Washington, DC - The Federal Trade Commission has given final approval to a settlement with PayPal, Inc. over allegations that its Venmo peer-to-peer payment service misled consumers about their ability to transfer funds to external bank accounts and control the privacy of their Venmo transactions.

In its complaint, the FTC alleges that when Venmo notified users that money had been credited to their Venmo balances and was available for transfer to an external account, it failed to disclose that those funds could be frozen or removed based on the results of Venmo’s review of the underlying transaction. The FTC also alleges that Venmo misled consumers about the extent to which they could control the privacy of their transactions. In addition, Venmo allegedly misrepresented the extent to which consumers’ financial accounts were protected by “bank grade security systems,” and violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules, according to the complaint.

As part of the settlement, Venmo is prohibited from misrepresenting any material restrictions on the use of its service, the extent of control provided by any privacy settings, and the extent to which Venmo implements or adheres to a particular level of security. Venmo also is required to make certain disclosures to consumers about its transaction and privacy practices, and is prohibited from violating the Privacy Rule and the Safeguards Rule. Consistent with past cases involving violations of Gramm-Leach-Bliley Act Rules, Venmo is required to obtain biennial third-party assessments of its compliance with these rules for 10 years.

The Commission voted 5-0 to approve the final complaint and order, as well as responses to the comments the FTC received.