The bank opened an account today and came to me after the account was opened. The customer says he is a commercial collection agent. He would collect from the commercial debtor and pass through this bank the payment to the attorneys. The payments would be payable to the business - his. He would then mail a check or use ACH. He has International in his name but says he only wired $$ overseas once. He says he deals with businesses for publishing and import/exports. Customer says usually $1000 or less with deposits on 7-10 per month.
Thank you.

Yes.

Whether you call him a TPPP or not isn't the end all be all of your risk assessments.

I'll assume you've read the BSA/AML Examination Manual and won't rehash their poor definition of TPPP.

The key question is whether they're actually providing "payment processing services" to the creditors which use them as an agent. What's "payment processing"? Most often, it's card transaction, but it also includes ACH and remotely created checks.

Effecting a transaction while operating as an agent of a third party by itself does not make you a "payment processor." If that was the case, every attorney with an IOLTA and every fiduciary would be a TPPP.

The key question for this customer is: are they providing a service or platform to clients that *allows the client* to initiate a transaction that effects another third party (presumably their commercial debtors)? If yes, then they're a TPPP. If no, and the collection agent initiates the payment via ACH, then they're at most a third party service provider (TPSP), which NACHA's guidance clearly indicates. If it's RCC's, same deal, but they're not under NACHA's purview.

IMHO, it's unlikely they're a TPPP. They're probably a TPSP, and they're definitely a PSP. Whatever acronym you tag them with, there is a clear third party risk here that you need to mitigate.