Legal Templates
Getting Started
Welcome to the Lithic Legal Library — a repository of legal and compliance templates for card programs. This library is open and free for all companies to use, and includes templates for key policies, agreements, and disclosures.
We will be expanding this collection. If you want to receive alerts when we add a new template, you can sign up for notifications. If you have any questions/feedback, or if you'd like to contribute to the library, please contact us at [email protected].
Choosing and Using the Samples
Not every company offering cards needs every document here. Whether a sample applies hinges on factors like whether the cards are for consumers or businesses, whether the cards are prepaid, and others. To help you determine which ones apply, we’ve included brief pointers below.
These samples are made available by Lithic, Inc. under a Creative Commons Attribution-NoDerivs 4.0 International License: https://creativecommons.org/licenses/by-nd/4.0/legalcode. You can use the samples for card programs, but must obtain Lithic’s prior consent if you wish to publicly share any modified versions.
How to Use the Legal Forms
We’ve added highlighted brackets, footnotes, and guiding prompts in the templates. After you download a document, be sure to fill in all highlighted brackets and delete all prompts and footnotes before finalizing.
Legal Disclaimer
️ The following is not legal advice and should only be used as starting precedents and operational best practices.
The templates are not legal advice and should only be used as starting precedents and operational best practices. Each product and company is unique, and you should consult with an experienced lawyer licensed in the relevant jurisdiction(s) to tailor the agreement as needed.
Lithic does not assume responsibility for the contents of, or the consequence of using, any version of these documents or any other document found on our website. Lithic’s legal team knows many fintech lawyers and we’re happy to point Lithic customers to recommendations.
Creative Commons License
These samples are made available by Lithic, Inc. under a Creative Commons Attribution-NoDerivs 4.0 International License: https://creativecommons.org/licenses/by-nd/4.0/legalcode. You can use the samples for card programs, but must obtain Lithic’s prior consent if you wish to publicly share any modified versions.
Policies
Anti-Money Laundering & Sanctions Policy
The Bank Secrecy Act (BSA) requires banks to have anti-money laundering (AML) programs that include written policies and procedures, internal controls, a compliance officer, and other requirements. Read more about BSA and AML requirements.
When a bank works with a fintech, the bank passes its obligations on to the partner company. As a result, fintechs need to have BSA policies.
Download the Anti-Money Laundering & Sanctions policy template
Complaint Handling Policy
Fintechs should have complaint policies in place to ensure the company expediently handles customer needs. This helps the company spot issues it may not be aware of and reduces the risk that issues get escalated to a level that poses regulatory or litigation risk.
Download the Complaint Handling Policy template
Chargebacks and Disputes Policy
The Electronic Fund Transfer Act (EFTA) and Regulation E govern consumer electronic fund transfers, other than credit. Practically, Regulation E covers debit and prepaid card transactions. One of Regulation E’s key requirements is that companies need to respond to transaction disputes.
Regulation E does not apply to commercial cardholders or credit products. Accordingly, fintechs that offer consumer debit and prepaid cards should have a Regulation E Dispute Policy.
Download the Chargebacks and Disputes Policy template
Fair Lending Policy
Consumer and commercial lenders need to comply with fair lending laws, which generally prohibit credit discrimination based on race, gender, religion, and other protected attributes.
Download the Fair Lending Policy template
Marketing Policy
Consumer and commercial fintech companies should consider having marketing policies to ensure they’re not exposing themselves to regulatory or legal risk. Misleading materials or emails that don’t comply with CAN-SPAM, for example, can expose a company to scrutiny.
Download the Marketing Policy template
Red Flags Policy
The FTC’s Red Flags Rule requires banks and certain creditors to have programs to identify identity theft red flags. These obligations often get passed through to fintechs that partner with such banks and creditors.
Download the Red Flags Policy template
Servicing and Collections Policy
There are various federal and state laws that regulate how creditors can service and collect debt. Any consumer or commercial lender should have a collections and servicing policy to ensure they are compliant with these laws.
Download the Servicing and Collections Policy template
Privacy Policy
It’s best practice for consumer and commercial fintechs to have privacy policies, and such policies may be required under federal or state laws. The exact required contents of a policy depends on factors like where a company offers its products and whether it serves consumers.
Download the Privacy Policy template
UDAAP Policy
Unfair, deceptive, and abusive acts and practices (UDAAPs) rules apply to consumer financial services providers, and unfair and deceptive acts and practices (UDAPs) rules apply to both consumer and commercial financial services. These two are often grouped together under the “UDAAP” name.
These rules generally target misleading or manipulative conduct. Fintechs offering consumer products often have UDAAP policies, while fintechs offering commercial products often have UDAP policies.
Download the UDAAP Policy template
Cardholder and User Agreements
The type of agreement a company offering cards has with its cardholders depends on a few factors, such as:
- Is the cardholder a consumer or a business?
- Is the card prefunded (i.e., does the cardholder load funds into the program before a transaction is authorized)?
Commercial Prepaid Cardholder Agreement
Card programs should generally use a commercial prepaid cardholder agreement when cards are prefunded and the cardholder is a business.
Download the Commercial Prepaid Cardholder Agreement template
Commercial Charge Cardholder Agreement
Card programs should generally use a commercial charge cardholder agreement when the cardholder is a business, and the card program extends credit to the cardholders, but cardholders must pay off outstanding amounts at the end of a billing cycle (i.e., they cannot roll over the balance from month to month).
Download the Commercial Charge Cardholder Agreement template
Consumer Prepaid Cardholder Agreement
Card programs should generally use a consumer prepaid cardholder agreement when the program issues prepaid cards, the cardholder is a consumer and the card falls under the Prepaid Rule (as is typical when a cardholder prefunds a program before a transaction is authorized). This sample is not meant for payroll cards or government benefit cards.
Download the Consumer Prepaid Cardholder Agreement template
Authorized User Agreement
In some card programs, the person using the card is an “authorized user,” or someone who is authorized to spend on the cardholders’ behalf. The prototypical example is a corporate spend card where employees are given cards to spend their employers’ funds for work purposes. Another example is rewards cards where, for example, customers are “authorized users” that receive rewards funds on a card.
Download the Authorized User Agreement template
Consumer Prepaid Fee Disclosures
Consumer prepaid card programs need to provide both long and short-form disclosures to cardholders. These are both typically presented when a customer signs up and agrees to the cardholder agreement.
Download the Long-form Prepaid Disclosure template
The short-form disclosure is typically a portion of a full page, so the layout and font are smaller (see the CFPB’s guide to the short-form disclosure for an example).
Download the Short-form Prepaid Disclosure template
Ancillary Document Forms
Card programs often need a host of other legal documents to get up and running. Below are some of the key ones, and when they apply.
E-SIGN Agreement
Consumer card programs that wish to send communications to customers electronically generally must have their customers sign an E-SIGN Agreement.
Download the E-SIGN Agreement template here
ACH Authorization
If cardholders will fund a card program via ACH transfers from their bank account, the card issuer generally must obtain cardholders’ ACH authorization.
Download the ACH Authorization template
Coming Soon
We’ll continue to expand this collection. Our product newsletter will mention any time this library is expanded, and you can sign up here: https://www.lithic.com/blog
If you have any questions/feedback, or if you'd like to contribute to the library, please contact us at [email protected].
Updated 4 months ago