InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB’s debt-collection suit can proceed
On December 13, the U.S. District Court for the District of Delaware ruled that the CFPB can proceed with its 2017 enforcement action against a collection of Delaware statutory trusts and their debt collector for, among other things, allegedly filing lawsuits against consumers for private student loan debt that they could not prove was owed or that was outside the applicable statute of limitations. (Covered by InfoBytes here.) According to the court’s opinion, the U.S. Supreme Court’s decision in Seila Law v. CFPB (which determined that the director’s for-cause removal provision was unconstitutional but was severable from the statute establishing the Bureau—covered by a Buckley Special Alert) upended its previous dismissal of the case, which had held that the Bureau lacked enforcement authority to bring the action when its structure was unconstitutional. The court also previously ruled that the Bureau’s claims were barred by the statute of limitations and that former Director Kathy Kraninger’s subsequent ratification of the action came after the limitations period had expired. (Covered by InfoBytes here.)
In now finding that the CFPB can proceed with the 2017 enforcement action, the court rejected the statute of limitations argument because, under the Supreme Court’s ruling that unconstitutional removal protections do not automatically void agency actions, the Bureau’s action in 2017 was valid and it stopped the three-year clock when it sued. While the court recognized the defendants’ argument that the Bureau first discovered the alleged violations on September 4, 2014, when it issued a civil investigative demand and then sued on September 18, 2017 (allegedly exceeding the three-year limit by two weeks), the court noted that at this stage it could not find a time bar because nothing on the “face of the complaint” supports the defendants’ argument that the allegations are untimely.
The court also held that the Bureau did not need to ratify the suit. Pointing to the majority opinion in the Supreme Court’s decision in Collins v. Yellen (covered by InfoBytes here), the court stated that “‘an unconstitutional removal restriction does not invalidate agency action so long as the agency head was properly appointed[,]’” and therefore the agency’s actions are not void and do not need to be ratified, unless a plaintiff can show that “the agency action would not have been taken but for the President’s inability to remove the agency head.” The court wrote: “This suit would have been filed even if the director had been under presidential control. It has been litigated by five directors of the CFPB, four of whom were removable at-will by the President. . . . And the CFPB did not change its litigation strategy once the removal protection was eliminated. This is strong evidence that this suit would have been brought regardless.”
The court also disagreed with the defendants’ argument that, as trusts, they are not “covered persons” under the Consumer Financial Protection Act (CFPA). While the defendants argued that they used subservicers to collect debt and therefore did not “engage in” providing services listed in the CFPA, the court stated that the trusts were still “engaged” in their business and the alleged misconduct even though they contracted it out. “[I]f Congress wanted to allow enforcement against only those who directly engage in offering or providing consumer financial services, it could have said so,” the court said.
SEC, CFTC settle with national bank’s subsidiary
On December 17, the SEC announced charges against a subsidiary limited liability company of a national bank for Securities Exchange Act violations because the firm and its employees allegedly failed to maintain recordkeeping requirements. According to the order, from at least January 2018 through at least November 2020, the company’s employees communicated about securities business matters on their personal devices, using text messaging applications and personal email accounts. These communications were not maintained or preserved by the company, and some were not able to be furnished promptly to a Commission representative when requested, allegedly in violation of Section 17(a) of the Exchange Act and Rules 17a4(b)(4) and 17a-4(j) thereunder. Additionally, the company’s “widespread failure to implement its policies and procedures which forbid such communications led to its failure to reasonably supervise its employees within the meaning of Section 15(b)(4)(E) of the Exchange Act.” The company received subpoenas for documents and records requests in numerous Commission investigations during the time that it failed to maintain required securities records relating to the business. In its response to the subpoena requests, the bank allegedly did not search for relevant records contained on the personal devices of its employees. The order further noted that because the company’s “recordkeeping failures impacted the Commission’s ability to carry out its regulatory functions and investigate potential violations of the federal securities laws across these investigations, the Commission was often deprived of timely access to evidence and potential sources of information for extended periods of time and, in some instances, permanently.” According to the SEC, the company admitted the facts set forth in the SEC’s order and acknowledged that its conduct violated the federal securities laws, and agreed to: (i) pay a $125 million penalty; (ii) implement robust improvements to its compliance policies and procedures, including retaining “a compliance consultant to, among other things, conduct a comprehensive review of its policies and procedures relating to the retention of electronic communications found on personal devices and [the company’s] framework for addressing non-compliance by its employees with those policies and procedures”; and (iii) cease and desist from committing or causing any violations and any future violations of Section 17(a) of the Exchange Act and Rule 17a-4 thereunder.
The same day, the CFTC announced a $75 million settlement with the company, the national bank, and its public limited company (collectively, “respondents”) for allegedly failing to maintain, preserve, and produce records that were required to be kept under CFTC recordkeeping requirements, and failing to diligently supervise matters associated with its businesses as CFTC registrants. According to the CFTC order, from at least 2015, the respondents’ employees internally and externally communicated on unapproved channels, and had messages related to the respondents’ businesses as CFTC registrants that were required to be maintained under CFTC-mandated recordkeeping requirements. The order also noted that the written communications were not maintained and preserved by the respondents, and they were not able to be furnished promptly to a CFTC representative when requested. The order further alleged that the widespread use of unauthorized communication methods by the respondents’ employees to conduct firm business violated their own policies and procedures. The respondents also did not maintain adequate internal controls with respect to business-related communications on non-approved communication methods. The order requires the respondents to pay a $75 million civil monetary penalty, to cease and desist from further violations of recordkeeping and supervision requirements, and to engage in specified remedial undertakings.
FTC settles with debt collectors
On December 13, the FTC announced a settlement with several South Carolina-based debt collection companies and an individual (collectively, "defendants") for allegedly engaging in fraudulent debt collection practices. The FTC filed a complaint against the defendants alleging that they violated the FTC Act and the FDCPA by, among other things: (i) using robocalls to leave deceptive messages; (ii) falsely representing that an individual is an attorney or is in communication with an attorney; (iii) “falsely claiming or implying that nonpayment of a debt will result in the arrest or imprisonment of a person”; (iv) threatening to take unlawful legal action; and (v) making false representations or using deceptive means to collect or attempt to collect a debt. The action was taken as part of the FTC’s “Operation Corrupt Collector”—a nationwide enforcement and outreach effort established by the FTC, CFPB, and more than 50 federal and state law enforcement partners to target illegal debt collection practices (covered by InfoBytes here). The effort previously resulted in settlements with two other debt collectors, which included permanent bars from the industry.
Under the terms of the settlement, in addition to being permanently banned from participating in debt collection and debt brokering activities, the defendants will also be prohibited from making misrepresentations to consumers, including (i) whether consumers are legally obligated to pay defendants; (ii) whether defendants are attorneys or affiliated with a law firm; (iii) the terms of any refund policy; and (iv) any material facts concerning products or services. The order also requires the defendants to surrender the contents of numerous bank and investment accounts, including property and the value of certain assets. An approximately $12 million monetary judgment will be partially suspended upon completion of asset transfers from all financial institutions holding accounts in the defendants’ names.
California sentences student loan debt relief scammers
On December 6, the California attorney general announced the sentencing of four individuals involved in a student loan assistance scam and related computer crimes. According to the AG, the individuals’ now-defunct company presented “itself as a legitimate source of help and feigned association with the U.S. Department of Education (ED) in order to gain the trust of distressed student loan borrowers and access their personal information.” Company employees “were directed to access and disrupt student loan borrower account data, as well as create new student borrower accounts while posing as the borrowers,” which violated the state’s computer crime laws the AG stated. Borrowers were convinced to pay fees of up to $1,300 in monthly payments in order to participate in the company’s loan payment reduction programs, which offered loan deferment and income-driven repayment. However, many of the borrowers were unaware that these payment reduction programs were already offered free of charge by the Department of Education. Moreover, borrowers did not know that their monthly payments were not a subscription service or applied towards their federal student loans, but were rather payments on a high interest loan. The AG contended that borrowers were purportedly required to continue making these payments even if they attempted to cancel the company’s services, and that “to facilitate the scam, the defendants used the Federal Student Aid website to illegally access student borrower records housed in computer systems belonging to ED.” In additional to their sentences of up to 180 days in prison, community service and probation, the individuals were ordered to pay restitution to harmed borrowers.
FINRA fines financial firms $2.25 million for alleged improper storage of customer data
On December 6, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), which requires two units of a national bank (respondents) to jointly and severally pay a $2.25 million fine for allegedly failing to store customer information in the format required under federal securities regulations, and then taking three years to report the issue after it was discovered. According to FINRA, in 2016, the agency found that the respondents allegedly violated various books and records retention requirements and related supervisory rules when maintaining approximately one million electronic brokerage records. In 2017, the respondents certified that they “had ‘adopted and implemented policies and procedures reasonably designed to achieve compliance with the applicable federal securities laws and FINRA rules’ addressed in the December 2016 AWC.” However, FINRA claimed that from 2003 to August 2020, the respondents allegedly failed to properly store roughly 13 million records related to their customer identification program (CIP) in the required “write once, read many” format (known as “WORM”). This “non-rewritable, non-erasable” format required under federal securities regulations is intended to prevent the alteration or destruction of customer identification information, FINRA explained. The respondents conducted an internal review in 2020, which concluded that the respondents were storing CIP records on a non-WORM compliant system. However, the respondents self-reported the issue to FINRA in April 2020 and migrated the relevant records to a WORM-compliant system by August 2020. The respondents did not admit nor deny the findings as part of the AWC, but have agreed to a censure and will pay the fine.
OFAC reaches $133,860 settlement in Iranian sanctions matter
On December 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $133,860 settlement against an individual for allegedly facilitating four payments on behalf of an Iranian company using a personal bank account in the U.S., in violation of the Iranian Transactions and Sanctions Regulations (ITSR), 31. C.F.R. part 560. According to OFAC’s web notice, between February 2016 and March 2016, the individual accepted $133,860 in the U.S., which went to a personal bank account, on behalf of an Iran-based company selling Iranian-origin cement to another company for a project in a third country.
In arriving at the settlement amount, OFAC considered various aggravating factors, including, among other things, that the individual: (i) willfully was in violation of or recklessly ignored U.S. sanctions on Iran when receiving payments on behalf of an Iranian company; (ii) was aware of, and actively participated in, the violations; and (iii) “harmed the objectives of the ITSR by enabling the evasion of sanctions by an Iranian company.” OFAC also considered various mitigating factors, including that the individual did not receive a penalty notice, finding of violation, or cautionary letter from OFAC in the past five years, and is a natural person with a limited ability to pay.
CFPB supervisory highlights cover wide range of violations
On December 8, the CFPB released its fall 2021 Supervisory Highlights, which details its supervisory and enforcement actions in the areas of credit card account management, debt collection, deposits, fair lending, mortgage servicing, payday lending, prepaid accounts, and remittance transfers. The report’s findings cover examinations that were completed between January and June of 2021 in addition to prior supervisory findings that led to public enforcement actions in the first half of 2021. Highlights of the examination findings include:
- Credit Card Account Management. Bureau examiners identified violations of Regulation Z related to billing error resolution, including instances where creditors failed to (i) resolve disputes within two complete billing cycles after receiving a billing error notice; (ii) reimburse late fees after determining a missed payment was not credited to a consumer’s account; and (iii) conduct reasonable investigations into billing error notices concerning missed payments and unauthorized transactions. Examiners also identified deceptive acts or practices related to credit card issuers’ advertising practices.
- Debt Collection. The Bureau found instances of FDCPA violations where debt collectors represented to consumers that their creditworthiness would improve upon final payment under a repayment plan and the deletion of the tradeline. Because credit worthiness is impacted by numerous factors, examiners found “that such representations could lead the least sophisticated consumer to conclude that deleting derogatory information would result in improved creditworthiness, thereby creating the risk of a false representation or deceptive means to collect or attempt to collect a debt in violation of Section 807(10).”
- Deposits. The Bureau discussed violations related to Regulation E, including error resolution violations related to misdirected payment transfers and failure to investigate error notices where consumers alleged funds were sent via a person-to-person payment network but the intended recipient did not receive the funds.
- Fair Lending. The report noted instances where examiners cited violations of ECOA and Regulation B by lenders "discriminating against African American and female borrowers in the granting of pricing exceptions based upon competitive offers from other institutions,” which led to observed pricing disparities, specifically as compared to similarly situated non-Hispanic white and male borrowers. Among other things, examiners also observed that lenders’ policies and procedures contributed to pricing discrimination, and that lenders improperly inquired about small business applicants’ religion and considered religion in the credit decision process.
- Mortgage Servicing. The Bureau noted that it is prioritizing mortgage servicing supervision attributed to the increase in borrowers needing loss mitigation assistance due to the Covid-19 pandemic. Examiners found violations of Regulations Z and X, as well as unfair and deceptive acts and practices. Unfair acts or practices included those related to (i) charging delinquency-related fees to borrowers in CARES Act forbearances; (ii) failing to terminate preauthorized EFTs; and (iii) assessing fees for services exceeding the actual cost of the performed services. Deceptive acts or practices found by examiners related to mortgage servicers included incorrectly disclosed transaction and payment information in a borrower’s online mortgage loan account. Mortgage servicers also allegedly failed to evaluate complete loss mitigation applications within 30 days, incorrectly handled partial payments, and failed to automatically terminate PMI in a timely manner. The Bureau noted in its press release that it is “actively working to support an inclusive and equitable economic recovery, which means ensuring all mortgage servicers meet their homeowner protection obligations under applicable consumer protection laws,” and will continue to work with the Federal Reserve Board, FDIC, NCUA, OCC, and state financial regulators to address any compliance failures (covered by InfoBytes here).
- Payday Lending. The report identified unfair and deceptive acts or practices related to payday lenders erroneously debiting consumers’ loan balances after a consumer applied and received confirmation for a loan extension, misrepresenting that consumers would only pay extension fees on the original due dates of their loans, and failing to honor loan extensions. Examiners also found instances where lenders debited or attempted one or more duplicate unauthorized debits from a consumer’s bank account. Lenders also violated Regulation E by failing “to retain, for a period of not less than two years, evidence of compliance with the requirements imposed by EFTA.”
- Prepaid Accounts. Bureau examiners found violations of Regulation E and EFTA related to stop-payment waivers at financial institutions, which, among other things, failed to honor stop-payment requests received at least three business days before the scheduled date of the transfer. Examiners also observed instances where service providers improperly required consumers to contact the merchant before processing a stop-payment request or failed to process stop-payment requests due to system limitations even if a consumer had contacted the merchant. The report cited additional findings where financial institutions failed to properly conduct error investigations.
- Remittance Transfers. Bureau examiners identified violations of Regulation E related to the Remittance Rule, in which providers “received notices of errors alleging that remitted funds had not been made available to the designated recipient by the disclosed date of availability” and then failed to “investigate whether a deduction imposed by a foreign recipient bank constituted a fee that the institutions were required to refund to the sender, and subsequently did not refund that fee to the sender.”
The report also highlights recent supervisory program developments and enforcement actions.
Chopra wants states to enforce federal consumer protection laws
On December 7, in a speech before the National Association of Attorneys General (NAAG) meeting, CFPB Director Rohit Chopra discussed the importance state partnerships play in enforcing consumer financial protection laws. In addressing the dangers of federal preemption over state consumer protection measures, Chopra highlighted data covering the 2007-2009 mortgage crisis, in which a 2010 study from the University of North Carolina claimed that “the OCC’s 2004 preemption in markets directly contributed to the sub-prime mortgage crises” and “resulted in deterioration in the quality of, and increase in the default risk for, mortgages originated by OCC lenders in states with strong anti-predatory lending laws.” Chopra warned that while Congress has limited the OCC’s ability to impact state consumer protection enforcement, actions that attempt to preempt stronger state consumer protection laws are “fundamentally wrong.”
To combat this, Chopra said he is considering changes that would expand state attorney general authority to enforce many federal consumer protection laws, including the Consumer Financial Protection Act (CFPA), which prohibits unfair, deceptive, and abusive practices, particularly in situations where “federal protections are stronger than state statutes.” These changes would allow states to pursue action, provided notice is given to the Bureau before filing a complaint. Chopra said he is also exploring ways to provide states more access to remedies available under the CFPA, such as civil money penalties that states could “use to bolster deterrence” in addition to access of the Bureau’s victim relief fund to provide compensation to affected consumers in state enforcement actions (the fund is currently only available in actions involving the Bureau). In the meantime, Chopra stated the Bureau is reviewing notifications from states so the agency can join actions as appropriate.
Chopra also repeated his warning about reining in repeat offenders and reiterated the need for “exploring all possible remedies,” including those directed at senior management and executive levels, to address recidivism and reshape behavior and incentives. Chopra cautioned that companies cannot be allowed “to weave in and out of state and federal regulatory oversight” and that the Bureau and the states need to “look after one another’s orders.” He stated that the Bureau intends to alert states when it “find[s] their orders are being flouted.”
SEC awards $5 million to whistleblower
On December 6, the SEC announced that it awarded a whistleblower nearly $5 million for providing information that led to a successful SEC enforcement action. According to the redacted order, the whistleblower voluntarily provided original information to the Commission, which enabled staff to quickly and efficiently, among other things, develop a case theory, which ultimately led to the enforcement action and the return of millions of dollars to harmed investors.
The SEC has awarded approximately $1.2 billion to 236 individuals since issuing its first award in 2012.
7th Circuit denies CFPB’s request to reconsider attorney exemption in foreclosures
On November 29, the U.S. Court of Appeals for the Seventh Circuit denied the CFPB’s petition for panel or en banc rehearing of its earlier decision in an action taken against several foreclosure relief companies and associated individuals accused of violating Regulation O. As previously covered by InfoBytes, the Bureau asked the appellate court to reconsider its determination “that practicing attorneys are categorically exempt from Regulation O,” claiming that the court’s holding strips the Bureau “of the authority given it by Congress to hold attorneys to account for violations not just of Regulation O, but of a host of other federal laws as well.” In July, the 7th Circuit vacated a 2019 district court ruling that ordered $59 million in restitution and disgorgement, civil penalties, and permanent injunctive relief against defendants accused of collecting fees before obtaining loan modifications, and inflating success rates and the likelihood of obtaining a modification, among other allegations (covered by InfoBytes here). The appellate court based its decision on the application of the U.S. Supreme Court’s ruling in Liu v. SEC, which held that a disgorgement award cannot exceed a firm’s net profits—a ruling that is “applicable to all categories of equitable relief, including restitution.” The appellate court also concluded that attorneys who are subject to liability for violating consumer laws “cannot escape liability simply by virtue of being an attorney.” However, the appellate court vacated the recklessness finding in the civil penalty calculation pertaining to certain defendants, writing that “[a]lthough we have found that they were not engaged in the practice of law, the question was a legitimate one. We consider it a step too far to say that they were reckless—that is, that they should have been aware of an unjustifiably high or obvious risk of violating Regulation O.” (Covered by InfoBytes here.) In its appeal, the Bureau did not challenge the vacated restitution award, but rather argued that a rehearing was necessary to ensure that the agency can bring enforcement actions against attorneys who violate federal consumer laws, including Regulation O.