InfoBytes
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC Releases Agenda for Start with Security Conference
On October 14, the FTC announced the agenda for its Start with Security conference, scheduled to take place on November 5 in Austin, TX. The conference is intended to provide companies, particularly start-ups and developers, with tips for implementing effective data security. The event will host the following four panels: (i) Starting up Security - Building a Security Culture; (ii) Scaling Security - Adapting Security Testing for DevOps and Hyper-growth; (iii) Third-party AppSec - Dealing with Bugs, Bug Reports, and Third-party Code; and (iv) Beyond Bugs - Embracing Security Features.
CFPB Releases Annual Report on Student Loan Complaints
On October 14, the CFPB released its annual report of the CFPB Student Loan Ombudsman, which analyzes consumer complaints submitted from October 1, 2014 through September 30, 2015 and provides an examination of issues raised in its September student loan servicing report. The CFPB is predominantly concerned about the group of borrowers facing repayment issues with older federal student loans made by banks and private lenders under the Federal Family Education Loan Program (FFELP). According to the CFPB’s report, at least 30 percent of borrowers who participated in FFELP are either behind in their loan repayments or already in default. The report includes the following additional noteworthy data: (i) more than one in five of borrowers with federal loans made by private lenders are past-due, with more than 10 percent in forbearance; and (ii) 95 percent of borrowers with federal loans made by private lenders are not enrolled in income-driven repayment plans. The content of the report emphasizes the importance of the Department of the Treasury, Department of Education, and the CFPB’s joint statement to improve student loan servicing practices, promote borrower success, and minimize defaults.
Third Circuit Vacates New Jersey District Court's Dismissal of TCPA-related Case
On October 14, the Court of Appeals for the Third Circuit ruled the recipient – intended or not – of a prerecorded call has standing under the TCPA, so long as the recipient has sufficient ties to the number called. Leyse v. Bank of America NA, No. 14-4073 (3rd. Cir. Oct. 14, 2015). In 2011, a roommate of the intended recipient sued a financial institution after answering a prerecorded telemarketing call seeking to advertise credit cards on behalf of the financial institution. In 2014, the District Court of New Jersey dismissed the case on the grounds that the plaintiff was not the intended recipient of the call and, therefore, lacked standing. The Third Circuit vacated that ruling, holding that the TCPA’s “zone of interests encompasses more than just the intended recipients of the prerecorded telemarketing calls” and that “[l]imiting standing to the intended recipient would disserve the very purposes Congress articulated in the text of the Act.”
DOJ Disables Malware Designed for Bank-Theft; Unseals Indictment Against Botnet Administrator
On October 13, the DOJ unsealed an indictment against a Moldovan citizen for his alleged involvement in a criminal conspiracy to steal confidential financial information by distributing malware software through phishing emails. According to the indictment, the Defendant and his co-conspirators infected computers with malware designed to circumvent anti-virus protections and steal confidential personal and financial information from victims. The confidential information, such as online banking credentials, was used to “falsely represent to banks that the defendant and co-conspirators were the victims or employees of the victims with authority to access the victims’ bank accounts.” The investigation found that an estimated $10 million loss in the U.S. alone can be attributed to the Defendant’s scheme.
SEC Settles with Swiss Bank Over Misconduct of Issuing Complex Structured Notes
On October 13, the SEC announced a $19.5 million settlement with a Swiss bank for allegedly misleading U.S. investors by making false and misleading statements and omissions in connection with the offering of complex retail structured notes. Among other things, the SEC’s Cease-and-Desist Order alleges that, between December 2009 and November 2010, the Swiss bank failed to disclose to investors (i) taking unjustified markups; (ii) participation in hedging trades with non-systematic spreads; and (iii) trading prior to certain hedging transactions. The SEC further alleged the bank’s conduct “negatively impacted or, in the case of trading before hedging transactions, had the potential to negatively impact, pricing inputs used to calculate the” currency index. Without admitting or denying the charges, the bank agreed to pay disgorgement and prejudgment interest of $11.5 million and a civil money penalty of $8 million. $5.5 million of the disgorgement and prejudgment funds will be distributed to investors affected by the bank’s actions. According to the SEC, the action is the agency’s first case to involve misstatements and omissions by an issuer of retail structured notes.
Georgia Resident Pleads Guilty to Charges of Operating Unlicensed Money Transmitting Business
On October 13, the DOJ announced that a Columbus, Georgia resident pleaded guilty to one count of operating an unlicensed money transmitting business. According to the DOJ, between February 2013 and March 2014, the individual unlawfully owned, operated, and managed multiple money transmitting companies throughout the Columbus area, offering check-cashing services. The individual allegedly knew that he was required to register his company with FinCEN and with the state of Georgia, but failed to do so. Scheduled to face sentencing in January 2016, the individual faces a statutory maximum sentencing of five years and has agreed to a forfeiture order of more than $1,300,000.
FTC Unveils Updated Cross Border Consumer Complaint Website
On October 13, the FTC, as part of the International Consumer Protection and Enforcement Network (ICPEN), announced an updated version of ICPEN’s econsumer.gov, a website containing cross border consumer complaints and designed to assist law enforcement authorities investigate and take action against international scams. Originally launched in 2001, the website’s update includes (i) additional language availability; (ii) an improved complaint form, providing consumers with complaint trend data and guidance on how to resolve complaints; and (iii) an interface that is reader-friendly on tablets and smart phones. The FTC enters complaints received via the website into its complaint database, Consumer Sentinel, which is available to enforcers and regulators participating in ICPEN.
NYDFS Reaches Fifth Agreement Regarding Symphony Chat System; Issues Regulatory Guidance
On October 13, the NYDFS announced that it reached its fifth agreement with a bank regarding record keeping requirements and other protections to ensure that the bank is responsibly using Symphony Communication Services, LLC’s chat and messaging platform (Symphony). In September, the NYDFS reached similar agreements with four banks after expressing concern that some Symphony features, most notably its promised service of “Guaranteed Data Deletion,” had the capability to hinder regulators’ and prosecutors’ investigations of misconduct at banks. Per the agreements reached with the NYDFS, the banks must (i) require Symphony to maintain copies of all communications sent through the chat and messaging platform for at least seven years; (ii) provide an independent custodian with a copy of decryption keys for encrypted messages sent through Symphony; and (iii) inform the NYDFS of the location of the decryption keys. Acting Superintendent Anthony Albanese outlined these requirements in the October 13 guidance issued to all NYDFS-regulated institutions, stressing that “any [NY]DFS-regulated institution that is considering using the Symphony platform should ensure that the entity’s anticipated use conforms to the standards included in the Agreements.”
SEC to Accept Requests to Vacate Certain Securities Sanctions due to Court Ruling
On October 9, the SEC announced that it would not seek further review of the U.S. Court of Appeals for the District of Columbia’s July ruling prohibiting the SEC from retroactively applying the Dodd-Frank Act’s sanctions provisions to violations occurring before the Act’s effective date. Koch et al. v. SEC, No. 14-1134 (D.C. Cir. Jul. 14, 2015). In addition, the SEC further advised that persons subject to an existing SEC order that may be impacted by the Koch decision, because the conduct involved occurred before the July 22, 2010 effective date of Dodd-Frank, may apply for relief from the Commission’s order.
CSBS and Federal Reserve Provide Insight on Opportunities and Challenges for Community Banks
On October 6, the CSBS released a summary of research presented and discussions had at the third annual Community Banking Research and Policy Conference, held September 30 through October 1. At the conference, community bankers, academics, and federal and state policymakers discussed trends in community banking, with a particular focus on small business and farm lending, community bank performance, and community banks pre- and post-financial crisis. 27 state regulators attended the conference and held a roundtable to address first-hand the challenges – such as increased regulatory burden and evolving technology – and opportunities community bankers face.