Skip to main content
Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • CFPB rescinds no-action letter and sandbox policies

    Agency Rule-Making & Guidance

    On September 27, the CFPB issued a statement in the Federal Register rescinding its No-Action Letter Policy and its Compliance Assistance Sandbox Policy. As previously covered by InfoBytes, in September 2019, the CFPB issued three final innovation policies: the No-Action Letter (NAL) PolicyCompliance Assistance Sandbox (CAS) Policy, and Trial Disclosure Program (TDP) Policy. The NAL policy provided a NAL recipient assurance that the Bureau will not bring a supervisory or enforcement action against the company for providing a product or service under the covered facts and circumstances. The CAS policy evaluated a product or service for compliance with relevant laws and offered approved applicants a “safe harbor” from liability for certain covered conduct during the testing period under TILA, ECOA, or the EFTA. Following the rescission, the statement noted that the Bureau will no longer accept NAL or CAS applications by September 30, but will continue to accept and process requests under the TDP. Entities that have made submissions under the NAL or CAS policies will be notified if the Bureau intends to take additional steps on their submissions. According to the statement, the Bureau “determined that the Policies do not advance their stated objective of facilitating consumer-beneficial innovation” and “that the existing Policies failed to meet appropriate standards for transparency and stakeholder participation.”

    Agency Rule-Making & Guidance Federal Issues CFPB Consumer Finance Regulatory Sandbox TILA EFTA Federal Register ECOA

  • 10th Circuit: Payday lender must pay $38.4 million restitution order


    On September 15, the U.S. Court of Appeals for the Tenth Circuit affirmed the CFPB’s administrative ruling against a Delaware-based online payday lender and its founder and CEO (respondents/petitioners) regarding a 2015 administrative enforcement action that alleged violations of the Consumer Financial Protection Act (CFPA), TILA, and EFTA. As previously covered by InfoBytes, in 2015, the CFPB announced an action against the respondents for alleged violations of TILA and the EFTA, and for engaging in unfair or deceptive acts or practices. Specifically, the CFPB alleged that, from May 2008 through December 2012, the online lender (i) continued to debit borrowers’ accounts using remotely created checks after consumers revoked the lender’s authorization to do so; (ii) required consumers to repay loans via pre-authorized electronic fund transfers; and (iii) deceived consumers about the cost of short-term loans by providing them with contracts that contained disclosures based on repaying the loan in one payment, while the default terms called for multiple rollovers and additional finance charges. The order required the respondents to pay $38.4 million as both legal and equitable restitution, along with $8.1 million in penalties for the company and $5.4 million in penalties for the CEO.

    According to the opinion, between 2018 and 2021, the U.S. Supreme Court issued four decisions, Lucia v. SEC (covered by InfoBytes here), Seila Law v. CFPB (covered by a Buckley Special Alert here), Liu v. SEC (covered by InfoBytes here), and Collins v. Yellen (covered by InfoBytes here), which “bore on the Bureau’s enforcement activity in this case,” by “decid[ing] fundamental issues such as the Bureau’s constitutional authority to act and the appointment of its administrative law judges (‘ALJ’).” The decisions led to intermittent delays and restarts in the Bureau’s case against the petitioners. For instance, the opinion noted that two different ALJs decided the present case years apart, with their recommendations separately appealed to the Bureau’s director. The CFPB’s director upheld the decision by the second ALJ and ordered the lender and its owner to pay the restitution, and a district court issued a final order upholding the award. The petitioners appealed.

    On appeal, the petitioners made three substantive arguments for dismissing the director’s final order. The petitioners argued that under Seila, the CFPB’s structure was unconstitutional and therefore the agency did not have authority to issue the order. The appellate court disagreed, stating that it is “to use a ‘scalpel rather than a bulldozer’ in remedying a constitutional defect,” and that “because the Director’s actions weren’t unconstitutional, we reject Petitioners’ argument to set aside the Bureau’s enforcement action in its entirety.”

    The petitioners also argued that the enforcement action violated their due-process rights by denying the CEO additional discovery concerning the statute of limitations. The petitioners claimed that they were entitled to a “new hearing” under Lucia, and that the second administrative hearing did not rise to the level of due process prescribed in that case. The appellate court determined that there was “no support for a bright-line rule against de novo review of a previous administrative hearing," nor did it see a reason for a more extensive hearing. Moreover, the petitioners “had a full opportunity to present their case in the first proceeding,” the 10th Circuit wrote. The appellate court further rejected the company’s argument regarding various evidentiary rulings, including permitting evidence about the company’s operational expenses, among other things. The appellate court also concluded that the CFPA’s statute of limitations commences when the Bureau either knows of a violation or, through reasonable diligence, would have discovered the violation. Therefore, the appellate court rejected the argument “that the receipt of consumer complaints triggered the statute of limitations.”

    The petitioners also challenged the remedies order, claiming they were not allowed “to present evidence of their good-faith reliance on counsel (as to restitution and civil penalties) and evidence of their expenses (as to the Director’s residual disgorgement order).” The appellate court rejected that challenge, holding that the director properly considered all factors, including good faith, and rejected the petitioners’ challenge to the ALJ’s recommended civil penalties.

    The 10th Circuit affirmed the district court’s order of a $38.4 million restitution award, rejecting the petitioners’ various challenges and affirming the director’s order.

    Courts Appellate Tenth Circuit CFPB TILA EFTA Disclosures CFPA UDAAP Enforcement U.S. Supreme Court Payday Lending

  • District Court dismisses EFTA claims concerning fraudulent transactions


    On August 18, the U.S. District Court for the Eastern District of Michigan dismissed a class action alleging violations of the EFTA brought against a national bank on behalf of consumers who were issued prepaid debit cards providing Covid-19 pandemic unemployment insurance payments. Two of the plaintiffs alleged they experienced fraudulent transactions on their accounts. According to the plaintiffs, the bank froze one of the defendant’s accounts but failed to credit his account for the allegedly fraudulent transaction. In response to a second plaintiff’s fraud report, the bank allegedly froze her account and informed her that she had “to contact the unemployment agency because an unauthorized person had ‘gained access to the card and was using the unemployment benefits.’” The third plaintiff alleged that the bank froze her account based on suspected fraud and was informed that she would have to contact someone else to unfreeze the account. Plaintiffs sued for violations of the EFTA and raised several breach of contract and negligence claims.

    The court dismissed the EFTA claim on several grounds, including that (i) the second plaintiff’s claim is time-barred; (ii) the other two plaintiffs’ claims stem from the bank’s alleged errors related to unauthorized transactions, yet neither requested information or clarification about an electronic funds transfer; (iii) one of the plaintiffs never actually experienced fraud (the court emphasized that the EFTA does not regulate account freezes; it regulates electronic funds transfers); and (iv) one of the plaintiff’s failed to plausibly plead that he complied with the EFTA’s notification requirements that must be met before a defendant conducts an investigation. The court also determined that the breach of contract claims failed, citing, among other things, that if an account did not have an unauthorized transaction a defendant cannot breach its reimbursement duties. Nor did the other two plaintiffs provide proper notice to trigger the bank’s duty to investigate, the court wrote, adding that the negligence claims also failed because the plaintiffs failed to respond to a request asking them to show how the bank’s actions caused them injury.

    Courts EFTA Covid-19 Consumer Finance Fraud

  • District Court dismisses EFTA claims over prepaid debit card fraud


    On August 11, the U.S. District Court for the District of Maryland dismissed a putative class action alleging violations of the EFTA and state privacy and consumer protection laws brought against a national bank on behalf of consumers who were issued prepaid debit cards providing pandemic unemployment benefits. The named plaintiff—a self-employed individual who did not qualify for state unemployment insurance but who was eligible to receive temporary Pandemic Unemployment Assistance (PUA) benefits—alleged that he lost nearly $15,000 when an unauthorized user fraudulently used a prepaid debit card containing PUA funds that were intended for him. The court dismissed the class claims with respect to the EFTA and Regulation E, finding that the Covid-19 pandemic was a “qualified disaster” under applicable law and regulations (i.e. PUA payments were “qualified disaster relief payments”), and that as such, the payments satisfied the CFPB’s official interpretation of Regulation E and were excluded from the definition of a “prepaid account.” The court further explained that while relevant CFPB regulations define an “account” to include a prepaid account, Regulation E excludes “any ‘account that is directly or indirectly established through a third party and loaded only with qualified disaster relief payments.’” Because the prepaid debit card in question was established through a third party and was loaded only with PUA funds, it did not meet the definition of a “prepaid account” and therefore fell outside the EFTA’s definition of a covered account. The court also disagreed with the plaintiff’s contention that PUA payments were authorized by Congress in the CARES Act due to the public health emergency rather than a disaster.

    Courts EFTA Regulation E Prepaid Cards Consumer Finance Class Action Covid-19 CFPB CARES Act Fraud

  • Dem senators urge CFPB to expand Regulation E fraud protections for P2P payment service users

    Federal Issues

    On July 20, six Senate Democrats sent a letter to CFPB Director Rohit Chopra urging the Bureau to hold banks that own instant digital payment networks accountable for facilitating fraudulent payments. In the letter, the senators noted that “consumers are often on the hook because existing rules do not reflect new technological developments.” The Senators further noted that the Electronic Fund Transfer Act (EFTA) and Regulation E protect consumers “if they are tricked into handing over account information to a fraudster who then initiates a transfer.” However, the letter further explained, that consumers are not protected “if they are tricked into opening an application to transfer funds directly to the fraudster.” The senators believe consumers should be protected in both instances. In particular, the Senators suggested that the CFPB could issue guidance providing that a “fraudulently induced” transfer counts as an “unauthorized” transaction under the EFTA, which could “end up shifting liability from consumers to financial institutions.” The letter suggested, among other things, that the Bureau expand the definition of what counts as a payment “error” under the EFTA, to “clarify that, in certain circumstances, a payment is an 'error' when a consumer is defrauded into initiating a transfer to a scammer.” The letter further argued that expanding financial institutions’ potential liability for covering their customers’ losses to fraud would create “powerful incentives” for them to prevent scams on their payment platforms. The letter concludes with the senators urging the Bureau “to similarly protect banks’ customers against transfers with ‘fraudulent intent’ involving other consumers on payment services that banks themselves own, operate, and control.”

    Federal Issues U.S. Senate CFPB EFTA Regulation E Consumer Finance

  • CFPB, OCC issue consent orders against national bank

    Federal Issues

    On July 14, the CFPB announced a consent order against a national bank to resolve allegations that the bank engaged in unfair and abusive acts or practices with respect to unemployment insurance benefit recipients who filed notices of error concerning alleged unauthorized electronic fund transfers (EFTs). The CFPB alleged that the bank violated the CFPA by, among other things: (i) determining that “no error had occurred and [by] freezing cardholder accounts based solely on the results of [the bank’s] automated Fraud Filter”; (ii) “retroactively applying its automated Fraud Filter to reverse permanent credits for unemployment insurance benefit prepaid debit cardholders whose notices of error [the bank] had previously investigated and paid”; and (iii) “impeding unemployment insurance benefit prepaid debit cardholders’ efforts to file notices of error and seek liability protection from unauthorized EFTs.” The CFPB also claimed that the bank violated the EFTA and Regulation E by “fail[ing] to conduct reasonable investigations” of cardholders’ notices of error. Under the terms of the Bureau’s consent order, the bank is required to provide redress to harmed consumers, review and reform its unemployment insurance benefit prepaid debit card program, and pay a $100 million civil penalty to the Bureau.

    The same day, the OCC announced a consent order and a $125 million civil money penalty against the bank for alleged unsafe or unsound practices related to the same prepaid card program. According to the OCC, the bank, among other things: (i) “fail[ed] to establish effective risk management” over its unemployment card program”; and (ii) “beginning in 2020, denied or delayed many consumers’ access to unemployment benefits when consumers filed or attempted to file [unemployment insurance benefits] unauthorized transaction claims.” The OCC’s civil money penalty and remediation requirement is in addition to the CFPB’s civil money penalty.

    Federal Issues CFPB Enforcement OCC UDAAP Unfair Abusive CFPA Electronic Fund Transfer Prepaid Cards EFTA Regulation E Risk Management Consumer Finance

  • FTC shares 2021 enforcement report with CFPB

    Federal Issues

    On June 3, the FTC announced that it submitted its 2021 Annual Financial Acts Enforcement Report to the CFPB. The report covers FTC enforcement activities regarding the Truth in Lending Act (TILA), the Consumer Leasing Act (CLA), and the Electronic Fund Transfer Act (EFTA). Highlights of the enforcement matters covered in the report include, among other things:

    • Automobile Credit and Leasing. The report discussed the FTC’s July 2021 settlement with the owners of car dealerships in Arizona and New Mexico (collectively, “defendants”) resolving claims that the defendants misrepresented consumer information on finance applications and misrepresented financial terms in advertisements in violation of TILA and CLA (covered by InfoBytes here).
    • Payday Lending. The report highlighted the FTC’s settlement against a payday lending enterprise for allegedly overcharging consumers millions of dollars, deceiving them about the terms of their loans, and failing to make required loan disclosures. According to the report, the owners and operators of the settling entities are banned from making loans or extending credit, nearly all debt held by the company will be deemed paid in full, and the companies involved are being liquidated, with the proceeds to be used to provide redress to consumers harmed by the company.
    • Credit Repair and Debt Relief. The report discussed the FTC’s settlement with the operators of a student loan debt relief scheme, who were charged with falsely promising consumers the company could lower or eliminate student loan balances, illegally imposing upfront fees for credit repair services, and signing consumers up for high-interest loans to pay the fees without making required loan disclosures in violation of TILA. The order bans the defendants from providing debt relief services and collecting any further payments from consumers who purchased the services, and requires the defendants to return money to be used to refund consumers.

    Additionally, the report addressed the FTC’s research and policy efforts and highlighted the FTC’s Military Task Force’s work on military consumer protection issues.

    Federal Issues FTC CFPB Enforcement TILA CLA EFTA Consumer Finance UDAP

  • CFPB issues spring supervisory highlights

    Federal Issues

    On May 2, the CFPB released its spring 2022 Supervisory Highlights, which details its supervisory and enforcement actions in the areas of auto servicing, consumer reporting, credit card account management, debt collection, deposits, mortgage origination, prepaid accounts, remittances, and student loan servicing. The report’s findings cover examinations completed between July and December 2021. Highlights of the examination findings include:

    • Auto Servicing. Bureau examiners identified instances of servicers engaging in unfair, deceptive, or abusive acts or practices connected to wrongful repossessions, misleading final loan payment amounts, and overcharges for add-on products.
    • Consumer Reporting. The Bureau found deficiencies in credit reporting companies’ (CRCs) compliance with FCRA dispute investigation requirements and furnishers’ compliance with FCRA and Regulation V accuracy and dispute investigation requirements. Examples include (i) both CRCs and furnishers failed to provide written notice to consumers providing the results of reinvestigations and direct dispute investigations; (ii) furnishers failed to send updated information to CRCs following a determination that the information reported was not complete or accurate; and (iii) furnishers’ policies and procedures contained deficiencies related to the accuracy and integrity of furnished information.
    • Credit Card Account Management. Bureau examiners identified violations of Regulation Z related to billing error resolution, including instances where creditors failed to (i) resolve disputes within two complete billing cycles after receiving a billing error notice; (ii) reimburse consumers after determining a billing error had occurred; (iii) conduct reasonable investigations into billing error notices due to human errors and system weaknesses; and (iv) provide consumers with the evidence relied upon to determine a billing error had not occurred. Examiners also identified Regulation Z violations connected to creditors’ acquisitions of pre-existing credit card accounts from other creditors, and identified deceptive acts or practices related to credit card issuers’ advertising practices.
    • Debt Collection. The Bureau found instances of FDCPA and CFPA violations where debt collectors used false or misleading representations in connection with identity theft debt collection. Report findings also discussed instances where debt collectors engaged in unfair practices by failing to timely refund overpayments or credit balances.
    • Deposits. The Bureau discussed violations related to Regulation E, which implements the EFTA, including occurrences where institutions (i) placed duplicate holds on certain mobile check deposits that were deemed suspicious instead of a single hold as intended; (ii) failed to honor a timely stop payment request; (iii) failed to complete error investigations following a consumer’s notice of error because the consumer did not submit an affidavit; and (iv) failed to provide consumers with notices of revocation of provisional credit connected with error investigations regarding check deposits at ATMs.
    • Mortgage Origination. Bureau examiners identified Regulation Z violations concerning occurrences where loan originators were compensated differently based on the terms of the transaction. Under the Bureau’s 2013 Loan Originator Final Rule, “it is not permissible to differentiate compensation based on credit product type, since products are simply a bundle of particular terms.” Examiners also found that certain lenders failed to retain sufficient documentation to establish the validity for revisions made to credit terms.
    • Prepaid Accounts. The Bureau found violations of Regulation E and EFTA related to institutions’ failure to submit prepaid account agreements to the Bureau within the required time frame. Examiners also identified instances where institutions failed to honor oral stop payment requests related to payments originating through certain bill pay systems. The report cited additional findings where institutions failed to properly conduct error investigations.
    • Remittances. Bureau examiners identified violations of the EFTA, Regulation E, and deceptive acts and practices. Remittance transfer providers allegedly made false and misleading representations concerning the speed of transfers, and in multiple instances, entered into service agreements with consumers that violated the “prohibition on waivers of rights conferred or causes of action created by EFTA.” Examiners also identified several issues related to the Remittance Rule’s disclosure, timing, and recordkeeping requirements.
    • Student Loan Servicing. Bureau examiners identified several unfair acts or practices connected to private student loan servicing, including that servicers failed to make advertised incentive payments (which caused consumers to not receive payments to which they were entitled), and failed to issue timely refund payments in accordance with loan modification payment schedules.

    The report also highlights recent supervisory program developments and enforcement actions, including the Bureau’s recent decision to invoke a dormant authority to examine nonbanks (covered by InfoBytes here).

    Federal Issues CFPB Supervision Examination UDAAP Auto Lending CFPA Consumer Finance Consumer Reporting Credit Report FCRA Regulation V Credit Furnishing Credit Cards Regulation Z Regulation E EFTA Debt Collection Mortgages Deposits Prepaid Accounts Remittance Student Loan Servicer

  • CFPB, New York sue remittance provider

    Federal Issues

    On April 21, the CFPB and New York attorney general filed a complaint against a remittance provider (defendant) for allegedly violating the Electronic Funds Transfer Act and its implementing Regulation E and the Remittance Rule (the Rule) and the Consumer Financial Protection Act (CFPA), among various consumer financial protection laws. The Bureau’s announcement called the defendant a “repeat offender” citing that in 2018, the FTC filed a motion for compensatory relief and modified order for permanent injunction against the defendant, which alleged that it failed to adopt and implement a comprehensive fraud prevention program mandated by the 2009 order (covered by InfoBytes here). The CFPB complaint alleges that from October 2018 through 2022, the defendant: (i) violated the Remittance Rule requirements by repeatedly failing “to provide fund availability dates that were accurate, when the Rule required such accuracy”; (ii) “repeatedly ignored the Rule’s error-resolution requirements when addressing notices of error from consumers in New York, including in this district, and elsewhere;” and (iii) failed to establish policies and procedures designed to ensure compliance with money-transferring laws, in violation of Regulation E. The complaint further noted that the defendant’s “own assessments of consumers’ complaints showed that the dates Defendants disclosed to consumers, repeatedly, were wrong,” and that the defendant “found multiple delays in making funds available to designated recipients, including delays that constituted errors under the Rule,” among other things. Finally, the Bureau claims that the defendant violated the CFPA “by failing to make remittance transfers timely available to designated recipients or to make refunds timely available to senders.” The Bureau’s complaint seeks consumer restitution, disgorgement, injunctive relief, and civil money penalties. According to a statement released by CFPB Director Rohit Chopra, "the remittance market is ripe for reinvention, and the CFPB will be examining ways to increase competition and innovation for the benefit of both families and honest businesses, while also avoiding creating a new set of harms."

    Federal Issues State Issues CFPB New York State Attorney General Consumer Finance CFPA Enforcement Remittance Rule FTC Repeat Offender Regulation E EFTA

  • FDIC highlights NSF/overdraft fees, fair lending in 2022 Consumer Compliance Supervisory Highlights

    On March 31, the FDIC released the spring 2022 edition of the Consumer Compliance Supervisory Highlights to provide information and observations related to the FDIC’s consumer compliance supervision of state non-member banks and thrifts in 2021. Topics include:

    • A summary of the FDIC’s supervisory approach in response to the Covid-19 pandemic, including efforts made by banks to meet the needs of consumers and communities.
    • An overview of the most frequently cited violations (approximately 78 percent of total violations involved TILA, the Flood Disaster Protection Act (FDPA), EFTA, Truth in Savings Act, and RESPA). During 2021, the FDIC initiated 20 formal enforcement actions and 24 informal enforcement actions addressing consumer compliance examination observations, and issued civil money penalties totaling $2.7 million against institutions to address violations of the FDPA and Section 5 of the FTC Act.
    • Information on the charging of multiple non-sufficient funds fees (NSF) for re-presented items, and risk-mitigating activities taken by banks to avoid potential violations. According to the FDIC, “failure to disclose material information to customers about re-presentment practices and fees” may be deceptive. The failure to disclose material information to customers “may also be unfair if there is the likelihood of substantial injury for customers, if the injury is not reasonably avoidable, and if there is no countervailing benefit to customers or competition. For example, there is risk of unfairness if multiple fees are assessed for the same transaction in a short period of time without sufficient notice or opportunity for consumers to bring their account to a positive balance.” Recommendations on addressing overdraft issues are discussed in the report.
    • An overview of fair lending concerns highlighting ways to mitigate risk, including “[m]aintaining written policies and procedures that include information for lending staff to reference when applying credit decision criteria and determining whether borrowers are creditworthy” and reviewing requirements used to screen potential applicants to make sure there is no “discriminatory impact.”
    • Information on regulatory developments, such as (i) rulemaking related to the Community Reinvestment Act, flood insurance, false advertising/misuse of the FDIC’s name or logo rulemaking, deposit insurance, and LIBOR; and (ii) guidance on fintech due diligence, artificial intelligence/machine learning, and third-party risk management.
    • A summary of consumer compliance resources available to financial institutions.
    • An overview of consumer complaint trends.

    Bank Regulatory Federal Issues FDIC Supervision Compliance Examination Overdraft Consumer Finance TILA Flood Disaster Protection Act EFTA Truth in Savings Act RESPA Fair Lending


Upcoming Events