Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • District Court enters consent order against individual defendant in 2016 CFPB structured settlement action


    On May 18, the U.S. District Court for the District of Maryland approved a consent order against defendants in an action concerning allegedly unfair, abusive, and deceptive structured settlement practices. As previously covered by InfoBytes, in 2016 the Bureau initiated an enforcement action against the defendants alleging that they violated the CFPA by employing abusive practices when purchasing structured settlements from consumers in exchange for lump-sum payments. According to the Bureau, the defendants encouraged consumers to take advances on their structured settlements and falsely represented that the consumers were obligated to complete the structured settlement sale, “even if they [later] realized it was not in their best interest.” In July 2021, the court denied the defendants’ motions to dismiss the Bureau’s amended complaint, which argued that the enforcement action was barred by the U.S. Supreme Court’s decision in Seila Law LLC v. CFPB, which held that the director’s for-cause removal provision was unconstitutional (covered by a Buckley Special Alert). The defendants had also argued that that the ratification of the enforcement action “came too late” because the statute of limitations on the CFPA claims had already expired (covered by InfoBytes here). Under the terms of the May 18 consent order, the individual defendant, who “had an ownership interest in [the company] and served in executive positions at [the defendants] from their inception to their dissolution" is prohibited from, among other things, participating or assisting others in participating in transfer of payment streams from structured-settlement holders and referring consumers to a specific individual or for-profit entity for advice concerning any structured-settlement transaction, including for independent professional advice. The individual defendant must also pay a $5,000 civil money penalty.

    Courts CFPB Enforcement Settlement Structured Settlement CFPA UDAAP Unfair Deceptive Abusive Consumer Finance

    Share page with AddThis
  • Senate confirms Sandra Thompson as FHFA director

    Federal Issues

    On May 25, the U.S. Senate voted along party lines to confirm Sandra L. Thompson as Director of the FHFA. Thompson has served as acting Director since June following the U.S. Supreme Court’s split decision in Collins v. Yellen, which held that it was unconstitutional for FHFA’s leadership structure to allow the President to fire the FHFA director only for cause. (Covered by InfoBytes here.) According to President Biden’s nomination announcement, Thompson brings “over four decades of government experience in financial regulation, risk management, and consumer protection,” including previously serving as Deputy Director of FHFA’s Division of Housing Mission and Goals where she oversaw the agency’s housing and regulatory policy, capital policy, financial analysis, and fair lending space, as well as all mission activities for the GSEs and the Federal Home Loan Banks. Thompson also worked for more than 23 years at the FDIC where she served in a variety of leadership positions. Her most recent position at the FDIC was Director of the Division of Risk Management Supervision. Thompson also led the FDIC’s “examination and enforcement program for risk management and consumer protection at the height of the financial crisis” and “the FDIC’s outreach initiatives in response to a crisis of consumer confidence in the banking system.”

    Federal Issues FHFA Biden U.S. Senate

    Share page with AddThis
  • Social media company to pay $150 million to settle FTC, DOJ data security probe

    Federal Issues

    On May 25, the DOJ filed a complaint on behalf of the FTC against a global social media company for allegedly misusing users’ phone numbers and email addresses uploaded for security purposes to target users with ads. (See also FTC press release here.) According to the complaint, the defendant deceived users about the extent to which it maintained and protected the security and privacy of users’ nonpublic contact information. Specifically, from May 2013 to September 2019, the defendant asked users to provide either a phone number or an email address to improve account security. The defendant, however, allegedly failed to inform the more than 140 million users who provided phone numbers or email addresses that their information would also be used for targeted advertising. The FTC claimed the defendant used the collected information to allow advertisers to target specific ads to specific users by matching the phone numbers or email addresses with data they already had or obtained from data brokers. DOJ’s complaint alleged that the defendant’s conduct violated the FTC Act and the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield agreements, which require participating countries to adhere to certain privacy principles in order to legally transfer data from EU countries and Switzerland. This conduct also allegedly violated a 2011 FTC consent order with the defendant stemming from claims that the defendant deceived users and put their privacy at risk by failing to safeguard their personal information. According to DOJ’s complaint, the 2011 order “specifically prohibits the company from making misrepresentations regarding the security of nonpublic consumer information.”

    Under the terms of the proposed order, the defendant would be required to pay a $150 million civil penalty and implement robust compliance measures to improve its data privacy practices. According to the FTC and DOJ announcements, these measures would (i) “allow users to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require users to provide their telephone numbers”; (ii) require the defendant to “notify users that it misused phone numbers and email addresses collected for account security to also target ads to them and provide information about [its] privacy and security controls”; (iii) require the defendant to implement and maintain a comprehensive privacy and information security program, including conducting “a privacy review with a written report prior to implementing any new product or service that collects users’ private information,” regularly testing its data privacy safeguards, and obtaining regular independent assessments of its data privacy program; (iv) limit employee access to users’ personal data; and (v) require the defendant to notify the FTC should it experience a data breach, and provide reports after any data privacy incident affecting 250 or more users. Additionally, the defendant would be banned from profiting from deceptively collected data.

    Federal Issues Privacy/Cyber Risk & Data Security FTC DOJ Enforcement UDAP Deceptive FTC Act EU-US Privacy Shield Swiss-U.S. Privacy Shield Settlement

    Share page with AddThis
  • CFPB reminds creditors of ECOA adverse action notice requirements

    Federal Issues

    On May 26, the CFPB released Circular 2022-03 to reiterate creditors’ adverse action notice requirements under ECOA. The Circular, among other things, explains that ECOA and Regulation B require companies to explain the specific reasons for denying an application for credit or taking other adverse actions, even if the creditor is relying on credit models using complex algorithms. Specifically, the Circular stated that “[l]aw-abiding financial companies have long used advanced computational methods as part of their credit decision-making processes, and they have been able to provide the rationales for their credit decisions.” While the Bureau recognized that some creditors “make credit decisions based on the outputs from complex algorithms, sometimes called ‘black-box’ models,” it stressed that the adverse action notice requirements of ECOA and Regulation B apply equally to all credit decisions, regardless of the technology used to make them. The Bureau expressed that “the reasoning behind some of these models’ outputs may be unknown to the model’s users, including the model’s developers,” and that “with such models, adverse action notices that meet ECOA’s requirements may not be possible.” The Bureau further explained that, “[c]reditors cannot lawfully use technologies in their decision-making processes if using them means that they are unable to provide these required explanations.” Stated differently, a “creditor cannot justify noncompliance with ECOA and Regulation B’s requirements based on the mere fact that the technology it employs to evaluate applications is too complicated or opaque to understand.”

    Federal Issues CFPB Consumer Finance Agency Rule-Making & Guidance ECOA Regulation B Consumer Credit

    Share page with AddThis
  • VA eliminates pre-approval process for certain loans

    Federal Issues

    On May 19, the Department of Veterans Affairs (VA) issued Circular 26-22-09 to announce new procedures for loan approval and new procedures for processing joint loans. The Circular explains that, historically, the Department conducted a pre-closing review of loan application packages when the borrower had been rated unable to manage financial affairs and has a VA-appointed fiduciary. The Department also conducted a pre-closing review of cases where a loan would include more than one veteran using entitlement. In both cases, “the lender has sent such loan application packages to VA in advance of loan closing, and loan closing has not been able to proceed until after VA has issued approval.” The Circular noted that in an effort to streamline procedures to improve the veteran experience, the Department “has determined that such case-by-case reviews add a step that VA no longer believes necessary for ensuring program integrity.” The Circular also noted that that post-audit oversight would be as effective as a pre-closing review in maintaining program integrity, without the delays and additional administrative burdens that can be associated with the historical process. The Circular is effective immediately.

    Federal Issues Agency Rule-Making & Guidance Department of Veterans Affairs Consumer Finance Mortgages Mortgage Servicing

    Share page with AddThis
  • Arizona passes money transmitter licensure legislation

    On May 20, the Arizona governor signed SB 1580, which revises provisions related to money transmitters. The bill, among other things, provides that “a person may not engage in the business of money transmission or advertise, solicit or hold itself out as providing money transmission unless the person is licensed." The provision does not apply to “a person that is an authorized delegate of a person licensed under this article that is acting within the scope of authority conferred by a written contract with the licensee,” and to exempt persons provided the person “does not engage in money transmission outside the scope of the exemption.” The bill also creates provisions related to consistent licensure, application for licensure, and information requirements for certain individuals.

    Licensing State Issues State Legislation Arizona Money Service / Money Transmitters

    Share page with AddThis
  • Florida amends provisions for making consumer finance loans

    On May 20, the Florida governor signed SB 546, which amends certain provisions related to the making of consumer finance loans. The provisions allow persons applying for a license to make and collect loans under the Florida Consumer Finance Act (FCFA) “to provide certain documents in lieu of evidence of liquid assets,” including a surety bond, certificate of deposit, or irrevocable letter of credit. The bill also prohibits licensees from charging borrowers a prepayment penalty for paying all or part of a loan’s principle before the payment due date. Additionally, provisions related to the grounds for denying a license or taking disciplinary action for certain violations for the FCFA are modified to include “[f]ailure to maintain liquid assets of at least $25,000 or a surety bond, certificate of deposit, or letter of credit in the amount required by s. 516.05(10) at all times for the operation of business at a licensed location or proposed location.” SB 546 takes effect October 1.

    Licensing State Issues State Legislation Florida Consumer Finance

    Share page with AddThis
  • DFPI says debt collection licenses “unavoidably delayed”

    On May 23, the California Department of Financial Protection and Innovation (DFPI) sent a notice to applicants and prospective applicants announcing unforeseen delays in the issuance of licenses under the Debt Collection Licensing Act. The FBI informed DFPI that new changes are needed to state agency protocols for requesting federal background checks. Prospective licensees are encouraged to continue submitting applications through the Nationwide Multistate Licensing System. DFPI stated that during this delay (which “is necessary to enable the Department to effectuate the licensing background check required under the Debt Collection Licensing Act”), “applicants may continue to engage in business, and the Department will not take action for unlicensed activity against applicants who filed their applications after December 31, 2021.” DFPI will reach out to applicants with instructions for submitting fingerprints for background checks when the process becomes available, and advised licensees that “[f]or purposes of including California debt collector license numbers when contacting or communicating with debtors as required under Civil Code section 1788.11, an applicant who has filed its application through NMLS may indicate “license number pending” or similar verbiage until a license is issued.” DFPI will notify applicants when it begins issuing licenses and encourages applicants to check the Department’s website for updates.

    Licensing State Issues California DFPI State Regulators NMLS Debt Collection Licensing Act Debt Collection

    Share page with AddThis
  • OFAC issues new Russia-related general license, will not renew general license concerning debt or equity dealings with certain Russian financial institutions

    Financial Crimes

    On May 25, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) issued Russia-related General License (GL) 13A, “Authorizing Certain Administrative Transactions Prohibited by Directive 4 under Executive Order 14024.” Specifically, GL 13A permits U.S. persons, or entities owned or controlled, directly or indirectly, by a U.S. person “to pay taxes, fees, or import duties, and purchase or receive permits, licenses, registrations, or certifications” for certain transactions normally prohibited by Directive 4, “provided such transactions are ordinarily incident and necessary to the day-to-day operations in the Russian Federation of such U.S. persons or entities.” GL 13A expires September 30 at 12:01 am EDT.

    The day before, OFAC announced that provisions of GL 9C, issued pursuant to the Russian Harmful Foreign Activities Sanctions Regulations (RuHSR), will not be renewed. As previously covered by InfoBytes, GL 9C was issued last month to authorize transactions “ordinarily incident and necessary to dealings in debt or equity” issued before February 24, 2022 involving certain Russian financial institutions that would otherwise be prohibited by the RuHSR. GL 9C expires on May 25 at 12:01 am EDT.

    Financial Crimes Of Interest to Non-US Persons Department of Treasury OFAC OFAC Designations OFAC Sanctions Russia

    Share page with AddThis
  • OFAC sanctions Hizballah financial facilitator

    Financial Crimes

    On May 19, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13224 against a Lebanese businessman and Hizballah financial facilitator, as well as five of his associates and eight of his companies in Lebanon and Iraq. According to OFAC, the sanctions “illuminate[] Hizballah’s modus operandi of using the cover of seemingly legitimate businesses to generate revenue and leverage commercial investments across a multitude of sectors to secretly fund Hizballah and its terrorist activities.” OFAC also highlighted Hizballah’s practice of building “a web of businesses” with “opaque ownership structures” to “hide its activities and generate funds for its destabilizing activities.” According to Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson, the “designation of this network demonstrates the U.S. government’s commitment to protect Lebanon’s private sector and financial system from Hizballah’s abuse by targeting and exposing the group’s financial activities.”

    As a result of the sanctions, all property and interests in property of the designated individuals and entities within U.S. jurisdiction must be blocked and reported to OFAC. OFAC further noted that its regulations “generally prohibit” U.S. persons or persons within the U.S. from participating in transactions with the designated persons unless exempt or authorized by a general or specific OFAC license. OFAC also warned that the agency “can prohibit or impose strict conditions on the opening or maintaining in the United States of a correspondent account or a payable-through account of a foreign financial institution that knowingly conducted or facilitated any significant transaction on behalf of [a Specially Designated Global Terrorist] or, among other things, knowingly facilitates a significant transaction for Hizballah or certain persons designated for their connection to Hizballah.”

    Financial Crimes OFAC Department of Treasury Of Interest to Non-US Persons OFAC Sanctions OFAC Designations Hizballah Lebanon Iraq SDN List

    Share page with AddThis