CUNA Mutual Group Risk Alert: Patent Protection and Software Licensing Efforts Target CUs

Credit unions from around the country have received letters from the Epicenter Law firm “inviting” them to license the patent rights to remote deposit capture (RDC) technology. The letter states Epicenter represents United Services Automobile Association (USAA), a Texas-based financial services group. And, although these letters are recent, it appears that banks have been receiving similar letters sent on behalf USAA for nearly a year.

The Epicenter Law letters indicate the United Services Automobile Associate (USAA) believes that the credit unions are using mobile check deposit technologies protected by several US patents held by USAA and listed as an appendix to the letters. The letters further assert that USAA developed various remote deposit check technologies beginning in 2005, and implemented the first mobile check deposit application in 2009. They suggest that credit unions exchange information with Epicenter Law to determine whether the credit unions are in fact using USAA-patented technology. Epicenter Law emphasizes that they are not a litigation firm, but seek to negotiate licensing arrangements on behalf of USAA.

Your Credit Union League may also be following this issue, so consider reaching out to your league for any additional information they may be able to provide. See related NJCUL alert here.

Risk Mitigation
Credit unions offering location mapping, and check imaging services within their mobile applications should consider these questions and mitigation tips:

• Do you currently offer consumer mobile check deposit?
• Does a vendor provide your Remote Deposit Capture (RDC) solution?
• Have you reviewed your contract to determine whether the vendor is responsible for product licensing and any patent issues?
• Have you provided your vendor a copy of the letter?

Credit unions should review their RDC vendor licensing agreement or services agreement for the terms that govern notice to the vendor of other parties asserting patent rights. Licensing and services agreements may contain a deadline for notifying the vendor when customers receive such correspondence, and failure to provide notice within a specified timeframe could result in the credit union waiving its rights to be indemnified and held harmless by the vendor.

A credit union receiving a patent licensing letter from Epicenter Law or USAA should promptly provide written notice to the vendor in the manner and to the address specified in the vendor’s licensing or services agreement. Such agreements often provide that the addresses listed within the agreement can be changed by written notice. Prior to mailing any correspondence, credit unions should verify whether they previously received a change of address notice from the vendor.

Credit unions should refrain from any direct communication with Epicenter Law or USAA, especially if the vendor’s indemnification or hold harmless provisions grant the vendor the right and obligation to evaluate and resolve patent issues.

If a letter has been forwarded to a vendor, credit unions should request an acknowledgement of receipt from the vendor, and inquire what further action on the vendor’s part may be expected. If there is no response from a vendor, outside counsel should be consulted.

If a credit union has developed their own proprietary software for Remote Deposit Capture, a patent licensing law firm should be consulted directly.

Risk Prevention Resources
Access CUNA Mutual Group’s Protection Resource Center at for exclusive risk and compliance resources to assist with your loss control. The Protection Resource Center requires a User ID and password.

Credit unions that receive a patent infringement letter from USAA should contact their credit union attorney or contact NJCUL’s Nicola Foggie at