Over the past three years MSRN has received a number of inquiries about different merchant service providers, processors, and banks. We try to respond to every post and question. If the poster leaves their contact information we answer to them directly. Since switching to a .com domain this past year, we have received a number of tips and inquiries about Masih Madani/Transysa/Opus/Oncaldera/HMSBlue/Transactional Systems/Darius etc. One recent anonymous commentator asked the following questions that due to their anonymous status must be answered in a published post rather than email.
"When we first began this extensive diligence, we got advise of counsel and these questions were brought up prior to posting this and confirming our discoveries."
1) Why is MasterCard doing business with Transysa/Mr. Madani if “cardtransystems.wordpress” is correct in thier posting?
MSRN: It is not clear from your question to what posting you refer, however MSRN does not publish cardtransystems.wordpress.
Mastercard sponsorship is offered by member banks. It is the banks who determine who they will sponsor and who they "vouch" for as program managers and card programs. The losses incurred by Madani's stored value card holders were on EBSG cards offered by Innovative Bank, they did not have either MasterCard or Visa sponsorship; they are otherwise known as unbranded cards. Madani is currently offering his ebsg cards through Storedvalueplus among other entities.
MSRN has worked hard to bring attention to the riskier practices of banks with regards to their sponsorship and use of the Visa and MasterCard brands. Many banks need to enhance their revenues due to losses from bad mortgages, and card sponsorship is a relatively fast and safe way to do that. Unfortunately the less than healthy banks can make less than prudent choices in card sponsorship.
2) Why would Visa put Transysa (Mr. Madani Principal) on their CPI/DSS compliant service provider list? (Search Google keywords “Visa Transysa”)
MSRN: We assume you mean PCI/DSS compliance. According to Visa, "PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers."
"Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA)."
"Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list."
3) Why would U.S. and International banks be integrating with Transysa as the platform / processor?
MSRN: We have no information as to the accuracy of that statement. If readers have any information on banks and processors that are currently integrating with Transysa, please advise.
4) Why would Trustware a very reputable accessor for banks such as Bank of America and Chase approve Transysa as recent as September 2009?
MSRN: The company is Trustwave, and yes, they are a very reputable company. We have no information that they are an "accessor." They do assess and verify that locations and systems are secure; they do not vouch for the trustworthiness of the people at the locations and controlling the systems. According to their website, "From risk and controls assessment through remediation and control testing, Trustwave's purpose-built software solution seamlessly automates the enterprise Governance, Risk Management and Compliance."
Trustwave outlines their services, "For businesses and organizations of any size, Trustwave will identify gaps between current security posture and industry-specific regulations such as the Payment Card Industry Data Security Standard (PCI DSS) and government regulations such as the Health Insurance Portability and Accountability Act (HIPAA). Our assessments provide the following:
•Benchmarking - An executive summary report detailing current security controls
•Gap Analysis - Measure existing security posture against regulations
•Risk Assessment - Outline of weaknesses that pose the greatest risk
•Remediation Report - Details the required actions to bring security controls in line
5) Why would the U.S. Department of Treasury (FINCEN) have Transysa registered as an MSB?
MSRN: That is a very good question. At the time of post, MSRN can find no record of Transysa as an MSB. We double checked the MSB Registration list for California and cannot find Transysa listed.
Anonymous Commentator: Quite frankly if all of the above major corporations, banks, networks and state/ government agencies are willing to do business with Transysa and Mr. Madani, why would any other company not?
MSRN: We do not endorse or promote any service providers. We do advise our readers in every case with every business; buyer beware.
Anonymous Commentator: The internet and irresponsible postings by bloggers and individuals with personal issues can cause serious damage to a credible company.
MSRN: You are correct, there is much on the internet that is untrue, reckless, or otherwise untrustworthy. An excellent example of the sort of manipulation of the internet that takes place is found the following email exchange between Mr. Madani and Jeff Bazan regarding Transysa sent to MSRN:
I had put on YAHOO ANSWERS a Q & A for someone to give me feed back from Transysa.
We had someone go on the site and ANSWERED a POSTIVE reference for Transysa.
Within 1 hour….someone went on the Question/Answer and ALSO ANSWERED THE QUESTION ABOUT TRANSYSA WITH a NEGATIVE RESPONSE.
I DELETED THE QUESTION…OTHERWISE IT WOULD HAVE COME OUT ON FIRST PAGE RESULTS OF GOOGLE FOR “TRANSYSA”.
Anonymous Commentator: We can tell you that after exhibiting twice at the Prepaid Expo in Vegas and Orlando and worked, dealt, met with all of the major players in this space; our determination and due diligence brought nothing but stellar response from the entities above such as banks, MasterCard, Visa, Trustware and many others regarding Transysa, Inc. and Mr. Masih Madani.
MSRN: Please have them contact MSRN, we work in and are in contact with many in the industry, and always strive to present both sides to every issue.
Anonymous Commentator: We would hope that readers can see beyond a posting with not sufficient information to accurately make an assessment.
MSRN: Agreed. It is incumbant on banks and processors to do their due diligence and only sponsor and grant access to those service providers who are professional and trustworthy. The security of the networks is dependent on each provider's security and honesty.
Reader's must assess the trustworthiness of their information providers as well.
Many financial instruments such as FDIC Cease and Desist Orders are issued to banks very often these days, it is important for consumers to understand what they mean, and to whom they can be issued. Many judicial instruments are confusing and sanctions help ensure that rarely are claims made in pleadings that are not generally based on a good faith belief that what is alledged is in fact the truth, however financial institutions must be particularly careful in the allegations and statements they make due to the fact that much of their success is dependent on credibility.
Consumer tip: Beware of testiphonials
Update:
Failed O.C. bank says it lost millions to high-tech fraud
By RONALD CAMPBELLA
Los Angeles County businessman is accused of stealing at least $3.5 million in a high-tech skimming operation at an Orange County bank seized last month by federal regulators.
The failure of Westminster-based First Vietnamese American Bank cost the Federal Deposit Insurance Corporation $9.6 million.
Some 300 businesses and nonprofits have sued the bank and Chatsworth businessman Masih Madani, alleging Madani stole their money under the bank's nose. First Vietnamese in turn has sued Madani and a second failed institution, Oakland-based Innovative Bank.
The cases shed light on the vast but little-known Automated Clearinghouse, which handled nearly $20 trillion in 2009 alone. Operating through the Federal Reserve Board, banks and "third-party processors" such as Madani's company, Opus Ventures, individuals and companies make billions of payments each year.
You probably use the system to automatically deposit your paycheck or Social Security check or automatically debit your mortgage or gym fee from your bank account.
No comments:
Post a Comment