As the subscription economy continues to grow, new regulations are being put in place to protect the rights of consumers in response to the numerous dark patterns that some large online companies practice to take advantage of their users.
These recurring “dark patterns” represent online interfaces in websites and apps designed to intentionally manipulate users into taking action. They might also have the user give out personal information that they otherwise would not have done under normal circumstances.
The FTC has advanced in banning such deceptive practices, but it hasn’t done much to reduce consumer excitement toward subscriptions.
Recent polls show that Americans favor automatic renewal subscriptions, with the average consumer spending $273 monthly on various services. Yet, this poll also reflects that many Americans don’t understand how much they spend on these plans, billing frequency, total amounts, or cancellation methods.
In response to these concerns, new laws regarding automatic renewal subscriptions, negative option plan, and free trials was enacted in 2022. As a result, more states will continue to pass laws requiring businesses to provide transparent upfront information on renewal terms and make it easier for consumers to cancel their subscriptions.
In this article, we explore these new laws and their associated rules for compliance.
Recent subscription compliance updates
National/State-wise new compliance regulations:
In 2022, we saw cases where the Restore Online Shoppers Confidence Act (ROSCA) was used to protect small businesses from deceptive automatic renewals, like with Texas-based First American Payment Systems.
The FTC found the company engaging in many harmful practices, such as deceiving businesses with hidden fees, imposing surprise fees upon cancellation requests, and withdrawing money from merchant accounts without their knowledge. As a consequence, the company has agreed to pay back $4.9 million to refund the affected businesses.
The FTC then took further action by issuing the Enforcement Policy Statement Regarding Negative Option Marketing (Enforcement Policy), reiterating certain requirements under ROSCA.
This policy instructs companies to provide customers with more information about their subscriptions, such as the total cost of the subscription, the terms of the subscription, and the customer’s right to cancel the subscription.
On a state level, California, Colorado, Delaware, and Illinois each either passed new laws or amended existing laws on recurring subscriptions that go into effect in 2022.
These laws will generally require businesses to send frequent acknowledgment notices to users about the subscription terms and their updates while also providing a way for users to make any necessary changes. Needless to say, this is the kind of transparency that consumers have been waiting for.
California has always been one of the best states in hunting down deceptive company practices, thanks to its Autorenewal Task Force. Now, it will introduce amended laws regarding recurring subscriptions to include new notice and cancellation requirements.
These requirements went into effect on July 1, 2022, and oversee any business that offers subscription services for longer than a year or free trials that last longer than 31 days. The key elements of the new law require companies to send frequent renewal reminders to customers with specific subscription information, deadlines on trial end dates, and an easy-to-see and accessible cancellation link.
Colorado and Delaware
Similar to California, Colorado and Delaware enacted new laws on January 1, 2022, requiring businesses to provide detailed disclosures about the terms of their automatic renewals and make it easy for customers to cancel. Colorado’s statute impacts monthly subscriptions differently than annual subscriptions, while Delaware’s statute applies broadly regardless of the length of the term.
In both states, businesses that allow customers to sign up for subscriptions online must make it easy for them to cancel their subscriptions without requiring a minimum purchase obligation or a long wait time. Additionally, both states have a right-of-action provision for consumers who feel they were not given proper notice or had their rights violated by a business when subscribing/renewing an auto-renewal service.
As mentioned, other states such as California, Colorado, New York, Vermont, and Delaware already have a law requiring online cancellation options, and Illinois is looking to follow in their footsteps.
The new Illinois statute will require upfront, transparent disclosure of the renewal terms and cancellation options in the consumer’s contract, along with notice to the consumer before renewal charges occur.
The cancellation methods have to be fully accessible and offered to users who set up their subscriptions online. However, unlike in other states, businesses may find a way to avoid liability under this statute by writing compliance procedures and enacting them as part of their routine business, as well as remedying an unwanted charge with a prompt refund to affected customers or companies.
We’ve explored new regulations in the United States. Now let’s zoom out and look at other subscription compliance updates enacted around the globe.
Having frozen auto-subscription services last year, Google is ready to relaunch auto-renewing subscriptions in India, but only to customers whose banks comply with the new Reserve Bank of India (RBI) regulations.
These regulations promise to provide consumers with more control and transparency in the transaction process of auto-renewal payments.
They will mandate banks to inform customers in advance about every recurring payment they are subscribed to and require them to consent via a one-time password and other additional factor authentication for payments higher than ₹5,000 (~US$61 as of October 2022).
The mandate is in stark contrast to how the subscription model used to operate, where customers were only required to consent once to auto-renewal services upon initial purchase.
Businesses in India will need to either adopt or create new compliance solutions in response to these new regulations or halt all services until a solution is provided to customers.
Similar to the United States, the “subscription economy” has never been bigger in Europe, with reported growth of the industry outpacing traditional businesses.
On average, Europeans spend over €130 monthly on subscriptions, not too far off from their American counterparts. However, with the market’s growth, concerns about consumers getting trapped into subscriptions they don’t want or can’t cancel have increased.
In response, Germany enacted new obligations for businesses under the Fair Consumer Contracts Act (FCCA) back in 2021 — giving businesses until 2022 to adapt to these new changes.
The FCCA will require businesses to simplify their cancellation method into an easy-to-follow 2-click process — ensuring cancellation is to be as simple as signing up. It has been explicitly stated that the cancellation method refers to cancelling the subscription contracts, having in place a method of cancelling the auto-renewal is not enough for the purpose of these new changes. Also, the FCCA has been treating differently the cases where the consumers are requesting the cancellation of the subscription as a result of an extraordinary event. Such events, like moving to another country where the service is not available, require special attention and manual validation. More than that, they should be handled with high priority followed by an immediate cancellation of the subscription. Additionally, merchants will no longer be allowed to automatically renew subscriptions for customers for an additional year after the initial two-year period has passed.
It’s important to note that these new regulations apply to all online businesses, but with few exceptions: the “two-click cancellation” policy will not apply to contracts involving financial services or where a specific form requires termination by law, as well as for businesses operating outside of Germany.
Card Payment Schemes Regulations
As new subscription renewal mandates increase worldwide, Visa and Mastercard are trying to lessen their financial risk from chargebacks and complaints about automatic renewals by issuing additional requirements mandates for merchants who use recurring billing.
These mandates cover on-file transactions of (1) recurring payments, (2) installment payments, (3) unscheduled merchant-initiated payments, and (4) unscheduled customer-initiated payments.
In 2020, Visa introduced new rules requiring merchants to send notifications to their customers detailing when payments are due and providing an easy-to-see link to a cancellation page.
Other key points introduced include:
- Merchants must provide a digital receipt to each new customer that highlights the terms of the agreement, its timeline, and amounts owed for future payments,
- The ability for customers to cancel online, regardless of whether they signed up for it online originally or not,
- Merchants must notify customers by email or text at least seven days before a free trial period ends.
Mastercard also created similar changes to its rules with similar requirements, with their mandates going into effect in June 2022.
Additionally, both Visa and Mastercard will now require that merchants obtain explicit consent from customers to store their payment information in their systems and that merchants must separate this consent from their standard terms and conditions.
The regulatory environment is constantly evolving to protect consumers, and merchants should work with eCommerce and payment providers who prioritize compliance. By doing so, merchants can ensure that they are up-to-date on the latest requirements, avoid any penalties or fines associated with non-compliance, and provide a better, more trusting environment for customers and businesses to thrive.
Because keeping up with compliance updates in all the different regions you’re selling to can be a daunting and disruptive task, we recommend working with a payment provider who oversees the subscription regulatory environment themselves, keeping your flows up-to-date with new requirements.
At 2Checkout (now Verifone), compliance is a top priority, as we guarantee you are always in line with the different regulations in your markets. For example, given Visa’s new regulations for trials and introductory offerings, our merchants can already find email templates for these new notifications in their control panel dashboard, ready to be used to comply with Visa’s mandates and optimize the customer experience in the process. Another example is the Germany FCCA regulation, merchants selling subscriptions in Germany are up-to-date with the latest cancellation process, which has been put in place in such a way that it goes beyond just following a compliance regulation. It offers the shoppers transparency and flexibility in self-servicing their subscriptions and the merchants the chance to prevent and fight subscription churn.
Are you looking to learn more about recurring billing and subscription management? Here is everything you need to know to set your company on its right growth path.
Additionally, check out our eBook containing expert advice on actionable tactics that you can take to help further skyrocket your subscription business.