With the news that CVS has changed its policy regarding purchases of prepaid cards and gift cards, some folks have wondered why shops have been tightening up their rules.
In the past, CVS has allowed purchases of up to $5,000 in prepaid or gift cards a day, and would scan your identification for transactions over $1,000. But now the maximum per day is $2,000 in gift cards, with an ID required for purchases over $300.
Many folks buy gift cards at CVS with a miles-and-points earning credit card, then load them to their Serve accounts to pay bills that can’t ordinarily be paid with a credit card. It’s a good way to meet credit card minimum spending requirements.
But the new rules have made buying gift cards at CVS much less convenient for folks who buy a lot of them.
This actually has very little to do with miles-and-points enthusiasts. It’s to prevent fraud, money laundering, and other criminal activity. I’ll explain!
The Bank Secrecy Act
The US Bank Secrecy Act, passed in 1970, requires financial institutions to report certain activities to the Financial Crimes Enforcement Network (FinCEN). That’s the branch of the United States Department of the Treasury responsible for tracking and preventing crimes like money laundering, terrorist financing, and other fraudulent financial activity.
Financial institutions must report:
- Cash transactions greater than $10,000 in 1 day, including withdrawals, deposits, payments, currency exchanges, or transfers (including more than 1 transaction by the same person)
- Moving more than $10,000 in cash, traveler’s checks, or other monetary instruments into or out of the US (so that’s why they ask that question on the US Customs Declaration form!)
- Cash purchases of monetary instruments, including money orders, cashier’s checks, and traveler’s checks valued between $3,000 and $10,000
- “Suspicious activity,” which might include customers trying to avoid reports being filed by structuring transactions – that is, breaking up large transactions into several smaller ones to “fly under the radar”
You’re probably wondering what this has to do with CVS or other sellers of prepaid cards and gift cards. They’re not financial institutions!
The Prepaid Access Rule
Link: Prepaid Access Rule FAQ
In 2011, the Bank Secrecy Act was expanded to include “providers and sellers of prepaid access,” which is defined as:
A person that accepts payments for an initial or subsequent loading of prepaid access, including a general purpose retailer such as a pharmacy, convenience store, supermarket, or discount store.
Merchants like CVS, malls, and grocery stores are subject to the same reporting requirements as banks! But there are exceptions, so long as the seller:
…does not sell prepaid access under a prepaid program that can be used before the user’s identification needs to be verified; and … it has policies and procedures in place that are reasonably adapted to prevent the sale of more than $10,000 of any type of prepaid access to any one person on any one day.
There are other exceptions which you can read about in the FinCEN Prepaid Access Rule FAQ.
I’m not a lawyer, but looking at the CVS memo regarding their policy change, it seems like they’re at least required to report suspicious activity, like the banks. And it wouldn’t surprise me if they had to report customers who buy a lot of gift cards (hence the ID scan).
I suspect CVS and other retailers are trying to reduce the amount of reporting they have to do (paperwork!) as well as minimize their exposure to risk from those engaged in genuine criminal activities (money laundering, gift card fraud, etc.).
So while folks like us are really not the target of these new policies, it does make it more inconvenient to buy large quantities of gift cards and prepaid cards. Having to scan ID for purchases larger than $300 is a pain, but I’ve said it before – in this game, the rules are always changing, and we have to adapt.
Structuring Transactions: Worth the Risk?
In short, no.
PS: For the best discussion on “Structuring” for miles and points, please see this FANTASTIC post by Travelblawg.
Looking at CVS’ new rules, you’d have to buy gift cards worth less than $300 to avoid having your ID scanned (and to dodge the $2,000 per day limit).
These gift cards have a purchase fee of ~$5 to $7. The miles and points earned from buying smaller value gift cards are NOT generally worth it because of the high fee.
And even if you think it’s worth buying large amounts of smaller value gift cards to avoid the new rules (suppose if you were trying to meet minimum spending requirements), is it really worth being flagged for “suspicious activity” if a cashier figures out what you’re doing?
In addition, even if you’re friendly with your local cashier (they know you’re a Big Travel with Small Money geek and they’re happy to help!), it would NOT be good if the employee were disciplined or fired because of your actions. FlyerTalk reports a CVS cashier was recently let go after someone talked them into selling $9,000 in gift cards at a time.
I’m happy to stick to the rules here, to avoid trouble for myself and for store employees!
Besides, there are other plenty of other ways to meet minimum spending requirements.
CVS changed its rules regarding the purchase of prepaid and gift cards. Now, you’ll be required to show identification for purchases above $300, and will be limited to no more than $2,000 worth of cards per day.
It’s not really miles-and-points enthusiasts who are being targeted. The Bank Secrecy Act requires stores like CVS, who sell prepaid and gift cards, to comply with many of the same rules as banks with respect to reporting large monetary transactions and suspicious activity.
Although it’s inconvenient, the new rules are in place to help detect and prevent gift card fraud, money laundering, and other illegal financial activities. And though some may be tempted to try to avoid the new restrictions by structuring their transactions, it’s not worth it.
Have you ever been flagged for suspicious activity for purchasing gift cards?