Deborah Thoren-Peden focuses her Chambers-ranked corporate practice on banking, electronic commerce, privacy, anti-money laundering and Office of Foreign Assets Control regulations.

Deb co-leads Pillsbury's Cybersecurity, Data Protection & Privacy team; its Fintech, Payments & Blockchain team, its Consumer & Retail industry team, and its Unclaimed Property Team. She represents and advises fintech companies, bank and non-bank financial institutions (both domestic and international), money transmitters, retailers, automotive and a variety of other types of companies. She is also a recognized authority with respect to the Bank Secrecy Act and the Patriot Act.

Deb is one of the leading attorneys in the country in the field of electronic payments, stored value/prepaid access, gift and rewards programs. Her area of practice includes the Electronic Fund Transfer Act, state money transmitter licensure laws, NACHA Rules, state and federal laws and regulations related to money services businesses and financial institutions. She is an advisor to the board of WesPay and is a member of NACHA's Payment Innovation Alliance and other payments-related working groups.

View More

Areas of Practice

  • Fintech, E-Commerce and Social Media
    • Deb provides advice to companies that want to offer products and services electronically. She counsels clients on site disclosures, privacy programs and policies, security and statements, contractual arrangements. She provides advice related to payment mechanisms and the various laws and regulations applicable to electronic commerce. Other clients include gaming companies and others whom she counsels as they create new opportunities for monetization, online payments and microtransactions in social media and virtual worlds.
  • Payments, Banking, Virtual and Cryptocurrencies, Gift Cards, Prepaid Cards and Rewards Programs
    • Deb’s practice encompasses the Electronic Fund Transfer Act, state money transmitter licensure laws, NACHA Rules, state and federal laws and regulations related to money services businesses and financial institutions. Deb also advises banks, fintech and other companies on an ongoing basis and is a leading practitioner in the payments programs, including but not limited to clients expanding into new areas of services and goods, as well as regulatory matters, including federal and state regulators.
  • Privacy, Data Security & Information Use
    • As co-leader of Pillsbury's multidisciplinary Cybersecurity, Data Protection & Privacy team, she advises a spectrum of industries on the laws and regulations related to privacy, data mining, and the ability to use such information for marketing purposes and share it with others. She was the chief privacy officer of and served on the Privacy task force of the American Bankers Association.
  • Anti-Money Laundering and Regulatory Practice
    • Deb has worked in the anti-money laundering area for over 20 years. She advises numerous financial institutions, money services businesses, corporations and others on the legal requirements imposed under the Bank Secrecy Act, the PATRIOT Act, the Anti-Money Laundering Act and related acts and regulations. She understands the risks of money laundering and helps her clients prepare, implement and maintain appropriate anti-money laundering programs. She advises clients on policies, procedures, customer identification programs, know your customer standards, high-risk activities, risk management and controls. She has worked extensively with FinCEN and other federal and state regulatory agencies on various anti-money laundering and Bank Secrecy Act matters. She helped defend banks and money services businesses in civil and criminal cases.
  • OFAC
    • Debbie is very experienced in assisting financial institutions and others in their compliance with the Office of Foreign Assets Control (OFAC) regulations that prohibit companies, individuals and others from doing business with or providing services to entities or individuals who are the target of economic sanctions imposed by the United States Government. These laws and regulations apply to all corporations and businesses in the United States (and, under certain circumstances, to their international affiliates and subsidiaries) and to all U.S. citizens and individuals in the United States.
  • Unclaimed Property and Escheat
    • Debbie is one of the few attorneys in the U.S. who has extensive experience in the unclaimed property laws. She works with numerous businesses and financial institutions to help them comply with the various state laws that require that abandoned funds and property be escheated to the states in a timely fashion.

Professional Highlights

  • Named an Acrita Star in Acritas (part of the Thompson Reuters) annual General Counsel Survey (2021)
  • Participates on NACHA Council for Electronic Billing and Payment, and other payments-related working groups. Former member in the no-longer-active ATMIA Debit Council.
  • Previously served on Pillsbury’s Board.

View More

  • Previously served as general counsel and chief privacy officer of and and AGC of, and was also counsel at First Interstate Bank.
  • Honors & Awards
    • Lawdragon 500, Leading Global Cyber Lawyers (2024)
    • Chambers Global, Privacy & Data Security—USA (2010 - 2014)
    • Chambers USA, Notable Practitioner, Retail—National (2020)
    • Chambers USA, Privacy & Data Security—National (2008 - 2013)
    • The Legal 500 U.S., Data Protection and Privacy (2010 - 2019), Cyber Law (2014 - 2019)
    • WesPay, Frank E. Zima Award for Payments Advocacy (2014)
    • California Bankers Association, Robert D. Frandzel Award (2001)
    • California Bankers Association, Compliance Professional Award (1996)
  • Associations
    • International Money Transmittal Association, Money Transfer International Association, NACHA U.S. - International Committee (as part of Global Payments Forum), National Association of Professional Women, Bank Operations Counsel Association, NACHA Council for Electronic Billing and Payment, NACHA Payments Innovation Committee, NACHA Mobile Wallet Committee, American Bankers Association's Money Laundering Task Force, former member in the no-longer-active ATMIA Debit Council, Digital Currency and Ledger Defense Coalition
    • Past member and co-chair: ABA's Compliance Executive Committee
    • Past member and chair: California Bankers Association's Regulatory Compliance Committee, California State Bar's Consumer Financial Services Committee
    • Past West Coast chair: ABA's Bank Secrecy Act Staff Commentary
    • Taught at the ABA's National Graduate School of Compliance Management, Western Banking School, NACHA's Payment Symposium
    • Past member: ABA's Privacy Task Force, California State Bar's Financial Institutions Committee, ABA's Retail Investment Committee, CBA's State Government Relations Committee
  • Recent Speaking Engagements
    • Corporate Transparency Act, Southern California Family Office Forum (11/2/2023)
    • Lessons Learned from the 2023 Banking Collapse: Causes, Impact, and What’s Next for Financial Services in 2023 and Beyond panel, 7th Annual Summit for Women Leaders in Financial Services Law, American Conference Institute (06/2023)
    • What Bank Executives Need to Know about the New CRA Rules, California Bankers Association (05/2023)
    • 2022 Bank Counsel Seminar, Las Vegas NV (11/2022)
    • 2020 WesPay Virtual Payments Symposium panel, with Craig Saperstein (09/2020)
    • Leveraging AI to Combat Financial Crimes panel, LegalWeek (02/2020)
    • The Next Generation of Data Sharing for Financial Crime Prevention, The Bankers Association for Finance and Trade (BAFT) Global Payments Conference (02/2020)
    • Leveraging Artificial Intelligence to Combat Financial Crimes, New York Legal Week (02/2020)
    • The California Consumer Privacy Act and Beyond: Consumer Rights and Business Obligations, Pillsbury CLE Marathons in San Francisco and Silicon Valley (01/2020)
    • Competing Priorities or Complementary Views: Data Privacy’s Impact on Your BSA/AML Compliance Program, ABA Financial Crimes Enforcement Conference (12/2019)
    • Destructive Ransomware Attacks are on the Rise: Learn how to prepare for and defend against threats, Pillsbury Webinar in collaboration with Guidehouse/Navigant (11/2019)
    • Cybersecurity rules, BSA Recordkeeping for wire transfers and payment orders, and Update on Federal BSA Legislation, Webinar (11/2019)
    • Data Privacy, GDPR & PSD2 GDPR, IMTC EMEA 2019 (07/2019)
    • Entering the U.S. MSB Market, IMTC EMEA 2019 (07/2019)
    • Managing Payments and Compliance Risk During User Growth, The Marketplace Conference 2018 (03/2018)
    • Compliance Challenges of e-commerce & Blockchain platforms, International Money Transfer Conference (IMTC) (11/2017)
    • Fintech 101, 39th Annual Regulatory Compliance Conference, California Bankers Association (10/2017)
    • Faster Payments: Complexities and Challenges, MTRA 2017 Annual Conference and School (09/2017)
    • Money Transmittal Licensure Challenges, Annual Compliance Conference hosted by Dolorex (09/2017)
    • When will Blockchain Matter? Blockchain 102, Webinar (06/2017)
    • Keeping up with Changing Requirements in a Faster Payments World, 2017 NACHA Payments Conference (04/2017)
    • What is Blockchain and Why is it Important? Blockchain 101, Webinar (12/2016)


  • J.D., University of Southern California Gould School of Law, 1982

    B.A., University of Michigan, 1978


  • California