InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Waters sends letter to HUD and others regarding appraisal bias
On February 22, Chairwoman of the House Financial Services Committee Maxine Waters (D-CA) sent a letter to HUD Secretary Marcia Fudge, the Appraisal Subcommittee, the Appraisal Foundation, and the Appraisal Institute regarding appraisal bias and discrimination. The letter, among other things, urged federal regulators and the Appraisal Institute to investigate appraiser misconduct and the possibility of illegal discrimination and highlighted “longstanding racial inequities plaguing America’s home valuation system, particularly in Black-majority communities and other communities of color,” according to the press release. In the letter, Waters noted that during her time with the House Financial Services Committee, the committee has “paid special attention to the racial inequities that continue to plague America’s home valuation system, including through home appraisals, despite the passage of anti-discrimination laws.” She further pointed to “qualitative research” from the National Fair Housing Alliance to shed light on “the ways in which individual appraisers and the appraisal profession help perpetuate systemic and overt racism, highlighting statements made by appraisers as well as policies and practices that continue to be upheld by an appraisal profession that is 97% White.” The letter also provided excerpts from an appraiser’s email as an example of discriminatory practices, in which Waters asserted, “shines a spotlight on the racist stereotypes and harmful lines of thinking prevalent in an industry which systematically devalues the homes of Black people and other people of color.” Waters noted that she will be drafting legislation “to address systemic appraisal discrimination,” recommended that the recipients of her letter conduct pertinent investigations, and urged them to respond to her letter accordingly. Waters also disclosed that the House Financial Services Committee “will convene hearings, advance legislation, and continue working with stakeholders to end housing discrimination and hold the appraisal industry fully accountable.”
State AGs investigate streaming service for privacy violations
On March 2, a coalition of state attorneys general, led by California Attorney General Rob Bonta, announced a nationwide investigation into a video streaming service regarding whether it is violating state consumer protection laws and putting children at risk by promoting its social media platform to children and young adults while its use is associated with physical and mental health harm to youth. According to the California AG, the investigation will examine the harm that the platform may cause to young users and what the platform knew about that harm, and will focus on, among other things, the techniques it utilized to boost young user engagement, including strategies or efforts to increase the duration of time spent on the platform and the frequency of engagement with the platform.
NYDFS will take expedited measures to enforce Russian sanctions
On March 2, New York Governor Kathy Hochul announced that NYDFS will increase its sanctions enforcement actions against Russia, including taking measures to expedite the procurement of blockchain analytics tools to detect exposure among regulated licensed virtual currency businesses to Russian individuals, banks, and other entities sanctioned by the Biden administration. “Accelerating the procurement process is a critical step to strengthen the Department's ability to enforce anti-money laundering and Bank Secrecy Act laws in this immediate crisis and beyond,” the announcement stated, explaining that “[l]everaging purpose-built technologies and service providers for virtual currency protects the financial system from illicit activity including money laundering, terrorist financing and ransomware activity.” NYDFS Superintendent Adrienne A. Harris added that monitoring transactions and exposure in real-time is imperative for preventing actors from attempting to evade sanctions through the transmission of virtual currency. The announcement follows NYDFS guidance on cybersecurity and virtual currency issued last week, which raised the specter of elevated cyber risk due to ongoing cyberattacks against Ukraine that could spill over to other networks, as well as potential direct attacks against U.S. critical infrastructure. (Covered by a Buckley Special Alert.) Governor Hochul also issued an Executive Order at the end of February, which directed all New York State agencies and authorities to review and divest public funds from Russia.
Florida house tries again on consumer privacy legislation
On March 2, the Florida house passed HB 9, which would, among other things, regulate the sale and sharing of consumers’ personal data and provide consumers the right to sue over alleged violations. This is the state’s latest attempt to pass comprehensive consumer privacy legislation. Last year, the Florida legislatures failed to reconcile differences in their bills before the session ended. Highlights of the bill (which include changes from last session’s versions) include:
- Applicability. The bill will apply to any entity meeting the definition of a controller, processor, or third party that buys, sells, or shares consumers’ personal information and (i) has global annual gross revenues exceeding $50 million; (ii) annually buys, receives, sells, or shares personal information of at least 50,000 consumers, households, or devices; or (iii) derives 50 percent or more of its global annual revenue from the selling or sharing of personal information. The bill sets forth numerous exemptions from its requirements, including personal information shared “with a financial service provided solely to facilitate short term, transactional payment processing for the purchase of products or services”; deidentified or aggregated personal information; data governed by certain federal, state, or local regulations or used to exercise or defend legal claims; certain personal information collected through a controller’s direct interaction with a consumer that is used to advertise or market products or services that are produced or offered directly by the controller; personal information used in the context of a consumer’s role or former role with the controller; specified protected health information; financial institutions covered by the Gramm-Leach-Bliley Act; personal information disclosed during intentional interactions or disclosed as part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of the controller; and personal information used to fulfill the terms of a written warranty, a product recall, or public- or peer-reviewed scientific or statistical research in the public interest.
- Consumer rights. Under the bill, consumers will be able to, among other things, access their personal data; request deletion or make corrections; and opt out of the sale or sharing of personal information to third-parties. Controllers will be required to deliver the requested information free of charge within 45-calendar days (a one-time additional 45-day extension may be granted), but are not required to provide personal information to a consumer more than twice in a 12-month period. Controllers will also be prohibited from selling or disclosing the personal information of minor consumers, except in certain circumstances. Additionally, the bill will provide controllers the ability to charge a consumer who exercises any of their rights under the bill “a different price or rate, or provide a different level or quality of goods or services to the consumer” provided the “difference is reasonably related to the value provided to the controller by the consumer’s data or is related to a consumer’s voluntary participation in a financial incentive program, including a bona fide loyalty, rewards, premium features, discounts, or club card program offered by the controller.” Financial incentives that are not unjust, unreasonable, coercive, or usurious may also be offered as long as consumers give prior consent and are allowed to revoke consent at any time. The bill further stipulates that contracts or agreements that waive or limit certain consumer rights are void and unenforceable.
- Disclosures. The bill will require controllers that collect consumers’ personal information to disclose certain information regarding data collection and selling practices to consumers at or before the point of collection. This information “may be provided through a general privacy policy or through a notice informing the consumer that additional specific information will be provided upon a certain request.” Additionally, processors or third parties must require any subcontractor to meet the same obligations with respect to personal information. Businesses also will be prohibited from collecting or using additional categories of personal information without first notifying consumers.
- Security. Under the bill, businesses will be required “to implement reasonable security procedures and practices” to protect consumers’ personal information.
- Private cause of action, right to cure. The bill will provide a private right of action to allow consumers to bring a civil action under certain circumstances for injunctive or declaratory relief, and establishes a damage amount of either statutory damages of at least $100 but not more than $750 per consumer per incident, or actual damages, whichever is greater. Consumers may obtain specific relief from businesses with annual gross revenues greater than $50 million. In lawsuits involving businesses with annual gross revenues exceeding $500 million, consumers also are permitted to recover attorneys’ fees and costs. Civil actions must be filed within one year after discovery of the violation. The Department of Legal Affairs is also authorized to take action against a controller, processor, or third party for unfair or deceptive acts or practices. Fines may be tripled if a violation involves consumers 18 years of age or younger, or if a controller, processor, or third party fails to cure the violation upon written notice within 45 calendar days.
If enacted in its current form, the bill would take effect January 1, 2023. The bill must be approved by the Florida senate and any differences reconciled before being sent to the governor.
OFAC, DOJ measures aim for stronger compliance with Russian sanctions
On March 2, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) and the DOJ announced new measures to strengthen compliance with Russia-related sanctions in response to the situation in Ukraine. OFAC observed that in the past few days, Russia has taken measures “to use exporters to act as their agents and help them raise resources to prop up their currency and fund their priorities.” In response, OFAC reiterated that such actions taken on behalf of Russia’s Central Bank are prohibited. Newly issued and updated frequently asked questions address enhanced sanctions compliance measures and further explain recent sanctions, including prohibitions imposed pursuant to Directive 4 under Executive Order (E.O.) 14024, “Prohibitions Related to Transactions Involving the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, and the Ministry of Finance of the Russian Federation.” (Covered by InfoBytes here.) Additionally, the updated FAQs clarify, among other things, that energy payments can and should continue. As explained in OFAC’s announcement, General License (GL) 8A permits “U-turn transactions” so that energy payments may be processed through non-sanctioned, third-country financial institutions to allow the continuation of transactions that support the flow of energy to the market. OFAC also issued new FAQs and general licenses (see GLs 9A, 10A, 13, and 14) related to E.O. 14065, “Blocking Property of Certain Persons and Prohibiting Certain Transactions With Respect to Continued Russian Efforts to Undermine the Sovereignty and Territorial Integrity of Ukraine” to further clarify the stipulated prohibitions.
The same day, the DOJ launched Task Force KleptoCapture, “an interagency law enforcement task force dedicated to enforcing the sweeping sanctions, export restrictions, and economic countermeasures that the United States has imposed, along with allies and partners,” in order to “isolate Russia from global markets.” “The Justice Department will use all of its authorities to seize the assets of individuals and entities who violate these sanctions,” Attorney General Merrick B. Garland stated. The Task Force will be staffed with DOJ prosecutors, agents, analysts, and professional staff with expertise in sanctions and export control enforcement, anticorruption, asset forfeiture, anti-money laundering, tax enforcement, national security investigations, and foreign evidence collection. According to the announcement, the Task Force will use data analytics, cryptocurrency tracing, foreign intelligence sources, and information from financial regulators and private sector partners to investigate and prosecute violations of new and future sanctions (both those related to the Ukraine invasion as well as those imposed for prior instances of Russian aggression and corruption), and “combat[] unlawful efforts to undermine restrictions taken against Russian financial institutions,” including prosecuting persons who attempt to evade know-your-customer and anti-money laundering measures. The Task Force will also target efforts to use cryptocurrency to launder foreign corruption proceeds and sanctions evasion and “us[e] civil and criminal asset forfeiture authorities to seize assets belonging to sanctioned individuals or assets identified as the proceeds of unlawful conduct.”
District Court rules apps’ terms of service hyperlinks were clear and conspicuous
On February 23, the U.S. District Court for the Eastern District of New York ruled that parties must arbitrate class claims concerning alleged fraudulent transactions on app users’ accounts. Plaintiffs—users of the defendants’ mobile payment platform who claimed that third parties fraudulently withdrew funds from their app accounts—alleged that the defendants’ inadequate dispute resolution process “improperly places the burden on the user to prove that a disputed transaction was unauthorized” in violation of the EFTA and N.Y. Gen. Bus. Law § 349. Defendants, however, countered that the plaintiffs agreed to arbitrate any disputes related to their app accounts, and moved to compel arbitration and dismiss the complaint. The court analyzed the applicable sign-up flows and ruled that in signing up for the apps, users agreed to unambiguous terms of service, which included an arbitration agreement presented in a clickable hyperlinked URL. The court rejected plaintiffs’ assertion that a reasonably prudent smartphone user would not think to click on the terms of service hyperlink, stating that the hyperlink for both apps provided reasonably clear and conspicuous interfaces. The court further found that the claims were subject to arbitration because plaintiffs’ specifically assented to the arbitration provisions and that the parties’ agreed to present any question of arbitrability to an arbitrator.
Treasury publishes risk assessments for money laundering, terrorist financing, and proliferation financing
On March 1, the U.S. Treasury Department published the 2022 National Risk Assessments on money laundering, terrorist financing, and proliferation financing, which highlight significant illicit finance threats, vulnerabilities, and risks facing the United States.
The 2022 National Money Laundering Risk Assessment found that “[c]riminals continue to use a wide range of money laundering techniques, including traditional ones, to move and conceal illicit proceeds depending on what is available or convenient to them.” Crimes generating the largest amount of laundered illicit proceeds in or through the U.S. include fraud, drug trafficking, cybercrime, human trafficking and smuggling, and corruption. The assessment found that continued and emerging money laundering risks involve, among other things, the persistent misuse of legal entities, a lack of transparency in certain real estate transactions, merchants and professionals that misuse their positions or businesses, and compliance and supervision weaknesses at some regulated U.S. financial institutions. Additionally, operators of virtual asset service providers (VASPs) are reminded that violating the Bank Secrecy Act or neglecting regulatory requirements, “such as failing to establish effective AML programs or report suspicious activities,” present vulnerabilities to the financial system.
The findings of the 2022 National Terrorist Financing Risk Assessment, according to the press release, included that, with respect to foreign terrorist groups, “the most common form of financial support from U.S.-based individuals continues to be the transfer of small sums (several hundred to tens of thousands of dollars) to facilitators outside of the U.S. working on behalf of ISIS and its affiliates, Al-Qaida and its affiliates, and Hizballah.” For the first time, the assessment also analyzed funding methods used to support domestic violent extremists.
The 2022 National Proliferation Financing Risk Assessment found that most significant proliferation finance threats are posed by the Democratic People’s Republic of Korea followed by Iran. These networks misuse correspondent banking relationships and create front/shell companies to facilitate financial activity and conduct trade, and they generate significant revenue from the maritime sector. The press release stated that the assessment further found that these networks are beginning to “increasingly exploit[] the digital economy, including through the systematic mining and trading of virtual assets, and the hacking of virtual asset service providers.” In the upcoming weeks, Treasury will release the 2022 National Strategy for Combatting Terrorist and Other Illicit Finance, which will be informed by the analysis contained in these risk assessments and will share recommendations for addressing these highlighted threats.
OFAC targets Russian wealth, imposes sanctions on Putin and Lavrov
During February and March, as conflict continued to escalate in Ukraine, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed significant new sanctions, including most recently designations targeting numerous Russian elites and their family members for continuing to provide direct and indirect support to the Russian government through their business empires, wealth, and other resources. (See also General License 15.) The sanctions also targeted six of the individuals companies, one of Russia’s largest privately-owned aircraft, and one of the world’s largest superyachts. The actions were taken in close coordination with the EU, UK, Canada, Japan, the ROK, and Australia as part of a “transatlantic effort to further deny Russian elites the benefits of their kleptocracy” and to ensure the effective implementation of recently announced financial sanctions. An additional 26 Russia- and Ukraine-based individuals and seven Russian entities connected with the Russian government’s efforts to promulgate disinformation and influence perceptions were also sanctioned by OFAC, while the Department of State imposed substantial costs on 22 Russian defense-related firms. OFAC also released three new Russian harmful foreign activities sanctions FAQs.
OFAC also imposed significant sanctions against the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, and the Ministry of Finance of the Russian Federation, as well as three entities that manage one of Russia’s key sovereign wealth funds: the Russian Direct Investment Fund, its management company, and one of the managing company’s subsidiaries. Sanctions were also imposed against Russian President Vladimir Putin and Minister of Foreign Affairs Sergei Lavrov, along with directors of the Foreign Intelligence Service, the Federal Security Service and the Federal Service of National Guard Troops, the interior minister, and other top government officials (see announcements here and here). As a result of the sanctions, all property and interests in property belonging to the sanctioned individuals and entities, and “any entities that are owned, directly or indirectly, 50 percent or more” by the blocked persons that are subject to U.S. jurisdiction are blocked and must be reported to OFAC. U.S. persons are prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license. The Financial Industry Regulatory Authority also sent a regulatory notice alerting members of recent sanctions-related developments and advising members to continue to monitor OFAC’s website for relevant information.
OFAC also issued Directive 4 under Executive Order (E.O.) 14024, which prohibits related transactions involving the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, and the Ministry of Finance of the Russian Federation, unless otherwise authorized by OFAC. Entities subject to Directive 4 can be found in OFAC’s updated list of Specially Designated Nationals or on OFAC's Non-SDN Menu-Based Sanctions List. Additionally, OFAC issued Russia-related General License 8A to authorize certain energy transactions with specified entities through 12:01 a.m. eastern daylight time, June 24, 2022.
OFAC further announced that it is adding regulations to implement E.O. 14024 related to specified harmful foreign activities of the Russian government (covered by InfoBytes here). OFAC stated it plans to supplement these regulations with a more comprehensive set of regulations that may include additional interpretive guidance and definitions, general licenses, and other regulatory provisions.
Additionally, President Biden, along with leaders of the European Commission, France, Germany, Italy, the UK, and Canada, issued a joint statement imposing further restrictive economic measures to further isolate Russia from the international financial system. The leaders agreed to block certain Russian banks from accessing the SWIFT global messaging system in order to harm the banks’ ability to operate globally and announced their commitment to “restrictive measures” against the Russian Central Bank to prevent the deployment of its international reserves in a manner that undermines the impact of these sanctions. The announcement further noted that the leaders plan to launch a transatlantic task force to ensure financial sanctions are effectively implemented through the identification and freezing of assets belonging to sanctioned individuals and companies that exist within their countries’ jurisdictions. Actions will include “employing sanctions and other financial and enforcement measures on additional Russian officials and elites close to the Russian government, as well as their families, and their enablers.”
Find continuing InfoBytes coverage on the U.S. sanctions response to Russia’s invasion of Ukraine here.
OFAC sanctions ISIS facilitators
On March 1, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13224 against four Islamic State of Iraq and Syria (ISIS) and ISIS-Mozambique financial facilitators based in South Africa for allegedly supporting the transfer of funds from the top of the ISIS hierarchy to branches across Africa or for serving as leaders of ISIS cells. As a result of the sanctions, all property and interests in property of the designated individuals within U.S. jurisdiction must be blocked and reported to OFAC. OFAC further noted that its regulations “generally prohibit” U.S. persons or persons within the United States from participating in transactions with the designated persons and warned foreign financial institutions that if they knowingly facilitate significant transactions for any of the designated individuals, OFAC may prohibit or impose strict conditions on the opening or maintaining of a U.S. correspondent account or payable-through account.
New Mexico caps interest rates on small-dollar loans at 36%
On March 1, the New Mexico governor signed HB 132, which amends certain provisions related to the state’s small dollar lending requirements. Among other things, the bill makes several amendments to the New Mexico Bank Installment Loan Act of 1959 (BILA) and the New Mexico Small Loan Act of 1955 (SLA) by raising the maximum installment loan amount to $10,000 and providing the following: (i) “no lender shall make a loan pursuant to the [BILA] to a borrower who is also indebted to that lender pursuant to the [SLA] unless the loan made pursuant to the [SLA] is paid and released at the time the loan is made”; (ii) only federally insured depository institutions may make a loan under the BILA with an initial stated maturity of less than one hundred twenty days; (iii) a lender that is not a federally insured depository institution may not make a loan under the BILA “unless the loan is repayable in a minimum of four substantially equal installment payments of principal and interest”; and (iv) lenders, aside from federally insured depository institutions, may not make a loan with an annual percentage rate (APR) greater than 36 percent (a specified APR increase is permitted if the prime rate of interest exceeds 10 percent for three consecutive months). When calculating the APR, a lender must include finance charges as defined in Regulation Z “for any ancillary product or service sold or any fee charged in connection or concurrent with the extension of credit, any credit insurance premium or fee and any charge for single premium credit insurance or any fee related to insurance.” Excluded from the calculation are fees paid to public officials in connection with the extension of credit, including fees to record liens, and fees on a loan of $500 or less, provided the fee does not exceed five percent of the loan’s total principal and is not imposed on a borrower more than once in a twelve-month period.
The act also expands the SLA’s scope on existing anti-evasion provisions to specify that a person may not make small dollar loans in amounts of $10,000 or less without first having obtained a license from the director. The amendments also expand the scope of the anti-evasion provisions to include (i) the “making, offering, assisting or arranging a debtor to obtain a loan with a greater rate of interest . . . through any method, including mail, telephone, internet or any electronic means, regardless of whether the person has a physical location in the state”; and (ii) “a person purporting to act as an agent, service provider or in another capacity for another entity that is exempt from the [SLA]” provided the person meets certain specified criteria, such as “the person holds, acquires or maintains, directly or indirectly, the predominate economic interest in the loan” or “the totality of the circumstances indicate that the person and the transaction is structured to evade the requirements of the [SLA].” Under the act, a violation of a provision of the SLA that constitutes either an unfair or deceptive trade practice or an unconscionable trade practice is actionable under the Unfair Practices Act.
The act also makes various amendments to a licensees’ books and records requirements to facilitate the examinations and investigations conducted by the Director of the Financial Institutions Division of the Regulation and Licensing Department. Failure to comply may result in the suspension of a license. Additionally, the act provides numerous amended licensing reporting requirements concerning the loan products offered by a licensee, average repayment times, and “the number of borrowers who extended, renewed, refinanced or rolled over their loans prior to or at the same time as paying their loan balance in full, or took out a new loan within thirty days of repaying that loan,” among other things. The act also outlines credit reporting requirements, advertising restrictions, and requirements for the making and paying of small dollar loans, including specific limitations on charges after judgment and interest.
The act takes effect January 1, 2023.