Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB Settles with Payment Processor and Mortgage Servicer over Deceptive Mortgage Advertisement Allegations
On July 28, the CFPB announced that a Colorado-based payment processor, along with a Virginia-based mortgage servicer, agreed to pay a total of $38.5 million to resolve allegations that both entities used misleading advertisements related to a mortgage payment program. The CFPB alleged that both entities advertised the “Equity Accelerator Program” as a program that would help consumers save on interest payments by making mortgage payments biweekly rather than monthly. However, according to the CFPB, the program failed to make the biweekly payments, and no more than a “tiny” percentage of consumers enrolled in the program benefitted from the promised savings. Under the terms of the consent orders, the payment processor agreed to provide $33.4 million in restitution to affected consumers and pay a $5 million civil money penalty. The mortgage servicer will pay a $100,000 civil money penalty. Both entities also agreed to ensure that any advertisements concerning the mortgage program’s benefits complied with federal law.
FDIC and California Department of Business Oversight Levy $140 Million Penalty Against California Bank for Ongoing BSA/AML Deficiencies
On July 22, the FDIC, along with the Commissioner of the California Department of Business Oversight (“DBO”), announced the assessment of a $140 million civil money penalty against a California state-chartered bank to resolve allegations that it failed to implement and maintain an adequate BSA/AML Compliance Program over an extended period of time. In 2012, the bank entered a consent order with the FDIC and the DBO (fka California Department of Financial Institutions), requiring that it “address the weaknesses and correct deficiencies” in its BSA and AML programs. According to the DBO, the bank has since failed to implement the corrective actions stipulated in the consent order, which required the bank to, among other things, (i) establish internal controls to “detect and report illicit financial transactions and other suspicious activities”; (ii) hire a qualified BSA officer and sufficient staff; (iii) provide adequate BSA training; and (iv) conduct effective independent testing. Additionally, since the 2012 consent order, the DBO and FDIC have discovered “new, substantial violations of the BSA and anti-money laundering mandates over an extended period of time.” Under terms of the joint order, the bank will pay $40 million to the DBO and $100 million to the Department of the Treasury to satisfy the full $140 million penalty.
On July 21, the CFPB announced a nearly $700 million settlement against a leading financial institution and its subsidiaries. According to the consent order, the Bureau alleges that the entities engaged in deceptive marketing, billing, and collection practices related to various credit card ancillary products, including debt protection and credit monitoring services. Specifically, the Bureau alleges that the institution or its vendors marketing practices, consisting of telemarketing calls, online enrollment, point-of-sale application, and direct enrollment at retailers, mislead consumers into enrolling for certain ancillary products. The Bureau further alleges that, in some instances, telemarketers failed to accurately disclose the cost and fees associated with the ancillary products. With respect to the unfair billing allegations, the Bureau contends that the institution or its vendors improperly charged consumers, without authorization, for services that were not rendered, and failed to provide full product benefits of the services marketed to consumers. In addition, the Bureau alleges that the institution misrepresented payment fee information to consumers by failing to disclose the actual purpose of the fee associated with making payments by phone on delinquent credit card accounts. Under terms of the settlement, the institution and its subsidiaries agreed to (i) provide $479 million in consumer relief related to its marketing practices; (ii) pay roughly $220 million in restitution related to its payments collection practices and for consumers not receiving the full benefits of services promised; and (iii) pay a $35 million civil money penalty.
In a parallel enforcement action, the OCC imposed a separate $35 million civil money penalty against the institution for engaging in similar practices, and requires the institution to strengthen its oversight of third-party vendors and develop a comprehensive risk management program for ancillary products marketed or sold by the bank.
CFPB and DOJ Reach $24 Million Settlement with Indirect Auto Lender to Resolve Discriminatory Pricing Allegations
On July 14, the CFPB and DOJ announced a $24 million settlement with an indirect auto lender to resolve allegations that the lender offered higher interest rates to minority borrowers compared to white borrowers with a similar credit risk profile. Specifically, both agencies contended that the lender allowed their partnering dealers excessive discretion to increase the lender’s base interest rate with a “dealer markup” on auto loan contracts, which resulted in discriminatory pricing. Under terms of the settlement, the lender agreed to, among other things, (i) pay $24 million in restitution to affected borrowers, (ii) impose dealer markup rate caps on auto loans, and (iii) improve its policies and procedures related to auto loan pricing and compensation program. Notably, the Bureau did not impose a civil money penalty due to the lender’s responsible conduct. The Bureau filed its consent order in an administrative enforcement action. In a separate announcement, the DOJ filed its complaint and consent order in federal court, which will require judicial approval. The lender was represented in the matter by BuckleySandler.
On July 14, New York Attorney General Eric Schneiderman announced two settlements with auto dealers over allegedly deceptive advertising practices. The first settlement was reached with a White Plains-based auto dealer that allegedly misled consumers by promoting, in its print and online ads, illusory sale and lease prices by including “discounts or rebates that were not available to most consumers, and thus, did not represent the actual sale or lease prices.” According to the Attorney General, rebates or discounts offered to “military” or “college graduates” were among the deceptive advertisements used by the auto dealer. An investigation by the AG’s Office revealed that the dealership would only make the rebates or discounts available to certain military personnel and recent college graduates. In addition to failing to comply with the Attorney General’s Advertising Guidelines for Automobile Dealers, the Attorney General alleged that the ads used footnotes and asterisks that contradicted or materially modified the principal message of the advertisements. The dealership will pay $32,500 to the state and has agreed to reform its advertising practices.
In a separate action, the Attorney General announced a settlement resolving allegations that 22 dealerships “persistently defrauded consumers with misleading promotions and fraudulent sales tactics.” According to the Attorney General’s office, the dealers’ advertisements included certain game cards that led consumers to believe that they would be guaranteed winners of certain items – such as cash, a free vehicle, or an Apple iPad – if they received a winning ticket containing three matching symbols. However, virtually none of the consumers won a prize when they brought in their winning tickets to the dealers. In addition to misleading game cards, the dealers were alleged to have charged unauthorized fees for vehicle maintenance plans that had not been requested by purchasers and to have upcharged the retail sales price on cars to effectively nullify discounts offered to consumers. Under the terms of the settlement agreement, the dealers will pay $310,000 in penalties and restitution.
On July 9, the FCC announced a $3.5 million settlement with carriers TerraCom, Inc. and YourTel America, Inc. to resolve an investigation into the exposure of personal information of over 300,000 of their customers online via unprotected servers used by their vendors to store customer information. The exposed information included names, addresses, Social Security numbers, driver’s licenses, and other pieces of sensitive information that were viewable by anyone with access to a search engine. Section 222(a) of the Communications Act imposes on carriers a duty to protect the confidentiality of “proprietary information of… customers” and the FCC Enforcement Bureau viewed this incident as a violation of that duty, as well as its duty under Section 201(b) to employ “just and reasonable” data security practices to protect the confidentiality of consumers’ proprietary information. Under the settlement, TerraCom and YourTel are required to (i) designate a senior corporate manager with certified privacy expertise, (ii) conduct a privacy risk assessment, (iii) put in place a written information security program and data breach response plan, (iv) maintain “reasonable oversight” of third-party vendors, and (v) offer privacy and security training. FCC-regulated entities should review their privacy and data security practices to ensure that they are taking appropriate steps to protect their customers’ proprietary information.
On July 9, U.S. Senators Jack Reed (D-RI) and Chuck Grassley (R-IA) introduced Senate bill 1730, the Stronger Enforcement of Civil Penalties Act of 2015 (SECPA), aimed at increasing the SEC’s ability to combat securities’ laws violations to better protect investors and bolster oversight and accountability. Specifically, the SECPA “increase[es] the statutory limits on civil monetary penalties, directly linking the size of these penalties to the scope of harm and associated investor losses, and substantially raising the financial stakes for repeat securities law violators.” In addition, the legislation calls for expanded penalty authority for violations of previously imposed injunctions or bars, and would categorize individual injunction violations as separate charges.
On July 7, the FTC entered into settlement agreements with two individuals and the entities they operate seeking to permanently restrict them from doing business in the consumer lending industry. According to the FTC’s complaint filed in September 2014, the defendants allegedly operated an online payday lending scheme using personal financial information purchased from third-party lead generators or data brokers to make unauthorized deposits and withdrawals into consumers’ bank accounts, regardless of whether or not the consumer applied for a payday loan. Once the loan proceeds were placed into the consumers’ accounts, the defendants would withdraw “finance charges” from the accounts on a recurring basis, but would not credit the loans’ principal balances for those payments. Collectively, the defendants issued $28 million in payday loans, and extracted over $46.5 million from consumers’ bank accounts over an 11-month period. In addition to being banned from the consumer lending industry, the proposed agreements also order the defendants to pay approximately $52 million in restitution (subject to certain conditions), dismiss any consumer debt that may be owed, and prohibit the defendants from reporting such debts to any credit reporting agency or benefiting from the collection of customers’ personal information.
CFPB, 47 State AGs, and District of Columbia Announce $216 Million Settlement to Resolve Credit Card Debt-Buying Investigation
On July 8, the CFPB along with 47 state attorneys general and DC announced an agreement with a major bank to resolve allegations that it sold faulty credit card “zombie debts” to third-party debt buyers, which included accounts with unlawfully obtained judgments, inaccurate or paid-off balances, and debts owed by deceased borrowers. The federal and state investigators also claimed that the bank filed deceptive debt-collection lawsuits against borrowers using robo-signed or illegally sworn affidavits to obtain false or inaccurate judgments for unverified debts. Under terms of the consent order, the bank agreed to, among other things, pay (i) $106 million to 47 state attorneys general, (ii) a $30 million civil money penalty to the CFPB, and (iii) provide at least $50 million in restitution to affected borrowers. The bank also agreed to cease collections on more than 528,000 accounts, and require that third-party debt buyers be prohibited from reselling debts purchased from the bank, unless they are sold back to the bank.
In a related announcement, the OCC imposed a $30 million civil money penalty over allegedly illegal non-home debt collection litigation practices and Servicemembers Civil Relief Act (SCRA) compliance practices. The OCC’s action stems from the bank’s practices related to the preparation and notarization of sworn documents used in debt litigation proceedings, and inadequate policies and procedures to ensure compliance with the SCRA.
Federal Reserve Orders Bank Holding Company to Strengthen its Firmwide Risk Management, Cites Capital Planning and Liquidity Risk Deficiencies
On July 7, the Board of Governors announced the execution of an enforcement action against a Boston-based bank holding company over deficiencies identified by the Federal Reserve Bank of Boston concerning the company’s governance, risk management, capital planning, and liquidity risk management operations. Pursuant to the Agreement, within 60 days of its execution the company must submit written plans detailing their efforts to strengthen board oversight of the company’s management and operations, bolster the risk management program, improve capital planning to match the company’s size and complexity, and strengthen liquidity risk management. No civil money penalty was imposed on the company.
- Kathryn L. Ryan and Jedd R. Bellman to discuss “Risk and compliance management: Are you covered?” at a Mortgage Bankers Association webinar
- Melissa Klimkiewicz and Daniel A. Bellovin to discuss “Things to know about flood insurance” at a NAFCU webinar
- Hank Asbill to discuss “Ethical issues at sentencing” at the 31st Annual National Seminar on Federal Sentencing
- Max Bonici will moderate a panel on “Enforcement risk and other regulatory and compliance issues related to crypto and digital assets” at the American Bar Association’s 2022 Annual Meeting
- John R. Coleman to provide a “CFPB Update” at MBA’s 2022 Regulatory Compliance Conference
- Amanda R. Lawrence to discuss “The shifting data privacy and data protection landscape” at MBA’s 2022 Regulatory Compliance Conference
- Jeffrey P. Naimon to provide “An update on key fair lending cases and the CRA and UDAAP rules” at MBA’s 2022 Regulatory Compliance Conference
- Benjamin W. Hutten to discuss “Fundamentals of financial crime compliance” at the Practicing Law Institute
- Benjamin W. Hutten to discuss “Ongoing CDD: Operational considerations” at NAFCU’s Regulatory Compliance & BSA Seminar
- James C. Chou to discuss ransomware at NAFCU’s Regulatory Compliance & BSA seminar
- Elizabeth E. McGinn, Benjamin W. Hutten, and James C. Chou to discuss “The Evolving Regulatory Landscape: Third-party and cyber risk management” at the 2022 mWISE Conference
- James T. Parkinson to present a “Global anti-corruption update” at IBA’s annual conference