InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
SEC charges bank execs over sales-compensation practices
On November 13, the SEC announced charges against a national bank’s former CEO and Chairman, as well as against the former head of the national bank’s community bank (community bank) for their roles in allegedly misleading investors in connection with the bank’s incentive compensation sales program. As previously covered by InfoBytes, in connection with the same misconduct, the SEC announced a Cease and Desist order with the bank for allegedly violating the antifraud provisions of the Securities Exchange Act of 1934. The bank agreed to cease and desist from committing any future violations of the antifraud provisions and to a civil penalty of $500 million.
According to the complaint filed in the U.S. District Court for Northern District of California against the former head of the community bank, from mid-2014 through mid-2016, the former head publicly endorsed the bank’s incentive compensation program as a measurement of the bank’s success, when in reality, the metrics were allegedly inflated by unused and unauthorized accounts. Moreover, the complaint alleges that the former head signed sub-certifications that attested to the accuracy of the bank’s public disclosures, when she “knew or was reckless in not knowing” that the incentive compensation program depicted in the disclosures were materially false or misleading. The complaint seeks a permanent injunction, disgorgement, and civil penalties.
Additionally, the SEC issued a cease and desist order against the bank’s former CEO and Chairman, alleging that in 2015 and 2016 he certified statements filed with the SEC regarding the community bank’s incentive compensation program, after being put on notice that the bank was misleading the public about the program. The order issues a $2.5 million civil penalty against the former CEO and Chairman.
SEC awards $1.1 million to whistleblower
On November 13, the SEC announced a whistleblower award of over $1.1 million in connection with a successful enforcement action. According to the redacted order, the whistleblower provided information to the agency during an active investigation that led the SEC to inquire into different conduct. Additionally, the whistleblower “provided exemplary and continuing assistance” to the SEC, saving the agency time and resources. Lastly, the information and assistance was “critical” in order for the SEC to “bring an emergency action before assets could be dissipated.”
The SEC has now paid approximately $720 million to 113 individuals since the inception of the program.
CFPB settles with debt collector over credit reporting violations
On November 12, the CFPB announced a settlement with an Illinois-based non-bank debt collector, resolving allegations that the company violated the Fair Credit Reporting Act (FCRA), Regulation V, and the Consumer Financial Protection Act when providing information to consumer reporting agencies (CRAs). According to the Bureau, the company allegedly (i) “furnished information to CRAs that it knew or had reasonable cause to believe was inaccurate and failed to report to CRAs an appropriate first date of delinquency on certain accounts”; (ii) failed to conduct reasonable investigations into disputes reported to the company and to the CRAs; (iii) failed to send required notices about the results of investigations; and (iv) “failed to establish, implement, and update its policies and procedures regarding its furnishing of consumer information to CRAs.” According to the consent order, the company, among other things, allegedly furnished actual payment amounts as $0.00 on roughly 165,000 accounts even though consumers had made payments. For about 72,000 accounts, the company allegedly furnished current balances and amounts past due in amounts other than $0.00 even though the accounts were settled in full.
The consent order requires the company to pay a $500,000 civil money penalty and to (i) regularly review samples of furnished account information for accuracy and integrity; (ii) review samples of consumer disputes to ensure they are handled in compliance with the FCRA; (iii) update its policies and procedures to ensure compliance and continued effectiveness; and (iv) secure at least one independent consultant who specializes in FCRA and Regulation V compliance to conduct a review of the company’s activities, policies, and procedures related to furnishing and credit reporting.
FTC requires video conferencing provider to improve security safeguards
On November 9, the FTC announced a settlement with a video conferencing provider, resolving allegations that the company violated the FTC Act by misleading users about the levels of encryption and security offered for securing communications during meetings. The FTC’s complaint alleges that, since at least 2016, the company engaged in a series of deceptive and unfair practices by claiming it offered end-to-end encryption to secure users’ communications and—according to the FTC’s press release—“tout[ing] its level of encryption as a reason for customers and potential customers to use [its] videoconferencing services.” The FTC contends that the company actually maintained a lower level of security, which allowed the company access to the contents of users’ meetings, including sensitive personal information, and allegedly secured these meetings with a lower level of encryption than promised. Users who wanted to store recorded meetings using cloud storage provided by the company were told that the meetings were immediately encrypted, but in certain instances, unencrypted meeting recordings were allegedly stored on company servers for up to 60 days before being transferred to the secure cloud storage. In addition, the company allegedly compromised some users’ security by secretly installing software that would allow users to join a meeting by bypassing a browser safeguard designed to protect users from a common type of malware. According to the FTC, the company, among other things, failed to implement any measures to protect users’ security, failed to monitor service providers who had access to the network, lacked a systematic process for incident response, and allegedly increased users’ risk of remote video surveillance by strangers.
The proposed settlement order requires the company to (i) assess and document security risks; (ii) develop ways to manage and safeguard against such risks; (iii) deploy additional methods, including multi-factor authentication, to protect against unauthorized access of the network; and (iv) take other steps, such as implementing data deletion controls and preventing known compromised user credentials from being used. Company personnel must also review any software updates for security flaws to “ensure the updates will not hamper third-party security features.” Furthermore, the company is prohibited from misrepresenting its privacy and security practices, and is required to obtain biennial third-party assessments of its security practices (which the FTC has the authority to approve) and notify the FTC if it experiences a data breach.
Fed targets flood insurance violations
On November 10, the Federal Reserve Board (Fed) announced an enforcement action against an Arkansas-based bank for alleged violations of the National Flood Insurance Act (NFIA) and Regulation H, which implements the NFIA. The consent order assesses a $12,000 penalty against the bank for an alleged pattern or practice of violations of Regulation H, but does not specify the number or the precise nature of the alleged violations. The maximum civil money penalty under the NFIA for a pattern or practice of violations is $2,000 per violation.
SEC issues two separate whistleblower awards totaling over $4.3 million
On November 5, the SEC announced two separate whistleblower awards totaling over $4.3 million. According to the first redacted order, the SEC awarded a whistleblower more than $3.6 million for (i) providing information that alerted enforcement staff to misconduct occurring abroad that would otherwise “have been difficult to detect”; (ii) providing “substantial and ongoing assistance” to enforcement staff, including traveling to another country to meet with staff in person at the whistleblower’s own expense and providing “extensive supporting documentation”; and (iii) suffering hardships due to the whistleblowing. The SEC further noted in the order that while the whistleblower’s “ministerial role in the underlying misconduct” was considered, the Commission did not reduce the award for culpability as the whistleblower “took exceptional steps to report the misconduct from abroad and provided extraordinary assistance.”
In the second redacted order, the SEC awarded $750,000 to a whistleblower for providing significant information that led to a successful enforcement action. According to the SEC, while the covered action was already open when the whistleblower provided the original information, the whistleblower’s information caused enforcement staff to investigate different conduct, which ultimately formed the basis for the covered action. The whistleblower also met with Commission staff in person and explained “the likely mechanics of the fraudulent scheme.”
The SEC has now paid approximately $719 million to 112 individuals since the inception of the program.
FTC issues final order with skincare company for false reviews
On November 6, the FTC announced a final order with a skincare company, resolving allegations that the company misled consumers by posting fake reviews on a retailer’s website and failed to disclose company employees wrote the reviews. As previously covered by InfoBytes, in October 2019, the FTC filed the complaint against the company asserting that (i) the product reviews posted on the company’s website were not “independent experiences or opinions of impartial ordinary users of the products” and therefore, were false or misleading under Section 5 of the FTC Act; and (ii) the failure to disclose the reviews were written by the owner or employees constitutes a deceptive act or practice under Section 5 of the FTC Act, because the information would “be material to consumers in evaluating the reviews of [the company] brand products in connection with a purchase or use decision.”
The Commission, in a 3-2 vote, approved the final order, which prohibits the company from misrepresenting the status of an endorser, including misrepresentations that the endorser or reviewer is an “independent or ordinary user of the product.” The order requires the company and owner to “clearly and conspicuously, and in close proximity to that representation, any unexpected material connection between such endorser and (1) any Respondent; or (2) any other individual or entity affiliated with the product.” The final order does not include any monetary relief for consumers.
In dissent, two Commissioners objected to the final order, stating that the agency is “doubling down on its no-money, no-fault settlement with [the company], who was charged with egregious fake review fraud.” The dissent urged the Commission to publish a statement on monetary remedies in order to restate “legal precedent into formal rules” and designate specific misconduct as penalty offenses through Section 5(m)(1)(B) of the FTC Act, which allows the agency “to seek penalties against parties who engage in conduct known to have been previously condemned by the Commission.”
CFPB takes action against debt-relief and debt-settlement companies
On November 5, the CFPB announced an action filed in the U.S. District Court for the Central District of California against a student loan debt-relief company, a debt-settlement company, and the owner of both companies (collectively, “defendants”) for allegedly violating the Telemarketing Sales Rule (TSR) and the Consumer Financial Protection Act (CFPA) by charging illegal advance fees and using deceptive tactics to induce consumers to sign up for services. According to the complaint, from 2015 to the present, the defendants allegedly charged consumers upfront fees between $1,000 and $1,450 for the debt-relief company to file paperwork with the U.S. Department of Education to obtain loan consolidation, loan forgiveness, or income-driven repayment plans. According to the complaint, some consumers paid the upfront fee using a third-party financing company and paid an APR between 17 and 22 percent. Additionally, the CFPB alleges that the defendants required some consumers to pay the fee in installments into a trust plan, which carried a $6 monthly banking fee paid to the administrator of the trust accounts. The Bureau alleges that the defendants failed to provide the proper disclosures under the TSR. Moreover, the complaint asserts that from 2019 to the present, the defendants violated the CFPA by representing to consumers that they were turned down for a loan in order to pitch the company’s settlement services.
The complaint seeks consumer redress, injunctive relief, and civil money penalties.
CFPB charges lender with misrepresenting loan risks
On November 5, the CFPB filed a complaint in the U.S. District Court for the Southern District of Florida against a Florida-based company and its CEO (collectively, “defendants”) alleging violations of the Consumer Financial Protection Act through their offering of short-term, high-interest loans funded by deposits made by other consumers. According to the complaint, the defendants allegedly misrepresented both the risks associated with the deposit product as well as the annual percentage rate (APR) for the loans offered to other consumers. The Bureau alleges that the defendants engaged in deceptive acts or practices by, among other things, (i) purportedly marketing loans, which ranged from $100 to $500 each, as having a 440 percent APR, when in reality the actual APR ranged from 975 to 978 percent; (ii) claiming that deposits received by consumers to fund its loans are guaranteed a 15 percent annual percentage yield; (iii) guaranteeing that consumers’ deposits are FDIC insured and held at “‘member financial institutions’ and ‘participating banks’”; and (iv) claiming that roughly every minute a new consumer makes a deposit. However, the Bureau contends that deposits are not held in FDIC-insured accounts, that the rate of return is not guaranteed, and that “the average rate of new customers is just a few each day.” The Bureau further alleges that because the majority of the loans violate Florida’s criminal-usury law, rendering them uncollectable, the defendants would be unable to collect delinquent loans or meet their obligations to consumers seeking to withdraw their deposited funds. Among other things, the Bureau seeks an injunction against the defendants, damages, consumer redress, disgorgement, and a civil money penalty.
CFPB settles with payment plan company over deceptive sales practices
On November 2, the CFPB announced a settlement with a Texas-based payment plan company, resolving allegations that the company’s loan payment program disclosures contained misleading statements in violation of the Consumer Financial Protection Act. According to the Bureau, the company’s loan payment program for auto loans is marketed as an opportunity for consumers to pay off loans faster and more cheaply, where automatic partial payments are deducted bi-weekly from consumers’ bank accounts and then forwarded to consumers’ lenders or servicers. However, consumers who enrolled in the bi-weekly program end up “making 13 monthly payments or one full extra payment to [the company] each year,” the Bureau alleged, in addition to paying a bi-weekly debit fee. According to the consent order, the company, among other things, allegedly provided consumers with a customized “benefits summary” that stated a specific amount of interest savings the consumer would receive by enrolling in the program. The Bureau alleged that the benefits summary, however, failed to disclose that the fees would ordinarily exceed the interest savings. The program—which was purportedly marketed as a “financial benefit to consumers”—created the misleading impression that consumers would save money using the product even though the company allegedly knew the majority of enrolled consumers ended up paying more in total on their loans.
The consent order requires the company to pay a $1 civil money penalty and $7.5 million in consumer redress, which is suspended upon payment of $1.5 million based on the company’s demonstrated inability to pay the full judgment. The Bureau noted in its press release that harmed consumers may be eligible to receive additional relief from the Bureau’s Civil Penalty Fund. The company is also prohibited from making any misrepresentations about its payment program or any other payment accelerator programs.