Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On October 18, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include civil money penalty orders, prompt corrective action directives, removal and prohibition orders, and terminations of existing enforcement actions against individuals and banks. Included among the actions is a $100,000 civil money penalty issued against a Louisiana-based bank for an alleged pattern or practice of violations of the Flood Disaster Protection Act and its implementing regulations. The list also includes a $30 million consent order issued against a national bank for allegedly violating the statutory holding period for other real estate owned (previously covered by InfoBytes here).
On October 16, Maxine Waters, Chairwoman of the House Financial Services Committee, released a majority staff report titled, “Settling for Nothing: How Kraninger’s CFPB Leaves Consumers High and Dry,” which details the results of the majority’s investigation into the CFPB’s handling of consumer monetary relief in enforcement actions since Richard Cordray stepped down as director in November 2017. The report argues that, under the leadership of Acting Director Mick Mulvaney and Director Kathleen Kraninger, the Bureau’s enforcement actions “have declined in volume and failed to compensate harmed consumers adequately.” Specifically, the report states that under Cordray’s leadership, “the average enforcement action by the [Bureau] returned $59.6 million to consumers, as compared to an average $31.4 million per action under Mulvaney,” but notes that $335 million of the $345 million in consumer relief obtained during Mulvaney’s tenure resulted from one settlement with a national bank (previously covered by InfoBytes here). With respect to Director Kraninger, the report acknowledges that the pace of enforcement actions increased compared to Mulvaney; however, the Bureau ordered “only $12 million in consumer relief” during her first six months, as compared to “approximately $200 million in consumer relief” during a similar six months of Cordray’s tenure.
The report highlights specifics from the investigation into settlements announced in early 2019, which resulted in civil penalties but not consumer monetary relief. The report argues that, based on the review of the internal documents received from the Bureau, the lack of consumer relief was due to the “politicization of the [Bureau],” which “contributed to the decline in the [Bureau]’s enforcement activity” rather than the merits of the enforcement actions, notwithstanding that the internal documents reflect the assessment of certain weaknesses in the Bureau’s positions. The report attributes such politicization to the introduction of political appointee positions throughout the Bureau that oversee each of the divisions. The report concludes by urging Congress to pass the Consumers First Act (HR 1500), which, among other things, seeks to limit the number of political appointees at the Bureau.
On October 11, the OCC announced that a national bank has agreed to pay a $30 million civil money penalty to resolve allegations relating to the holding period of other real estate owned (OREO). According to the OCC’s consent order, the bank violated the statutory holding period for OREO. (See previous InfoBytes coverage on OCC OREO regulations here.) The OCC asserted that the bank’s processes and controls for identifying and monitoring the OREO holding period were deficient, and following an investigation it determined the bank allegedly “failed to meet its commitment to implement corrective actions, resulting in additional violations.” While the OCC noted that it will continue to monitor the bank’s corrective actions, it determined that the bank’s implementation of effective policies and procedures to ensure OREO compliance over the last 12 months has “significantly reduced its inventory of OREO assets.”
On October 8, the CFPB issued its Dodd-Frank mandated semi-annual report to Congress covering the Bureau’s work from October 1, 2018 to March 31, 2019. In presenting the report, Director Kathy Kraninger stressed that the Bureau will continue to use the tools provided by Congress to protect consumers, including “vigorous and even-handed enforcement” with a focus on prevention of harm. Kraninger also reiterated her commitment “to strengthening the consumer financial marketplace by providing financial institutions clear ‘rules of the road’ that allow them to offer consumers a range of high-quality, innovative financial services and products.” Among other things, the report analyzed significant problems consumers face when obtaining consumer financial products and services, assessed actions taken by state attorneys general or state regulators relating to federal consumer financial law, and provided a recap of supervisory and enforcement activities.
While the Bureau did not adopt any significant final rules or orders during the preceding year, it did issue two significant notices of proposed rulemaking relating to certain payday lending requirements under the agency’s 2017 final rule covering “Payday, Vehicle Title, and Certain High-Cost Installment Loans.” (See previous InfoBytes coverage here.) The Bureau also adopted several “less significant rules,” and engaged in significant initiatives concerning, among other things, (i) the disclosure of loan-level HMDA data; (ii) Residential Property Assessed Clean Energy proposed rulemaking; (iii) an assessment of significant rules, including the Remittance Rule, the Ability to Repay/Qualified Mortgage Rule, and the RESPA Mortgage Servicing Rule; (iv) trial disclosure programs; (v) innovation policies related to no-action letters and product sandbox and trial disclosure programs; and (vi) suspicious activity reports on elder financial exploitation.
On October 4, the FTC announced that the U.S. District Court for the District of Utah granted a temporary restraining order against a Utah-based company and its affiliates (collectively, “defendants”) for allegedly using deceptive marketing to persuade consumers to attend real estate events costing thousands of dollars. According to the complaint, filed by the FTC and the Utah Division of Consumer Protection, the defendants violated the FTC Act, the Consumer Review Fairness Act (CRFA), and Utah state law, by marketing real estate events with false claims, using celebrity endorsements. The defendants allegedly told consumers they will (i) earn thousands of dollars in profits from real estate investment “flips” by using the defendants’ products; (ii) receive 100 percent funding for their real estate investments, regardless of credit history; and (iii) receive a full refund if they do not make “‘a minimum of three times’” the price of the workshop within six months. The complaint argues that these statements are false or unsubstantiated, and that consumers seeking refunds from the defendants often only received a partial refund on the condition they would not speak to the FTC or other state regulators about the defendants’ products. Among other things, the temporary court order prohibits the defendants from continuing to make unsupported marketing claims and from interfering with consumers’ ability to review their products.
On September 30, the OCC issued updates to four booklets of the Comptroller’s Handbook: Bank Supervision Process, Community Bank Supervision, Federal Branches and Agencies Supervision, and Large Bank Supervision. Among other things, the updates include (i) the interim final rule for the expanded 18-month supervisory cycle for certain institutions (covered by InfoBytes here); (ii) a revised OCC report of examination policy based on the revised Federal Financial Institutions Examination Council report of examination policy; (iii) the revisions to the OCC’s enforcement action policies (covered by InfoBytes here); and (iv) changes to the OCC’s credit underwriting assessment.
On September 27, the FDIC announced its release of a list of administrative enforcement actions taken against banks and individuals in August. According to the press release, the FDIC issued 13 orders, which include “four consent orders; one removal and prohibition order; four civil money penalty orders; two terminations of consent orders; and five section 19 orders.” Notably, the FDIC assessed a civil money penalty against a Texas-based bank for alleged violations of the Flood Disaster Protection Act, including failing to (i) obtain flood insurance coverage on loans at the time of origination, increase, extension, or renewal; (ii) maintain flood insurance coverage for the term of a loan; (iii) follow force-placement flood insurance procedures; or (iv) provide borrowers with notice of the availability of federal disaster relief assistance “in all cases whether or not flood insurance is available under the [National Flood Insurance Act] for the collateral securing the loan.”
On September 25, the CFPB filed a complaint in the U.S. District Court for the District of Maryland against a debt collection entity, its subsidiaries, and their owner (collectively, “defendants”) for allegedly violating the Fair Credit Reporting Act (FCRA), Fair Debt Collection Practices Act (FDCPA), and the Consumer Financial Protection Act (CFPA). In the complaint, the Bureau alleges that the defendants violated the FCRA and its implementing Regulation V by, among other things, failing to (i) establish or implement reasonable written policies and procedures to ensure accurate reporting to consumer-reporting agencies; (ii) incorporate appropriate guidelines for the handling of indirect disputes in its policies and procedures; (iii) conduct reasonable investigations and review relevant information when handling indirect disputes; and (iv) furnishing information about accounts after receiving identity theft reports about such accounts without conducting an investigation into the accuracy of the information. The Bureau separately alleges that the violations of the FCRA and Regulation V constitute violations of the CFPA. Additionally, the Bureau alleges that the defendants violated the FDCPA by attempting to collect on debts without a reasonable basis to believe that consumers owed those debts. The Bureau is seeking an injunction, damages, redress to consumers, disgorgement, the imposition of a civil money penalty, and costs.
In September, the CFPB published documents related to an investigation into whether a national bank opened credit card accounts without customer authorization in violation of various federal laws and regulations, including the Fair Credit Reporting Act and the Consumer Financial Protection Act’s ban on unfair or abusive practices. In March 2019, the Bureau issued a civil investigative demand (CID) to the bank seeking, among other things, “a tally of specific instances of potentially unauthorized credit card accounts,” as well as a manual assessment of card accounts that were never used by the customer. The bank argued in its petition to modify or set aside the CID that it had already provided information to regulators showing that it did not have a “systemic sales misconduct issue,” and cited to the OCC’s broad review into sales practice issues at mid-size and large national banks, which has not, according to the bank, identified systemic issues with bank employees opening unauthorized accounts without consumer consent. Among other things, the bank also contended that the CID was unduly burdensome—requiring manual account-level assessments—and said the CFPB should end its investigation because the facts “refute an investigation’s initial hypothesis.” The bank further argued that the inquiry into its sales practices should be conducted by CFPB supervisory staff instead of as an enforcement investigation, which would be “the proper mechanism for resolving any remaining issues when an investigation fails to uncover evidence warranting [e]nforcement action.”
Concerning the bank’s argument that the CID was unduly burdensome, the Bureau stated in its order denying the petition that the bank had failed to “meaningfully engage” with the Bureau during the course of the investigation in a way that merited modification to the terms of the CID. Moreover, with regard to whether the investigation should be conducted by supervisory staff, the Bureau countered that “[t]his is not a request properly made in a petition to modify or set aside a CID, for the same reasons that it is not proper to use a CID petition to ask that the Bureau close an investigation because (in the recipient’s view) it has already shown that it engaged in no wrongdoing.”
On September 12, the CFTC issued an order against an Illinois-based futures commission merchant imposing a $1.5 million fine for allegedly failing to protect its systems from cybersecurity threats and not alerting its customers in a reasonable timeframe after a breach occurred. According to the order, the CFTC claims the merchant failed to adequately implement and comply with cybersecurity policies and procedures as well as a written information systems security program, and “policies and procedures related to customer disbursements by its employees.” The CFTC contends that because of these failures the merchant’s email system was breached, which allowed access to customer information and convinced the merchant’s customer service specialist to mistakenly wire $1 million in customer funds. While the merchant approved reimbursement of the funds shortly after discovery, instituted measures to prevent additional fraudulent transfers, and notified regulators the same day, the CFTC alleges it failed to disclosure the breach or the fraudulent wire in a timely manner to current or prospective customers. Under the terms of the order, the merchant must pay a civil money penalty of $500,000 plus post-judgment interest, as well as restitution of $1 million. The merchant’s previous reimbursement of customer funds when the fraud was discovered was credited against the restitution amount.
- Amanda R. Lawrence discussed "GLBA exemptions in consumer finance - clarifying the effects of using GLBA as a yardstick" at the American Financial Services Association Annual Meeting
- Michelle L. Rogers to discuss "What's trending in enforcement" at the Mortgage Bankers Association Annual Convention & Expo
- Kathryn L. Ryan and Moorari K. Shah to discuss "Today's regulatory environment - Are you in the know?" at the Equipment Leasing and Finance Association Annual Convention
- Buckley Webcast: Smoke and mirrors: Navigating the regulatory landscape in banking the marijuana industry
- H Joshua Kotin to discuss "CMS - Components of a successful monitoring program" at the RegList Annual Workshop
- Tim Lange to discuss "Temporary authority to operate - Are you prepared? Hear what the states are doing" at the RegList Annual Workshop
- Sherry-Maria Safchuk to discuss "Cybersecurity" at the RegList Annual Workshop
- Jonice Gray Tucker and Amanda R. Lawrence to discuss "Consumer Regulatory, Enforcement, and Litigation Trends" at the American Bankers Association General Counsel Meeting
- Jeffrey P. Naimon to discuss "Hot topics in mortgage origination" at the Conference on Consumer Finance Law Annual Consumer Financial Services Conference
- Sherry-Maria Safchuk to discuss "CCPA: Countdown to compliance – A discussion of common questions and what is next on the CA privacy horizon" at the Conference on Consumer Finance Law Annual Consumer Financial Services Conference
- Jonice Gray Tucker to discuss "Fintech regulatory developments, crypto-assets, blockchain and digital banking, and consumer issues" at the Practising Law Institute Banking Law Institute
- Daniel P. Stipano to discuss "Adapting to the rapidly changing compliance landscape involving marijuana and marijuana-related businesses" at an ACAMS webinar
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference