CAN-SPAM = Our Vendor, Not Our Customers

Posted By: Mel in WA

CAN-SPAM = Our Vendor, Not Our Customers - 05/13/22 08:18 PM

We recently sold our credit card portfolio to a vendor who now services existing accounts and underwrites new credit card accounts. It's very clear in our agreement that these are not our customers and compliance is the responsibility of the vendor.

That being said, when a card holder unsubscribes from marketing materials, should we be identifying dual customers and coding them on our core system? The actual credit card is branded with our logo, giving the impression it's our bank. However, in some cases, the card holder may not even be on our system.
Posted By: Andy_Z

Re: CAN-SPAM = Our Vendor, Not Our Customers - 05/13/22 08:49 PM

My first thought is that if it has your bank's name your bank is at risk if a person opts out of commercial email marketing messages (CEMM) but continues to receive them. Why would the bank want opt outs to get unwanted messages?

That said the sender of the CEMM will not the bank, but rather the servicer who is the owner of these accounts. A sender is the person who initiates the CEMM and whose product is promoted. This will not be your bank. This reduces or eliminates duties on the bank.

I believe what the bank should be looking for, is any CEMMs that are sent from the servicer/owner clearly indicating what role your bank has. Based on the description your bank has no real role, only its brand on the cards already issued. Will new cards approved by the vendor have your bank's name on them? That may indicate remuneration for continued profits and some responsibility on the bank's part due to an ongoing agreement with the vendor. But if your bank has sold the portfolio and at card renewal your branding is dropped, you may simply be restricted from knowing who opts out with the vendor, and therefore can't do anything. So understanding the banks role going forward is a key.