Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FTC orders tax filing software company to cease and desist following ALJ decision

    Federal Issues

    On January 22, the FTC issued an opinion and order against the maker of a popular tax filing software.  The FTC found that the company engaged in unfair and deceptive acts or practices by marketing the software as “free” when it was not available as free to more than two-thirds of consumers and ordered the company to “cease and desist making the deceptive claims.”

    The FTC’s opinion and order were issued after its de novo review following the September 2023 ruling from an administrative law judge (“ALJ”), in the FTC’s March 2022 administrative complaint against the company (previously reported by InfoBytes here), in which the ALJ found that the company engaged in deceptive advertising. 

    The company is a publicly traded corporation that offers a variety of software programs. The software in question is a program that assists customers with preparing and filing their taxes. The FTC alleged that since 2016 the company marketed its tax filing software in violation of Section 5 of the FTC Act through television and online ads, stating consumers could file their taxes for free when less than one-third of taxpayers were eligible for the company’s free edition of the software.

    The FTC took issue with the company’s claim that the software was “free” when it restricted its eligibility for the free version to those with “simple tax returns.” While the definition of “simple tax returns” has changed over time, in 2022 it was limited to filed returns that included a Form 1040 with limited attached schedules. However, the FTC alleged most taxpayers do not have “simple tax returns” as defined by the company, including those with mortgage or property income, investment income, or charitable donations over $300.

    According to the FTC, from 2016 to 2022, the company ran “dozens” of unique ads through television, radio, the internet, social media, and other advertising channels, that garnered “billions of impressions.” The company and its ad agency understood that advertising its product as free would be a “powerful” lure to entice new customers, stating “Lead with [f]ree to raise heads and drive traffic and acquisition[.]” Although disclaimers are present in the ads, the FTC alleged the company’s disclaimers are inadequate to “cure the misrepresentations” faced by the consumer.

    The company continued to market its products as free for three years after multiple lawsuits were filed by the Los Angeles City Attorney and the County Counsel for the County of Santa Clara, California, alleging unfair and deceptive marketing of free versions of the software. Various state Attorneys General opened subsequent investigations that led the company to enter into a settlement agreement with all fifty states pursuant to which the company agreed to pay $141 million and submit to restrictions on its advertising and marketing of the software. Among other restrictions, the FTC’s final order prohibits the company from making any misrepresentations of the cost of its products and services, or the requirement that a consumer use its paid products or services in order to accurately file their taxes online or claim a credit or deduction. Additionally, the order imposes record-keeping and reporting requirements that will remain effective for a period of twenty years after the issuance date of the order.

    Federal Issues FTC Cease and Desist ALJ FTC Act

  • OCC releases January enforcement actions

    On January 17, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included is a notice of charges seeking cease and desist orders against three subsidiary banks of the same bank holding company (see here, here, and here), which alleged that each bank engaged in unsafe or unsound practices relating to an investment strategy concentrated in long-term securities. The unsafe practices, the OCC explained, exposed each bank to excessive interest rate risk without adequate sources of contingency funding and contingency capital. The OCC further alleged that each bank failed to mitigate such risk in a timely manner. 

    Bank Regulatory Federal Issues OCC Enforcement Cease and Desist

  • OCC issues cease-and-desist order to NY bank

    Agency Rule-Making & Guidance

    On December 14, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals that are or were affiliated with such entities. Included is a cease-and-desist order against an upstate New York bank for allegedly engaging in unsafe or unsound practices, including on the bank’s corporate governance, capital planning, interest rate risk management, liquidity risk management, and reports of condition.

    Under the order, the bank must appoint a compliance committee to take corrective action, submit a three-year strategic plan to establish objectives for the bank’s risk profile, earnings performance, growth, and balance sheet mix, among other areas, and maintain a capital ratio of at least 15 percent, a common equity tier 1 capital of at least equal to 14 percent, and a leverage ratio of at least ten percent. The order also requires the bank to create an interest rate risk program and a third-party risk management program.

    Agency Rule-Making & Guidance Cease and Desist New York Banking Corporate Governance Capital Requirements

  • OCC releases enforcement actions

    On November 16, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included is a cease and desist order against an Indiana bank for allegedly engaging in unsafe or unsound practices, related to corporate governance and enterprise risk management, credit underwriting and administration, liquidity risk management, and interest rate risk management. The order requires the bank to, among other things, (i) provide quarterly reports detailing corrective action and efforts to comply with the order; (ii) develop a written strategic plan; (iii) maintain specified capital ratios; (iv) engage an independent third party to review board and management supervision; (v) submit a written concentration risk management program and a written liquidity risk management program; (vi) adopt a credit underwriting and administration program; (vii) submit and adopt a written adequate allowance for credit losses; and (viii) adopt a written credit derivatives program.

    Bank Regulatory Federal Issues OCC Enforcement Cease and Desist

  • Bank to pay Fed, NYDFS almost $30 million for deficient third-party risk management practices

    Federal Issues

    On October 19, the Fed and NYDFS announced an enforcement action against a New York-based bank for alleged violations of consumer identification rules and deficient third-party risk management practices. NYDFS Superintendent Adrienne A. Harris stated that the bank failed to prevent a “massive, ongoing fraud” related to its prepaid card program. According to the Fed’s cease-and-desist order, illicit actors managed to open prepaid card accounts through a third-party, and moved hundreds of millions of dollars of direct deposit payroll payments and state unemployment benefits through the accounts. The Fed’s order requires the bank to, among other things, improve its oversight, create a new product review program, enhance its customer identification program, and submit a plan to enhance its third-party risk management program. The bank’s plan must include (i) policies and procedures to ensure third-party service providers are complying with federal and state law; (ii) a third-party risk management oversight program; (iii) policies and procedures to ensure the bank’s Chief Compliance Officer has sufficient resources to properly access the bank’s prepaid card program and is adequately staffed; and (iv) a comprehensive identity theft prevention program. The Fed also requires the bank to pay a civil money penalty of approximately $14.5 million. Under NYDFS’s consent order, the bank agreed to pay an additional $15 million civil monetary penalty, and to submit remediation and program reporting.

    Federal Issues State Issues NYDFS Federal Reserve Cease and Desist Third-Party Risk Management

  • Fed announces enforcement action against Kansas bank for operational deficiencies

    On September 5, the Fed announced a cease and desist order (the “order”) against a Kansas bank holding company and its subsidiary bank (collectively, the “bank”) for having significant operational deficiencies, including deficiencies related to staffing, internal controls, credit risk management, lending and credit administration, capital, information technology and information security, books and records, regulatory reporting, liquidity and funds management, earnings, interest rate risk management, third-party risk management, and other deficiencies such as compliance with federal laws related to AML/BSA requirements.

    The order directs the bank to, among other things, (i) strengthen board oversight; (ii) engage a third party to conduct an assessment of the bank’s corporate governance and staffing; (iii) improve lending and credit administration policies and procedures; (iv) correct the identified information technology and information security deficiencies; (v) revise its allowance for credit losses methodology to comply with supervisory guidance; (vi) enhance interest rate risk management practices; (vii) improve internal controls; (viii) submit a written plan to maintain sufficient capital; (ix) enhance liquidity risk management; and (x) improve the bank’s earnings and overall condition. The order also directs the Bank to improve its BSA/AML compliance program and internal audit program, and to take all necessary steps to correct all violations of law or regulation and to ensure future compliance.

    Bank Regulatory Federal Issues Enforcement Cease and Desist Bank Secrecy Act Anti-Money Laundering Kansas

  • SEC charges broker-dealer with failure to file suspicious activity reports

    Securities

    On August 29, the SEC announced that it had brought charges against a Chicago-based broker-dealer. The SEC alleged that between August 2012 and September 2020 the broker-dealer failed to file over 400 hundred legally required suspicious financial transaction reports related to over-the-counter securities transactions executed in the broker-dealer’s alternative trading system (ATS). According to the SEC’s order, it was found that the broker-dealer did not establish an anti-money laundering surveillance program until September 2020, despite having thousands of high-risk microcap and penny stock securities transactions executed daily on its ATS.

    Daniel R. Gregus, Director of the SEC’s Chicago Regional Office, stated, “All SEC-registered broker-dealers have the responsibility to comply with the requirements of the Bank Secrecy Act, including the obligation to file SARs.”

    Without admitting or denying that it violated Section 17(a) of the Securities Exchange Act and Rule 17a-8, the broker-dealer agreed to a censure and a cease-and-desist order, along with a $1.5 million penalty.

     

    Securities Federal Issues SEC Broker-Dealer Enforcement Recordkeeping SARs Cease and Desist

  • SEC charges fintech investment adviser for misleading advertising

    Securities

    On August 21, the SEC announced charges against a New York-based fintech investment adviser for using hypothetical performance metrics in misleading advertisements, compliance failures that led to misleading disclosures, and failure to adopt policies concerning crypto asset trading by employees, among other things. These charges mark the first violation of the SEC’s amended marketing rule.

    According to the order, the fintech investment adviser made misleading statements on its website by failing to include material information, and without having adopted and implemented required policies and procedures under the SEC’s marketing rule. The SEC also found that the company made conflicting disclosures regarding crypto assets custody and failed to adopt policies related to employee personal trading in crypto assets. 

    The company consented to the order finding that it violated the Advisers Act and without admitting or denying the SEC’s findings, entered into a cease-and-desist order, a censure, and agreed to pay $192,454 in disgorgement, prejudgment interest and an $850,000 civil penalty that will be distributed to affected clients.

    Securities Fintech Enforcement SEC Disclosures Cryptocurrency Cease and Desist

  • DFPI launches actions against crypto scams, initiates education campaign

    State Issues

    On August 9, the California Department of Financial Protection and Innovation (DFPI) announced that it issued cease and desist orders against three entities (orders here, here, and here) for allegedly offering and selling unqualified securities, and making material misrepresentations and omissions to investor related to cryptocurrency investments. The entities allegedly created high-yield investment programs (HYIPs), which DFPI characterizes as “investment frauds that typically promise high returns with low risk, promise overly consistent returns, provide little details about the people running the HYIP, use vague language to describe how the HYIP makes money, offer referral bonuses, facilitate deposits and withdrawals with crypto assets, and use social media to gain attention and attract investors.” 

    The cease and desist orders are just one of the tools DFPI employs to address investment scams involving crypto assets, also using enforcement actions, social media, and a Crypto Scam Tracker. DFPI has posted videos to its social media accounts that are directed towards the same group of individuals targeted by the crypto community in order to educate investors about its enforcement actions and violations of law. The Crypto Scam Tracker was launched earlier this year to help Californian’s identify and avoid scams involving cryptocurrency. (Covered by InfoBytes here).

    State Issues Privacy, Cyber Risk & Data Security Cryptocurrency California Enforcement Cease and Desist DFPI FDCPA

  • SEC settles allegations regarding robo-adviser service

    Securities

    On June 13, the SEC announced a settlement with three subsidiaries of a financial services holding company (collectively, “respondents”) regarding their robo-adviser service. The order, which the respondents consented to without admitting or denying the findings, imposes a civil money penalty of $135 million and a total of $52 million in disgorgement. The order also provides that the respondents must cease and desist from committing or causing any future violations of the antifraud provisions in the Investment Advisers Act.

    Securities Enforcement Cease and Desist Investment Advisers Act Robo-Advisor Service

Pages

Upcoming Events