InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Lawsuits Allege Banks Did Not Maintain “Commercially Reasonable” Data Security Systems
Recently, data security breaches at banks in Texas and Maine have resulted in two separate lawsuits (see here and here) alleging that the banks did not maintain “commercially reasonable” data security systems. PlainsCapital Bank v. Hillary Mach. Inc., No. 4:09-cv-00653 (E.D. Tex. Dec. 31, 2009). Patco Constr. Co. Inc. v. People’s United Bank, No. 2:09-CV-00503 (D. Maine Feb. 2, 2010). In PlainsCapital, a Texas bank approved an $800,000 transfer request from the account of a machining company. The transfer was discovered to be fraudulent and, though the bank was able to recover nearly three-quarters of the transferred funds, the machining company sent a letter to the bank arguing that the bank was liable for the remaining funds, because it failed to maintain “commercially reasonable security measures” in its internet banking system. Shortly after receiving the letter, the bank filed a complaint in the Eastern District of Texas seeking a declaratory judgment that its security measures are “commercially reasonable” within the meaning of §§ 4A-201 and 4A-202 of the Uniform Commercial Code (UCC). In Patco, a construction company sued a Maine bank after the bank allowed a fraudulent transfer of $588,581 from the company’s account. In its complaint, the construction company alleged, among other things, (i) that the bank failed to maintain “commercially reasonable” data security, as required by § 4-1204 of Maine’s version of the UCC, because the bank employed single factor user authentication, instead of multi-factor user authentication as recommended by the Federal Financial Institutions Examination Council’s online banking security standards guidance, and (ii) set an unreasonably low threshold for the challenge question for authentication of customer passwords. In its answer, the bank argued that the construction company was contributorily negligent because it failed to perform daily monitoring of its account, as required by its eBanking agreement and Automated Clearing House transfer of funds contract with the bank.
Pennsylvania Department of Banking Issues Reverse Mortgage Policy
The Pennsylvania Department of Banking (the Department) recently issued a policy statement to provide guidance to licensees regarding the proper conduct of making, originating or servicing reverse mortgage loans and to inform licensees of the proper use of, and risks associated with, reverse mortgage loans. Because most reverse mortgages are marketed to elderly consumers, the Department’s policy addresses concerns that these consumers may be victimized by poor advice or outright fraud. The Department is also concerned that licensees may not be fully cognizant of the propriety of, and the necessary practices required to protect consumers who use, reverse mortgage loans. And the Department is particularly concerned about the special financial risks associated with proprietary reverse mortgage loans because they are not insured by the Federal government and are not required to follow the standards and requirements mandated by the Federal Housing Administration to obtain Federal insurance. The areas addressed by the policy statement are (i) the financial strength of the licensee lender, (ii) the content of reverse mortgage loan agreements, (iii) the procedures regarding reverse mortgage loan origination, (iv) the consequences of a reverse mortgage loan for a non-borrower spouse, (v) conflicts of interest, (vi) a prohibition on offering unsuitable reverse mortgage loans, (vii) servicing obligations, (viii) an applicant’s mental capacity, and (ix) power of attorney. There are no new regulatory requirements as a result of the policy statement.
Georgia Supreme Court Holds Corporations May Not Be Directly or Vicariously Liable Under Law Limiting Notary Fees
The Supreme Court of Georgia recently held that a statute limiting fees for providing notarial services applies to notaries public, but does not apply directly or vicariously to corporations employing notaries public. Anthony v. American General Financial Services, Inc., 2010 WL 2553586, No. S10Q0203 (Ga. June 28, 2010). The plaintiffs sought to recover a $350.00 notary fee charged by the defendant lender to refinance a mortgage loan that allegedly exceeded the statutory maximum permitted by OCGA § 45-17-11(b). The court first found that corporations employing notaries public are not directly liable under the statute because the relevant statutory text makes it "clear that consumers were directly protected against ‘notary publics,’ not anyone else[,]" and also because "a corporation cannot serve as a notary public." The court next found that a corporation may not be held vicariously liable for the acts of a notary public employed by the corporation because a notary acting in his or her official capacity is a public officer, and the private employer has no control over the performance of his or her notarial duties. The court did find, however, that a corporation may be held liable where it "procures or otherwise qualifies as a party to or participant in such a violation by a[] notary." Other holdings by the court were that (i) a private civil cause of action does not arise under OCGA § 45-17-11 against a corporation employing notaries public to recover notarial fees paid in excess of, and without notice of, the statutorily-prescribed maximum notary fee, (ii) recovery under a breach of contract claim for notarial fees paid in excess of, and without notice of, the statutorily-prescribed maximum notary fee when the actual fee charged was clearly specified in the contract as being "reasonable and necessary" is not barred by the voluntary payment doctrine, and (iii) the statutes of limitations on claims of fraud and on claims of money had and received are not tolled when notarial fees are collected in excess of, and without notice of, the statutorily-prescribed maximum notary fee when the actual fee charged was clearly specified in the contract as being "reasonable and necessary."
Michigan Amends Mortgage Loan Originator Surety Bond Requirements
Recently, Michigan enacted Senate Bill 1525 to modify the surety bond requirements for mortgage loan originators. The bill allows a mortgage company to submit one surety bond to cover all of the company’s individual mortgage loan originators, based on the principal amounts of loans originated by all loan originators. Previously, individual bonds for each loan originator were required. The bill is effective immediately.
Sixth Circuit Finds State Debt Collection Laws Not Preempted by National Bank Act
On December 14, the U.S. Court of Appeals for the Sixth Circuit, in a plaintiff-garnishors’ lawsuit alleging a defendant bank had improperly garnished funds to satisfy certain service fees, affirmed the dismissal of plaintiffs’ claims (2-1) and held: (i) the National Bank Act ("NBA") does not preempt general state debt collection laws, including laws regulating banks’ rights to collect debts, but (ii) on the other hand, the NBA’s grant of authority to banks to charge and collect fees preempted plaintiffs’ specific state-based conversion claim. See Read Monroe Retail, Inc. v. RBS Citizens, N.A., No. 07-4263 (6th Cir. Dec. 14, 2009). The Court also vacated the district court’s characterization of service fees as setoffs, further holding that the doctrine of setoff "applies only when banks use customers’ funds to satisfy an ‘independent contract’ and external debt to the bank." In dissent, the minority argued that the garnishment law at issue was one of general applicability that only incidentally affects national banks and thus, the NBA should not preempt plaintiffs’ claims.
Florida Law Requires Loan Mod Companies to Obtain License
On December 7, the Florida Office of Financial Regulations issued a reminder that, as of January 1, 2010, individuals and companies providing loan modification services to Florida borrowers must maintain an active Florida mortgage lender, mortgage broker or correspondent mortgage lender license. The requirement is part of a law signed by Florida Governor Charlie Crist on June 29, 2009 that also provided for the licensing of mortgage loan originators under the Nationwide Mortgage Licensing System, as required under the federal Secure and Fair Enforcement for Mortgage Licensing Act (reported in InfoBytes, July 3, 2009). Under the new law, loan modification service providers remain prohibited from charging up-front fees for loan modification services. The law also subjects unlicensed persons or entities that provide loan modification services to Florida borrowers to criminal penalties.
Massachusetts Federal Court Holds FCRA Does Not Preempt Massachusetts Inaccurate Reporting Claim
On December 1, the U.S. District Court for the District of Massachusetts denied a furnisher’s motion to dismiss claims of inaccurate credit reporting brought under Massachusetts state laws that allow claims against furnishers of credit information that fail to follow reasonable procedures to ensure that information given to consumer reporting agencies is accurate. Catanzaro v. Experian Information Solutions, Inc., Civil Action 09-105550, 2009 WL 4363207 (D. Mass. Dec. 1, 2009). The consumer claimed that the defendants – furnishers of credit information a consumer reporting agency – violated the Fair Credit Reporting Act (FCRA) and Massachusetts state law in connection with furnishing and reporting allegedly incorrect credit report information. In rejecting the furnisher’s argument that FCRA preempted the state law claims, the court noted that the Massachusetts requirement to follow reasonable procedures to provide information to a consumer reporting agency that is accurate and complete, M.G.L. c. 93, § 54A(a), is one of two state statutory provisions that is expressly excluded from FCRA’s preemption provision. Although the Massachusetts provision allowing a private right of action, M.G.L. c. 93, § 54A(g), is not mentioned in the FCRA carve-out from preemption, the court held that § 54A(g) is similarly not preempted by the FCRA, as it is “simply a mechanism allowing private litigants to enforce a state standard for credit reporting that Congress deliberately chose not to preempt.” The court held, however, that the consumer’s additional state law claims were in fact preempted by the FCRA, and granted defendants’ motion to dismiss those claims.
New York Enacts Foreclosure Legislation
On November 16, New York Governor David Patterson announced the passage of Governor’s Program Bill No. 46, which is aimed to provide protections to New York homeowners and tenants facing foreclosure. The bill expands upon SB 8143, a bill enacted in August 2008 (reported in InfoBytes, Aug. 8, 2008). The new bill, among other things, (i) requires a 90-day pre-foreclosure notice to any borrower facing foreclosure (notice currently is required only to borrowers with subprime loans), (ii) requires lenders who serve such a notice to make a filing with the New York Banking Department within three days, (iii) expands the scope of mandatory settlement conferences from subprime borrowers to all borrowers, (iv) requires that tenants receive written notice of change of ownership of a property and be permitted to remain for the longer of their lease term or 90 days, (v) requires plaintiffs who have obtained a judgment of foreclosure to maintain the foreclosed property, and (vi) prohibits brokers who perform “distressed property consulting services” from accepting upfront fees.
California Federal Court Holds State Law Claims Preempted by FCRA
On October 30, the U.S. District Court for the Central District of California held that a claim brought under California Bus. & Prof. Code § 17200 was preempted by the Fair Credit Reporting Act (FCRA) because it related to the responsibilities of a furnisher of information to credit reporting agencies (CRAs). Forester v. Pennsylvania Higher Education Assistance Agency, No. SACV 09-0930, 2009 WL 3710517 (C.D. Cal. Oct. 30, 2009). The consumer in Forester sued the servicer of his student loans, alleging that the servicer violated FCRA and Cal. Bus. & Prof. Code § 17200 by failing to investigate the accuracy of their credit reporting after the consumer filed a “Notice of Dispute” and that the servicer violated Cal. Bus. & Prof. Code §§ 17200 and 17500 by falsely promising that the consumer’s credit report would not show any derogatory history if the consumer rehabilitated his student loans. The servicer argued that FCRA preempted the state law claims. Acknowledging that FCRA and § 17200 both “relate to the duties of the furnishers of information to CRAs,” and following the recent trend of courts in the Ninth Circuit that hold that FCRA “totally preempts ‘all state statutory and common law causes of action which fall within the conduct proscribed by [15] § 1681s-2 [Section 623 of FCRA],’” the court found that FCRA clearly preempted the consumer’s claims, which relate to the servicer’s responsibilities as furnishers of information to CRAs, the court dismissed the consumer’s state law claims. The court, however, refused to dismiss the consumer’s FCRA claims, rejecting the servicer’s argument that they were time-barred because the alleged violation was a failure to investigate the item raised in the dispute, which occurred during the limitations period.
Hawaii Federal Court Finds That Preemption Applies to State-Law UDAP Claims Based on Alleged TILA Violations
On October 28, the U.S. District Court for the District of Hawaii held that a plaintiff’s state-law Unfair and Deceptive Acts and Practices (UDAP) claims, which were based on violations of the Truth in Lending Act’s (TILA’s) disclosure requirements, are preempted by federal law. Kauinui v. Citibank (South Dakota), N.A., Civ. No. 09-000258, 2009 WL 3530373 (D. Haw. Oct. 28, 2009). In this case, the plaintiff, a credit-card account holder, filed suit against her credit card company, a national bank, alleging that the bank violated TILA’s disclosure requirements regarding the Annual Percentage Rate (APR) and/or the finance charge, and that the TILA violations constituted unfair and deceptive acts or practices under Hawaii’s UDAP statutes. The defendant bank moved to dismiss the claims and to strike portions of the plaintiff’s complaint. The court declined to grant dismissal on the TILA claims, finding that it is “plausible that the bank had violated the disclosure requirements of TILA,” despite the plaintiff’s failure to attach all pages of her credit card statement to the complaint. However, the court granted dismissal of the state UDAP claims. The court noted that federal preemption “does not apply to claims based on violations of generally applicable duties owed by all businesses, such as fraud and breach of contract.” In this case, the court found that a violation of TILA’s disclosure requirement was not a violation of a general law, but a specific allegation and was therefore preempted when applied to the national bank. The court also granted the defendant bank’s motion to strike the plaintiff’s request for statutory damages under TILA because statutory damages are not available for the type of disclosure violation alleged.