InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Oregon issues remote work guidance to licensed loan originators
On September 21, the Oregon Department of Consumer and Business Services filed permanent administrative order FSR 3-2022 with the Secretary of State to allow licensed loan originators and employees to work from home. Under the order, Oregon licensed mortgage loan originators “may originate loans from a location other than from a licensed branch office if the location is the licensed mortgage loan originator’s home; the licensed mortgage loan originator is an employee of a mortgage banker or mortgage broker; and the mortgage banker or the mortgage broker complies with OAR 441-860- 0040, as applicable.” Mortgage bankers or brokers must have in place appropriate policies and procedures to supervise licensees working from home, including data security measures to protect consumers’ personal data. Additionally, licensees working from home “are prohibited from engaging in person with consumers for loan origination purposes at the home of the loan originator or employee, unless the home is licensed as a branch.” Licensees may, however, “engage with consumers for loan origination purposes at the home of the loan originator or employee by means of conference telephone or similar communications equipment that allows all persons participating in the visitation to hear each other, provided that participation is controlled and limited to those entitled to attend, and the identity of participants is determinable and reasonably verifiable.” Licensees who work from home are also prohibited from keeping any physical business records at any location other than a licensed location, and must also ensure that all origination records are available at a licensed location.
California updates mortgage licensing requirements
On September 23, the California governor signed SB 1495. The bill, among other things (i) updates requirements that the assurances required as a condition of license renewal would be that the licensee had, during the preceding 2-year period, informed themselves of those developments; (ii) expands the scope of the crime of perjury, thereby imposing a state-mandated local program; (iii) refers to the Nationwide Mortgage Licensing System and Registry in the provisions of the Real Estate Law as the “Nationwide Multistate Licensing System and Registry”’; and (iv) for real estate broker license applicants, moves the component on state and federal fair housing laws to the real estate practice course instead of the legal aspects of real estate course, and delays the revision to the real estate practice course until 2024. The bill also updates definitions of “SAFE Act,” and “mortgage loan originator.” The bill is effective January 1, 2023.
3rd Circuit: Debt buyer not required to be licensed under Pennsylvania law
On September 19, the U.S. Court of Appeals for the Third Circuit affirmed a district court’s ruling in an FDCPA suit, finding that a defendant debt buyer was not required to be licensed under Pennsylvania law when it attempted to collect interest that had accrued at a rate of more than 6 percent under the original credit card agreement. According to the opinion, the plaintiff opened a credit card with a bank, which had an interest rate of 22.9 percent. The plaintiff defaulted on a debt he accrued on the card, and the debt was subsequently charged-off and sold by the bank to the defendant. The plaintiff argued that the defendant violated the FDCPA since the interest rate was limited by the Pennsylvania Consumer Discount Company Act (CDCA), which states that an unlicensed firm “in the business of negotiating or making loans or advances of money on credit [less than $25,000]” may not collect interest at an annual interest rate over 6 percent. The district court granted the defendant’s motion to dismiss, ruling that the defendant was entitled to collect interest above 6 percent because it held a license under a different state law.
On the appeal, the 3rd Circuit found that the CDCA applies to companies that arrange for or negotiate loans with certain parameters, and that there is nothing in the plaintiff’s amended complaint to suggest that the defendant is in the business of negotiating loans. The appellate court noted that the plaintiff’s allegations “indicate that [the defendant] purchases debt, such as [plaintiff’s] credit card account that [the bank had] charged off. But even with that allegation as a starting point, it is not reasonable to infer that an entity that purchases charged-off debt would also be in the business of negotiating or bargaining for the initial terms of loans or advances.” The appellate court further noted that “the amended complaint cuts against such an inference: it alleges that [the bank], not [the defendant], set the annual interest rate for [plaintiff’s] use of the credit card for loans and advances at 22.90%. Thus, with the understanding that negotiate means ‘to bargain’ and not ‘to transfer,’ [the plaintiff’s] allegations do not support an inference that [defendant] is in the business of negotiating loans or advances.”
District Court rules beneficiary bank without actual knowledge of wire transfer misdescription is not liable
On September 22, the U.S. District Court for the Middle District of Louisiana granted summary judgment to a defendant beneficiary bank in an action concerning a fraudulent wire transfer that was allegedly sent to a hacker instead of the intended recipient. According to the opinion, the originating bank executed a wire transfer on behalf of the commercial plaintiff to a supplier. However, a hacker had inserted false account information into the supplier’s email to the plaintiff, causing the plaintiff’s instruction to the originating bank to indicate the wrong account at the beneficiary bank. As a result, the funds were deposited by the beneficiary bank into an account for which the account number did not match its account name. A large sum of the plaintiff’s money was thereupon withdrawn by a hacker from the account into which the funds had been deposited. The plaintiff sued asserting several claims, including, negligence and gross negligence, violations of the EFTA and the Louisiana’s Uniform Commercial Code (UCC), and aiding fraud. After all the claims except for the UCC claim were dismissed, the defendant moved for summary judgment on the grounds that it did not violate the UCC “because it did not have actual knowledge that the wire transfer at issue misdescribed the beneficiary prior to payment of the wire transfer as contemplated by that statute.”
The court ruled that based on the evidence, no reasonable juror could find that the defendant had actual knowledge of the misdescription at the time it made the transfer, explaining that the defendant did not have actual knowledge that a hacker had accessed the plaintiff’s wire transfer order, provided false instructions, and changed the target account number to its own. The court stated that under Louisiana law, a bank’s liability for completing a wire transfer that misidentifies a beneficiary or account number depends on whether it has “actual knowledge prior to payment that there was a misdescription of a beneficiary”—constructive knowledge is not actionable, the court said. The defendant also did not have actual knowledge of the misdescription prior to the payment, but rather acquired actual knowledge of the misdescription roughly two weeks later when the originating bank alerted the defendant of the alleged fraud. The court further contended that under Louisiana law a beneficiary bank that uses a fully automated payment system for wire transfers is allowed “to act on the basis of the number without regard to the name if the bank does not know that the name and number refer to different persons.”
Ranking House members seek information from the CFPB
On September 20, House Financial Services Committee Ranking Member Patrick McHenry (R-NC) and House Oversight and Reform Committee Ranking Member James Comer (R-KY) sent a letter to CFPB Director Rohit Chopra asking him to provide information to Congress regarding the authorities delegated to the Bureau that justify its current and upcoming regulatory actions. According to the letter, McHenry and Comer point to the U.S. Supreme Court’s decision in West Virginia vs. EPA, which “invoked the ‘major questions doctrine’ to reject an attempt by the EPA to exceed its statutory authority.” The letter further explained that “[u]nder this doctrine, an agency must point to ‘clear congressional authorization for the authority it claims.’” The EPA could not identify such an authorization, according to McHenry and Comer, and the court further rejected the EPA’s attempt to exceed its statutory authority. The letter stated that “clear delegation of authority contemplated by the Court is not limited to just rulemaking but extends to other agency actions.” McHenry and Comer proceeded to list director-driven “initiatives” that they claim, “circumvent not only Congressional intent, but the Administrative Procedure Act.” They further requested that the Bureau provide a list of all actions that CFPB intends to take during the remainder of 2022, and “[a] list of all expected actions, including but not limited to major rulemaking, staff guidance, advisory opinions, interpretive rules, and the specific Congressional authority for each rulemaking,” by September 30. McHenry and Comer concluded the letter by noting that both committees intend to exercise “robust investigative and legislative powers,” and seek to assert Congress’ Article I responsibilities to ensure that neither the director nor the Biden administration “continue to exceed Congressional authorizations.”
Treasury discusses future of digital assets, says CBDC may take years
On September 23, the U.S. Treasury Department’s Under Secretary for Domestic Finance Nellie Liang discussed ways in which digital assets could alter the future of money and payments in the U.S. Speaking at the Brookings Institution, Liang highlighted recommendations presented in an agency report released earlier in September as part of President Biden’s Executive Order on Ensuring Responsible Development in Digital Assets (covered by InfoBytes here). The report, Crypto-assets: Implications for Consumers, Investors, and Businesses, outlined several significant areas of concern, including “frequent instances of operational failures, market manipulation, frauds, thefts, and scams.” The report advised federal agencies, including the CFPB, SEC, CFTC, and DOJ, to (i) continue to aggressively pursue enforcement actions focused on the crypto-asset sector; (ii) clarify existing authorities to ensure they are appropriately applied to crypto-assets; (iii) coordinate efforts to increase compliance; and (iv) take collaborative measures to improve the quality of information about crypto-assets for consumers, investors, and businesses.
Liang also commented on the potential benefits of adopting a U.S. central bank digital currency (CBDC), “such as preserving the uniformity of the currency, or providing a base for further innovation,” but warned that further research and development on the technology needed to support such a currency may take years. “There are many important design choices that would require additional consideration,” Liang said, stating, for example, “a retail CBDC would be broadly available to the public, while a wholesale CBDC would be limited to banks and other financial institutions.” Liang said Treasury plans to lead an inter-agency working group to advance further work on a possible CBDC and “consider the implications of CBDC in areas such as financial inclusion, national security and privacy.”
Liang also discussed other recommendations made in the report related to the possible establishment of a federal regulatory framework for nonbank providers of payment services. “A federal framework could provide a common floor for minimum financial resource requirements and other standards that may exist at the state level,” Liang pointed out. “It also would complement existing federal [anti-money laundering/combating the financing of terrorism] obligations and consumer protection requirements that apply to nonbank payment providers,” and “could work in conjunction with a U.S. CBDC or with instant payment systems.” She also commented on Treasury’s work to develop a faster, cheaper cross-border international payment system and noted the agency will consider potential risks, such as privacy and human rights considerations.
District Court grants partial summary judgment to debt collector in credit reporting and debt collection action
On September 21, the U.S. District Court for the District of Maryland partially granted a defendant debt collector’s motion for summary judgment in a credit reporting and debt collection action. The plaintiff disputed debt related to two electric bills for two different residences that were eventually combined into one account. After the plaintiff informed the electric company that she would not be paying the bill, the debt was eventually referred for collection to the defendant. The plaintiff disputed the debt, and the defendant conducted an investigation. The plaintiff continued to contend that the defendant was certifying the debt without proof and claimed the defendant’s agents called her a liar and incorrectly asserted that she had not made payments. The defendant argued that it was entitled to summary judgment on the plaintiff’s FCRA and FDCPA claims, contending, among other things, that FCRA 1681e(b) “expressly applies to [credit reporting agencies] and not to furnishers.”
The court first reviewed the plaintiff’s FCRA claims as to whether the defendant conducted a reasonable investigation. The court stated that the plaintiff bore the burden to establish whether the defendant failed to conduct a reasonable investigation, and noted that because she failed to provide certain evidence to the defendant “there is no genuine dispute that the investigation conducted by [defendant] was not unreasonable” or that the defendant reported accurate information to the CRAs about the debt. With respect to some of the FDCPA claims, the court denied the defendant summary judgment on the basis that the plaintiff created a genuine dispute about whether the defendant violated § 1692d (the provision prohibiting a debt collector from engaging in harassment or abuse). According to the opinion, evidence suggests that the defendant’s agents incorrectly informed the plaintiff that she had never made a payment on one of the accounts, called her a liar when she protested this information, and used a “demeaning tone” in their communications. “[A] reasonable jury could conclude that the language would have the natural consequence of abusing a consumer relatively more susceptible to harassment, oppression, or abuse,” the court wrote.
Additionally, the court ruled on Maryland state law claims introduced in the plaintiff’s opposition to summary judgment. The court ruled against her Maryland Consumer Debt Collection Act claim regarding the alleged use of abusive language, writing that the agents were not “grossly abusive” and that the plaintiff failed to generate a genuine dispute on this issue. Nor did the plaintiff show a genuine dispute as to whether the debt was inaccurate or that the defendant knew the debt was invalid. The court also entered summary judgment in favor of the defendant on the plaintiff’s Maryland Consumer Protection Act and Maryland Collection Agency Licensing Act claims.
OFAC issues Iran GL and related FAQs
On September 23, the U.S. Treasury Department issued Iran General License D-2, General License with Respect to Certain Services, Software, and Hardware Incident to Communications General License (GL), to add further authorizing guidance in line with changes in modern technology since the issuance of Iran GL D-1. According to Treasury, the Iranian government cut off Internet access for most of its citizens to prevent the viewing of its violent crackdown on peaceful protestors, provoked by the death of an individual in the custody of Iran’s Morality Police. Treasury further noted that the U.S. supports “the free flow of information and access to fact-based information to the Iranian people.” Highlights of the extended GL includes, among other things: (i) additional covered categories of software/services; (ii) additional authorization for the services that support the communication tools to assist ordinary Iranians in resisting repressive internet censorship and surveillance tools deployed by the Iranian regime; and (iii) the continued authorization of anti-virus and anti-malware software, anti-tracking software, mobile operating systems and related software, and anti-censorship tools and related software. The GL is effective immediately. The same day, Treasury published three frequently asked questions, which clarify GL D-2 and other information on Iran sanctions.
OFAC sanctions Iran’s Morality Police and senior security officials for human rights violence
On September 22, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13553 against Iran’s Morality Police along with seven senior leaders who oversee Iran’s security organizations. These designations were taken in response to recent abuse and violence against Iranian women and violence against peaceful protestors and members of Iranian civil society, among others. “Today’s action to sanction Iran’s Morality Police and senior Iranian security officials responsible for this oppression demonstrates the Biden - Harris Administration’s clear commitment to stand up for human rights, and the rights of women, in Iran and globally,” Secretary of the Treasury Janet Yellen said.
As a result of the sanctions, all property and interests in property belonging to the sanctioned persons that are in the U.S. or in the possession or control of U.S. persons must be blocked and reported to OFAC. U.S. persons are also prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, and “persons that engage in certain transactions with the individuals or entities designated today may themselves be exposed to designation,” OFAC said. Additionally, OFAC warned that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”
CFTC orders unregistered respondents to pay $250,000 for CEA violations
On September 22, the CFTC announced a settlement with a cryptocurrency business and its founders (collectively, respondents) for allegedly violating the Commodity Exchange Act (CEA), Commission regulations, and Bank Secrecy Act compliance requirements. According to the CFTC, the respondents allegedly “designed, deployed, marketed, and made solicitations concerning a blockchain-based software protocol that accepted orders for and facilitated margined and leveraged retail commodity transactions.” The protocol allowed users to leverage positions, where the value was determined by the price difference between two digital assets from the time the position was established to the time it was closed. The protocol, according to the CFTC, “purported to offer users the ability to engage in these transactions in a decentralized environment.” The CFTC found that the respondents were not registered with the CFTC and had engaged in unlawful activities that could only be lawfully performed by a registered designated contract market and other activities that could only lawfully be performed by a registered futures commission merchant (FCM). Additionally, the respondents did not comply with the Bank Secrecy Act when they failed to conduct know-your customer diligence on their customers as part of a customer identification program, as required of FCMs. The order requires the respondents to pay a $250,000 civil monetary penalty and to cease and desist from further violations of the CEA and CFTC regulations. Simultaneously, the CFTC filed a complaint in the U.S. District Court for the Northern District of California charging a decentralized autonomous organization and successor to the cryptocurrency business that operated the same software protocol with violating the same laws as the respondents. The CFTC is seeking restitution, disgorgement, civil monetary penalties, trading and registration bans, and injunctions against further violations of the CEA and CFTC regulations.
The same day, CFTC Commissioner Summer K. Mersinger published a dissenting opinion, stating that though she does “not condone[s] individuals or entities blatantly violating the CEA or our rules,” we “cannot arbitrarily decide who is accountable for those violations based on an unsupported legal theory amounting to regulation by enforcement while federal and state policy is developing.” She further argued that there is no provision in the CEA that holds members of a for-profit unincorporated association personally liable for violations of the CEA or CFTC rules committed by the association based solely on their membership status.