, not consumers

Initial reactions from payment consultants to MCX's announcement focused on the emphasis MCX puts on retailer issues, namely loyalty and merchant acceptance, rather than the consumer experience. Aite Group LLC Analyst Nathalie Reinelt said, "[I]t appears that they will be deeply focused on loyalty programs compared to Google Wallet and Isis (Softcard), which should offer a greater incentive for consumers to give their mobile payment platform a try."

Rick Oglesby, Senior Analyst/Consultant at Double Diamond Group LLC, added that "MCX is really focused on the merchant; it wants to promote merchant branding, build merchant-to-consumer relationships and reduce the cost of merchant acceptance."

MCX will also be able to leverage its extensive merchant network to drive consumer adoption. Oglesby said the ideal time to enroll consumers in a new program is at the POS, as less effort is needed at that time to convince consumers to change payment behaviors. "Because MCX is merchant controlled, it can best access consumers at the point of payment and is therefore very well positioned to drive change in payment behavior," he noted. "This should be a big advantage for MCX/CurrentC."

As for the "secure paycode" technology MCX mentioned in its announcement, Reinelt believes it could mean either QR code- or bar code-based payments. In terms of sophistication, such payment methods are technologically simple in comparsion to NFC schemes. However, Reinelt pointed out that both Google Wallet and Softcard use NFC technology but have struggled to win over consumers.

"However, Starbucks – which uses barcode technology, but offers an attractive loyalty program – continues to see impressive growth in their mobile payment volumes," Reinelt said."The important aspect of MCX's offering isn't that it is not using NFC, it's that it is focusing on loyalty and tokenized secure payments, which will set them up to be highly competitive."

Oglesby also believes tokenization is a key feature of CurrentC. "Traditional NFC models pass a standard card number through an NFC-equipped terminal," he said. "A tokenized solution can use a broader set of technologies (QR code, bluetooth, sound emission, or even NFC). We may eventually see MCX embrace NFC, but not without tokenization, and not within the rules imposed by the traditional payment networks."

Will MCX succeed? Will NFC-based Apple Pay soon dominate the field? With mobile technology developing at such a rapid clip, is it possible a new contender could rise and grab the lion's share of the market, leaving current contenders in the digital dust? It's still too early to tell.

CFPB gives RTPs more time
Friday, September 5, 2014

I n the area of international remittances (money transfers), the Consumer Financial Protection Bureau issued final revisions to its controversial rules that govern the business practices of remittance transfer providers (RTPs). But in issuing the final rules, the CFPB granted a kind of reprieve to RTPs, such as banks and credit unions, by pushing back the compliance deadline for certain types of transactions to July 2020.

The remittance rules, which went into effect in October 2013, require RTPs to disclose exchange rates, fees and taxes to consumers before consumers initiate international money transfers at the POS. The rules also allow consumers a 30-minute window after transactions are made to cancel them and be reimbursed for transaction costs. RTPs must also provide disclosure and program information in the languages of the consumer groups that the remittance services are marketed to.

But in April 2014, the CFPB responded to RTP concerns that remittance fees are not necessarily known at the time transactions are made; for example, foreign entities to which remittances are sent can impose fees on consumers that RTPs can't control. Therefore, the CFPB initially granted a temporary rule exemption that expired July 21, 2015, for those transactions. Now, in the CFPB's revised rules, the deadline stands at July 21, 2020, for when RTPs must be able to ascertain the fees for problematic remittances.

"If the temporary exception expired in July 2015, current market conditions would make it impossible for insured institutions to know the exact fees and exchange rates associated with a minority of their remittance transfers," the CFPB said. "Without the exemption, these insured institutions reported that they would have been unable to send some transfers to certain parts of the world that they currently serve. The Bureau believes that this exception is limited and is not used for most remittances by insured institutions."

The CFPB added that the July 21, 2020, deadline is final and cannot be extended. The agency believes the extension to 2020 will provide RTPs enough time to "develop reasonable ways to provide consumers with exact fees and exchange rates for all remittance disclosures."

One aspect of the rule that has not been revised is the 100 remittances-per-year threshold imposed by the CFPB. RTPs that provide fewer than 100 international money transfers per year will not have to comply with the rules. RTPs and the associations representing them argued that the threshold is too low, with 1,000 and 6,000 being floated as more reasonable cut-off points.

The National Association of Federal Credit Unions welcomed the CFPB's extension, but decried the overarching direction of the rules. NAFCU Director of Regulatory Affairs Michael Coleman said NAFCU and its members "remain concerned about the overall rule and the incredible burden it places on any credit union facilitating more than 100 remittances yearly for its members. As it stands, this rule is pushing credit unions out of the market."

Where to draw the line

In a July 30, 2012, letter addressed to Congress, several FI associations, including the American Bankers Association and the Credit Union National Association, said the international remittance rules "impose arbitrary and unworkable requirements on consumer-initiated international transfers of all sizes and purposes that will drastically curtail the availability of international transfers to consumers."

At the time, CUNA advised the CFPB that the threshold should be 1,000 transactions per year. Pat Keefe, Vice President, Communications & Media Outreach at CUNA, said most of CUNA's members would fall under that 1,000 threshold and would therefore not be subject to the rules, and some CUNA members that didn't fall under that threshold might eliminate their international remittance services due to the costs of complying with the rules.

International remittances offered through banks and credit unions are processed primarily over the "open" automated clearing house (ACH) network. The associations' letter stated, "While these [open] networks enable consumers to send funds account-to-account to almost anywhere in the world, they do not enable a financial institution in the U.S. to access the exact exchange rate, third-party fees and foreign taxes required by the final rule."

In contrast, "closed" network-operating RTPs, such as The Western Union Co. and Moneygram Inc., are seen as having an easier time complying with the CFPB's rules because they oversee the operations of their overseas agents that handle remittances on the receiving end.

Overseas U.S. military bases excluded

In accordance with the Dodd-Frank Act of 2010, a new section was added to the Electronic Fund Transfer Act (EFTA) that requires the CFPB, an agency created by Dodd-Frank, to regulate RTPs. The CFPB's international remittance rules were added to Regulation E of the EFTA requiring disclosure requirements of RTPs, as well as make RTPs liable for money transfer errors, even if customers provide inaccurate account numbers or routing information.

In connection with its August 2014 rule revisions, the CFPB published version 3.0 of its small entity compliance guide. The guide said the rules cover cash-to-cash, cash-to-account, international wire and international ACH transfers, as well as certain prepaid card transactions. Mailed checks would not be subject to the rules because they are not transactions conducted electronically, the guidance said.

Additionally, the rules cover the transfers initiated by individual senders for "personal, family, or household purposes," and not remittances made by businesses. The CFPB also treats U.S. military bases in foreign lands as "states" so that transfers made by senders in the United States to military personnel stationed overseas do not fall under the rules. However, transfers made from military bases to foreign countries are considered international remittance transfers and are covered by the rules.

NAFCU said its members were "happy to see the Bureau explicitly specify that U.S. military installations located abroad are states for the purposes of the remittance rule.”

View prior breaking news

© 2012 The Green Sheet, Inc.