InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFTC commissioner discusses crypto exchange’s collapse
On January 18, CFTC Commissioner Christy Goldsmith Romero spoke before the Wharton School and the University of Pennsylvania Carey Law School on lessons learned from the recent bankruptcy of a cryptocurrency exchange, calling the collapse a “violation of trust.” Specifically, Goldsmith Romero mentioned that the digitization of financial services and products brought convenience but also a presumed trust in crypto exchanges with name recognition, which was violated by the collapse. She pointed to the collapsed exchange’s reliance on the name recognition it made through marketing campaigns and explained that such advertising “played up the exchange’s safety and convenience for people that may be new to crypto.”
Goldsmith Romero urged Congress to avoid permitting newly-regulated crypto exchanges to self-certify products for listing under the current process that limits CFTC oversight. She stressed it “is critical to institute guardrails against regulatory arbitrage," including prohibiting self-certification.
Goldsmith Romero also called on lawyers, accountants, compliance professionals, and other gatekeepers to “step up and call for compliance, controls, and other governance.” She expressed that these gatekeepers failed their “essential duties” to protect crypto customers and market integrity, and noted that they have allowed “the promise of riches and the company’s marketing pitch to silence their objections to obvious deficiencies.” Ultimately, Goldsmith Romero advised that “[s]ound custody practices and strong cybersecurity are necessary to restore trust and protect customers.”
FTC takes action against eye surgery provider
On January 19, the FTC announced an action against an Ohio-based eye surgery provider (respondent) concerning allegations that it engaged in “bait-and-switch” advertising. According to the FTC’s complaint, the respondent engaged in deceptive business practices by marketing eye surgery for $250, yet only 6.5 percent of patients who received consultations qualified for that price. According to the FTC, despite the advertising claims, for consumers with less than near-normal vision the company typically quoted a price between $1,800 and $2,295 per eye. The FTC also alleged that respondent neglected to tell consumers up-front that the promotional price was per-eye.
Under the terms of the decision and order (which was granted final approval on March 15) the respondent must, among other things, pay $1.25 million in redress to harmed customers. Additionally, the respondent is banned from using deceptive business practices and is required to make certain clear and conspicuous disclosures when advertising the surgery at a price or discount for which most consumers would not qualify. Specifically, such disclosures must include whether the price is per eye, the price most consumers pay per eye, and any requirements or qualifications needed to get the offered price or discount.
The Commission voted to issue the administrative complaint and accepted the consent agreement 3-1. Commissioner Christine S. Wilson issued a dissenting statement, arguing that there are “no clear rules” regarding the qualifications of eye surgery referenced in the complaint. She stated that she is “concerned that requiring the inclusion of specific medical parameters in advertisements, when those parameters could be either over- or under-inclusive depending upon the results of the consultation, could be more confusing than helpful.”
FinCEN prohibits engagement with virtual currency exchange connected to Russian finance
On January 18, the Financial Crimes Enforcement Network (FinCEN) issued its first order pursuant to section 9714(a) of the Combating Russian Money Laundering Act to identify a Hong Kong-registered global virtual currency exchange operating outside of the U.S. as a “primary money laundering concern” in connection with Russian illicit finance. FinCEN announced that the virtual currency exchange offers exchange and peer-to-peer services and “plays a critical role in laundering Convertible Virtual Currency (CVC) by facilitating illicit transactions for ransomware actors operating in Russia.” A FinCEN investigation revealed that the virtual currency exchange facilitated deposits and funds transfers to Russia-affiliated ransomware groups or affiliates, as well as transactions with Russia-connected darknet markets, one of which is currently sanctioned and subject to enforcement actions that have shuttered its operations. The investigation also found that the virtual currency exchange failed to meaningfully implement steps to identify and disrupt the illicit use and abuse of its services, and lacked adequate policies, procedures, or internal controls to combat money laundering and illicit finance.
Recognizing that the virtual currency exchange “poses a global threat by allowing Russian cybercriminals and ransomware actors to launder the proceeds of their theft,” FinCEN acting Director Himamauli Das emphasized that “[a]s criminals and criminal facilitators evolve, so too does our ability to disrupt these networks.” He warned that FinCEN will continue to leverage the full range of its authorities to prohibit these institutions from gaining access to and using the U.S. financial system to support Russian illicit finance. Effective February 1, covered financial institutions are prohibited from engaging in the transmittal of funds from or to the virtual currency exchange, or from or to any account or CVC address administered by or on behalf of the virtual currency exchange. Frequently asked questions on the action are available here.
Concurrently, the DOJ announced that the founder and majority owner of the virtual currency exchange was arrested for his alleged involvement in the transmission of illicit funds. Charged with conducting an unlicensed money transmitting business and processing more than $700 million of illicit funds, the DOJ said the individual allegedly “knowingly allowed [the virtual currency exchange] to become a perceived safe haven for funds used for and resulting from a variety of criminal activities,” and was aware that the virtual currency exchange’s accounts “were rife with illicit activity and that many of its users were registered under others’ identities.” While the virtual currency exchange claimed it did not accept users from the U.S., it allegedly conducted substantial business with U.S.-based customers and advised users that they could transfer funds from U.S. financial institutions.
Deputy Secretary of the Treasury Wally Adeyemo issued a statement following the announcement, noting that the action “is a unique step that has only been taken a handful of times in Treasury’s history for some of the most egregious money laundering cases, and is the first of its kind specifically under new authorities to combat Russian illicit finance.” He reiterated that the action “sends a clear message that we are prepared to take action against any financial institution—including virtual asset service providers—with lax controls against money laundering, terrorist financing, or other illicit finance.”
Credit union to pay $558,000 in cyber fraud case
On January 12, the U.S. District Court for the Eastern District of Virginia ruled that a credit union (defendant) is responsible for $558,000 in compensatory damages for processing a payment order that was allegedly induced through fraud by the beneficiary, but later rescinded its decision to award punitive damages. According to the initial opinion and order, in October 2018, the plaintiff received a “spoofed” email from an unknown third party claiming to be one of the plaintiff’s suppliers. The email instructed the plaintiff to change its banking remittance information for the supplier. However, unknown to the plaintiff, the new banking information contained in the email belonged to an individual who had opened a personal account with the defendant months prior. The order stated that from October to November in 2018, the plaintiff made four payments to the individual’s account held by the defendant, identifying the supplier as the beneficiary. The plaintiff sued alleging that the defendant failed to “comport with basic security standards that resulted in the unlawful diversion of funds.” According to the opinion and order, the court found that Virginia Commercial Code required the defendant to reject the deposits if it knew there was a discrepancy between the intended beneficiary and the account receiving the deposit. The court further wrote that the defendant did not have a duty to “proactively” discover a discrepancy, but found that “the evidence at trial illustrated that [the defendant] did not maintain reasonable routines for communicating significant information to the person conducting the transaction. If [the defendant] had exercised due diligence, the misdescription would have been discovered during the first [] transfer.” Additionally, the court stated the defendant did have “actual knowledge” of the fraud because “the transfers generated real-time warnings that the name of the intended beneficiary [] did not match the name of the owner of the account receiving the [deposits].” The court awarded the plaintiff $558,000 in compensatory damages and $200,000 in punitive damages. However, the court rescinded the punitive damage award stating that the plaintiff has not provided sufficient evidence to support punitive damages.
NYDFS issues check-cashing fee regulations
On January 18, NYDFS announced that it has adopted an updated check cashing regulation. As previously covered by InfoBytes, NYDFS issued a proposed check cashing regulation in June 2022, following an emergency regulation announced in February 2022, that halted annual increases on check-cashing fees and locked the current maximum fee set last February at 2.27 percent (covered by InfoBytes here). The regulation establishes a new fee methodology that evaluates the needs of licensees and consumers who use check cashing services. Two tiers of fees for licensed check cashers are recommended: (i) the maximum fee that a check casher may charge for a public assistance check issued by a federal or state government agency (including checks for Social Security, unemployment, retirement, veteran’s benefits, emergency relief, housing assistance, or tax refunds) is set at 1.5 percent; and (ii) the maximum fee a check casher is permitted to charge for all other checks, drafts, or money orders is $1 or 2.2 percent, whichever is greater. According to NYDFS Superintendent Adrienne Harris, “the existing fee methodology wasn’t just outdated, but inappropriate and punitive to consumers.” She further noted that “[c]heck cashers should not be entitled to automatic, annual fee increases.”
Respondents urge Supreme Court to wait on CFPB funding review
On January 13, respondents filed a brief in opposition to a petition for a writ of certiorari filed by the CFPB last November, which asked the U.S. Supreme Court to review whether the U.S. Court of Appeals for the Fifth Circuit erred in holding that the Bureau’s funding structure violates the Appropriations Clause of the Constitution (covered by InfoBytes here). The Bureau also asked the Supreme Court to consider the 5th Circuit’s decision to vacate the agency’s 2017 final rule covering “Payday, Vehicle Title, and Certain High-Cost Installment Loans” (Payday Lending Rule or Rule) on the premise that it was promulgated at a time when the Bureau was receiving unconstitutional funding. The Bureau requested that the Supreme Court review the case during its current term, which would ensure resolution of the issue by the summer of 2023. Last December, a coalition of state attorneys general from 22 states, including the District of Columbia, filed an amicus brief supporting the Bureau’s petition for a writ of certiorari, while 16 states filed an amicus brief opposing the petition (covered by InfoBytes here).
In their opposition brief, the respondents urged the Supreme Court to deny the Bureau’s petition on the premise that the 5th Circuit’s decision does not warrant review—“let alone in the expedited and limited manner that the Bureau proposes”—because the appellate court correctly vacated the Payday Lending Rule, which, according to the respondents, has “multiple legal defects, including but not limited to the Appropriations Clause issue.” Among other things, the respondents argued that the Bureau erroneously contended that the Appropriations Clause does not limit the manner in which Congress may exercise its authority, claiming that: (i) the Appropriations Clause ensures Congressional oversight of the federal fiscal and executive power; (ii) the Bureau’s funding statute nullifies Congress’s appropriations power in an unprecedented manner; (iii) the Bureau’s merit defenses, including claims that text, history, and precedent support its funding scheme, all fail; and (iv) the Bureau’s remedial defenses of the Payday Lending Rule also fail.
The respondents also maintained that the case “is neither cleanly presented . . . nor ripe for definitive resolution at this time,” and argued that the Supreme Court could address the validity of the Payday Lending Rule without addressing the Bureau’s funding issue. Explaining that the 5th Circuit’s decision “simply vacated a single regulation that has never been in effect,” the respondents claimed that the appellate court should have addressed questions about the Rule’s validity before deciding on the Appropriations Clause question. The respondents claimed that the appellate court incorrectly rejected two antecedent grounds for vacating the Payday Lending Rule: (i) the Rule’s “promulgation was tainted by the removal restriction later held invalid in Seila Law” (covered by a Buckley Special Alert); and (ii) the Rule exceeds the Bureau’s authority “because the prohibited conduct falls outside the statutory definition of unfair or abusive conduct.” “Given the significant prospect that this Court will be unable to resolve the constitutional question in this case, it should await a better vehicle,” the respondents wrote, adding that “[i]f and when some judgment in some future case has ‘major practical effects,’ [] the Bureau should seek this Court’s review then—which may well present a better vehicle.”
Further, the respondents stated that if the Supreme Court grants review of the case, it “should proceed in a more deliberative fashion than the Bureau has urged.” The respondents asked the Supreme Court to expressly include the antecedent questions by either granting the respondents’ cross-petition or adding them to the Board’s petition in order to provide clarity about whether the Supreme Court intends to consider the alternative grounds. They further urged the Supreme Court to wait until next term to review the case, writing that the Bureau “cannot justify its demand for a case of this complexity and importance to be briefed, argued, and decided in a few months at the end of a busy Term.”
FDIC announces Alabama, California disaster relief
On January 18, the FDIC issued guidance (see FIL-03-2023 and FIL-04-2023) to provide regulatory relief to financial institutions and help facilitate recovery in areas of Alabama affected by severe storms, straight-line winds, and tornadoes occurring on January 12, and in areas of California affected by severe winter storms, flooding, and landslides occurring from December 27 and continuing. The FDIC wrote that in supervising impacted institutions, it will consider the unusual circumstances those institutions face. The guidance suggested that institutions work with borrowers impacted by the severe weather to extend repayment terms, restructure existing loans, or ease terms for new loans “in a manner consistent with sound banking practices.” The FDIC noted that institutions may receive favorable Community Reinvestment Act consideration for community development loans, investments, and services in support of disaster recovery. The agency will also consider relief from certain reporting and publishing requirements.
Hsu discusses management of large banks
On January 17, acting Comptroller of the Currency Michael J. Hsu delivered remarks at the Brookings Institute regarding large bank manageability. Hsu started by expressing his belief that developing a robust approach to detecting, preventing, and addressing too-big-to-manage (TBTM) risks will increasingly become an imperative for both banks and bank regulators. He stated that the best “way to successfully fix issues at a TBTM bank is to simplify it — by divesting businesses, curtailing operations and reducing complexity,” and that more typical actions, such as changing management, budgets, plans, and personnel will have limited impact at a bank that is too big to manage. Hsu added that “the size and complexity” of a bank “is the core problem that needs to be solved, not the weaknesses of its systems and processes or the unwillingness or incompetence of its senior leaders.”
Hsu discussed the OCC’s four-step “escalation framework.” He noted that “the design logic of an escalation framework is to use the credible threat of restrictions and divestitures, guided by and consistent with due process, to force banks to prove that they are manageable and to then let the effectiveness or ineffectiveness of their actions speak for themselves.” He noted that the first step is to put a bank on notice and make clear the nature of the weakness requiring remediation. Significant deficiencies and/or weaknesses that go unaddressed can escalate into public enforcement actions, such as a consent order, where material safety and soundness risks or violations of laws and regulations are at play. If the problem continues, then the OCC will pursue a restriction and divestitures of a bank’s business activities or capital actions. The final step includes breaking up the bank by compelling divestment.
Hsu concluded with his thoughts on the need for bank regulators to provide greater transparency on the supervisory process. He also emphasized the importance of due process and described supervisory remedies, including but not limited to, business restrictions, divestitures, and simplification of large banks when necessary.
CFPB updates Mortgage Servicing Examination Procedures
On January 18, the CFPB released an updated version of its Mortgage Servicing Examination Procedures, detailing the types of information examiners should gather when assessing whether servicers are complying with applicable laws and identifying consumer risks. The examination procedures, which were last updated in June 2016, cover forbearances and other tools, including streamlined loss mitigation options that mortgage servicers have used for consumers impacted by the Covid-19 pandemic. The Bureau noted in its announcement that “as long as these streamlined loss mitigation options are made available to borrowers experiencing hardship due to the COVID-19 national emergency, those same streamlined options can also be made available under the temporary flexibilities in the [agency’s pandemic-related mortgage servicing rules] to borrowers not experiencing COVID-19-related hardships.” Servicers are expected to continue to use all the tools at their disposal, including, when available, streamlined deferrals and modifications that meet the conditions of these pandemic-related mortgage servicing rules as they attempt to keep consumers in their homes. The Bureau said the updated examination procedures also incorporate focus areas from the agency’s Supervisory Highlights findings related to, among other things, (i) fees such as phone pay fees that servicers charge borrowers; and (ii) servicer misrepresentations concerning foreclosure options. Also included in the updated examination procedures are a list of bulletins, guidance, and temporary regulatory changes for examiners to consult as they assess servicers’ compliance with federal consumer financial laws. Examiners are also advised to request information on how servicers are communicating with borrowers about homeowner assistance programs, which can help consumers avoid foreclosure, provided mortgage servicers collaborate with state housing finance agencies and HUD-approved housing counselors to aid borrowers during the HAF application process.
CFPB: Negative option marketing practices could violate the CFPA
On January 19, the CFPB released Circular 2023-01 to reiterate that companies offering “negative option” subscription services are required to comply with federal consumer financial protection laws. According to the Circular, “‘negative option’ [marketing] refers to a term or condition under which a seller may interpret a consumer’s silence, failure to take an affirmative action to reject a product or service, or failure to cancel an agreement as acceptance or continued acceptance of the offer.” The Bureau clarified that negative option marketing practices could violate the CFPA where a seller: (i) misrepresents or fails to clearly and conspicuously disclose the material terms of a negative option program; (ii) fails to obtain consumers’ informed consent; or (iii) misleads consumers who want to cancel, erects unreasonable barriers to cancellation, or fails to honor cancellation requests that comply with its promised cancellation procedures.
The Bureau described receiving consumer complaints from older consumers about being repeatedly charged for services they did not intend to buy or no longer wanted to continue purchasing. Other consumers reported being enrolled in subscriptions without knowledge of the program or the costs. Consumers also submitted complaints regarding the difficulty of cancelling subscription-based services and about charges on their credit card or bank account after they requested cancellation.
The Bureau also warned that negative option programs can be particularly harmful when paired with dark patterns. The Circular noted that the Bureau and the FTC have taken action to combat the rise of digital dark patterns, which can be used to deceive, steer, or manipulate users into behavior that is profitable for a company, but often harmful to users or contrary to their intent. The Bureau noted that consumers could be misled into purchasing subscriptions and other services with recurring charges and be unable to cancel the unwanted products and services or avoid their charges.