Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On March 6, the U.S. Court of Appeals for the 4th Circuit held that Congress did not waive sovereign immunity for lawsuits under the FCRA, affirming the lower court’s dismissal of a consumer action. According to the opinion, a consumer filed a lawsuit against the U.S. Department of Education (the Department), a student loan company, and the three major credit reporting agencies, alleging numerous claims, including violations of the FCRA for failing to properly investigate disputes that federal student loans were fraudulently opened in his name. The Department filed a motion to dismiss to the FCRA claims against it arguing the court lacked subject matter jurisdiction based upon a claim of sovereign immunity. The lower court agreed, holding Congress had not affirmatively waived sovereign immunity for suits under the FCRA.
On appeal, the 4th Circuit agreed with the lower court. The appellate court noted that, although the FCRA includes a “government or governmental subdivision or agency” as part of the definition of “person” in the statute, there is a “longstanding interpretive presumption that ‘person’ does not include the sovereign,” and that waivers of sovereign immunity need to be “unambiguous and unequivocal.” The appellate court noted that Congress waived immunity in other sections of the FCRA, which were not at issue in this case and, had Congress waived immunity for enforcement purposes under the FCRA, it would raise a new host of “befuddling” and “bizarre” issues, such as the prospect of the government bringing criminal charges against itself. Therefore, the appellate court concluded that the federal government may be a “person” under the substantive provisions, but that without a clear waiver from Congress, the federal government is still immune from lawsuits under the FCRA’s enforcement provisions.
On July 31, President Trump signed the “National Flood Insurance Program (NFIP) Extension Act of 2018” into law (see Public Law 115-225/S. 1182). The NFIP was set to expire that day. The short-term extension, which the Senate passed earlier that day, reauthorizes the NFIP through November 30, and provides Congress additional time to establish a long-term financial solution.
Visit here for continuing InfoBytes coverage on the NFIP.
On July 16, in a divided opinion, the U.S. Court of Appeals for the 5th Circuit affirmed in part and reversed in part a lower court’s decision that addressed two claims brought by a group of Fannie Mae and Freddie Mac (government-sponsored entities or GSEs) shareholders: (i) whether the Federal Housing Finance Agency (FHFA) acted within its statutory authority when it adopted a dividend agreement, which requires the GSEs to turn over every quarter “dividends equal to their entire net worth” to the Treasury Department; and (ii) whether the structure of the FHFA is unconstitutional and in violation of the separation of powers. The lower court previously dismissed the shareholder’s statutory claims and granted summary judgment in favor of the Treasury Department and the FHFA on the constitutional claim. In addressing the first claim, the appellate court agreed with the lower court and found the government-sponsored entities’ payments acceptable under the agency’s statutory authority and that the FHFA was lawfully established by Congress through the Housing and Economic Recovery Act of 2008, which places restrains on judicial review. However, the appellate court reversed the lower court’s decision as to the second claim and agreed with shareholders that Congress went too far in insulating the FHFA’s single director from removal by the president for anything other than cause, ruling that the agency’s structure violates Article II of the Constitution. “We hold that Congress insulated the FHFA to the point where the Executive Branch cannot control the FHFA or hold it accountable,” the opinion stated. The divided appellate panel remanded to the lower court for further proceedings.
Earlier this year, in response to a challenge to the CFPB's single-director structure, the U.S. Court of Appeals for the D.C. Circuit en banc upheld the CFPB’s constitutionality in a 7-3 decision (see Buckley Sandler Special Alert). The 5th Circuit is also scheduled to hear a challenge by two Mississippi-based payday loan and check cashing companies to the constitutionality of the CFPB’s single-director structure, in which 14 state Attorney General filed an amici curiae brief encouraging the appellate court to disagree with the en banc decision of the D.C. Circuit. (See previous InfoBytes coverage here and here.)
Federal Reserve submits annual report to Congress on credit card profitability of depository institutions
In July, the Federal Reserve Board submitted its annual report to Congress on the profitability of credit cards as required by Section 8 of the Fair Credit and Charge Card Disclosure Act of 1988. The Report to Congress on the Profitability of Credit Card Operations of Depository Institutions (the Report) focuses on credit card banks with assets exceeding $200 million meeting the following criteria: (i) more than 50 percent of assets are loans made to individual consumers; and (ii) 90 percent or more of consumer lending involves credit cards or related plans. As of December 31, 2017, the 12 banks that met this criteria accounted for almost 50 percent of outstanding credit card balances on the books of depository institutions. According to the Report, credit card loans have replaced other methods of borrowing, such as closed-end installment loans and personal lines of credit. In the aggregate, “consumers carried slightly over $1 trillion in outstanding balances on their revolving accounts as of the end of 2017, about 6.1 percent higher than the level at the end of 2016.” While the Report notes the difficulty with tracking credit card profitability due to revisions in accounting rules and other factors, it indicates that delinquency rates and charge-off rates for credit card loans saw a modest increase in 2017 across all banks but remained below their historical averages.
The Report also discusses recent trends in credit card pricing practices. Data from a survey that studied a sample of credit card issuers found that the average credit card interest rate across all accounts is about 13 percent, while the average interest rate on accounts that assessed interest was closer to 15 percent. The Report notes that, “while average interest rates paid by consumers have moved in a relatively narrow band over the past several years,” there exists is a great deal of variability across credit card plans and borrowers, reflecting various card features and the risk profile of the borrower.
On May 17, in response to a request from the CFPB, the FTC transmitted a letter summarizing its 2017 enforcement activities related to Regulation Z (TILA), Regulation M (Consumer Leasing Act), and Regulation E (Electronic Fund Transfer Act) for the CFPB’s use in preparing its 2017 Annual Report to Congress. The FTC highlighted numerous activities related to the enforcement of the pertinent regulations, including:
- Payday Lending. The FTC acknowledged the continued litigation against two Kansas-based operations and their owner for allegedly selling lists of counterfeit payday loan debt portfolios to debt collectors in violation of the FTC Act, previously covered by InfoBytes here.
- Military Protection. The FTC identified the July 2017 military consumer financial workshop and the launch of the new Military Task Force (previously covered by InfoBytes here and here) among the activities the agency engaged in related to protecting the finances of current and former members of the military. The FTC also noted continued participation in the interagency group working with the Department of Defense on amendments to its rule implementing the Military Lending Act.
- “Negative Option.” For actions under the Regulation E/EFTA, the FTC highlighted numerous “negative option” enforcement actions, in which the consumer agrees to receive goods or services from a company for a free trial option, but if the consumer does not cancel before the trial period ends, the consumer will incur recurring charges for continued goods or services. Among the actions highlighted is a case in which the FTC imposed a $179 million judgment (suspended upon the payment of $6.4 million) settling allegations that the online marketers’ offers of “free” and “risk free” monthly programs for certain weight loss and other products were deceptive.
- Auto Loans. The letter highlighted, among others, the FTC action against a Southern California-based group of auto dealerships that allegedly violated a prior consent order with the FTC by misrepresenting the cost to finance or lease a vehicle, previously covered by InfoBytes here.
On May 10, Federal Reserve Board (Board) Chairman Jerome H. Powell responded to Senator Elizabeth Warren’s request concerning a formal commitment by the Board to vote on whether a national bank’s remediation plans to improve its compliance and operational risk management program meet the terms set forth by the Board’s February 2 order to cease and desist (Order). (See previous InfoBytes coverage here.) According to Powell, the decision to lift the asset growth restriction placed on the bank as part of the Order will be determined by a vote of the Board of Governors. In addressing an additional request made by Sen. Warren that the third-party review of the bank’s remedial actions required by the Order be publically released, Powell stated that when the third-party review is ready, “we will review that report to determine whether and to what extent the report can be publicly disclosed without impairing protected interests.” Powell noted that typically evaluations of that kind are not released to the public because they contain confidential supervisory information that would, if disclosed, “likely impair the effectiveness of the supervisory process,” among other things.
On April 16, the FDIC’s Office of Inspector General (OIG) released its Special Inquiry Report—“The FDIC’s Response, Reporting, and Interactions with Congress Concerning Information Security Incidents and Breaches”—which contains findings from an examination of the FDIC’s practices and policies related to data security, incident response and reporting, and Congressional interactions. The Special Inquiry Report is the culmination of a request made by the former Chairman of the Senate Committee on Banking, Housing, and Urban Affairs in 2016, and focuses on the circumstances surrounding eight information security incidents that occurred in 2015 and 2016—seven of which involved personally identifiable information and constituted data breaches. An eighth incident involved the removal of “highly sensitive components of resolution plans submitted by certain large systemically important financial institutions without authorization” by a departing FDIC employee.
According to the report, the OIG asserts that, among other things, the FDIC failed to (i) put in place a “comprehensive incident response program and plan” to handle security incidents and breaches; (ii) clearly document risk assessments and decisions associated with data incidents; (iii) fully consider the range of impacts on bank customers whose information was compromised; (iv) promptly notify consumers when an incident occurred and did not adequately consider notifications as a separate decision from whether it would provide credit monitoring services; (v) for at least one incident, failed to convey the seriousness of the breach; and (vi) provide timely, accurate, and complete responses to Congressional requests to gather information about how the agency was handling the incidents.
As a result of these findings, the OIG presented recommendations and timeframes for the FDIC to “address the systemic issues.” Recommendations include: (i) clearly defining roles and responsibilities within the FDIC Breach Response Plan, and establishing procedures “consistent with legal, regulatory, and/or operational requirements for records management”; (ii) establishing a separation between consumer breach notifications and the offer of credit monitoring services; (iii) adhering to established timeframes for reporting incidents to FinCEN when suspicious activity report information has been compromised; (iv) conducting an annual review of the Breach Response Plan to confirm that that the guidance has been consistently followed during the preceding year; (v) developing guidance and training to ensure that employees and contractors are fully aware of the legal consequences of removing any sensitive information from FDIC premises before they depart; (vi) ensuring that FDIC policies, procedures, and practices result in complete, accurate statements and representations to Congress, and updating and correcting prior statements and representations as necessary; (vii) clarifying “legal hold policies and processes”; and (viii) specifying that the Office of Legislative Affairs is responsible for “providing timely responses to Congressional requests and communicating with Congressional staff regarding those requests.”
The FDIC concurred with the recommendations and has completed corrective actions for two, with plans to address the remaining recommendations between June and December of this year. The FDIC has also agreed to keep the OIG informed of the progress made to address the identified performance issues.
Student loan servicer seeks declaratory and injunctive relief to resolve dispute concerning preemption of state law
On April 4, a Pennsylvania-based student loan servicer (servicer) that services federal student loans on behalf of the U.S. Department of Education (Department) filed a complaint in the U.S. District Court for the District of Columbia against the Connecticut Department of Banking and its banking commissioner (together, the Connecticut Defendants), and the Department, seeking a judicial determination that the federal Privacy Act of 1974 (Privacy Act) preempts Connecticut law requiring the servicer to disclose certain records containing confidential information about its student loan borrowers to the state, along with data related to borrower complaints, or risk revocation of its state servicer’s license. In addition, the servicer seeks injunctive relief against the Connecticut Defendants to prevent the enforcement of state law in contravention of the Privacy Act and revocation of the servicer’s license.
In support of the injunctive relief sought, the servicer cites several irreparable harms, including (i) the potential termination of its federal loan servicing contract; (ii) the revocation of its license to service, which would adversely affect approximately 100,000 student borrowers in the state, and (iii) the potential impact on loan servicing arrangements that the servicer has with “dozens of private lenders doing business in Connecticut.”
As previously covered in InfoBytes, on March 12 Department Secretary Betsy DeVos published an Interpretation that asserted the position that state “regulation of the servicing of Direct Loans” is preempted because it “impedes uniquely Federal interests,” and state regulation of the servicing of loan under the Federal Family Education Loan Program “is preempted to the extent that it undermines uniform administration of the program.” However, last month—as discussed in InfoBytes—a bipartisan coalition of 30 state Attorneys General released a letter urging Congress to reject Section 493E(d) of the Higher Education Act reauthorization—H.R. 4508, known as the “PROSPER Act”—which would prohibit states from “overseeing, licensing, or addressing certain state law violations by companies that originate, service, or collect on student loans.” The states expressed a concern that, if enacted, the law would preempt state consumer protection laws for student borrowers and constitute “an all-out assault on states’ rights and basic principles of federalism.”
Mulvaney requests more oversight and accountability for the Bureau in semi-annual report to Congress
On April 2, the CFPB issued its semi-annual report to Congress covering the Bureau’s work from April 1, 2017 to September 30, 2017. The report details, among other things, problems faced by consumers with regard to consumer financial products or services; significant rules and orders adopted by the Bureau; and various supervisory and enforcement actions prior to Mick Mulvaney’s appointment as acting director. Most notably, the report includes an opening letter from Mulvaney, which requests Congress make changes to the law to “establish meaningful accountability” for the Bureau which is “far too powerful.” Specifically, Mulvaney requests four changes (i) subject the Bureau to Congressional appropriations; (ii) require Congressional approval for major rules; (iii) make the director accountable to the President’s exercise of executive authority; and (iv) create an independent Inspector General for the agency. Mulvaney writes that the cycle of Congressional frustration with the CFPB will repeat “ad infinitum unless Congress acts to make [the Bureau] accountable to the American people.”
Mulvaney is set to testify on April 11 before the full House Financial Services Committee regarding the Bureau’s semi-annual report. As he notes in his letter, he intends to discuss his recommendations regarding the Bureau’s oversight at the hearing.
On October 24, the Senate cleared a resolution under the Congressional Review Act to nullify the CFPB’s recently adopted final arbitration rule, with Vice President Mike Pence casting the deciding vote to break the 50-50 tie. As previously covered in InfoBytes, the House passed H.J. Res. 111 earlier in July to invalidate the rule, which prohibits the use of mandatory pre-dispute arbitration clauses in certain contracts for consumer financial products and services. The resolution now heads to President Trump.
Both CFPB Director Richard Cordray and Acting Comptroller of the Currency Keith A. Noreika issued statements following the vote. Noreika stated: “The elected representatives acted to stop a rule from going into effect that would have likely increased the cost of credit for hardworking Americans and made it more difficult for small community banks to resolve differences with their customers without achieving the rule’s goal of deterring future financial abuse.” Noreika labeled the action by Congress as a “victory for consumers and small banks across the country.”
However, according to many media outlets, Director Cordray condemned the Senate’s action. Cordray explained: “Tonight's vote is a giant setback for every consumer in this country. Wall Street won and ordinary people lost. This vote means the courtroom doors will remain closed for groups of people seeking justice and relief when they are wronged by a company.”
- Buckley Webcast: The next consumer litigation frontier? Assessing the consumer privacy litigation and enforcement landscape in 2019 and beyond
- Buckley Webcast: The CFPB’s proposed debt collection rule
- Buckley Webcast: Trends in e-discovery technology and case law
- Brandy A. Hood to discuss "What the flood? Don’t get washed away by a flood of changes" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Mitigating the risks of banking high risk customers" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano, Kari K. Hall, Brandy A. Hood, and H Joshua Kotin to discuss "Regulations that matter in a deregulatory environment" at the American Bankers Association Regulatory Compliance Conference Power Hour
- Buckley Webcast: Data breach litigation and biometric legislation
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Douglas F. Gansler to discuss "Role of state AGs in consumer protection" at a George Mason University Law & Economics Center symposium