Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Special Alert: CFPB Announces First Determination Of A Petition to Modify Or Set Aside A Civil Investigative Demand
On September 20, the Consumer Financial Protection Bureau issued its first Decision and Order on a petition to modify or set aside a civil investigative demand (CID). The petition challenged a CID issued to a non-bank mortgage servicer (the Company) seeking responses to 21 interrogatories and 33 document requests. CFPB Director Richard Cordray denied the petition in its entirety and ordered the Company to comply with the CID within 21 days. In addition to ruling on the substantive issues relevant to the petition, the Decision and Order demonstrates the importance of including detailed and specific objections in any petition to modify or set aside a CID and the crucial role of the meet-and-confer sessions.
The CID, served on May 22, was issued in connection with the Bureau’s investigation regarding whether ceding premiums from private mortgage insurance companies to captive reinsurance subsidiaries of certain mortgage lenders violates section 8 of the Real Estate Settlement Procedures Act (RESPA). In the petition filed on June 12, the Company argued among other things that the CID (i) did not state the nature of the conduct under the investigation; (ii) was overly broad, unduly burdensome, and irrelevant; and (iii) requested materials going back more than 11 years when RESPA’s statute of limitations was 3 years and the CFPB’s enforcement power cannot be predicated on acts prior to July 21, 2010.
In denying the petition, the Bureau began by explaining that CIDs play a “crucial role” in the Bureau’s ability to carry out its duty to enforce consumer financial laws. It stated that the purpose of CIDs are to “close the [information] gap” between the Bureau and the subject company and/or individual in order for the Bureau to determine whether the investigation is worth pursuing, and if so, to what extent.
The CFPB then set forth the standard it will use to consider and resolve petitions to modify or set aside CIDs, adopting the deferential standard of review relied upon by Circuit Courts of Appeals in proceedings to enforce administrative subpoenas. That standard provides that a CID will be enforced if it satisfies the following requirements: (i) the investigation is for a lawfully authorized purpose; (ii) the information requested is relevant to the investigation; and (iii) procedural requirements are followed. If the Bureau establishes these factors, the CID will be enforced unless the petitioner demonstrates the CID imposes an “undue burden” or constitutes an abuse of process.
With respect to the Company’s first issue, that the CID failed to state the nature of the conduct at issue, the Company argued that the CID’s description of the purpose of the investigation was so broad as to encompass every aspect of mortgage lending, and thus did not satisfy the notice requirement established by the Dodd-Frank Act. The Bureau rejected this contention and found that “notice was provided from the outset and repeatedly thereafter” beginning as early as January 3 and through to May 22 in the CID’s “Notification of Purpose.” In support of this finding, the CFPB cited cases standing for the proposition that the subject matter of investigations can be provided generally.
With respect to the Company’s assertion that the CID was an overly broad and unduly burdensome fishing expedition, the Bureau noted that the petition “offered little or no detail to make the kind of showing required to substantiate these claims.” It explained that in order to meet its legal burden, the petitioner needed to show the specific nature and the magnitude of the hardship and state specifically how compliance will harm its business. The Bureau further noted that it already had made substantial modifications to the CID through the meet-and-confer process, and the Bureau’s enforcement team had stated that it was willing to consider other potential limitations.
Finally, with respect to the Company’s objection that the CID sought documents, items, and information exceeding the applicable limitations period, the CFPB maintained that the relevant issue was not whether the information itself was actionable but rather whether that information was relevant to conduct that was actionable. It cited other authority which allowed discovery beyond the statute of limitations and noted the importance of collecting relevant information in order to accurately and completely investigate a matter.
Petitioning a newly-founded government agency in unchartered territories always is a difficult exercise. With the increasing number of CFPB investigations and enforcement actions, that exercise will become even more challenging. In light of the Bureau’s first determination of a petition to modify or set aside a CID, potential CID recipients will be left to wonder: how is the CFPB likely to respond to future petitions of this type? Given its precedential value for potential petitioners, it is important to determine what, if anything, can be gleaned from the CFPB’s determination.
First, the Bureau makes clear that it is incumbent on petitioners to be specific in their objections to a CID. Petitioners must specifically describe the burdens that supplying requested information imposes on the company and how the information sought is irrelevant to the investigation. In fact, the Bureau criticized the petition’s use of “general objections” and summarily dismissed the arguments associated with those objections.
Second, given the deferential standard of review which will be applied to such petitions, the meet-and-confer sessions take on increased importance. The meet-and-confer session is intended as an opportunity to narrow the scope of the requests and close the information gap between the CFPB and the subject of the investigation. As a prerequisite to filing a petition, CID recipients are obligated to confer with the Bureau in a good-faith effort to resolve issues and concerns. In fact, the CFPB’s Rules of Investigations provide that “[t]he Bureau will not consider petitions to set aside or modify civil investigative demands unless the recipient has meaningfully engaged in the meet and confer process described in this subsection and will consider only issues raised during the meet and confer process.” 12 C.F.R. part 1080.6(c)(3) (emphasis added). While the CFPB did not decide whether the Company met this obligation, the Bureau did express its concern to future parties about the importance of approaching this obligation affirmatively and engaging in “a productive discussion that can resolve issues or concerns more effectively.”
On September 24, the CFPB announced that it resolved an investigation initiated by the FDIC and subsequently joined by the CFPB into telephone sales of certain ancillary or “add on” products marketed and sold by a major credit card issuer. The products related to (i) payment protection, (ii) credit monitoring, (iii) identity theft protection, and (iv) protection in the event of wallet loss. Pursuant to the Joint Consent Order released by the CFPB, the bank will pay a $14 million penalty and provide approximately $200 million in restitution to eligible consumers who purchased one or more ancillary products over a period of approximately four years. The order also calls for certain changes to the bank’s marketing and sales practices in connection with the products. During a press call to announce the consent order, CFPB Director Richard Cordray explained that the CFPB “expect[s] that more such actions will follow.” The CFPB is publishing the orders from its various actions on its administrative adjudication docket. Mr. Cordray also stated that “[i]n the meantime, [the CFPB is] signaling as clearly as [it] can that other financial institutions should review their marketing practices to ensure that they are not deceiving or misleading consumers into purchasing financial products or services.” In July, the CFPB issued Bulletin 2012-06, which outlines the CFPB’s expectations for the institutions it supervises, and their vendors, with regard to offering ancillary products in compliance with federal consumer financial laws. BuckleySandler represented the bank in this joint CFPB-FDIC investigation and enforcement action.
On September 12, the SEC announced Andrew J. Bowden as the new Deputy Director of the Office of Compliance Inspections and Examinations (OCIE). Mr. Bowden has been with the SEC since November 2011 as the National Associate Director for OCIE's Investment Adviser/Investment Company Examination Program. Prior to joining the SEC, Mr. Bowden was a lawyer in private practice. He replaces Norm Champ who became the Director of the Division of Investment Management in July.
On September 5, the OCC announced the promotion of Ellen M. Warwick to Director for Enforcement and Compliance, responsible for conducting investigations, recommending administrative actions, and litigating enforcement actions. Ms. Warwick previously served as Assistant Director for Enforcement and Compliance and as Assistant Director for Litigation, among other positions with the OCC. She also has been a litigation attorney in private practice, a trial attorney with the DOJ, and a prosecutor in the Essex District Attorney’s Office of Massachusetts.
How to Handle a Government Investigation: 13 Things You Should You Do Immediately If the Government Comes Knocking
Actions you take, or don’t take, in the early hours of a government investigation can have costly and far-reaching consequences for a company. At the root of this is the importance of having a plan in place should your company come under investigation, as the last thing you want to be is caught flat-footed. Do your key employees and legal department staff know what to do immediately if the government initiates an investigation?
- Inform your in-house counsel. Establish a protocol to ensure that counsel is contacted immediately.
- Preserve documents. Inform all necessary employees of the need to retain documents, including electronic documents, with a document hold memo that replaces standard document retention policies for potentially responsive materials.
- Establish early dialogue with the investigating agency. Communication is critical to understanding the scope of the investigation and to establishing a working relationship with the government.
- Assume a parallel investigation will be initiated. Questions about self-reporting, production, and other strategic decisions should be made under the assumption that a parallel criminal or civil suit will follow.
- Alert the Board of Directors and/or Audit Committee. Schedule a meeting with key executives to carefully review the situation and discuss possible remedies and corrective actions. Be mindful that meeting minutes, notes, or emails may be discoverable.
- Consider implementing internal restrictions on the trading of company stock. Be sure all rules regarding insider trading are upheld.
- Evaluate disclosure issues and formulate a plan to address. With the commencement of a government investigation, a number of governance issues will arise. Carefully consider any and all disclosures that may be necessary and take appropriate action.
- Put your insurance carrier on notice. Put your insurer on notice early to increase your chances of having insurance pay for some or all of the investigation and/or litigation costs.
- Determine if actions are needed with respect to employees who are possible wrongdoers. This may involve implementing restrictions or additional oversight of their activities or even dismissal. All issues involving employees need to be carefully considered from a variety of angles, including employment laws, anti-retaliation provisions, and possible future civil litigation.
- Identify remedial measures if needed. It may be necessary to conduct a gap analysis of existing compliance programs and make changes to avoid a future recurrence.
- Prepare for any anticipated media coverage. Any and all public statements will be carefully scrutinized by the media, the public-at-large, and the investigating agency. Therefore, it is critical that sufficient care and attention is given to any public comments by the company or its spokespeople.
- Notify employees of possible contact by the investigating agency and advise them of their rights and obligations. It is important to remind employees of their responsibility to be truthful when speaking with agents of the government, but that they may choose to have an attorney present if they do decide to be interviewed. You should also reiterate your company’s policy on cooperating with investigations and request that employees inform the legal department of any discussions or contacts with the government.
- Commence an internal investigation if necessary. An internal investigation can help your company determine whether the allegations have merit or not, and if they do, the cause and extent and possible corrective actions.
You may also be interested in reading our related blog post on How to Respond to a Subpoena: 10 Things You Should Do Immediately.
On July 26, the OCC and the DOJ announced resolution of actions brought against a national bank for alleged violations of the Servicemembers Civil Relief Act (SCRA). The DOJ filed a complaint and consent order in the U.S. District Court for the Eastern District of Virginia, simultaneously bringing and resolving allegations that over a roughly five year period the bank failed to provide sufficient protections to servicemembers (i) denying valid requests for interest rate reductions because the servicemembers’ military orders did not include specific end dates for the period of military service, (ii) foreclosing without a court order, (iii) repossessing motor vehicles without a court order, and (iv) obtaining default judgments without first filing accurate affidavits. Under the DOJ settlement, the bank must pay $12 million in damages to servicemembers. Concurrently, the OCC released consent orders resolving similar allegations. Under both the DOJ and OCC orders, the bank must take specific actions to enhance compliance with SCRA, including with regard to vendor management, training, and internal reporting. The OCC also is requiring that the bank report periodically to the OCC, and conduct a look-back review of its servicemember accounts. The DOJ notes that the bank already has adopted enhanced SCRA policies on its own initiative, including extending a four percent interest rate to qualifying servicemembers and giving an additional one-year grace period before de-enrolling servicemembers from the reduced interest rate program.
On July 18, the CFPB announced its first public enforcement action - a Consent Order entered into by a major credit card issuer to resolve allegations that the issuer’s vendors deceptively marketed ancillary products such as payment protection and credit monitoring. The OCC made a corresponding enforcement announcement and released a Cease and Desist Order and Civil Money Penalty to resolve related charges. Under the CFPB order, the issuer will refund approximately $140 million to roughly two million customers, and will pay a $25 million penalty. The OCC order requires restitution of approximately $150 million (of which $140 million overlaps with the CFPB order) and an additional $35 million civil money penalty. Under both agencies’ actions, the issuer is prohibited from selling and marketing certain ancillary products until it obtains approval to do so from the regulators, and the issuer must take specific actions to enhance compliance with consumer financial laws.
Concurrently, the CFPB issued Bulletin 2012-06, which states that the CFPB expects supervised institutions and their vendors to offer ancillary products in compliance with federal consumer financial laws. The guidance cites “CFPB supervisory experience [that] indicates that some credit card issuers have employed deceptive promotional practices when marketing” such products, including (i) failing to adequately disclose terms and conditions, (ii) enrolling customers without their consent, and (iii) billing for services not performed. The Bulletin reviews applicable federal law and outlines the compliance program components that the CFPB expects supervised institutions to maintain.
Special Alert: DOJ Increasingly Pursuing Monetary and Non-Monetary Relief in Civil Enforcement Actions
Last month, in a potentially significant but largely overlooked development, the Department of Justice ("DOJ") signaled that it would "increasingly" pursue "innovative, non-monetary measures" when it settles civil fraud cases. In remarks to the American Bar Association on June 7, 2012, Stuart F. Delery, Acting Assistant Attorney General, said it was DOJ's "view that there will be cases in the future in which obtaining only a monetary recovery will not adequately redress the wrong." Responding specifically to the charge that qui tam lawsuits represent merely a "cost of doing business" and that qui tam settlements could be viewed as just another "regulatory burden," Delery said that DOJ's civil fraud settlements will increasingly include "non-monetary remedies and other measures to help prospectively reduce fraud." By way of example, he cited the Department's recent health care fraud settlement with Abbott Laboratories, in which the $1.5 billion criminal-civil settlement included such terms as a period of probation; an "agreed statement of facts"; a corporate integrity agreement; and a requirement that the company institute additional compliance measures. Although Delery acknowledged in his remarks that seeking non-monetary relief could "prolong" or even "prevent" settlement discussions, he described it as "increasingly" DOJ's view "that we owe it to taxpayers to do our best to implement measures to fully explain the conduct that led to the resolution, and to deter future bad acts." In fact, the Abbott Laboratories settlement cited by Delery did not break much new ground in this area. That settlement resolved not only civil but criminal charges against the company, and it is not uncommon for corporate criminal resolutions to include recitations of fact and to require that additional compliance measures be implemented. But Delery's emphasis on the importance of pursuing non-monetary relief in civil fraud settlements, including admissions of fact that help "explain the conduct that led to the resolution," is new, and notably echoes remarks made earlier this year by Preet Bharara, the United States Attorney in Manhattan. Speaking in March at the ABA's 26th Annual National Institute on White Collar Crime in Miami, Bharara said that his office did not view civil fraud settlements in monetary terms alone, and would insist also on non-monetary relief that furthers the public interest, including the public interest in deterrence, reforming behavior, and "improv[ing] public understanding of the truth." He emphasized that his office will usually require admissions of misconduct in a civil fraud settlement, and said that his office was fully prepared to litigate if the settlement terms are not satisfactory. A review of recently settled civil fraud cases by U.S. Attorney's offices reveals a trend toward requiring admissions in civil fraud settlements, a trend that was apparently well underway even before Delery's remarks in June. For example, Bharara's office has obtained admissions in civil fraud cases brought against importers, health care providers, mortgage lenders, and other financial institutions. Similarly, in March of this year, Colorado U.S. Attorney John Walsh (who currently serves as Co-Chair of DOJ's newly established Residential Mortgage-Backed Securities Task Force) secured admissions of fraudulent conduct in the settlement of a civil fraud lawsuit alleging the existence of a fraudulent foreclosure rescue scheme. It has long been commonplace for parties to settle a civil case - including a civil enforcement action - by agreeing to pay money while simultaneously maintaining innocence and denying fault or liability. Indeed, the SEC has vigorously - and, so far, successfully - defended its longstanding practice of settling with defendants while allowing them, in appropriate cases, to "neither admit nor deny" the allegations in the complaint. If DOJ increasingly pursues admissions of misconduct and other non-monetary relief in civil fraud settlements, therefore, it will represent not a minor policy shift, but a potential game-changer for defendants. To cite just a few examples, individuals who admit wrongdoing in a civil settlement could conceivably face exposure to criminal charges, health care providers that admit wrongdoing run the risk of administrative sanction, and public companies that admit misconduct face increased exposure to class action lawsuits. A recent ruling in a class action lawsuit against a major financial institution - in which the court cited an admission made by the company in an earlier civil settlement to support denial of the company's motion to dismiss - proves the point. Deciding whether to litigate or settle a civil enforcement action is always a difficult exercise. With DOJ increasingly requiring admissions of fact to settle civil enforcement actions, that exercise will become even more challenging. The collateral consequences of a settlement that includes an admission of misconduct may be further down the road, but they may also be substantial. It is therefore short sighted to weigh merely the risks of litigating against the benefits of settling; the risks of settling are also a significant factor in the mix. If DOJ continues to insist upon admissions of misconduct to settle civil fraud cases, more and more defendants may end up deciding that the cost of litigating - so often cited as the most compelling reason to settle a case - could in fact be lower than the costs of settling.
Andrew W. Schilling, a partner at BuckleySandler LLP, leads the New York office's government enforcement practice. Mr. Schilling represents entities and individuals facing government enforcement actions and complex civil litigation, and his practice includes the defense of False Claims Act matters, white-collar criminal matters, and internal investigations. Prior to joining BuckleySandler, Mr. Schilling served as Chief of the Civil Division at the U.S. Attorney's Office for the Southern District of New York. In that role, he established that office's Civil Frauds Unit, which investigates and prosecutes complex financial fraud cases, including health care fraud and mortgage fraud cases, and directly supervised several nationally significant financial fraud lawsuits against major financial institutions.
Responding to a subpoena can be a daunting task and early missteps can have severe repercussions. Here is a short list of critical steps you can take in the early stages of the subpoena response to protect your company.
- Preserve. Preserve. Preserve. Immediately upon receipt of a subpoena, you should inform all necessary employees of the need to retain documents, including electronic documents, with a document hold memo that replaces standard document retention policies for potentially responsive materials. Destroying or removing documents in the context of a government investigationwhether done affirmatively or by failing to suspend automated document retention protocolsmay be viewed as obstruction of justice. At the very least, it will create the appearance of an unwillingness to cooperate with the investigation.
- Establish a dialogue with the appropriate enforcement authorities. Communication is critical to understanding the scope of the investigation and establishing a working relationship with the government. You should initiate contact quickly to discuss the scope of the subpoena and develop a feasible production schedule.
- Inform the companys key executives. Receiving a subpoena is no small matter and, depending on the nature of the subpoena and potential enforcement action, the key executives and even the board of directors need to be made aware immediately. This is especially important if your company is publicly traded as there may be disclosure obligations.
- Determine whether the subpoena was properly served. Not all subpoenas are properly served and improper service may provide valid grounds to get the subpoena quashed. You should quickly evaluate the basis upon which the subpoena was issued and served to determine whether to object or take other action.
- Advise employees of their rights and responsibilities, including access to counsel. Either at the time the subpoena is initially served or in follow up activities, agents may attempt to interview employees. It is important to remind employees immediately of their responsibility to be truthful when speaking with agents of the government, but that they may choose to have an attorney present if they do decide to be interviewed. You should also reiterate your companys policy on cooperating with investigations and request that employees inform the legal department of any discussions or contacts with the government.
- Evaluate your insurance policys notice requirements. Under many insurance policies, a subpoena is a triggering event. Putting your policy holder on notice early on increases your chances of having insurance pay for some or all of the investigation and/or litigation costs.
- Identify key company individuals. Identifying which individuals within the company are key to the subpoena response will help determine and potentially limit the overall scope of documents you are required to produce. Seeking to narrow or tailor the scope of a subpoena is an important early step in the response process.
- Narrow file search parameters. Once the key individuals are identified, you can then identify electronic and paper files that must be collected and searched. Fulfilling the governments request but not producing irrelevant or privileged documents requires a precisely-tailored search protocol.
- Protect and defend privileged materials. Protecting and defending privileged materials is a cornerstone responsibility of corporate counsel. Documents subject to privileges or protections should be isolated, logged, and preserved. While there are remedies available for inadvertently-produced privileged materials, no one wants to be in the position of having to seek return of a privileged document.
- Construct a formal, defensible review process. You should construct a formal review process that can be defended in court, with a focus on e-discovery issues. It is advisable to have your response protocol evaluated by outside legal counsel early in the process to ensure that all potential sources of electronic data have been identified and searched.
This post adapted from the article, 10 Steps Your Company Should Take When Responding to a Subpoena by Ben Klubes, James Parkinson, and John Kromer, originally published in Bloomberg Law Reports: Banking & Finance, Vol. 4, No. 8, August 1, 2011.
- Daniel R. Alonso to discuss internal investigations at the Institute of Internal Auditors of Argentina Spanish-language webinar
- Jonice Gray Tucker to discuss “Fintech trends” at the BIHC Network Elevating Black Excellence Regional Summit
- Jeffrey P. Naimon to discuss "Truth in lending” at the American Bar Association National Institute on Consumer Financial Services Basics
- Daniel R. Alonso to discuss anti-money-laundering at FELABAN Spanish-language webinar “Perspective for banks: LAFT, FINCEN, OFAC, Cryptocurrency”
- Daniel R. Alonso to discuss "What’s new in BSA/AML compliance?" at the Institute of International Bankers Regulatory Compliance Seminar
- Marshall T. Bell and John R. Coleman to speak at 2021 AFSA Annual Meeting
- Jon David D. Langlois to discuss "Regulatory update: What you need to know under the new boss; It won’t be the same as the old boss" at the IMN Residential Mortgage Service Rights Forum (East)
- Benjamin B. Klubes to discuss “Creating a Fantastic Workplace Culture”
- John R. Coleman and Amanda R. Lawrence to discuss “Consumer financial services government enforcement actions – The CFPB and beyond” at the Government Investigations & Civil Litigation Institute Annual Meeting
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute
- Jonice Gray Tucker to discuss “Regulators always ring twice: Responding to a government request” at ALM Legalweek