InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Illinois Collection Agency Act oversight transferred to the Division of Financial Institutions
Effective November 20, 2023, the Illinois Department of Financial and Professional Regulation adopted provisions regarding the Illinois Collection Agency Act. According to the Notice of Adopted Repealer, Public Act 102-975 has transferred the oversight of collection agencies from the Division of Professional Regulation to the Division of Financial Institutions. With the Division of Financial Institutions planning to introduce new regulations to align them to the agency’s standards, the Department proposes to repeal the existing regulations from the Division of Professional Regulation.
EU court clarifies conditions for imposing GDPR fines
On December 5, the Court of Justice of the European Union (CJEU) issued a judgment clarifying the conditions under which a General Data Protection Regulation (GDPR) fine can be imposed on data controllers. The judgment is in response to two cases involving GDPR fines: (i) a German case in which a real estate company was fined for allegedly storing personal data for tenants for longer than necessary, and (ii) a Lithuanian case in which a government health center was fined in connection to the creation of an app that registered and tracked people exposed to Covid-19.
In the judgment, the CJEU clarified that a data controller can only face an administrative fine under the GDPR for intentional or negligent violations—that is, violations for which a data controller was aware or should have been aware of “the infringing nature of its conduct,” regardless of their knowledge of the specific violation. The judgment also held that for a legal person, it is not necessary for the violation to be committed by its “management body,” nor does that body need to have knowledge of the specific violation. Instead, the legal person is accountable for violations committed by its representatives, directors, or managers, and those acting on their behalf within the business scope. Additionally, imposing an administrative fine on a legal entity as a data controller does not require prior identification of a specific person responsible for the violation.
The judgment also addressed administrative fines for operations involving multiple entities. The CJEU noted that a controller may have a fine imposed upon it for actions undertaken by its processor. The court also clarified that a joint controller relationship arises from the two or more entities participating in determining the purpose and means for processing, and “does not require that there be a formal arrangement between the entities in question.”
To calculate the amount of an administrative fine under the GDPR, the supervisory authority must consider the notion of an “undertaking” under competition law. The maximum fine must be based on the percentage of the total worldwide annual turnover of the particular undertaking in the preceding business year.
OCC issues guidance on BNPL loans
On December 6, the OCC posted Bulletin 2023-37 to provide banks with guidance on Buy Now, Pay Later (BNPL) loans. The OCC defined BNPL as point-of-sale or “pay-in-4” installment loan products. The OCC noted that, if BNPL products are used responsibly, they “can provide consumers with a low-cost, short-term, small-dollar financing alternative to manage cash flow.”
The OCC emphasized that the banks should offer BNPL loans in accordance with standards for safety and soundness, treat customers fairly, provide fair access to financial services, and act in compliance with applicable laws and regulations. In the bulletin, the OCC highlighted the risks to banks associated with offering BNPL lending, including credit, compliance, operational, strategic, and reputational risks to banks. In particular, the bulletin also underscores the risks that borrowers may not fully understand their BNPL repayment obligations, the challenges of underwriting BNPL applicants who have limited or no credit history, the lack of standardized disclosure language, and the risks of merchant disputes, among other risks.
The OCC recommended banks consider risk management practices, such as maintaining “underwriting, repayment terms, pricing, and safeguards that minimize adverse customer outcomes” tailored to the unique characteristics and risks of BNPL loans. The bulletin also advised banks to pay close attention to “the delivery method, timing, and appropriateness of marketing, advertising, and consumer disclosures,” in particular to ensure that all such documents clearly disclose the borrower’s obligations and any fees that may apply.
Maryland finalizes money transmitter regulation; adds agent of the payee exemption
On November 17, the Maryland Commissioner of Financial Regulation recently adopted edits to proposed regulations, Code Md. Code Regs. 09.03.14.01, .03-.18, bringing Maryland generally in alignment with the CSBS Money Transmitter Model Law which has been recently adopted by several other states (covered by InfoBytes here, here, and here). Some provisions in the new regulation conform with the model law, while a few stand out as unique additions in Maryland.
For example, among the newly adopted regulations, amended Regulation .03 provides an exemption for persons appointed as an agent of the payee if (i) there is a written agreement between the payee and agent for payment processing, aligning with Maryland law; (ii) there is public recognition of the agent collecting payments on behalf of the payee; (iii) upon the agent’s receipt of payment, the payor’s obligation ends without risk; (iv) the agent is not serving in an escrow capacity; (v) the agent is not acting as an agent to more than one party; and (vi) the agent mandates prompt, unconditional payment without tying it to future events or performances. This agent of the payee exemption deviates from the model law’s version of the same exemption.
Additionally, amended Regulation .08 establishes corporate governance standards that require money transmitter licensees to maintain a framework that is commensurate with the size, operational complexity, and overall risk profile of the licensee. This standard also sets expectations around internal audit, external audit, and risk management functions of a license. While this concept is not provided for in the model money transmission law, it aligns with the CSBS model state regulatory prudential standards for nonbank mortgage servicers (covered by InfoBytes here).
The final regulation will be effective December 11, 2023.
OCC’s Fall 2023 report highlights risks in banking system
On December 7, the OCC reported key issues facing the federal banking system in its Semiannual Risk Perspective for Fall 2023. In evaluating the overall soundness of the federal banking system, the OCC emphasized the need for banks to maintain prudent risk management practices. The key themes that the OCC underscored in the report included (i) credit risk due to high interest rates, commercial real estate lending, and inflation; (ii) market risks from rising deposit rates, liquidity contraction, and reliance on wholesale funding; (iii) operational risks from cyber threats, increased digitization, and fraud; and (iv) compliance risks from equal access to credit, fair treatment of consumers, fintech partnerships, and BSA/AML risk. The OCC noted that deposit and liquid asset trends stabilized in the latter half of 2023, and the stability was sustained through a greater dependence on wholesale funding.
The report included a special discussion of emerging risks linked to artificial intelligence (AI) in banking. The OCC noted the potential benefits of widespread AI adoption, which could reduce costs, improve products, strengthen risk management, and expand access to credit. At the same time, the OCC cautioned that AI use can create risk and banks must manage its use carefully.
OCC approves bank to surpass Section 23A thresholds
The OCC recently published redacted Interpretive Letter #1181, in which the OCC granted a national bank’s application for exemption from the quantitative limits under Section 23A to allow the bank to purchase an affiliate LLC that owns the premises on which the bank’s headquarters and main office are located. According to the letter, the affiliate transaction would exceed ten percent of the bank’s capital stock and surplus and would cause the aggregate amount of the bank's covered transactions with all affiliates beyond 20 percent of the bank’s capital stock and surplus. Exceeding either of these thresholds would requires an exemption, but the OCC believed a waiver was appropriate given the anticipated reduction in the bank's operating costs. Moreover, the OCC reasoned that the exemption would fortify the bank's financial standing, enhancing its ability to improve the services it provides to customers and communities. The FDIC agreed and determined that an exemption would not pose an unacceptable risk to the Deposit Insurance Fund. For these reasons, the OCC approved the exception and permitted the purchase to move forward.
Freddie Mac standardizes down payment assistance programs
On December 4, Freddie Mac announced new, standardized mortgage documents aimed at of making down payment assistance (DPA) programs more accessible nationwide. According to Freddie Mac, the subordinate lien programs for DPA programs have been specific to particular housing finance agencies which created confusion. By standardizing these documents, Freddie Mac hopes to benefit lenders by making DPA programs more efficient.
To create the standardized documents, Freddie Mac partnered with Fannie Mae and state housing finance agencies. These documents will initially be available for 19 states, and eventually for all 50 states and the District of Columbia. These changes come in tandem with Freddie Mac’s new tool, DPA One®, to aggregate and showcase down payment assistance programs on a single platform.
District Court grants MSJ for debt collector in FDCPA case
On November 29, the U.S. District Court for the Eastern District of New York granted summary judgment in favor of a debt collector (defendant) under the FDCPA, holding that the defendant’s collection letter was not misleading.
According to the court’s order, the plaintiff and the defendant established a payment agreement over the phone, during which the representative mentioned to the plaintiff that the interest rate on the loan would be lowered to 5.99 percent, and that failure to make any of the 11 monthly payments could render the agreement void. Shortly after, the plaintiff received a letter from the defendant that conveyed essentially the same information. The defendant also provided the plaintiff with billing statements, including a statement indicating $11.14 in accumulated interest during the initial month in the payment plan. Additionally, the defendant sent the plaintiff a collection letter that outlined the monthly payment and total balance due. The collection letter contained a warning that interest, late charges, and other charges that may vary from day to day could result in a greater balance than the amount plaintiff owed as of the date of the letter. The plaintiff argued that the warning was contradictory to the concept of “fixed” payment plan, and thus was deceptive and misleading in violation of Section 1692e.
The court noted that it had previously dismissed an FDCPA case against the same defendant using similar language in the context of a debt settlement. In that case, the defendant provided both a disclaimer and the settlement offer, and the court held that including both in the same communication “does not automatically render the letter misleading ... [d]efendant accurately and unambiguously conveyed the agreed-upon monthly payment, total balance, and APR.” The court also reasoned that holding debt collectors liable for violating the FDCPA in such instances might discourage them from proposing debt settlement plans to consumers.
Mass AG proposes legislation to combat “junk fees”
On November 30, the Massachusetts Attorney General’s office proposed regulations to combat so-called “junk fee” practices and make business payment methods more transparent, according to this press release
The purpose of the new rules is to help define unfair and deceptive practices for imposing fees as well as establishing standards for automatic renewal or continuous service contracts. Under the proposed regulations, the following acts performed by a business would be considered an “unfair and deceptive practice”: failing to disclose the total price of a product; failing to disclose any fees, interest, charges, or other expenses related to a product; and failing to disclose the total price before requiring a consumer to provide any personal information. The proposed regulations also state that, for recurring fees and trial offers, companies must provide a means of contact so that a consumer may cancel and must offer a way for a consumer to terminate a trial period in the same way it was entered.
The AG’s office will be holding a public hearing on the proposal on December 20 and is accepting public comments until then. If enacted, Massachusetts would be only the second state (following California) to issue a rule specifically targeting “junk fees.”
District Court grants motion for summary judgment to DFPI in commercial financing disclosure case
On December 4, the U.S. District Court for the Central District of California granted the California DFPI’s motion for summary judgment which challenged the DFPI’s commercial financing regulations. According to the DFPI’s press release, the proposed regulations would require commercial financing providers to disclose key metrics to small businesses to help them understand their financing options, including the amount of funding provided, APR, finance charge, and payment amounts.
In their complaint, the plaintiffs argued that the regulations violated the First Amendment and were preempted by TILA. The court disagreed, holding that (1) the regulations do not violate the First Amendment under the test for compelled commercial speech since the required disclosures under the Regulations are “reasonably related” to substantial government interest and are not “unjustified or unduly burdensome”; and (2) because the CFPB made a “rational conclusion” that TILA does not preempt commercial financing regulations, the court would defer to the CFPB’s determination.