Introduction

SIM-swap attacks remain one of the most common methods by which criminals steal cryptocurrency.

By fraudulently transferring a victim’s phone number to a SIM card under the attacker’s control, bad actors gain access to SMS-based authentication, password resets, and account recovery mechanisms used by many cryptocurrency wallets and exchanges.

Once control of the phone number is lost, unauthorized transfers of digital assets often follow quickly.

In 2025, the U.S. Court of Appeals for the District of Columbia Circuit issued a recent and important decision in Sprint Corp. v. FCC, affirming significant penalties against wireless carriers for failing to adequately protect Customer Proprietary Network Information (CPNI).

While the case addressed misuse of customer location information, the court’s analysis is directly relevant to SIM-swap cases—particularly those in which carrier failures enable downstream harms such as theft of cryptocurrency from self-custody wallets and centralized exchanges.

The Statutory Duty to Protect CPNI

Section 222 of the Communications Act imposes an affirmative duty on telecommunications carriers to safeguard customer information. The D.C. Circuit reaffirmed that this obligation is broad and mandatory:

“The Communications Act requires telecommunications carriers to ‘protect the confidentiality’ of customer proprietary network information.” Sprint Corp. v FCC, 151 F.4th 347, 353 (DC Cir. 2025)

Congress imposed this duty because telecommunications data is inherently sensitive. In Sprint, the court emphasized that customer location information reveals deeply personal details about subscribers’ lives:

“Over time, this information becomes an exhaustive history of a customer’s whereabouts and ‘provides an intimate window into [that] person’s life.’” Id. at 352

SIM-swap attacks depend on similarly sensitive forms of CPNI, including account authentication data, subscriber verification credentials, and control over phone numbers.

The statutory framework analyzed in Sprint applies with equal force to these categories of information.

“Reasonable Measures” Require Meaningful Safeguards

A central issue in the 2025 decision was whether Sprint and T-Mobile implemented “reasonable measures” to protect CPNI, as required by FCC regulations.

The court upheld the FCC’s conclusion that they did not.

The governing regulation requires carriers to take active steps to prevent unauthorized access:

“Carriers must take reasonable measures to discover and protect against attempts to gain unauthorized access to CPNI.” Id. at 353. 

In practice, Sprint and T-Mobile relied heavily on contractual promises from third parties rather than implementing independent verification or monitoring systems.

The FCC found this approach insufficient, concluding that the carriers:

“Unreasonably relied on ‘the honor system.’” d. at 357. 

This reasoning closely parallels SIM-swap cases, where carriers may rely on weak identity verification procedures, easily compromised knowledge-based authentication, or inadequate review of high-risk account changes.

Under Sprint, such practices can fall short of the reasonableness standard imposed by federal law.

Failure to Detect Unauthorized Access

The court also emphasized that reasonable safeguards must include the ability to identify illegitimate access attempts.

Sprint and T-Mobile lacked mechanisms to reliably separate lawful from unlawful requests:

“Nor did either carrier have an effective mechanism for distinguishing between a legitimate request for customer location information and an illegitimate one.” Id. at 357.

In the SIM-swap context, this principle is critical. If a carrier cannot distinguish between a legitimate subscriber request and a fraudulent SIM change initiated by an impostor, that failure may itself constitute a violation of the carrier’s duty to protect CPNI.

Notice of Risk Heightens the Duty to Act

The 2025 decision also makes clear that once carriers are aware of abuse, their obligations increase.

Continuing operations without meaningful changes after known vulnerabilities are exposed can constitute additional violations:

“Even after highly publicized incidents put [the carriers] on notice that [their] safeguards… were inadequate, the Carriers continued to sell access… without implementing reasonable measures.” Id. at 358. 

Wireless carriers have now been on notice for years about the risks of SIM-swap fraud.

Public reporting, regulatory enforcement, arbitration decisions, and litigation have repeatedly identified the same weaknesses.

Under Sprint, failure to address known risks supports findings of unreasonable conduct.

Each Breakdown May Constitute a Separate Violation

The court also upheld the FCC’s determination that each distinct failure to protect CPNI may be treated as an independent violation:

“Each unique relationship… represented a distinct failure to reasonably protect CPNI.” Id. at 358. 

Applied to SIM swaps, this reasoning supports the position that individual unauthorized SIM transfers—particularly where systemic deficiencies persist—may independently give rise to liability.

Implications for SIM-Swap-Enabled Crypto Theft

Although Sprint Corp. v. FCC arose in the context of an FCC enforcement action, its reasoning has broader implications for private claims and arbitrations involving SIM swaps and cryptocurrency theft. The decision confirms that:

• Carriers owe a statutory duty to protect sensitive customer data
• Safeguards must be operational, verifiable, and reasonable
• Known risks require timely corrective action
• Failure to protect CPNI can cause foreseeable and substantial harm

As the FCC concluded, inadequate safeguards:

“Caused substantial harm by making it possible for malicious persons” to exploit customer data. Id. at 358. 

In SIM-swap cases, that harm frequently manifests as stolen cryptocurrency from both self-custody wallets and centralized exchanges.

Conclusion

The D.C. Circuit’s 2025 decision in Sprint Corp. v. FCC provides timely and authoritative guidance on the scope of wireless carriers’ obligations to protect CPNI.

Its reasoning is directly relevant to SIM-swap cases, where inadequate authentication procedures and weak safeguards enable unauthorized access to phone numbers and, ultimately, digital asset theft.

Dilendorf Law Firm has represented clients in more than 130 arbitrations, including SIM-swap cases against T-Mobile, Verizon, AT&T, and other carriers, involving failures to protect customer CPNI that resulted in the theft of cryptocurrency.

If you were a victim of a SIM swap and funds were stolen from self-custody wallets such as MetaMask, Phantom, Coinbase Wallet, or other non-custodial wallets, or from centralized exchanges such as Coinbase, Binance, Crypto.com, or Uphold, you may have legal claims worth evaluating.

Victims are encouraged to contact Dilendorf Law Firm for a consultation.

Clients holding significant amounts of cryptocurrency should also consider proactive asset-protection and custody planning.

Depending on individual circumstances, this may include the use of domestic or offshore asset protection trusts, which can provide an additional layer of protection against cyber threats and unauthorized access.

Dilendorf Law Firm assists clients in designing and implementing these structures, informed by extensive firsthand experience with the consequences of SIM swaps, cyberattacks, and crypto theft.

In addition, for many investors, crypto custody with a secure and insured institutional custodian is paramount, as reliance solely on personal devices and phone-based authentication can expose digital assets to avoidable risk.

 

As cryptocurrency becomes a core component of personal and family wealth, traditional estate planning tools alone are no longer sufficient.

In this video, Max Dilendorf, a seasoned attorney and early participant in the crypto space since 2017, explains a practical, legally grounded framework for protecting digital assets held in self‑custody and ensuring secure access for heirs.

​
​Max represents U.S. and international clients in crypto‑focused and traditional estate and asset protection planning.

He structures domestic asset protection trusts in Wyoming, South Dakota, and Alaska. He also advises on offshore trusts in the Cayman Islands, Cook Islands, Nevis, and other international jurisdictions.

His practice connects digital asset security with time‑tested legal structures. In this discussion, Max introduces the 2‑of‑3 Multisignature + Trust Framework.

It combines a multisignature crypto vault for enhanced security with a revocable living trust for legal continuity and clarity. The plan is supported by pour‑over wills and letters of wishes that guide heirs and fiduciaries.
​
This structure helps crypto holders maintain control during their lifetime. It also reduces the risk of permanent loss from misplaced private keys, inaccessible hardware wallets, or poor planning.

Founders, investors, and family offices increasingly use this approach because digital wealth requires both technical safeguards and legal infrastructure.
​
If you hold Bitcoin, Ethereum, or other digital assets in self‑custody and want to ensure they are protected, transferable, and integrated into your estate plan, this video offers practical, real‑world insight into how crypto multisig trusts and wills work together.

To learn more about implementing a crypto multisignature trust, digital asset estate plan, or domestic or offshore asset protection structure, contact Dilendorf Law Firm at info@dilendorf.com or 212.457.9797.

In September 2025, the U.S. Court of Appeals for the Second Circuit issued a landmark, up-to-date ruling in Verizon Communications Inc. v FCC, 156 F.4th 86, 90 (2d Cir 2025), affirming a $46.9 million FCC forfeiture for Verizon’s failure to protect customer proprietary network information (“CPNI”).

This fresh 2025 decision is one of the most significant appellate rulings to date addressing telecom data protection—and it carries immediate consequences for SIM swap fraud and crypto theft.

At a time when SIM swap attacks are routinely used to drain cryptocurrency wallets, defeat multi-factor authentication, and take over financial and digital accounts, the Second Circuit’s ruling sends a clear message: carrier failures to protect CPNI are no longer tolerated as mere operational mistakes.

A Current Appellate Signal on Carrier Duties

The Second Circuit’s 2025 decision reaffirms that Section 222 of the Communications Act imposes an affirmative and ongoing duty on wireless carriers to safeguard customer data.

This is not a historical interpretation—it is a present-day enforcement framework now validated by a federal appellate court.

As the court emphasized:

“Carriers have ‘a duty to protect the confidentiality of proprietary information of, and relating to, … customers.’”

The court underscored that this duty applies broadly to CPNI, rejecting Verizon’s attempt to narrow the statute’s scope. In language especially relevant to modern SIM swap attacks, the court held that:

“Customer proprietary network information is defined as ‘information that relates to the quantity, technical configuration, type, destination, location, and amount of use of a telecommunications service.’”

And further clarified:

“Device-location data both ‘relates to the … location … of a telecommunications service’ and is obtained ‘solely by virtue of the carrier-customer relationship.’”

This reasoning matters now. In SIM swap fraud, the attacker’s power comes entirely from the carrier-customer relationship—the same relationship Section 222 is designed to protect.

2025 Confirmation That “Reasonable Measures” Must Be Real

A central takeaway from the 2025 decision is that carriers cannot satisfy their legal obligations with paperwork, contracts, or internal policies alone.

The FCC found—and the Second Circuit agreed—that Verizon’s safeguards were ineffective.

The court reaffirmed that carriers must:

“Take reasonable measures to discover and protect against attempts to gain unauthorized access to customer proprietary network information.”

Yet Verizon failed because it:

“Relied heavily on a chain of contractual arrangements” and monitoring that “apparently mainly consisted of analysis of unverified vendor-created consent records.”

The FCC determined that Verizon’s system:

“Assumed that the location requests and consent records provided by the [vendors] would be legitimate in the first instance.”

This 2025 holding resonates directly with SIM swap cases, where carriers often rely on employee scripts, minimal ID verification, or backend notes—while attackers exploit social engineering to gain control of phone numbers and steal crypto assets within minutes.

Fresh Judicial Recognition of Notice and Ongoing Risk

The Second Circuit also emphasized that prior warnings increase carrier responsibility. Verizon had internal notice of vulnerabilities before the misconduct ended.

An internal report warned that:

“It is possible for [third parties] with delegated consent to falsify consent records and obtain [Verizon] subscriber data without their consent.”

Despite that warning, Verizon continued its practices. The FCC treated this as continuing violations, and the court upheld that conclusion.

For SIM swap fraud in 2025, the parallel is clear: carriers have long been on notice that SIM swaps enable crypto theft, account takeovers, and identity compromise.

Continued failures after years of public reporting and enforcement actions now carry heightened legal risk.

2025 Enforcement Momentum, Not Historical Footnote

Verizon argued that the FCC acted arbitrarily. The Second Circuit rejected that argument, holding that the Commission:

“Reasonably considered the relevant issues and reasonably explained its decision.”

The court further reiterated that agency action is unlawful only if it:

“Entirely failed to consider an important aspect of the problem.”

This is a current endorsement of aggressive enforcement, confirming that telecom regulators have broad authority in 2025 to hold carriers accountable for CPNI failures.

Why This 2025 Case Matters for SIM Swap and Crypto Theft Victims

SIM swap attacks in 2026 are not anomalies—they are often the predictable result of systemic carrier failures. The 2025 Verizon v. FCC decision confirms that:

• CPNI protections are broad and enforceable
• Carrier authentication failures can violate federal law
• Ongoing weaknesses after notice increase liability

For victims of SIM swap fraud and resulting crypto theft, this decision provides a powerful, modern legal foundation for arbitration and enforcement actions.

Max Dilendorf of Dilendorf Law Firm represents victims of SIM swap fraud, crypto theft, and cybercrime.

Mr. Dilendorf has represented clients in 130+ cybercrime arbitration proceedings, including SIM swap cases against T-Mobile, AT&T, and Verizon.

If you were a victim of a SIM swap attack or cryptocurrency theft, please contact Max Dilendorf to discuss your legal options.  Email: info@dilendorf.com; Phone: 212.457.9797

Additional Resources

 

In Rush University Medical Center v. Sessions, an Illinois appellate court examined whether assets transferred into trusts—including an offshore Cook Islands trust—could be reached by a creditor enforcing a $1.5 million obligation.

Years earlier, the individual in the case made an irrevocable pledge to Rush University Medical Center. Later, he transferred substantially all of his assets into trusts.

At his death, the probate estate contained less than $100,000. Rush obtained a judgment against the estate and then pursued the trust assets, disputing that the transfers could be used to avoid payment of a known obligation.

The significance of the case lies not in the size of the pledge or the offshore element, but in the clarity with which the court explained how judges evaluate trusts when creditor rights and public policy are at stake.

Rather than focusing on drafting sophistication or jurisdiction, the court examined control, benefit, timing, and real-world effect—illustrating a consistent judicial theme: substance prevails over structure.

Courts Look at Results, Not Paperwork

Trusts are often described as technical planning tools whose effectiveness depends on formal compliance and careful drafting. In litigation, courts take a different approach. When creditor claims are involved, judges focus on what the planning actually accomplished.

As the trial court found: “As all the evidence clearly shows, he did everything that is possible to avoid the payment of the pledge.”

That finding frames the court’s analysis. The question was not whether a trust existed, but whether the trust functioned as a mechanism to avoid a known obligation.

Timing and Conduct Matter More Than Labels

Courts do not require an admission of intent. Instead, intent is inferred from conduct, timing, and outcome.

Based on the record, the court concluded:

“[…] he [Decedent] never intended to fulfill his pledge, and every course of action he took was with the intent to avoid the fulfillment of the pledge.”

This conclusion rested on the sequence of events and the movement of assets—not on technical deficiencies in the trust documents.

Judges Will Say It Plainly When Assets Are Moved to Block Creditors

When asset transfers effectively prevent a creditor from enforcing a valid claim, courts do not soften their language.

In unusually direct terms, the trial court stated:

“He even went so far as to defraud the hospital by transferring all of his assets into trusts so they could not be reached by the hospital.”

This language reflects an important reality: a trust does not neutralize conduct that a court views as improper or abusive.

Self-Settled Trusts Receive Heightened Scrutiny

One of Rush’s claims argued that the decedent’s transfer of assets into a self-settled trust should be treated as automatically invalid under earlier Illinois cases, including Crane and Barash.

As the appellate court summarized the Crane rule: “[…] self-settled spendthrift trusts are fraudulent and per se void and may be reached by other creditors.”

The appellate court, however, held that modern fraudulent-transfer claims must be pleaded under the Illinois Fraudulent Transfer Act and that this claim did not allege the statutory elements required by the statute.

Statutes Do Not Eliminate Substantive Review

The trustees argued that modern fraudulent-transfer statutes displaced common-law rules governing trusts. The appellate court rejected that position.

As the opinion makes clear:

“[…] the Fraudulent Transfer Act and the common law cannot exist in harmony.”

And further:

“If the legislature intended self-settled trusts to remain per se fraudulent under the common law, it would not have promulgated a statute defining the conditions required to prove a transfer was fraudulent.”

The court emphasized that statutory pleading requirements matter—but compliance with statutory form does not eliminate substantive judicial scrutiny.

Procedure Can Affect Outcomes, But It Does Not Resolve Substantive Risk

The appellate court reversed summary judgment on one of Rush’s claims because it relied solely on a per se common-law theory and did not allege the elements required under the Illinois Fraudulent Transfer Act.

As the court explained: “[…] a party is required to allege the elements contained in the Fraudulent Transfer Act to properly plead a fraudulent transfer claim.”

Importantly, the ruling addressed how the claim was pleaded, not whether the trust structure itself insulated assets from creditor scrutiny. A failure to plead statutory elements may defeat a claim on procedural grounds, but it does not render a challenged trust structure substantively immune from attack.

Judges Are Entitled to Draw Conclusions From the Record

The trustees also argued that the trial judge should have been disqualified for bias. The appellate court rejected that argument and clarified the governing standard.

Addressing the issue directly, the court explained:

“[…] [o]pinions formed by the judge on the basis of facts introduced or events occurring in the course of the current proceeding *** do not constitute a basis for a partiality motion unless they display a deep-seated favoritism or antagonism that would make fair judgment impossible.”

Courts are expected to evaluate evidence and reach conclusions—including conclusions about intent and avoidance behavior.

The Practical Takeaway

Rush University Medical Center v. Sessions shows that courts do not approach trusts as planning instruments — they approach them as enforcement targets.

When a trust is challenged, judges reconstruct the transaction from the record and ask whether the structure actually changed economic reality or merely changed legal title. If a trust allows an individual to avoid a known obligation while preserving access to or benefit from the assets, courts are prepared to disregard formal structure and apply creditor-protection principles.

The case highlights that even carefully planned trusts may fail to block creditor claims when courts examine how the structure operates in practice.

Contact Us

At Dilendorf Law Firm, we assist U.S. and international clients with sophisticated cross-border estate and asset protection planning. Our practice spans domestic asset protection trusts (DAPTs) in leading U.S. jurisdictions—such as Wyoming, Alaska, Nevada, and South Dakota—as well as offshore trust structures in key jurisdictions including the Cook Islands, Nevis, and the Cayman Islands.

In each jurisdiction, we have developed a network of experienced trustees, financial institutions, and vetted legal partners who help ensure that every structure is professionally administered and compliant with local regulatory standards.

Each client’s circumstances are unique. Effective planning requires more than technical precision—it calls for a strategic and nuanced approach that anticipates both judicial scrutiny and creditor challenges. The Illinois appellate decision in Rush University Medical Center v. Sessions serves as a clear reminder that courts focus on substance over form, evaluating control, timing, and economic reality rather than mere formalities.

Whether establishing a self-settled domestic trust or layering international components across multiple jurisdictions, we guide clients through complex legal, regulatory, and practical considerations to build structures that are both defensible and effective.

To discuss how our experience and global network can support your planning goals, contact us at info@dilendorf.com or by calling us at 212.457.9797 to discuss your needs.

Independent Sales Organizations (ISOs) play a central role in the merchant services ecosystem. They solicit merchants, build portfolios, generate residual income streams, and serve as intermediaries between merchants and acquiring banks.

However, ISO–merchant bank agreements are sophisticated commercial contracts that define ownership, compensation, liability exposure, and dispute mechanisms. Courts enforce these agreements strictly according to their plain language.

Accordingly, ISOs must approach these contracts as long-term risk-allocation instruments, not merely referral arrangements.

Before signing a contract with a merchant bank, an ISO should carefully evaluate the following critical issues.

1. Portfolio Ownership and Control

Portfolio ownership is one of the most consequential provisions in any ISO agreement.

In Process Am., Inc. v. Cynergy Holdings, LLC, 839 F.3d 125 (2d Cir. 2016), the U.S. Court of Appeals for the Second Circuit described the ISO’s role:

“Process America is an Independent Sales Organization (“ISO”) that, prior to the termination of their relationship, solicited and referred merchants to Cynergy, a bankcard processor.”

The dispute centered on who owned the merchant portfolio after termination and whether the ISO could transfer or solicit those accounts. The court enforced the contract as written.

The Second Circuit emphasized:

“In interpreting a contract under New York law, words and phrases should be given their plain meaning, and the contract should be construed so as to give full meaning and effect to all of its provisions.”

ISOs must confirm:

• Who owns merchant agreements during the term;
• When ownership vests, if at all;
• Whether the portfolio can be assigned or transferred;
• How termination affects ownership rights.

Ownership provisions directly affect enterprise value and exit strategy.

2. ISO’s Rights Under a Right of First Refusal (ROFR)

Many ISO agreements grant the acquiring bank a Right of First Refusal (ROFR) over the ISO’s portfolio or a proposed sale transaction.

A ROFR gives the holder a preemptive right to match a bona fide third-party offer before the ISO may complete a transfer. Because it restricts transferability, courts interpret ROFR clauses narrowly and strictly according to their text. See Kaiser v. Bowlen, 455 F.3d 1197 (10th Cir. 2006).

The Exercise Period and Procedures Must Be Expressly Defined

There is no statutory default exercise period. The enforceability of a ROFR depends entirely on the contractual language.

The agreement must clearly define:

• The duration of the exercise period (in calendar days);
• The triggering event (such as receipt of a bona fide written offer);
• Notice requirements and delivery method;
• That failure to respond within the stated period constitutes waiver.

Courts have limited or invalidated ROFR provisions where essential terms were missing or indefinite. See Mr. W Fireworks, Inc. v. NRZ Inv. Group, LLC, 677 S.W.3d 11 (Tex. 2023); Crescent Homes SC, LLC v. CJN, LLC, 445 S.C. 164 (2023). Vague phrases such as “within a reasonable time” create litigation risk.

In the ISO context, strict compliance with contractual transfer provisions is critical. In Process Am., Inc. v. Cynergy Holdings, LLC, 839 F.3d 125 (2d Cir. 2016), the court enforced portfolio-transfer and ROFR-related provisions according to their plain meaning.

Because a ROFR can materially affect liquidity and valuation, its timing and procedural mechanics must be drafted with precision to avoid unintended restraints on transferability.

3. Commission Structure and Residual Rights

Compensation is the economic foundation of the ISO relationship.

Most ISO agreements provide for:

• A share of the merchant discount rate (residuals);
• Upfront bonuses or performance incentives;
• Revenue splits tied to portfolio performance;
• Adjustments based on chargebacks or risk metrics.

In Process America, residual payments became central to the dispute. The contract provided that residuals would continue unless termination was based on a material breach. The enforceability of those provisions depended entirely on contractual language.

ISOs must evaluate:

• How commissions are calculated;
• Whether the split is fixed or subject to unilateral adjustment;
• Whether the bank may modify pricing or fees;
• Under what circumstances residuals may be withheld;
• Whether residual rights survive termination.

Residual stream stability is critical to valuation. Even minor pricing adjustment clauses can materially affect long-term income.

4. Non-Solicitation and Post-Termination Exposure

ISO agreements frequently include post-termination non-solicitation provisions.

In Process America, the ISO was found liable for soliciting merchants after termination. The court rejected arguments that prior breaches excused later conduct.

The Second Circuit explained:

“A partial breach by one party does not justify the other party’s subsequent failure to perform; both parties may be guilty of breaches, each having a right to damages.”

ISOs must assess:

• Duration and scope of non-solicitation;
• Whether restrictions apply to affiliates;
• How non-solicitation interacts with ROFR provisions;
• Whether residual forfeiture is triggered by violation.

Post-termination restrictions are routinely enforced.

5. Liability Caps and Risk Allocation

Merchant bank agreements commonly include liability-limitation provisions.

The Second Circuit observed:

“New York courts have routinely enforced liability-limitation provisions when contracted by sophisticated parties, recognizing such clauses as a means of allocating economic risk in the event that a contract is not fully performed.”

ISOs must determine:

• Whether liability is capped and at what amount;
• Whether indemnification is excluded from the cap;
• Whether carve-outs exist for gross negligence or willful misconduct;
• Whether liquidated damages provisions apply.

Courts treat these clauses as negotiated economic risk allocation.

6. Indemnification for Card Network Assessments

Card organizations may impose fines and reimbursement obligations through acquiring banks.

In Banc of America Merchant Services, LLC v. Arby’s Restaurant Group, Inc., 2021 NCBC 41 (N.C. Super. Ct. 2021), the agreement required payment of:

“[…] all assessments, fines, penalties, fees, Card issuer reimbursements and similar charges imposed by Card Organizations on BANK (the ‘Card Organization Penalties’), directly related to MERCHANT’s Card transactions or based on MERCHANT’s actions or failure to act with respect to compliance with the Card Organization Rules or Merchant’s breach of Section 13 (Information Security)”

The court clarified:

“A claim for contractual indemnity is a claim for direct damages, not consequential damages.”

ISOs must carefully evaluate indemnity exposure, particularly in data breach scenarios.

7. Data Security and Contractual Risk Allocation

In Cmty. Bank of Trenton v. Schnuck Mkts., Inc., 887 F.3d 803 (7th Cir. 2018), issuing banks sought tort recovery following a data breach. The court rejected the attempt:

“For more than fifty years, state courts have generally refused to recognize tort liabilities for purely economic losses inflicted by one business on another where those businesses have already ordered their duties, rights, and remedies by contract.”

The court further explained:

“Courts invoking the economic loss rule trust the commercial parties interested in a particular activity to work out an efficient allocation of risks among themselves in their contracts.”

Risk allocation must be negotiated at contract formation. Courts rarely expand remedies beyond the contract.

8. ISO Rights and Protections

Beyond compensation and ownership, ISOs should ensure the agreement clearly defines their rights, including:

• Access to merchant performance data;
• Audit rights to verify commission calculations;
• Transparency in fee adjustments;
• Notice requirements before pricing changes;
• Cure periods before termination;
• Protection against unilateral reassignment of the portfolio.

Rights not expressly granted may not be implied.

9. Dispute Resolution Mechanisms

Dispute Resolution Mechanisms

An ISO agreement should clearly define how disputes will be resolved, as these provisions frequently determine leverage, cost exposure, and procedural advantage in the event of conflict.

Most merchant bank agreements include mandatory arbitration clauses.

Under 9 U.S.C. § 2 (Federal Arbitration Act), arbitration agreements are deemed: “[..] valid, irrevocable, and enforceable, save upon such grounds as exist at law or in equity for the revocation of any contract”

The U.S. Supreme Court reinforced this principle in AT&T Mobility LLC v. Concepcion, 563 U.S. 333 (2011), holding that state rules that interfere with arbitration are preempted when they:

“[…] stand […] as an obstacle to the accomplishment and execution of the full purposes and objectives of Congress.”

As a result, arbitration clauses in ISO agreements are generally enforced according to their terms.

Even where ISO agreements are adhesion contracts, courts do not invalidate arbitration provisions solely on that basis. In commercial disputes, courts emphasize enforcing contractual language as written and avoiding interpretations that render provisions “superfluous or meaningless.” (Process Am., Inc. v. Cynergy Holdings, LLC, 839 F.3d 125 (2d Cir. 2016))

ISOs must therefore carefully review:

• Whether arbitration is mandatory or optional;
• The scope of disputes covered (including arbitrability determinations);
• Governing law and venue selection;
• Allocation of arbitration costs and fees;
• Whether class action waivers are included;
• Whether certain claims (such as injunctive relief or collection actions) are carved out.

Carve-out provisions may create procedural imbalance if, for example, the bank reserves the right to litigate certain claims in court while requiring the ISO to arbitrate all disputes.

Cost allocation is also critical. For example, the Ponca Tribe of Nebraska Code § 6-12-9 provides that in adhesion contracts:

“[…] the drafting party shall bear all costs and fees of the dispute resolution process, including arbitrator compensation”

While jurisdiction-specific, this illustrates how governing law can materially affect enforcement and financial exposure.

Dispute resolution provisions are not procedural formalities. They directly influence enforcement of liability caps, indemnification rights, commission disputes, and termination conflicts.

Because arbitration clauses are broadly enforced under federal law, ISOs must negotiate these provisions carefully before execution of the agreement.

Key Considerations for ISOs

Before entering into a merchant bank agreement, an ISO should assess portfolio ownership, ROFR provisions and their defined timing mechanics, commission and residual structure, non-solicitation restrictions, indemnification exposure, liability caps, reserve requirements, and dispute resolution terms.

At Dilendorf Law Firm, we advise ISOs and payment industry participants on contract negotiation, risk allocation, and dispute resolution.

Contact us at info@dilendorf.com to protect your enterprise value and contractual rights.

This video explains why most U.S. crypto holders do not need expensive offshore structures like Cook Islands Trusts.

It shows how to build a safer, more practical plan for digital wealth. Max Dilendorf draws on years of crypto theft, SIM‑swap, and exchange‑loss cases.

He explains key risks of offshore trusts: loss of control, weak “impossibility” defenses, 10‑year bankruptcy clawbacks, surprise tax events when funding foreign trusts, and heavy reporting penalties.​

The video then covers better options for U.S. and international clients. These include revocable living trusts for digital assets, Domestic Asset Protection Trusts in Nevada, Wyoming, South Dakota, and Alaska, and carefully selected offshore tools when they truly fit the client.

The focus is on pairing strong custody—like institutional cold storage or multi‑sig wallets—with a tailored estate and asset protection plan. The goal is to protect crypto during life and transfer it cleanly to heirs.​

For help with crypto estate or asset protection planning—domestic, offshore, or hybrid—contact Dilendorf Law Firm at info@dilendorf.com or 212.457.9797 for a confidential consultation.​

Disclaimer: Attorney Advertising. This video and description are general information only. They are not legal, tax, or investment advice and do not create an attorney–client relationship. Laws change, and results depend on specific facts and jurisdictions. Always consult your own legal and tax advisors before acting on any strategy.​

This video explains how U.S. courts treat foreign companies that own overseas real estate. It focuses on what this means for U.S. buyers with property in places like Dubai, Spain, and Italy.

The discussion uses Wells Fargo Bank, N.A. v. Barber, 85 F. Supp. 3d 1308 (M.D. Fla. 2015) as a case study. In that case, a Nevis LLC owned by a Florida resident was treated as intangible personal property located in Florida. That allowed creditors to reach the LLC interest under Florida law instead of Nevis law.

The same idea appears in other states. Jurisdictions like New York, California, and Texas let creditors obtain charging orders and, in some cases, foreclose or force a sale of LLC interests, especially in single‑member entities.

So, holding foreign real estate in your own name—or only through a foreign company—can leave it exposed to U.S. creditor claims.

The video stresses that planning must be legal and proactive. It does not endorse evading valid debts or making fraudulent transfers.

Next, the episode looks at better structures. It explains how U.S. Domestic Asset Protection Trusts in Alaska, Delaware, South Dakota, Nevada, and Wyoming can be used to own entities that hold foreign real estate.

It also covers offshore planning, including Cook Islands Trusts, for U.S. and international clients.

When these structures are set up early and with proper tax and reporting analysis, they can add separation between the person and the asset. They also help align foreign real estate with long‑term estate and wealth planning goals.

If you are buying or already own property abroad, the video encourages you to integrate that asset into a U.S. asset protection and estate plan, whether domestic or offshore.

To discuss your situation, you can contact Dilendorf Law Firm at info@dilendorf.com or 212.457.5757 for a confidential consultation.

Disclaimer: Attorney Advertising. This post and video are for general information only. They are not legal, tax, or investment advice and do not create an attorney–client relationship. Laws change, and results depend on specific facts and jurisdictions. Always consult your own legal and tax advisors before acting on any planning strategy.

In this video, Max Dilendorf explains how revocable living trusts designed for digital assets—also known as Crypto Special Purpose Trusts—can help crypto holders protect their wealth, reduce risk, and plan for succession.

Drawing on years of experience advising crypto clients and handling hundreds of digital asset theft cases, Max discusses why cybercrime risks continue to grow and why traditional self-custody or exchange storage often leaves crypto vulnerable.

A Crypto Special Purpose Trust is a revocable living trust tailored specifically for Bitcoin, Ethereum, and other digital assets.

Instead of holding crypto on an exchange or personal wallet, assets are placed under the custody of a licensed professional trust company in the U.S. or Switzerland, using cold storage and institutional-grade security.

Because the trust is revocable, clients retain control during their lifetime while gaining important estate-planning benefits.

Multiple co-trustees can be appointed, making this structure ideal for spouses, families, or business partners.

If one trustee passes away, the surviving trustee can continue managing the assets without probate or court delays, ensuring continuity and clarity for heirs.

Beyond security, these trusts can support succession planning, tax efficiency, and regulatory compliance, including IRS and FinCEN considerations.

For international clients, they may also be combined with offshore planning for an added layer of asset protection.

Contact Information

To learn more about Crypto Special Purpose Trusts, crypto asset protection, or estate planning strategies, contact Dilendorf Law Firm:

• Email: info@dilendorf.com

• Phone: 212.457.9797

The firm represents crypto clients nationwide and works with individuals, families, founders, and high-net-worth investors.

Disclaimer

This video and blog post are provided for informational purposes only and do not constitute legal, tax, or financial advice. Viewing this content does not create an attorney-client relationship. Laws and regulations vary by jurisdiction and individual circumstances. You should consult a qualified attorney regarding your specific situation before taking any action.

New York attorney Max Dilendorf, founder of Dilendorf Law Firm, breaks down asset protection tools for tech founders, business owners, crypto investors, and cross‑border families.

Strategies include Domestic Asset Protection Trusts (DAPTs), Family Limited Partnerships (FLPs), and offshore trusts in jurisdictions such as the Cook Islands and Cayman Islands.​​

This video explains why DAPTs can fail residents of states like New York, California, and Florida, how FLPs help protect startup equity, real estate, IP, and crypto through charging‑order protection, and how combining FLPs with U.S. and offshore trusts can shield assets before claims or lawsuits arise.​​

Dilendorf Law Firm represents both U.S. and non‑U.S. clients and families with comprehensive asset protection strategies, including FLPs, domestic and offshore trusts, prenuptial and postnuptial planning, crypto asset protection, and tax‑efficient estate planning for real estate, startups, and digital assets.

For a tailored plan, contact 212.457.9797 or info@dilendorf.com.

In this video, Max Dilendorf explains why Family Limited Partnerships often provide stronger asset protection and estate planning benefits for New York real estate than single‑member or multi‑member LLCs. These same FLP structures can also be used to protect real estate holdings nationwide.​​

He shows how New York’s LLC statute and case law expose LLC owners to aggressive creditor remedies. Max contrasts this with the century‑old partnership framework behind FLPs, which offers charging‑order protection, tested rules, and better tools for holding real estate, crypto, and financial assets across the U.S.​​

Dilendorf Law Firm represents U.S. and non‑U.S. clients in asset protection strategies for U.S. and New York real estate using trusts and family limited partnerships. To discuss restructuring your holdings, contact us at 212.457.9797 or info@dilendorf.com.