InfoBytes Blog

FTC Chairman Announces Reforms for Bureau of Consumer Protection, Aims to Improve Transparency

On July 17, FTC Acting Chairman Maureen K. Ohlhausen announced process reforms designed to reduce burden and improve transparency in investigations conducted by its Bureau of Consumer Protection (BCP). The initiative, which is part of the FTC’s reform efforts announced in April of this year, is designed to “protect consumers and promote competition without unduly burdening legitimate business activity.” To streamline information requests for CIDs in consumer protection cases, the BCP intends to:

• Provide plain language descriptions of the CID process and develop business education materials to help small businesses understand how to comply;
• Add detailed descriptions of the scope and purpose of investigations to assist companies in better understanding the information the FTC seeks;
• Limit relevant time periods to minimize undue burden on companies when possible;
• Significantly reduce the length and complexity of CID instructions for providing electronically stored data; and
• Increase response times (for example, 21 days to 30 days for targets, and 14 days to 21 days for third parties) to improve the quality and timeliness of compliance by recipients.

BCP will continue its current practice of communicating with investigation targets at least every six months once the CID has been complied with to provide investigation status updates.

Agency Rule-Making & Guidance FTC Enforcement Investigations

FinCrimes Webinar Series Recap: Conducting an Effective Financial Crimes-Related Internal Investigation

BuckleySandler hosted a webinar, Conducting an Effective Financial Crimes-Related Internal Investigation, on April 23, 2015 as part of their ongoing FinCrimes Webinar Series.  Panelists included John Mackessy, Anti-Money Laundering & Trade Sanctions Officer at MasterCard and Saverio Mirarchi, Senior Director at Treliant Risk Advisors and former Chief Compliance and Ethics Officer at Northern Trust.  The following is a summary of the guided conversation moderated by Jamie Parkinson, partner at BuckleySandler, and key take-aways you can implement in your company. To request a recording of this webinar, please email Nicole Steckman at nsteckman@buckleyfirm.com.

Key Tips and Take-Aways:

1. Make sure that the organization has appropriate policies and procedures in place to quickly and efficiently react when an investigation begins.

1. Have systems in place to quickly identify the veracity of any allegations and be prepared to begin the internal investigation as soon as possible.

1. Be prepared for, and understand the impact of having, a compliance monitor as part of any settlement agreement.

Pre-Investigation Preparation

The session began with a discussion of what an organization can do to prepare for an internal investigation.  The panel focused on the benefits of preparation and having established policies and procedures in place before an investigation begins.  Specifically, the panelists noted the importance of having individual roles and responsibilities outlined and understood at the outset, in order to make the response more efficient.  The panelists further noted that with the significant time constraints associated with such an investigation, it is critical that the team be prepared to act immediately.  Finally, the panelists highlighted the significance of having effective routes of communication established in the policies and procedures, to ensure that all parties involved know how to proceed when an investigation is initiated.  All of this can be in place in the absence of a concern triggering an internal investigation, so the panelists emphasized the steps to take before any concerns arise.

Internal Investigation Leadership and Logistics

The panelists then discussed the variety of approaches an organization can take when it comes to who leads the internal investigation.  Specifically, the panelists noted that while there is no one-size fits all approach, the leadership of an internal investigation needs to be transparent from the outset, even if that role is transitioned during the investigation.  The panelists suggested numerous approaches to who should run the investigation, including having either a business unit, outside counsel, or the organization’s general counsel be in charge of the investigation.

Conducting the Internal Investigation

Panelists next shifted to discussing the steps involved in conducting an internal investigation.  The panel noted that the first critical component of running an internal investigation is obtaining the key information related to the problem, and identifying whether there is any information that the organization does not have.  Specifically, the panel highlighted the importance of validating the initial allegations quickly, in order to fully engage with the investigation. The panel also noted the importance of quickly initiating a document hold, especially if the allegation is coming from a reputable source.  The panelists highlighted the fact that putting out a document hold too soon is generally a minor problem, whereas any inadvertent destruction of relevant information could pose significant problems down the line.  Financial crimes investigations are extremely data-analytics-intensive and may involve vast amounts of data covering many years, so the panelists focused on the role of a data analytics team.

Corporate Monitors

The panelists then discussed the importance of being prepared to deal with a monitor.  The panelists noted that with the recent increase in situations where a monitor will be required, it is key for an organization to know how to implement any agreements regarding the monitorship.    Specifically, the panelists noted that the organization needs to make sure that they understand the scope of the monitor’s role and how the organization will be able to interact with the monitor.  The panel suggested that before signing any monitoring agreement, the document needs to be discussed with compliance, operations, information technology, and any other departments that may be impacted by the monitorship, so that all parties are aware of the operational implications of a monitorship.  Finally, the panel added that organizations should make sure to have a contact person or team that handles interactions with the monitor and is able to manage the monitor’s access to documents, in order to establish an effective relationship with the monitor.

Role of Senior Management and the Board

The panel also discussed the role of senior management and the Board of Directors in the internal investigation process.  The panelists noted that in all internal investigations, it is important to make sure senior management and the Board are involved.  Specifically, the panelists noted that senior management and the Board need to know the severity of the allegations, any related risks, the costs associated with the investigation, and that the investigation is being run properly.  Finally, the panelists noted that if the investigation is being run by the general counsel, any communications to senior management and the Board need to be drafted so as to protect privilege.

Anti-Money Laundering Investigations Financial Crimes

FTC Settles Suit Against Tribe-Affiliated Lenders; Dispute Over CFPB Investigation Of Tribe-Affiliated Lenders Moves To Federal Court

On April 11, the FTC announced that a tribe-affiliated payday lending operation and its owner agreed to pay nearly $1 million to resolve allegations that they engaged in unfair or deceptive acts or practices and violated the Credit Practices Rule in the collection of payday loans. The FTC alleged that the lenders illegally tried to garnish borrowers’ wages and sought to force borrowers to travel to South Dakota to appear before a tribal court, and that the loan contracts issued by the lenders illegally stated that they are subject solely to the jurisdiction of the Cheyenne River Sioux Tribe. The announced settlement payment includes a $550,000 civil penalty and a court order to disgorge $417,740. The companies and their owner also are prohibited from further unfair and deceptive practices and are barred from suing any consumer in the course of collecting a debt, except for bringing a counter suit to defend against a suit brought by a consumer.

Also on April 11, in a separate matter related to federal authority over tribe-affiliated lending, a group of tribe-affiliated lenders responded in opposition to a recent CFPB petition to enforce civil investigative demands (CIDs) the Bureau issued to the lenders. In September 2013, the CFPB denied the lenders’ joint petition to set aside the CIDs, rejecting the lenders’ primary argument that the CFPB lacks authority over businesses chartered under the sovereign authority of federally recognized Indian Tribes. The lenders subsequently refused to respond to the CIDs, which the CFPB now asks the court to enforce. The CFPB argues that the lenders fall within the CFPB’s investigative authority under the terms of the Consumer Financial Protection Act, which the CFPB argues is a law of general applicability, including with regard to Indian Tribes and their property interests. The lenders continue to assert that they are sovereign entities operating beyond the CFPB’s reach.

CFPB FTC Payday Lending Debt Collection Investigations Online Lending

Democratic Lawmakers Express Support for DOJ Payment Processor Investigations

On February 26, Senators Jeff Merkley (D-OR), Elizabeth Warren (D-MA), and other Democratic Senators, together with Representatives Elijah Cummings (D-MD), Maxine Waters (D-CA), and other Democratic House members, sent a letter to Attorney General Eric Holder encouraging the DOJ to “continue a vigorous review of potential payment fraud, anti-money-laundering violations, and other illegal conduct involving payments by banks and third-party payment processors.” The lawmakers highlighted a number of specific issues on which the DOJ should focus: (i) know-your-customer obligations, which they believe should include a review of whether a lender holds all required state licenses and follows state lending laws; (ii) use of lead generators, including those that auction consumer data; (iii) high rates of returned, contested, or otherwise failed debits or the regular use of remotely created checks, which they state may indicate payment fraud; and (iv) lenders’ failure to incorporate or maintain a business presence in the U.S., which they assert can be indicative of fraud and other payment system violations, including money-laundering.

Anti-Money Laundering DOJ Investigations U.S. Senate U.S. House Payment Processors Elizabeth Warren

Senate Report Urges DOJ Action Regarding Offshore Tax Evasion, Enforcement Against Swiss Banks

On February 27, the Senate Permanent Subcommittee on Investigations (PSI) issued a report and held a hearing related to its multi-year investigation of offshore tax evasion and the DOJ’s efforts to pursue Swiss banks who allegedly aid U.S. citizens in evading taxes. The hearing and report focused on one Swiss bank alleged to have facilitated tax evasion and criticized the DOJ for its supposedly “lax enforcement” approach towards numerous Swiss banks. The report states that U.S. law enforcement authorities have failed to prosecute more than a dozen Swiss banks the PSI staff believes facilitated U.S. tax evasion, and failed to take action against the thousands of U.S. citizens who have been revealed as tax evaders. The report also criticizes Swiss officials who the PSI alleges have worked to preserve Swiss bank secrecy by intervening in U.S. criminal investigations and hampering progress. The PSI report urges the DOJ to “use all available U.S. legal means” to obtain the names of alleged tax evaders, and to hold accountable “tax haven banks that aided and abetted” in the alleged evasion. The report also states that U.S. banking regulators should “institute a probationary period of increased reporting requirements for, or to limit the opening of new accounts by, tax haven banks that enter into deferred prosecution agreements, non-prosecution agreements, settlements, or other concluding actions with law enforcement for facilitating U.S. tax evasion, taking into consideration repetitive or cumulative misconduct.” Finally, the subcommittee recommended that the Senate promptly ratify a pending U.S.-Switzerland tax treaty that would allow for increased sharing of information by the Swiss.

DOJ Investigations U.S. Senate

CFPB Rejects Tribal Lenders' CID Challenge

On September 26, the CFPB denied three tribal lenders’ joint petition to set aside civil investigative demands (CIDs) issued in June 2012. The CIDs were issued in connection with the Bureau’s investigation into several lenders that offer a variety of online small-dollar credit products, including payday loans, installment loans, and lines of credit. The July 2012 petition primarily argued that the CFPB does not have jurisdiction over the three lenders, which are organized and chartered under the “sovereign authority of federally recognized Indian Tribes with longstanding traditions of tribal independence.”

The CFPB’s decision and order rejects the lenders’ claim that the CFPB lacks authority over tribally-affiliated entities under the Consumer Financial Protection Act, stating that the Supreme Court has “long established” that generally-applicable federal statutes apply to Indian tribes, individual Indians, and tribally-affiliated entities. Moreover, in explaining why certain exceptions would not apply to this general rule, the Bureau noted that it “has reason to believe that the Lenders are making loans to non-Indians over the internet, and it seeks to investigate those lending practices for compliance with Federal consumer financial laws.” The decision and order likewise rejects the lenders’ claim of tribal sovereign immunity, finding that “[e]very court of appeals to address the issue has agreed that Indian tribes, like individual States, do not enjoy immunity from suits by the federal government.”

The lenders’ petition also raised procedural challenges, argued that the requests were vague, overly broad, and unduly burdensome, and sought to incorporate by reference arguments from another entity’s motion to set aside a separate CID. The CFPB rejected all arguments as lacking merit and further announced that it will not consider incorporated arguments going forward. While directing the three tribal lenders to comply with the CIDs within 21 calendar days, the Bureau also noted that the tribal lenders were welcome to continue to discuss issues regarding the scope and burden of individual interrogatories and document requests with the Bureau’s enforcement team.

In an article published earlier this year, BuckleySandler attorney Amanda Raines analyze the reasoning behind previous decisions to deny such petitions and identify issues that companies must be cognizant of while navigating the investigation and petitioning phases.

CFPB Payday Lending Enforcement Investigations Internet Lending

Diligence Firm Objects to RMBS Working Group Subpoena

On September 24, a firm that handles due-diligence matters for financial institutions filed its opposition to a motion filed  by the U.S. Attorney’s Office for the District of Connecticut, on behalf of the federal-state RMBS Working Group, to compel production of documents and information the group sought in a July subpoena. In its brief, the firm reviews its cooperation to respond to “six years of subpoenas, investigatory demands, and formal and informal requests for information,” and summarizes the volume and types of information it has provided to the DOJ and the Working Group to date as a third-party witness in connection with the 16 companies the Working Group has identified as subjects of its RMBS investigations. The firm notes the “substantial expense” it has incurred “to educate an ever-growing, and often-changing, number government attorneys and investigators.” The firm argues that the Working Group’s most recent subpoena, which seeks “every document and communication for all 193 clients and for almost 5,000 e-mail custodians,” constitutes a “fishing expedition” and violates the firm’s rights under the Fourth Amendment.

Mortgage Origination RMBS Investigations

August Beach Read Series: Navigating CFPB CIDs

Like many government agencies before it, the CFPB has relied on the use of civil investigative demands (CIDs) in investigations. CIDs are one of the many tools in the CFPB’s toolbox to gather information from the subject of an investigation or third-parties who are in possession of information believed to be relevant to the investigation. While the CFPB drew from other government entities, including the FTC , in drafting its rules related to investigations, the CFPB’s execution of its investigatory procedures, particularly with respect to CIDs, is quite different than the approach taken by the FTC – creating a new playbook for enforcement lawyers and the institutions they represent.

The CFPB’s Final Rule Relating to Investigations sets forth the procedures that apply to CIDs, including certain meet and confer obligations and requirements regarding potential challenges to CIDs.  Late last year, we reported on the Bureau’s first decision denying a petition to modify or set aside a CID. To date, the CFPB has issued three decisions, all denying such petitions.

From experience, we have discovered many practical takeaways in handling CFPB CIDs:

• Don’t wait to seek clarification on the CID.
• It is imperative to involve the company’s IT personnel early and often.
• You must move fast – the meet and confer must occur within 10 days and any petitions to modify a CID must be filed within 20 days.
• If you decide to file a petition to modify a CID, consider the practical consequences of doing so.

To learn more about the practical tips shared, please review some of our recent articles on the issue. BuckleySandler attorney Amanda Raines provides additional details to the practical guidelines in their article, CFPB Investigations in Focus: Navigating CIDs. Earlier this year, Amanda analyze the reasoning behind the CFPB’s decisions denying petitions to modify or set aside CIDs.

CFPB Enforcement Investigations

Special Alert: CFPB Announces First Determination Of A Petition to Modify Or Set Aside A Civil Investigative Demand

On September 20, the Consumer Financial Protection Bureau issued its first Decision and Order on a petition to modify or set aside a civil investigative demand (CID).  The petition challenged a CID issued to a non-bank mortgage servicer (the Company) seeking responses to 21 interrogatories and 33 document requests.  CFPB Director Richard Cordray denied the petition in its entirety and ordered the Company to comply with the CID within 21 days.  In addition to ruling on the substantive issues relevant to the petition, the Decision and Order demonstrates the importance of including detailed and specific objections in any petition to modify or set aside a CID and the crucial role of the meet-and-confer sessions.

The CID, served on May 22, was issued in connection with the Bureau’s investigation regarding whether ceding premiums from private mortgage insurance companies to captive reinsurance subsidiaries of certain mortgage lenders violates section 8 of the Real Estate Settlement Procedures Act (RESPA).  In the petition filed on June 12, the Company argued among other things that the CID (i) did not state the nature of the conduct under the investigation; (ii) was overly broad, unduly burdensome, and irrelevant; and (iii) requested materials going back more than 11 years when RESPA’s statute of limitations was 3 years and the CFPB’s enforcement power cannot be predicated on acts prior to July 21, 2010.

In denying the petition, the Bureau began by explaining that CIDs play a “crucial role” in the Bureau’s ability to carry out its duty to enforce consumer financial laws.  It stated that the purpose of CIDs are to “close the [information] gap” between the Bureau and the subject company and/or individual in order for the Bureau to determine whether the investigation is worth pursuing, and if so, to what extent.

The CFPB then set forth the standard it will use to consider and resolve petitions to modify or set aside CIDs, adopting the deferential standard of review relied upon by Circuit Courts of Appeals in proceedings to enforce administrative subpoenas.  That standard provides that a CID will be enforced if it satisfies the following requirements:  (i) the investigation is for a lawfully authorized purpose; (ii) the information requested is relevant to the investigation; and (iii) procedural requirements are followed.  If the Bureau establishes these factors, the CID will be enforced unless the petitioner demonstrates the CID imposes an “undue burden” or constitutes an abuse of process.

With respect to the Company’s first issue, that the CID failed to state the nature of the conduct at issue, the Company argued that the CID’s description of the purpose of the investigation was so broad as to encompass every aspect of mortgage lending, and thus did not satisfy the notice requirement established by the Dodd-Frank Act.  The Bureau rejected this contention and found that “notice was provided from the outset and repeatedly thereafter” beginning as early as January 3 and through to May 22 in the CID’s “Notification of Purpose.”  In support of this finding, the CFPB cited cases standing for the proposition that the subject matter of investigations can be provided generally.

With respect to the Company’s assertion that the CID was an overly broad and unduly burdensome fishing expedition, the Bureau noted that the petition “offered little or no detail to make the kind of showing required to substantiate these claims.”  It explained that in order to meet its legal burden, the petitioner needed to show the specific nature and the magnitude of the hardship and state specifically how compliance will harm its business.  The Bureau further noted that it already had made substantial modifications to the CID through the meet-and-confer process, and the Bureau’s enforcement team had stated that it was willing to consider other potential limitations.

Finally, with respect to the Company’s objection that the CID sought documents, items, and information exceeding the applicable limitations period, the CFPB maintained that the relevant issue was not whether the information itself was actionable but rather whether that information was relevant to conduct that was actionable.  It cited other authority which allowed discovery beyond the statute of limitations and noted the importance of collecting relevant information in order to accurately and completely investigate a matter.

Petitioning a newly-founded government agency in unchartered territories always is a difficult exercise.  With the increasing number of CFPB investigations and enforcement actions, that exercise will become even more challenging.  In light of the Bureau’s first determination of a petition to modify or set aside a CID, potential CID recipients will be left to wonder:  how is the CFPB likely to respond to future petitions of this type?  Given its precedential value for potential petitioners, it is important to determine what, if anything, can be gleaned from the CFPB’s determination.

First, the Bureau makes clear that it is incumbent on petitioners to be specific in their objections to a CID.  Petitioners must specifically describe the burdens that supplying requested information imposes on the company and how the information sought is irrelevant to the investigation.  In fact, the Bureau criticized the petition’s use of “general objections” and summarily dismissed the arguments associated with those objections.

Second, given the deferential standard of review which will be applied to such petitions, the meet-and-confer sessions take on increased importance.  The meet-and-confer session is intended as an opportunity to narrow the scope of the requests and close the information gap between the CFPB and the subject of the investigation.  As a prerequisite to filing a petition, CID recipients are obligated to confer with the Bureau in a good-faith effort to resolve issues and concerns.   In fact, the CFPB’s Rules of Investigations provide that “[t]he Bureau will not consider petitions to set aside or modify civil investigative demands unless the recipient has meaningfully engaged in the meet and confer process described in this subsection and will consider only issues raised during the meet and confer process.”  12 C.F.R. part 1080.6(c)(3) (emphasis added).  While the CFPB did not decide whether the Company met this obligation, the Bureau did express its concern to future parties about the importance of approaching this obligation affirmatively and engaging in “a productive discussion that can resolve issues or concerns more effectively.”

CFPB Nonbank Supervision Mortgage Servicing Mortgage Insurance Enforcement Investigations

How to Handle a Government Investigation: 13 Things You Should You Do Immediately If the Government Comes Knocking

Actions you take, or don’t take, in the early hours of a government investigation can have costly and far-reaching consequences for a company. At the root of this is the importance of having a plan in place should your company come under investigation, as the last thing you want to be is caught flat-footed. Do your key employees and legal department staff know what to do immediately if the government initiates an investigation?

Below, BuckleySandler’s Government Enforcement and White Collar attorneys identify 13 steps a company and its employees should take immediately when it becomes aware of a government investigation.

1. Inform your in-house counsel. Establish a protocol to ensure that counsel is contacted immediately.
2. Preserve documents. Inform all necessary employees of the need to retain documents, including electronic documents, with a document hold memo that replaces standard document retention policies for potentially responsive materials.
3. Establish early dialogue with the investigating agency. Communication is critical to understanding the scope of the investigation and to establishing a working relationship with the government.
4. Assume a parallel investigation will be initiated. Questions about self-reporting, production, and other strategic decisions should be made under the assumption that a parallel criminal or civil suit will follow.
5. Alert the Board of Directors and/or Audit Committee. Schedule a meeting with key executives to carefully review the situation and discuss possible remedies and corrective actions. Be mindful that meeting minutes, notes, or emails may be discoverable.
6. Consider implementing internal restrictions on the trading of company stock. Be sure all rules regarding insider trading are upheld.
7. Evaluate disclosure issues and formulate a plan to address. With the commencement of a government investigation, a number of governance issues will arise. Carefully consider any and all disclosures that may be necessary and take appropriate action.
8. Put your insurance carrier on notice. Put your insurer on notice early to increase your chances of having insurance pay for some or all of the investigation and/or litigation costs.
9. Determine if actions are needed with respect to employees who are possible wrongdoers. This may involve implementing restrictions or additional oversight of their activities or even dismissal. All issues involving employees need to be carefully considered from a variety of angles, including employment laws, anti-retaliation provisions, and possible future civil litigation.
10. Identify remedial measures if needed. It may be necessary to conduct a gap analysis of existing compliance programs and make changes to avoid a future recurrence.
11. Prepare for any anticipated media coverage. Any and all public statements will be carefully scrutinized by the media, the public-at-large, and the investigating agency. Therefore, it is critical that sufficient care and attention is given to any public comments by the company or its spokespeople.
12. Notify employees of possible contact by the investigating agency and advise them of their rights and obligations. It is important to remind employees of their responsibility to be truthful when speaking with agents of the government, but that they may choose to have an attorney present if they do decide to be interviewed. You should also reiterate your company’s policy on cooperating with investigations and request that employees inform the legal department of any discussions or contacts with the government.
13. Commence an internal investigation if necessary. An internal investigation can help your company determine whether the allegations have merit or not, and if they do, the cause and extent and possible corrective actions.

You may also be interested in reading our related blog post on How to Respond to a Subpoena: 10 Things You Should Do Immediately.

Enforcement Investigations